public override void ProcessClientKeyExchange(Stream input)
 {
     byte[] array = TlsUtilities.ReadOpaque16(input);
     mPsk = mPskIdentityManager.GetPsk(array);
     if (mPsk == null)
     {
         throw new TlsFatalAlert(115);
     }
     mContext.SecurityParameters.pskIdentity = array;
     if (mKeyExchange == 14)
     {
         BigInteger y = TlsDHUtilities.ReadDHParameter(input);
         mDHAgreePublicKey = TlsDHUtilities.ValidateDHPublicKey(new DHPublicKeyParameters(y, mDHParameters));
     }
     else if (mKeyExchange == 24)
     {
         byte[]             encoding   = TlsUtilities.ReadOpaque8(input);
         ECDomainParameters parameters = mECAgreePrivateKey.Parameters;
         mECAgreePublicKey = TlsEccUtilities.ValidateECPublicKey(TlsEccUtilities.DeserializeECPublicKey(mServerECPointFormats, parameters, encoding));
     }
     else if (mKeyExchange == 15)
     {
         byte[] encryptedPreMasterSecret = (!TlsUtilities.IsSsl(mContext)) ? TlsUtilities.ReadOpaque16(input) : Streams.ReadAll(input);
         mPremasterSecret = mServerCredentials.DecryptPreMasterSecret(encryptedPreMasterSecret);
     }
 }
Beispiel #2
0
 public override void ProcessClientKeyExchange(Stream input)
 {
     if (mDHAgreePublicKey == null)
     {
         BigInteger y = TlsDHUtilities.ReadDHParameter(input);
         mDHAgreePublicKey = TlsDHUtilities.ValidateDHPublicKey(new DHPublicKeyParameters(y, mDHParameters));
     }
 }
    public static ServerDHParams Parse(Stream input)
    {
        BigInteger p = TlsDHUtilities.ReadDHParameter(input);
        BigInteger g = TlsDHUtilities.ReadDHParameter(input);
        BigInteger y = TlsDHUtilities.ReadDHParameter(input);

        return(new ServerDHParams(TlsDHUtilities.ValidateDHPublicKey(new DHPublicKeyParameters(y, new DHParameters(p, g)))));
    }
 public override void ProcessServerKeyExchange(Stream input)
 {
     mPskIdentityHint = TlsUtilities.ReadOpaque16(input);
     if (mKeyExchange == 14)
     {
         ServerDHParams serverDHParams = ServerDHParams.Parse(input);
         mDHAgreePublicKey = TlsDHUtilities.ValidateDHPublicKey(serverDHParams.PublicKey);
         mDHParameters     = mDHAgreePublicKey.Parameters;
     }
     else if (mKeyExchange == 24)
     {
         ECDomainParameters curve_params = TlsEccUtilities.ReadECParameters(mNamedCurves, mClientECPointFormats, input);
         byte[]             encoding     = TlsUtilities.ReadOpaque8(input);
         mECAgreePublicKey = TlsEccUtilities.ValidateECPublicKey(TlsEccUtilities.DeserializeECPublicKey(mClientECPointFormats, curve_params, encoding));
     }
 }
Beispiel #5
0
    public override void ProcessServerKeyExchange(Stream input)
    {
        SecurityParameters securityParameters = mContext.SecurityParameters;
        SignerInputBuffer  signerInputBuffer  = new SignerInputBuffer();
        Stream             input2             = new TeeInputStream(input, signerInputBuffer);
        ServerDHParams     serverDHParams     = ServerDHParams.Parse(input2);
        DigitallySigned    digitallySigned    = ParseSignature(input);
        ISigner            signer             = InitVerifyer(mTlsSigner, digitallySigned.Algorithm, securityParameters);

        signerInputBuffer.UpdateSigner(signer);
        if (!signer.VerifySignature(digitallySigned.Signature))
        {
            throw new TlsFatalAlert(51);
        }
        mDHAgreePublicKey = TlsDHUtilities.ValidateDHPublicKey(serverDHParams.PublicKey);
        mDHParameters     = ValidateDHParameters(mDHAgreePublicKey.Parameters);
    }
Beispiel #6
0
    public override void ProcessServerCertificate(Certificate serverCertificate)
    {
        if (serverCertificate.IsEmpty)
        {
            throw new TlsFatalAlert(42);
        }
        X509CertificateStructure certificateAt        = serverCertificate.GetCertificateAt(0);
        SubjectPublicKeyInfo     subjectPublicKeyInfo = certificateAt.SubjectPublicKeyInfo;

        try
        {
            mServerPublicKey = PublicKeyFactory.CreateKey(subjectPublicKeyInfo);
        }
        catch (Exception alertCause)
        {
            throw new TlsFatalAlert(43, alertCause);
        }
        if (mTlsSigner == null)
        {
            try
            {
                mDHAgreePublicKey = TlsDHUtilities.ValidateDHPublicKey((DHPublicKeyParameters)mServerPublicKey);
                mDHParameters     = ValidateDHParameters(mDHAgreePublicKey.Parameters);
            }
            catch (InvalidCastException alertCause2)
            {
                throw new TlsFatalAlert(46, alertCause2);
            }
            TlsUtilities.ValidateKeyUsage(certificateAt, 8);
        }
        else
        {
            if (!mTlsSigner.IsValidPublicKey(mServerPublicKey))
            {
                throw new TlsFatalAlert(46);
            }
            TlsUtilities.ValidateKeyUsage(certificateAt, 128);
        }
        base.ProcessServerCertificate(serverCertificate);
    }
        public override void ProcessServerKeyExchange(Stream input)
        {
            SecurityParameters securityParameters = mContext.SecurityParameters;

            SignerInputBuffer buf   = new SignerInputBuffer();
            Stream            teeIn = new TeeInputStream(input, buf);

            ServerDHParams dhParams = ServerDHParams.Parse(teeIn);

            DigitallySigned signed_params = ParseSignature(input);

            mSignatureAndHashAlgorithm = signed_params.Algorithm;

            ISigner signer = InitVerifyer(mTlsSigner, signed_params.Algorithm, securityParameters);

            buf.UpdateSigner(signer);
            if (!signer.VerifySignature(signed_params.Signature))
            {
                throw new TlsFatalAlert(AlertDescription.decrypt_error);
            }

            this.mDHAgreePublicKey = TlsDHUtilities.ValidateDHPublicKey(dhParams.PublicKey);
            this.mDHParameters     = ValidateDHParameters(mDHAgreePublicKey.Parameters);
        }