| public static IsSupportedNamedCurve ( int namedCurve ) : bool | ||
| namedCurve | int | |
| return | bool | |
protected virtual bool SupportsClientEccCapabilities(int[] namedCurves, byte[] ecPointFormats)
{
// NOTE: BC supports all the current set of point formats so we don't check them here
if (namedCurves == null)
{
/*
* RFC 4492 4. A client that proposes ECC cipher suites may choose not to include these
* extensions. In this case, the server is free to choose any one of the elliptic curves
* or point formats [...].
*/
return(TlsEccUtilities.HasAnySupportedNamedCurves());
}
for (int i = 0; i < namedCurves.Length; ++i)
{
int namedCurve = namedCurves[i];
if (NamedCurve.IsValid(namedCurve) &&
(!NamedCurve.RefersToASpecificNamedCurve(namedCurve) || TlsEccUtilities.IsSupportedNamedCurve(namedCurve)))
{
return(true);
}
}
return(false);
}
public static string GetNameOfNamedCurve(int namedCurve)
{
if (!TlsEccUtilities.IsSupportedNamedCurve(namedCurve))
{
return(null);
}
return(TlsEccUtilities.CurveNames[namedCurve - 1]);
}
internal static ECPrivateKeyParameters GenerateEphemeralServerKeyExchange(SecureRandom random, int[] namedCurves, byte[] ecPointFormats, Stream output)
{
int num = -1;
if (namedCurves == null)
{
num = 23;
}
else
{
for (int i = 0; i < namedCurves.Length; i++)
{
int num2 = namedCurves[i];
if (NamedCurve.IsValid(num2) && TlsEccUtilities.IsSupportedNamedCurve(num2))
{
num = num2;
break;
}
}
}
ECDomainParameters eCDomainParameters = null;
if (num >= 0)
{
eCDomainParameters = TlsEccUtilities.GetParametersForNamedCurve(num);
}
else if (Arrays.Contains(namedCurves, 65281))
{
eCDomainParameters = TlsEccUtilities.GetParametersForNamedCurve(23);
}
else if (Arrays.Contains(namedCurves, 65282))
{
eCDomainParameters = TlsEccUtilities.GetParametersForNamedCurve(10);
}
if (eCDomainParameters == null)
{
throw new TlsFatalAlert(80);
}
if (num < 0)
{
TlsEccUtilities.WriteExplicitECParameters(ecPointFormats, eCDomainParameters, output);
}
else
{
TlsEccUtilities.WriteNamedECParameters(num, output);
}
return(TlsEccUtilities.GenerateEphemeralClientKeyExchange(random, ecPointFormats, eCDomainParameters, output));
}
protected virtual bool SupportsClientEccCapabilities(int[] namedCurves, byte[] ecPointFormats)
{
if (namedCurves == null)
{
return(TlsEccUtilities.HasAnySupportedNamedCurves());
}
for (int i = 0; i < namedCurves.Length; i++)
{
int namedCurve = namedCurves[i];
if (NamedCurve.IsValid(namedCurve) && (!NamedCurve.RefersToASpecificNamedCurve(namedCurve) || TlsEccUtilities.IsSupportedNamedCurve(namedCurve)))
{
return(true);
}
}
return(false);
}
public override byte[] GenerateServerKeyExchange()
{
/*
* First we try to find a supported named curve from the client's list.
*/
int namedCurve = -1;
if (mNamedCurves == null)
{
// TODO Let the peer choose the default named curve
namedCurve = NamedCurve.secp256r1;
}
else
{
for (int i = 0; i < mNamedCurves.Length; ++i)
{
int entry = mNamedCurves[i];
if (NamedCurve.IsValid(entry) && TlsEccUtilities.IsSupportedNamedCurve(entry))
{
namedCurve = entry;
break;
}
}
}
ECDomainParameters curve_params = null;
if (namedCurve >= 0)
{
curve_params = TlsEccUtilities.GetParametersForNamedCurve(namedCurve);
}
else
{
/*
* If no named curves are suitable, check if the client supports explicit curves.
*/
if (Arrays.Contains(mNamedCurves, NamedCurve.arbitrary_explicit_prime_curves))
{
curve_params = TlsEccUtilities.GetParametersForNamedCurve(NamedCurve.secp256r1);
}
else if (Arrays.Contains(mNamedCurves, NamedCurve.arbitrary_explicit_char2_curves))
{
curve_params = TlsEccUtilities.GetParametersForNamedCurve(NamedCurve.sect283r1);
}
}
if (curve_params == null)
{
/*
* NOTE: We shouldn't have negotiated ECDHE key exchange since we apparently can't find
* a suitable curve.
*/
throw new TlsFatalAlert(AlertDescription.internal_error);
}
AsymmetricCipherKeyPair kp = TlsEccUtilities.GenerateECKeyPair(context.SecureRandom, curve_params);
this.mECAgreePrivateKey = (ECPrivateKeyParameters)kp.Private;
DigestInputBuffer buf = new DigestInputBuffer();
if (namedCurve < 0)
{
TlsEccUtilities.WriteExplicitECParameters(mClientECPointFormats, curve_params, buf);
}
else
{
TlsEccUtilities.WriteNamedECParameters(namedCurve, buf);
}
ECPublicKeyParameters ecPublicKey = (ECPublicKeyParameters)kp.Public;
TlsEccUtilities.WriteECPoint(mClientECPointFormats, ecPublicKey.Q, buf);
/*
* RFC 5246 4.7. digitally-signed element needs SignatureAndHashAlgorithm from TLS 1.2
*/
SignatureAndHashAlgorithm signatureAndHashAlgorithm;
IDigest d;
if (TlsUtilities.IsTlsV12(context))
{
signatureAndHashAlgorithm = mServerCredentials.SignatureAndHashAlgorithm;
if (signatureAndHashAlgorithm == null)
{
throw new TlsFatalAlert(AlertDescription.internal_error);
}
d = TlsUtilities.CreateHash(signatureAndHashAlgorithm.Hash);
}
else
{
signatureAndHashAlgorithm = null;
d = new CombinedHash();
}
SecurityParameters securityParameters = context.SecurityParameters;
d.BlockUpdate(securityParameters.clientRandom, 0, securityParameters.clientRandom.Length);
d.BlockUpdate(securityParameters.serverRandom, 0, securityParameters.serverRandom.Length);
buf.UpdateDigest(d);
byte[] hash = DigestUtilities.DoFinal(d);
byte[] signature = mServerCredentials.GenerateCertificateSignature(hash);
DigitallySigned signed_params = new DigitallySigned(signatureAndHashAlgorithm, signature);
signed_params.Encode(buf);
return(buf.ToArray());
}
