IsSupportedNamedCurve() public static method

public static IsSupportedNamedCurve ( int namedCurve ) : bool
namedCurve int
return bool
Ejemplo n.º 1
0
        protected virtual bool SupportsClientEccCapabilities(int[] namedCurves, byte[] ecPointFormats)
        {
            // NOTE: BC supports all the current set of point formats so we don't check them here

            if (namedCurves == null)
            {
                /*
                 * RFC 4492 4. A client that proposes ECC cipher suites may choose not to include these
                 * extensions. In this case, the server is free to choose any one of the elliptic curves
                 * or point formats [...].
                 */
                return(TlsEccUtilities.HasAnySupportedNamedCurves());
            }

            for (int i = 0; i < namedCurves.Length; ++i)
            {
                int namedCurve = namedCurves[i];
                if (NamedCurve.IsValid(namedCurve) &&
                    (!NamedCurve.RefersToASpecificNamedCurve(namedCurve) || TlsEccUtilities.IsSupportedNamedCurve(namedCurve)))
                {
                    return(true);
                }
            }

            return(false);
        }
Ejemplo n.º 2
0
 public static string GetNameOfNamedCurve(int namedCurve)
 {
     if (!TlsEccUtilities.IsSupportedNamedCurve(namedCurve))
     {
         return(null);
     }
     return(TlsEccUtilities.CurveNames[namedCurve - 1]);
 }
Ejemplo n.º 3
0
        internal static ECPrivateKeyParameters GenerateEphemeralServerKeyExchange(SecureRandom random, int[] namedCurves, byte[] ecPointFormats, Stream output)
        {
            int num = -1;

            if (namedCurves == null)
            {
                num = 23;
            }
            else
            {
                for (int i = 0; i < namedCurves.Length; i++)
                {
                    int num2 = namedCurves[i];
                    if (NamedCurve.IsValid(num2) && TlsEccUtilities.IsSupportedNamedCurve(num2))
                    {
                        num = num2;
                        break;
                    }
                }
            }
            ECDomainParameters eCDomainParameters = null;

            if (num >= 0)
            {
                eCDomainParameters = TlsEccUtilities.GetParametersForNamedCurve(num);
            }
            else if (Arrays.Contains(namedCurves, 65281))
            {
                eCDomainParameters = TlsEccUtilities.GetParametersForNamedCurve(23);
            }
            else if (Arrays.Contains(namedCurves, 65282))
            {
                eCDomainParameters = TlsEccUtilities.GetParametersForNamedCurve(10);
            }
            if (eCDomainParameters == null)
            {
                throw new TlsFatalAlert(80);
            }
            if (num < 0)
            {
                TlsEccUtilities.WriteExplicitECParameters(ecPointFormats, eCDomainParameters, output);
            }
            else
            {
                TlsEccUtilities.WriteNamedECParameters(num, output);
            }
            return(TlsEccUtilities.GenerateEphemeralClientKeyExchange(random, ecPointFormats, eCDomainParameters, output));
        }
Ejemplo n.º 4
0
 protected virtual bool SupportsClientEccCapabilities(int[] namedCurves, byte[] ecPointFormats)
 {
     if (namedCurves == null)
     {
         return(TlsEccUtilities.HasAnySupportedNamedCurves());
     }
     for (int i = 0; i < namedCurves.Length; i++)
     {
         int namedCurve = namedCurves[i];
         if (NamedCurve.IsValid(namedCurve) && (!NamedCurve.RefersToASpecificNamedCurve(namedCurve) || TlsEccUtilities.IsSupportedNamedCurve(namedCurve)))
         {
             return(true);
         }
     }
     return(false);
 }
Ejemplo n.º 5
0
        public override byte[] GenerateServerKeyExchange()
        {
            /*
             * First we try to find a supported named curve from the client's list.
             */
            int namedCurve = -1;

            if (mNamedCurves == null)
            {
                // TODO Let the peer choose the default named curve
                namedCurve = NamedCurve.secp256r1;
            }
            else
            {
                for (int i = 0; i < mNamedCurves.Length; ++i)
                {
                    int entry = mNamedCurves[i];
                    if (NamedCurve.IsValid(entry) && TlsEccUtilities.IsSupportedNamedCurve(entry))
                    {
                        namedCurve = entry;
                        break;
                    }
                }
            }

            ECDomainParameters curve_params = null;

            if (namedCurve >= 0)
            {
                curve_params = TlsEccUtilities.GetParametersForNamedCurve(namedCurve);
            }
            else
            {
                /*
                 * If no named curves are suitable, check if the client supports explicit curves.
                 */
                if (Arrays.Contains(mNamedCurves, NamedCurve.arbitrary_explicit_prime_curves))
                {
                    curve_params = TlsEccUtilities.GetParametersForNamedCurve(NamedCurve.secp256r1);
                }
                else if (Arrays.Contains(mNamedCurves, NamedCurve.arbitrary_explicit_char2_curves))
                {
                    curve_params = TlsEccUtilities.GetParametersForNamedCurve(NamedCurve.sect283r1);
                }
            }

            if (curve_params == null)
            {
                /*
                 * NOTE: We shouldn't have negotiated ECDHE key exchange since we apparently can't find
                 * a suitable curve.
                 */
                throw new TlsFatalAlert(AlertDescription.internal_error);
            }

            AsymmetricCipherKeyPair kp = TlsEccUtilities.GenerateECKeyPair(context.SecureRandom, curve_params);

            this.mECAgreePrivateKey = (ECPrivateKeyParameters)kp.Private;

            DigestInputBuffer buf = new DigestInputBuffer();

            if (namedCurve < 0)
            {
                TlsEccUtilities.WriteExplicitECParameters(mClientECPointFormats, curve_params, buf);
            }
            else
            {
                TlsEccUtilities.WriteNamedECParameters(namedCurve, buf);
            }

            ECPublicKeyParameters ecPublicKey = (ECPublicKeyParameters)kp.Public;

            TlsEccUtilities.WriteECPoint(mClientECPointFormats, ecPublicKey.Q, buf);

            /*
             * RFC 5246 4.7. digitally-signed element needs SignatureAndHashAlgorithm from TLS 1.2
             */
            SignatureAndHashAlgorithm signatureAndHashAlgorithm;
            IDigest d;

            if (TlsUtilities.IsTlsV12(context))
            {
                signatureAndHashAlgorithm = mServerCredentials.SignatureAndHashAlgorithm;
                if (signatureAndHashAlgorithm == null)
                {
                    throw new TlsFatalAlert(AlertDescription.internal_error);
                }

                d = TlsUtilities.CreateHash(signatureAndHashAlgorithm.Hash);
            }
            else
            {
                signatureAndHashAlgorithm = null;
                d = new CombinedHash();
            }

            SecurityParameters securityParameters = context.SecurityParameters;

            d.BlockUpdate(securityParameters.clientRandom, 0, securityParameters.clientRandom.Length);
            d.BlockUpdate(securityParameters.serverRandom, 0, securityParameters.serverRandom.Length);
            buf.UpdateDigest(d);

            byte[] hash = DigestUtilities.DoFinal(d);

            byte[] signature = mServerCredentials.GenerateCertificateSignature(hash);

            DigitallySigned signed_params = new DigitallySigned(signatureAndHashAlgorithm, signature);

            signed_params.Encode(buf);

            return(buf.ToArray());
        }