|
static private GenerateEphemeralServerKeyExchange ( |
||
| random | ||
| namedCurves | int | |
| ecPointFormats | byte | |
| output | Stream | |
| return | ||
public override byte[] GenerateServerKeyExchange()
{
DigestInputBuffer buf = new DigestInputBuffer();
this.mECAgreePrivateKey = TlsEccUtilities.GenerateEphemeralServerKeyExchange(mContext.SecureRandom, mNamedCurves,
mClientECPointFormats, buf);
/*
* RFC 5246 4.7. digitally-signed element needs SignatureAndHashAlgorithm from TLS 1.2
*/
SignatureAndHashAlgorithm signatureAndHashAlgorithm = TlsUtilities.GetSignatureAndHashAlgorithm(
mContext, mServerCredentials);
IDigest d = TlsUtilities.CreateHash(signatureAndHashAlgorithm);
SecurityParameters securityParameters = mContext.SecurityParameters;
d.BlockUpdate(securityParameters.clientRandom, 0, securityParameters.clientRandom.Length);
d.BlockUpdate(securityParameters.serverRandom, 0, securityParameters.serverRandom.Length);
buf.UpdateDigest(d);
byte[] hash = DigestUtilities.DoFinal(d);
byte[] signature = mServerCredentials.GenerateCertificateSignature(hash);
DigitallySigned signed_params = new DigitallySigned(signatureAndHashAlgorithm, signature);
signed_params.Encode(buf);
return(buf.ToArray());
}
public override byte[] GenerateServerKeyExchange()
{
//IL_0023: Unknown result type (might be due to invalid IL or missing references)
//IL_0029: Expected O, but got Unknown
mPskIdentityHint = mPskIdentityManager.GetHint();
if (mPskIdentityHint == null && !RequiresServerKeyExchange)
{
return(null);
}
MemoryStream val = new MemoryStream();
if (mPskIdentityHint == null)
{
TlsUtilities.WriteOpaque16(TlsUtilities.EmptyBytes, (Stream)(object)val);
}
else
{
TlsUtilities.WriteOpaque16(mPskIdentityHint, (Stream)(object)val);
}
if (mKeyExchange == 14)
{
if (mDHParameters == null)
{
throw new TlsFatalAlert(80);
}
mDHAgreePrivateKey = TlsDHUtilities.GenerateEphemeralServerKeyExchange(mContext.SecureRandom, mDHParameters, (Stream)(object)val);
}
else if (mKeyExchange == 24)
{
mECAgreePrivateKey = TlsEccUtilities.GenerateEphemeralServerKeyExchange(mContext.SecureRandom, mNamedCurves, mClientECPointFormats, (Stream)(object)val);
}
return(val.ToArray());
}
public override byte[] GenerateServerKeyExchange()
{
this.mPskIdentityHint = this.mPskIdentityManager.GetHint();
if (this.mPskIdentityHint == null && !this.RequiresServerKeyExchange)
{
return(null);
}
MemoryStream memoryStream = new MemoryStream();
if (this.mPskIdentityHint == null)
{
TlsUtilities.WriteOpaque16(TlsUtilities.EmptyBytes, memoryStream);
}
else
{
TlsUtilities.WriteOpaque16(this.mPskIdentityHint, memoryStream);
}
if (this.mKeyExchange == 14)
{
if (this.mDHParameters == null)
{
throw new TlsFatalAlert(80);
}
this.mDHAgreePrivateKey = TlsDHUtilities.GenerateEphemeralServerKeyExchange(this.mContext.SecureRandom, this.mDHParameters, memoryStream);
}
else if (this.mKeyExchange == 24)
{
this.mECAgreePrivateKey = TlsEccUtilities.GenerateEphemeralServerKeyExchange(this.mContext.SecureRandom, this.mNamedCurves, this.mClientECPointFormats, memoryStream);
}
return(memoryStream.ToArray());
}
public override byte[] GenerateServerKeyExchange()
{
if (!this.RequiresServerKeyExchange)
{
return(null);
}
MemoryStream output = new MemoryStream();
this.mECAgreePrivateKey = TlsEccUtilities.GenerateEphemeralServerKeyExchange(base.mContext.SecureRandom, this.mNamedCurves, this.mClientECPointFormats, output);
return(output.ToArray());
}
public override byte[] GenerateServerKeyExchange()
{
if (!RequiresServerKeyExchange)
{
return(null);
}
// ECDH_anon is handled here, ECDHE_* in a subclass
MemoryStream buf = new MemoryStream();
this.mECAgreePrivateKey = TlsEccUtilities.GenerateEphemeralServerKeyExchange(mContext.SecureRandom, mNamedCurves,
mClientECPointFormats, buf);
return(buf.ToArray());
}
public override byte[] GenerateServerKeyExchange()
{
DigestInputBuffer output = new DigestInputBuffer();
base.mECAgreePrivateKey = TlsEccUtilities.GenerateEphemeralServerKeyExchange(base.mContext.SecureRandom, base.mNamedCurves, base.mClientECPointFormats, output);
SignatureAndHashAlgorithm signatureAndHashAlgorithm = TlsUtilities.GetSignatureAndHashAlgorithm(base.mContext, this.mServerCredentials);
IDigest d = TlsUtilities.CreateHash(signatureAndHashAlgorithm);
SecurityParameters securityParameters = base.mContext.SecurityParameters;
d.BlockUpdate(securityParameters.clientRandom, 0, securityParameters.clientRandom.Length);
d.BlockUpdate(securityParameters.serverRandom, 0, securityParameters.serverRandom.Length);
output.UpdateDigest(d);
byte[] hash = DigestUtilities.DoFinal(d);
byte[] signature = this.mServerCredentials.GenerateCertificateSignature(hash);
new DigitallySigned(signatureAndHashAlgorithm, signature).Encode(output);
return(output.ToArray());
}
public override byte[] GenerateServerKeyExchange()
{
DigestInputBuffer buf = new DigestInputBuffer();
this.mECAgreePrivateKey = TlsEccUtilities.GenerateEphemeralServerKeyExchange(context.SecureRandom, mNamedCurves,
mClientECPointFormats, buf);
/*
* RFC 5246 4.7. digitally-signed element needs SignatureAndHashAlgorithm from TLS 1.2
*/
SignatureAndHashAlgorithm signatureAndHashAlgorithm;
IDigest d;
if (TlsUtilities.IsTlsV12(context))
{
signatureAndHashAlgorithm = mServerCredentials.SignatureAndHashAlgorithm;
if (signatureAndHashAlgorithm == null)
{
throw new TlsFatalAlert(AlertDescription.internal_error);
}
d = TlsUtilities.CreateHash(signatureAndHashAlgorithm.Hash);
}
else
{
signatureAndHashAlgorithm = null;
d = new CombinedHash();
}
SecurityParameters securityParameters = context.SecurityParameters;
d.BlockUpdate(securityParameters.clientRandom, 0, securityParameters.clientRandom.Length);
d.BlockUpdate(securityParameters.serverRandom, 0, securityParameters.serverRandom.Length);
buf.UpdateDigest(d);
byte[] hash = DigestUtilities.DoFinal(d);
byte[] signature = mServerCredentials.GenerateCertificateSignature(hash);
DigitallySigned signed_params = new DigitallySigned(signatureAndHashAlgorithm, signature);
signed_params.Encode(buf);
return(buf.ToArray());
}
public override byte[] GenerateServerKeyExchange()
{
DigestInputBuffer digestInputBuffer = new DigestInputBuffer();
mECAgreePrivateKey = TlsEccUtilities.GenerateEphemeralServerKeyExchange(mContext.SecureRandom, mNamedCurves, mClientECPointFormats, (Stream)(object)digestInputBuffer);
SignatureAndHashAlgorithm signatureAndHashAlgorithm = TlsUtilities.GetSignatureAndHashAlgorithm(mContext, mServerCredentials);
IDigest digest = TlsUtilities.CreateHash(signatureAndHashAlgorithm);
SecurityParameters securityParameters = mContext.SecurityParameters;
digest.BlockUpdate(securityParameters.clientRandom, 0, securityParameters.clientRandom.Length);
digest.BlockUpdate(securityParameters.serverRandom, 0, securityParameters.serverRandom.Length);
digestInputBuffer.UpdateDigest(digest);
byte[] hash = DigestUtilities.DoFinal(digest);
byte[] signature = mServerCredentials.GenerateCertificateSignature(hash);
DigitallySigned digitallySigned = new DigitallySigned(signatureAndHashAlgorithm, signature);
digitallySigned.Encode((Stream)(object)digestInputBuffer);
return(((MemoryStream)digestInputBuffer).ToArray());
}
public override byte[] GenerateServerKeyExchange()
{
this.mPskIdentityHint = mPskIdentityManager.GetHint();
if (this.mPskIdentityHint == null && !RequiresServerKeyExchange)
{
return(null);
}
MemoryStream buf = new MemoryStream();
if (this.mPskIdentityHint == null)
{
TlsUtilities.WriteOpaque16(TlsUtilities.EmptyBytes, buf);
}
else
{
TlsUtilities.WriteOpaque16(this.mPskIdentityHint, buf);
}
if (this.mKeyExchange == KeyExchangeAlgorithm.DHE_PSK)
{
if (this.mDHParameters == null)
{
throw new TlsFatalAlert(AlertDescription.internal_error);
}
this.mDHAgreePrivateKey = TlsDHUtilities.GenerateEphemeralServerKeyExchange(mContext.SecureRandom,
this.mDHParameters, buf);
}
else if (this.mKeyExchange == KeyExchangeAlgorithm.ECDHE_PSK)
{
this.mECAgreePrivateKey = TlsEccUtilities.GenerateEphemeralServerKeyExchange(mContext.SecureRandom,
mNamedCurves, mClientECPointFormats, buf);
}
return(buf.ToArray());
}