Example #1
0
    protected virtual DigitallySigned ParseSignature(Stream input)
    {
        DigitallySigned           digitallySigned = DigitallySigned.Parse(mContext, input);
        SignatureAndHashAlgorithm algorithm       = digitallySigned.Algorithm;

        if (algorithm != null)
        {
            TlsUtilities.VerifySupportedSignatureAlgorithm(mSupportedSignatureAlgorithms, algorithm);
        }
        return(digitallySigned);
    }
Example #2
0
    protected virtual void ReceiveCertificateVerifyMessage(MemoryStream buf)
    {
        if (mCertificateRequest == null)
        {
            throw new InvalidOperationException();
        }
        DigitallySigned digitallySigned = DigitallySigned.Parse(Context, buf);

        TlsProtocol.AssertEmpty(buf);
        try
        {
            SignatureAndHashAlgorithm algorithm = digitallySigned.Algorithm;
            byte[] hash;
            if (TlsUtilities.IsTlsV12(Context))
            {
                TlsUtilities.VerifySupportedSignatureAlgorithm(mCertificateRequest.SupportedSignatureAlgorithms, algorithm);
                hash = mPrepareFinishHash.GetFinalHash(algorithm.Hash);
            }
            else
            {
                hash = mSecurityParameters.SessionHash;
            }
            X509CertificateStructure certificateAt        = mPeerCertificate.GetCertificateAt(0);
            SubjectPublicKeyInfo     subjectPublicKeyInfo = certificateAt.SubjectPublicKeyInfo;
            AsymmetricKeyParameter   publicKey            = PublicKeyFactory.CreateKey(subjectPublicKeyInfo);
            TlsSigner tlsSigner = TlsUtilities.CreateTlsSigner((byte)mClientCertificateType);
            tlsSigner.Init(Context);
            if (!tlsSigner.VerifyRawSignature(algorithm, digitallySigned.Signature, publicKey, hash))
            {
                throw new TlsFatalAlert(51);
            }
        }
        catch (TlsFatalAlert tlsFatalAlert)
        {
            throw tlsFatalAlert;
        }
        catch (Exception alertCause)
        {
            throw new TlsFatalAlert(51, alertCause);
        }
    }