public static GetSupportedPointFormatsExtension ( IDictionary extensions ) : byte[] | ||
extensions | IDictionary | |
return | byte[] |
public virtual void ProcessServerExtensions(IDictionary serverExtensions) { /* * TlsProtocol implementation validates that any server extensions received correspond to * client extensions sent. By default, we don't send any, and this method is not called. */ if (serverExtensions != null) { /* * RFC 5246 7.4.1.4.1. Servers MUST NOT send this extension. */ CheckForUnexpectedServerExtension(serverExtensions, ExtensionType.signature_algorithms); CheckForUnexpectedServerExtension(serverExtensions, ExtensionType.elliptic_curves); if (TlsEccUtilities.IsEccCipherSuite(this.mSelectedCipherSuite)) { this.mServerECPointFormats = TlsEccUtilities.GetSupportedPointFormatsExtension(serverExtensions); } else { CheckForUnexpectedServerExtension(serverExtensions, ExtensionType.ec_point_formats); } } }
public virtual void ProcessServerExtensions(IDictionary serverExtensions) { /* * TlsProtocol implementation validates that any server extensions received correspond to * client extensions sent. By default, we don't send any, and this method is not called. */ if (serverExtensions != null) { /* * RFC 5246 7.4.1.4.1. Servers MUST NOT send this extension. */ if (serverExtensions.Contains(ExtensionType.signature_algorithms)) { throw new TlsFatalAlert(AlertDescription.illegal_parameter); } int[] namedCurves = TlsEccUtilities.GetSupportedEllipticCurvesExtension(serverExtensions); if (namedCurves != null) { throw new TlsFatalAlert(AlertDescription.illegal_parameter); } this.mServerECPointFormats = TlsEccUtilities.GetSupportedPointFormatsExtension(serverExtensions); if (this.mServerECPointFormats != null && !TlsEccUtilities.IsEccCipherSuite(this.mSelectedCipherSuite)) { throw new TlsFatalAlert(AlertDescription.illegal_parameter); } } }
public virtual void ProcessClientExtensions(IDictionary clientExtensions) { mClientExtensions = clientExtensions; if (clientExtensions != null) { mEncryptThenMacOffered = TlsExtensionsUtilities.HasEncryptThenMacExtension(clientExtensions); mMaxFragmentLengthOffered = TlsExtensionsUtilities.GetMaxFragmentLengthExtension(clientExtensions); if (mMaxFragmentLengthOffered >= 0 && !MaxFragmentLength.IsValid((byte)mMaxFragmentLengthOffered)) { throw new TlsFatalAlert(47); } mTruncatedHMacOffered = TlsExtensionsUtilities.HasTruncatedHMacExtension(clientExtensions); mSupportedSignatureAlgorithms = TlsUtilities.GetSignatureAlgorithmsExtension(clientExtensions); if (mSupportedSignatureAlgorithms != null && !TlsUtilities.IsSignatureAlgorithmsExtensionAllowed(mClientVersion)) { throw new TlsFatalAlert(47); } mNamedCurves = TlsEccUtilities.GetSupportedEllipticCurvesExtension(clientExtensions); mClientECPointFormats = TlsEccUtilities.GetSupportedPointFormatsExtension(clientExtensions); } if (!mEccCipherSuitesOffered && (mNamedCurves != null || mClientECPointFormats != null)) { throw new TlsFatalAlert(47); } }
public virtual void ProcessServerExtensions(IDictionary serverExtensions) { if (serverExtensions != null) { this.CheckForUnexpectedServerExtension(serverExtensions, 13); this.CheckForUnexpectedServerExtension(serverExtensions, 10); if (TlsEccUtilities.IsEccCipherSuite(this.mSelectedCipherSuite)) { this.mServerECPointFormats = TlsEccUtilities.GetSupportedPointFormatsExtension(serverExtensions); return; } this.CheckForUnexpectedServerExtension(serverExtensions, 11); } }
public virtual void ProcessClientExtensions(IDictionary clientExtensions) { this.mClientExtensions = clientExtensions; if (clientExtensions != null) { this.mEncryptThenMacOffered = TlsExtensionsUtilities.HasEncryptThenMacExtension(clientExtensions); this.mMaxFragmentLengthOffered = TlsExtensionsUtilities.GetMaxFragmentLengthExtension(clientExtensions); if (mMaxFragmentLengthOffered >= 0 && !MaxFragmentLength.IsValid((byte)mMaxFragmentLengthOffered)) { throw new TlsFatalAlert(AlertDescription.illegal_parameter); } this.mTruncatedHMacOffered = TlsExtensionsUtilities.HasTruncatedHMacExtension(clientExtensions); this.mSupportedSignatureAlgorithms = TlsUtilities.GetSignatureAlgorithmsExtension(clientExtensions); if (this.mSupportedSignatureAlgorithms != null) { /* * RFC 5246 7.4.1.4.1. Note: this extension is not meaningful for TLS versions prior * to 1.2. Clients MUST NOT offer it if they are offering prior versions. */ if (!TlsUtilities.IsSignatureAlgorithmsExtensionAllowed(mClientVersion)) { throw new TlsFatalAlert(AlertDescription.illegal_parameter); } } this.mNamedCurves = TlsEccUtilities.GetSupportedEllipticCurvesExtension(clientExtensions); this.mClientECPointFormats = TlsEccUtilities.GetSupportedPointFormatsExtension(clientExtensions); } /* * RFC 4429 4. The client MUST NOT include these extensions in the ClientHello message if it * does not propose any ECC cipher suites. * * NOTE: This was overly strict as there may be ECC cipher suites that we don't recognize. * Also, draft-ietf-tls-negotiated-ff-dhe will be overloading the 'elliptic_curves' * extension to explicitly allow FFDHE (i.e. non-ECC) groups. */ //if (!this.mEccCipherSuitesOffered && (this.mNamedCurves != null || this.mClientECPointFormats != null)) // throw new TlsFatalAlert(AlertDescription.illegal_parameter); }
public virtual void ProcessClientExtensions(IDictionary clientExtensions) { this.mClientExtensions = clientExtensions; if (clientExtensions != null) { this.mEncryptThenMacOffered = TlsExtensionsUtilities.HasEncryptThenMacExtension(clientExtensions); this.mMaxFragmentLengthOffered = TlsExtensionsUtilities.GetMaxFragmentLengthExtension(clientExtensions); if (mMaxFragmentLengthOffered >= 0 && !MaxFragmentLength.IsValid((byte)mMaxFragmentLengthOffered)) { throw new TlsFatalAlert(AlertDescription.illegal_parameter); } this.mTruncatedHMacOffered = TlsExtensionsUtilities.HasTruncatedHMacExtension(clientExtensions); this.mSupportedSignatureAlgorithms = TlsUtilities.GetSignatureAlgorithmsExtension(clientExtensions); if (this.mSupportedSignatureAlgorithms != null) { /* * RFC 5246 7.4.1.4.1. Note: this extension is not meaningful for TLS versions prior * to 1.2. Clients MUST NOT offer it if they are offering prior versions. */ if (!TlsUtilities.IsSignatureAlgorithmsExtensionAllowed(mClientVersion)) { throw new TlsFatalAlert(AlertDescription.illegal_parameter); } } this.mNamedCurves = TlsEccUtilities.GetSupportedEllipticCurvesExtension(clientExtensions); this.mClientECPointFormats = TlsEccUtilities.GetSupportedPointFormatsExtension(clientExtensions); } /* * RFC 4429 4. The client MUST NOT include these extensions in the ClientHello message if it * does not propose any ECC cipher suites. */ if (!this.mEccCipherSuitesOffered && (this.mNamedCurves != null || this.mClientECPointFormats != null)) { throw new TlsFatalAlert(AlertDescription.illegal_parameter); } }
public virtual void ProcessClientExtensions(IDictionary clientExtensions) { this.mClientExtensions = clientExtensions; if (clientExtensions != null) { this.mEncryptThenMacOffered = TlsExtensionsUtilities.HasEncryptThenMacExtension(clientExtensions); this.mMaxFragmentLengthOffered = TlsExtensionsUtilities.GetMaxFragmentLengthExtension(clientExtensions); if ((this.mMaxFragmentLengthOffered >= 0) && !MaxFragmentLength.IsValid((byte)this.mMaxFragmentLengthOffered)) { throw new TlsFatalAlert(0x2f); } this.mTruncatedHMacOffered = TlsExtensionsUtilities.HasTruncatedHMacExtension(clientExtensions); this.mSupportedSignatureAlgorithms = TlsUtilities.GetSignatureAlgorithmsExtension(clientExtensions); if ((this.mSupportedSignatureAlgorithms != null) && !TlsUtilities.IsSignatureAlgorithmsExtensionAllowed(this.mClientVersion)) { throw new TlsFatalAlert(0x2f); } this.mNamedCurves = TlsEccUtilities.GetSupportedEllipticCurvesExtension(clientExtensions); this.mClientECPointFormats = TlsEccUtilities.GetSupportedPointFormatsExtension(clientExtensions); } }