TlsSigner C# (CSharp) Code Examples

Example #1

0

Show file

File: TlsDHKeyExchange.cs Project: straight-coding/EmbedTools

        public TlsDHKeyExchange(int keyExchange, IList supportedSignatureAlgorithms, TlsDHVerifier dhVerifier, DHParameters dhParameters)
            :   base(keyExchange, supportedSignatureAlgorithms)
        {
            switch (keyExchange)
            {
            case KeyExchangeAlgorithm.DH_anon:
            case KeyExchangeAlgorithm.DH_RSA:
            case KeyExchangeAlgorithm.DH_DSS:
                this.mTlsSigner = null;
                break;

            case KeyExchangeAlgorithm.DHE_RSA:
                this.mTlsSigner = new TlsRsaSigner();
                break;

            case KeyExchangeAlgorithm.DHE_DSS:
                this.mTlsSigner = new TlsDssSigner();
                break;

            default:
                throw new InvalidOperationException("unsupported key exchange algorithm");
            }

            this.mDHVerifier   = dhVerifier;
            this.mDHParameters = dhParameters;
        }

Example #2

0

Show file

File: TlsDHKeyExchange.cs Project: mohsenmetn/itextsharp

        internal TlsDHKeyExchange(TlsProtocolHandler handler, ICertificateVerifyer verifyer,
                                  TlsKeyExchangeAlgorithm keyExchange)
        {
            switch (keyExchange)
            {
            case TlsKeyExchangeAlgorithm.KE_DH_RSA:
            case TlsKeyExchangeAlgorithm.KE_DH_DSS:
                this.tlsSigner = null;
                break;

            case TlsKeyExchangeAlgorithm.KE_DHE_RSA:
                this.tlsSigner = new TlsRsaSigner();
                break;

            case TlsKeyExchangeAlgorithm.KE_DHE_DSS:
                this.tlsSigner = new TlsDssSigner();
                break;

            default:
                throw new ArgumentException("unsupported key exchange algorithm", "keyExchange");
            }

            this.handler     = handler;
            this.verifyer    = verifyer;
            this.keyExchange = keyExchange;
        }

Example #3

0

Show file

        public TlsECDHKeyExchange(int keyExchange, global::System.Collections.IList supportedSignatureAlgorithms, int[] namedCurves, byte[] clientECPointFormats, byte[] serverECPointFormats)
            : base(keyExchange, supportedSignatureAlgorithms)
        {
            //IL_004d: Unknown result type (might be due to invalid IL or missing references)
            switch (keyExchange)
            {
            case 19:
                mTlsSigner = new TlsRsaSigner();
                break;

            case 17:
                mTlsSigner = new TlsECDsaSigner();
                break;

            case 16:
            case 18:
                mTlsSigner = null;
                break;

            default:
                throw new InvalidOperationException("unsupported key exchange algorithm");
            }
            mNamedCurves          = namedCurves;
            mClientECPointFormats = clientECPointFormats;
            mServerECPointFormats = serverECPointFormats;
        }

Example #4

0

Show file

        protected virtual void ReceiveCertificateVerifyMessage(MemoryStream buf)
        {
            DigitallySigned digitallySigned = DigitallySigned.Parse(this.Context, buf);

            TlsProtocol.AssertEmpty(buf);
            try
            {
                byte[] hash;
                if (TlsUtilities.IsTlsV12(this.Context))
                {
                    hash = this.mPrepareFinishHash.GetFinalHash(digitallySigned.Algorithm.Hash);
                }
                else
                {
                    hash = this.mSecurityParameters.SessionHash;
                }
                X509CertificateStructure certificateAt        = this.mPeerCertificate.GetCertificateAt(0);
                SubjectPublicKeyInfo     subjectPublicKeyInfo = certificateAt.SubjectPublicKeyInfo;
                AsymmetricKeyParameter   publicKey            = PublicKeyFactory.CreateKey(subjectPublicKeyInfo);
                TlsSigner tlsSigner = TlsUtilities.CreateTlsSigner((byte)this.mClientCertificateType);
                tlsSigner.Init(this.Context);
                if (!tlsSigner.VerifyRawSignature(digitallySigned.Algorithm, digitallySigned.Signature, publicKey, hash))
                {
                    throw new TlsFatalAlert(51);
                }
            }
            catch (Exception alertCause)
            {
                throw new TlsFatalAlert(51, alertCause);
            }
        }

Example #5

0

Show file

        public TlsECDHKeyExchange(int keyExchange, IList supportedSignatureAlgorithms, int[] namedCurves,
                                  byte[] clientECPointFormats, byte[] serverECPointFormats)
            :   base(keyExchange, supportedSignatureAlgorithms)
        {
            switch (keyExchange)
            {
            case KeyExchangeAlgorithm.ECDHE_RSA:
                this.mTlsSigner = new TlsRsaSigner();
                break;

            case KeyExchangeAlgorithm.ECDHE_ECDSA:
                this.mTlsSigner = new TlsECDsaSigner();
                break;

            case KeyExchangeAlgorithm.ECDH_anon:
            case KeyExchangeAlgorithm.ECDH_RSA:
            case KeyExchangeAlgorithm.ECDH_ECDSA:
                this.mTlsSigner = null;
                break;

            default:
                throw new InvalidOperationException("unsupported key exchange algorithm");
            }

            this.mNamedCurves          = namedCurves;
            this.mClientECPointFormats = clientECPointFormats;
            this.mServerECPointFormats = serverECPointFormats;
        }

Example #6

0

Show file

        protected virtual void ProcessCertificateVerify(DtlsServerProtocol.ServerHandshakeState state, byte[] body, TlsHandshakeHash prepareFinishHash)
        {
            MemoryStream         memoryStream    = new MemoryStream(body, false);
            TlsServerContextImpl serverContext   = state.serverContext;
            DigitallySigned      digitallySigned = DigitallySigned.Parse(serverContext, memoryStream);

            TlsProtocol.AssertEmpty(memoryStream);
            bool flag = false;

            try
            {
                byte[] hash;
                if (TlsUtilities.IsTlsV12(serverContext))
                {
                    hash = prepareFinishHash.GetFinalHash(digitallySigned.Algorithm.Hash);
                }
                else
                {
                    hash = serverContext.SecurityParameters.SessionHash;
                }
                X509CertificateStructure certificateAt        = state.clientCertificate.GetCertificateAt(0);
                SubjectPublicKeyInfo     subjectPublicKeyInfo = certificateAt.SubjectPublicKeyInfo;
                AsymmetricKeyParameter   publicKey            = PublicKeyFactory.CreateKey(subjectPublicKeyInfo);
                TlsSigner tlsSigner = TlsUtilities.CreateTlsSigner((byte)state.clientCertificateType);
                tlsSigner.Init(serverContext);
                flag = tlsSigner.VerifyRawSignature(digitallySigned.Algorithm, digitallySigned.Signature, publicKey, hash);
            }
            catch (Exception)
            {
            }
            if (!flag)
            {
                throw new TlsFatalAlert(51);
            }
        }

Example #7

0

Show file

File: TlsECDHKeyExchange.cs Project: gkardava/WinPass

        public TlsECDHKeyExchange(int keyExchange, IList supportedSignatureAlgorithms, int[] namedCurves,
            byte[] clientECPointFormats, byte[] serverECPointFormats)
            :   base(keyExchange, supportedSignatureAlgorithms)
        {
            switch (keyExchange)
            {
            case KeyExchangeAlgorithm.ECDHE_RSA:
                this.mTlsSigner = new TlsRsaSigner();
                break;
            case KeyExchangeAlgorithm.ECDHE_ECDSA:
                this.mTlsSigner = new TlsECDsaSigner();
                break;
            case KeyExchangeAlgorithm.ECDH_anon:
            case KeyExchangeAlgorithm.ECDH_RSA:
            case KeyExchangeAlgorithm.ECDH_ECDSA:
                this.mTlsSigner = null;
                break;
            default:
                throw new InvalidOperationException("unsupported key exchange algorithm");
            }

            this.mNamedCurves = namedCurves;
            this.mClientECPointFormats = clientECPointFormats;
            this.mServerECPointFormats = serverECPointFormats;
        }

Example #8

0

Show file

File: TlsSrpKeyExchange.cs Project: tgspacelabs/Sorlov.PowerShell

        internal TlsSrpKeyExchange(TlsClientContext context, KeyExchangeAlgorithm keyExchange,
                                   byte[] identity, byte[] password)
        {
            switch (keyExchange)
            {
            case KeyExchangeAlgorithm.SRP:
                this.tlsSigner = null;
                break;

            case KeyExchangeAlgorithm.SRP_RSA:
                this.tlsSigner = new TlsRsaSigner();
                break;

            case KeyExchangeAlgorithm.SRP_DSS:
                this.tlsSigner = new TlsDssSigner();
                break;

            default:
                throw new ArgumentException("unsupported key exchange algorithm", "keyExchange");
            }

            this.context     = context;
            this.keyExchange = keyExchange;
            this.identity    = identity;
            this.password    = password;
        }

Example #9

0

Show file

File: TlsDheKeyExchange.cs Project: Xanagandr/DisaOpenSource

		protected virtual ISigner InitSigner(TlsSigner tlsSigner, SecurityParameters securityParameters)
		{
			ISigner signer = tlsSigner.CreateVerifyer(this.serverPublicKey);
			signer.BlockUpdate(securityParameters.clientRandom, 0, securityParameters.clientRandom.Length);
			signer.BlockUpdate(securityParameters.serverRandom, 0, securityParameters.serverRandom.Length);
			return signer;
		}

Example #10

0

Show file

File: TlsDheKeyExchange.cs Project: thinhtp/liteweb.info

        protected virtual ISigner InitSigner(TlsSigner tlsSigner, SecurityParameters securityParameters)
        {
            ISigner signer = tlsSigner.CreateVerifyer(this.serverPublicKey);

            signer.BlockUpdate(securityParameters.clientRandom, 0, securityParameters.clientRandom.Length);
            signer.BlockUpdate(securityParameters.serverRandom, 0, securityParameters.serverRandom.Length);
            return(signer);
        }

Example #11

0

Show file

File: TlsSrpKeyExchange.cs Project: UnforeseenOcean/Warmode

 public TlsSrpKeyExchange(int keyExchange, IList supportedSignatureAlgorithms, TlsSrpGroupVerifier groupVerifier, byte[] identity, byte[] password) : base(keyExchange, supportedSignatureAlgorithms)
 {
     this.mTlsSigner     = TlsSrpKeyExchange.CreateSigner(keyExchange);
     this.mGroupVerifier = groupVerifier;
     this.mIdentity      = identity;
     this.mPassword      = password;
     this.mSrpClient     = new Srp6Client();
 }

Example #12

0

Show file

File: TlsDheKeyExchange.cs Project: ALange/OutlookPrivacyPlugin

 protected virtual ISigner InitVerifyer(TlsSigner tlsSigner, SignatureAndHashAlgorithm algorithm,
     SecurityParameters securityParameters)
 {
     ISigner signer = tlsSigner.CreateVerifyer(algorithm, this.mServerPublicKey);
     signer.BlockUpdate(securityParameters.clientRandom, 0, securityParameters.clientRandom.Length);
     signer.BlockUpdate(securityParameters.serverRandom, 0, securityParameters.serverRandom.Length);
     return signer;
 }

Example #13

0

Show file

File: TlsSrpKeyExchange.cs Project: smdx24/CPI-Source-Code

        protected virtual ISigner InitVerifyer(TlsSigner tlsSigner, SignatureAndHashAlgorithm algorithm, SecurityParameters securityParameters)
        {
            ISigner signer = tlsSigner.CreateVerifyer(algorithm, mServerPublicKey);

            signer.BlockUpdate(securityParameters.clientRandom, 0, securityParameters.clientRandom.Length);
            signer.BlockUpdate(securityParameters.serverRandom, 0, securityParameters.serverRandom.Length);
            return(signer);
        }

Example #14

0

Show file

File: TlsSrpKeyExchange.cs Project: UnforeseenOcean/Warmode

 public TlsSrpKeyExchange(int keyExchange, IList supportedSignatureAlgorithms, byte[] identity, TlsSrpLoginParameters loginParameters) : base(keyExchange, supportedSignatureAlgorithms)
 {
     this.mTlsSigner   = TlsSrpKeyExchange.CreateSigner(keyExchange);
     this.mIdentity    = identity;
     this.mSrpServer   = new Srp6Server();
     this.mSrpGroup    = loginParameters.Group;
     this.mSrpVerifier = loginParameters.Verifier;
     this.mSrpSalt     = loginParameters.Salt;
 }

Example #15

0

Show file

File: TlsSrpKeyExchange.cs Project: smdx24/CPI-Source-Code

 public TlsSrpKeyExchange(int keyExchange, global::System.Collections.IList supportedSignatureAlgorithms, TlsSrpGroupVerifier groupVerifier, byte[] identity, byte[] password)
     : base(keyExchange, supportedSignatureAlgorithms)
 {
     mTlsSigner     = CreateSigner(keyExchange);
     mGroupVerifier = groupVerifier;
     mIdentity      = identity;
     mPassword      = password;
     mSrpClient     = new Srp6Client();
 }

Example #16

0

Show file

File: TlsSrpKeyExchange.cs Project: smdx24/CPI-Source-Code

 public TlsSrpKeyExchange(int keyExchange, global::System.Collections.IList supportedSignatureAlgorithms, byte[] identity, TlsSrpLoginParameters loginParameters)
     : base(keyExchange, supportedSignatureAlgorithms)
 {
     mTlsSigner   = CreateSigner(keyExchange);
     mIdentity    = identity;
     mSrpServer   = new Srp6Server();
     mSrpGroup    = loginParameters.Group;
     mSrpVerifier = loginParameters.Verifier;
     mSrpSalt     = loginParameters.Salt;
 }

Example #17

0

Show file

File: TlsSrpKeyExchange.cs Project: KimikoMuffin/bc-csharp

 public TlsSrpKeyExchange(int keyExchange, IList supportedSignatureAlgorithms, TlsSrpGroupVerifier groupVerifier,
     byte[] identity, byte[] password)
     :   base(keyExchange, supportedSignatureAlgorithms)
 {
     this.mTlsSigner = CreateSigner(keyExchange);
     this.mGroupVerifier = groupVerifier;
     this.mIdentity = identity;
     this.mPassword = password;
     this.mSrpClient = new Srp6Client();
 }

Example #18

0

Show file

File: TlsSrpKeyExchange.cs Project: KimikoMuffin/bc-csharp

 public TlsSrpKeyExchange(int keyExchange, IList supportedSignatureAlgorithms, byte[] identity,
     TlsSrpLoginParameters loginParameters)
     :   base(keyExchange, supportedSignatureAlgorithms)
 {
     this.mTlsSigner = CreateSigner(keyExchange);
     this.mIdentity = identity;
     this.mSrpServer = new Srp6Server();
     this.mSrpGroup = loginParameters.Group;
     this.mSrpVerifier = loginParameters.Verifier;
     this.mSrpSalt = loginParameters.Salt;
 }

Example #19

0

Show file

File: DefaultTlsSignerCredentials.cs Project: smdx24/CPI-Source-Code

 public DefaultTlsSignerCredentials(TlsContext context, Certificate certificate, AsymmetricKeyParameter privateKey, SignatureAndHashAlgorithm signatureAndHashAlgorithm)
 {
     //IL_000e: Unknown result type (might be due to invalid IL or missing references)
     //IL_0026: Unknown result type (might be due to invalid IL or missing references)
     //IL_0034: Unknown result type (might be due to invalid IL or missing references)
     //IL_004c: Unknown result type (might be due to invalid IL or missing references)
     //IL_0068: Unknown result type (might be due to invalid IL or missing references)
     //IL_00c2: Unknown result type (might be due to invalid IL or missing references)
     if (certificate == null)
     {
         throw new ArgumentNullException("certificate");
     }
     if (certificate.IsEmpty)
     {
         throw new ArgumentException("cannot be empty", "clientCertificate");
     }
     if (privateKey == null)
     {
         throw new ArgumentNullException("privateKey");
     }
     if (!privateKey.IsPrivate)
     {
         throw new ArgumentException("must be private", "privateKey");
     }
     if (TlsUtilities.IsTlsV12(context) && signatureAndHashAlgorithm == null)
     {
         throw new ArgumentException("cannot be null for (D)TLS 1.2+", "signatureAndHashAlgorithm");
     }
     if (privateKey is RsaKeyParameters)
     {
         mSigner = new TlsRsaSigner();
     }
     else if (privateKey is DsaPrivateKeyParameters)
     {
         mSigner = new TlsDssSigner();
     }
     else
     {
         if (!(privateKey is ECPrivateKeyParameters))
         {
             throw new ArgumentException("type not supported: " + Platform.GetTypeName(privateKey), "privateKey");
         }
         mSigner = new TlsECDsaSigner();
     }
     mSigner.Init(context);
     mContext     = context;
     mCertificate = certificate;
     mPrivateKey  = privateKey;
     mSignatureAndHashAlgorithm = signatureAndHashAlgorithm;
 }

Example #20

0

Show file

File: DtlsServerProtocol.cs Project: flobecker/trudi-koala

        protected virtual void ProcessCertificateVerify(ServerHandshakeState state, byte[] body, TlsHandshakeHash prepareFinishHash)
        {
            if (state.certificateRequest == null)
            {
                throw new InvalidOperationException();
            }

            MemoryStream buf = new MemoryStream(body, false);

            TlsServerContextImpl context = state.serverContext;
            DigitallySigned      clientCertificateVerify = DigitallySigned.Parse(context, buf);

            TlsProtocol.AssertEmpty(buf);

            // Verify the CertificateVerify message contains a correct signature.
            try
            {
                SignatureAndHashAlgorithm signatureAlgorithm = clientCertificateVerify.Algorithm;

                byte[] hash;
                if (TlsUtilities.IsTlsV12(context))
                {
                    TlsUtilities.VerifySupportedSignatureAlgorithm(state.certificateRequest.SupportedSignatureAlgorithms, signatureAlgorithm);
                    hash = prepareFinishHash.GetFinalHash(signatureAlgorithm.Hash);
                }
                else
                {
                    hash = context.SecurityParameters.SessionHash;
                }

                X509CertificateStructure x509Cert  = state.clientCertificate.GetCertificateAt(0);
                SubjectPublicKeyInfo     keyInfo   = x509Cert.SubjectPublicKeyInfo;
                AsymmetricKeyParameter   publicKey = PublicKeyFactory.CreateKey(keyInfo);

                TlsSigner tlsSigner = TlsUtilities.CreateTlsSigner((byte)state.clientCertificateType);
                tlsSigner.Init(context);
                if (!tlsSigner.VerifyRawSignature(signatureAlgorithm, clientCertificateVerify.Signature, publicKey, hash))
                {
                    throw new TlsFatalAlert(AlertDescription.decrypt_error);
                }
            }
            catch (TlsFatalAlert e)
            {
                throw e;
            }
            catch (Exception e)
            {
                throw new TlsFatalAlert(AlertDescription.decrypt_error, e);
            }
        }

Example #21

0

Show file

File: DefaultTlsSignerCredentials.cs Project: vincent-deng/Payment

        public DefaultTlsSignerCredentials(TlsContext context, Certificate certificate, AsymmetricKeyParameter privateKey,
                                           SignatureAndHashAlgorithm signatureAndHashAlgorithm)
        {
            if (certificate == null)
            {
                throw new ArgumentNullException("certificate");
            }
            if (certificate.IsEmpty)
            {
                throw new ArgumentException("cannot be empty", "clientCertificate");
            }
            if (privateKey == null)
            {
                throw new ArgumentNullException("privateKey");
            }
            if (!privateKey.IsPrivate)
            {
                throw new ArgumentException("must be private", "privateKey");
            }
            if (TlsUtilities.IsTlsV12(context) && signatureAndHashAlgorithm == null)
            {
                throw new ArgumentException("cannot be null for (D)TLS 1.2+", "signatureAndHashAlgorithm");
            }

            if (privateKey is RsaKeyParameters)
            {
                mSigner = new TlsRsaSigner();
            }
            else if (privateKey is DsaPrivateKeyParameters)
            {
                mSigner = new TlsDssSigner();
            }
            else if (privateKey is ECPrivateKeyParameters)
            {
                mSigner = new TlsECDsaSigner();
            }
            else
            {
                throw new ArgumentException("type not supported: " + Platform.GetTypeName(privateKey), "privateKey");
            }

            this.mSigner.Init(context);

            this.mContext     = context;
            this.mCertificate = certificate;
            this.mPrivateKey  = privateKey;
            this.mSignatureAndHashAlgorithm = signatureAndHashAlgorithm;
        }

Example #22

0

Show file

File: TlsSigner_Test.cs Project: Caskia/qcloud-tls-sig-netcore

        public void Signer_Test()
        {
            //Arrange
            var privateKeyPath = "private_key";
            var publicKeyPath  = "public_key";
            var identity       = "test";
            var appId          = "140013494912";
            var tlsSigner      = new TlsSigner(appId, privateKeyPath, publicKeyPath);

            //Act
            var signature = tlsSigner.Sign(identity);
            var verify    = tlsSigner.Verify(identity, signature);

            //Assert
            verify.ShouldBeTrue();
        }

Example #23

0

Show file

File: TlsServerProtocol.cs Project: jonashammerschmidt/Netcode.IO.NET

        protected virtual void ReceiveCertificateVerifyMessage(MemoryStream buf)
        {
            if (mCertificateRequest == null)
            {
                throw new InvalidOperationException();
            }

            DigitallySigned clientCertificateVerify = DigitallySigned.Parse(Context, buf);

            AssertEmpty(buf);

            // Verify the CertificateVerify message contains a correct signature.
            try
            {
                SignatureAndHashAlgorithm signatureAlgorithm = clientCertificateVerify.Algorithm;

                byte[] hash;
                if (TlsUtilities.IsTlsV12(Context))
                {
                    TlsUtilities.VerifySupportedSignatureAlgorithm(mCertificateRequest.SupportedSignatureAlgorithms, signatureAlgorithm);
                    hash = mPrepareFinishHash.GetFinalHash(signatureAlgorithm.Hash);
                }
                else
                {
                    hash = mSecurityParameters.SessionHash;
                }

                X509CertificateStructure x509Cert  = mPeerCertificate.GetCertificateAt(0);
                SubjectPublicKeyInfo     keyInfo   = x509Cert.SubjectPublicKeyInfo;
                AsymmetricKeyParameter   publicKey = PublicKeyFactory.CreateKey(keyInfo);

                TlsSigner tlsSigner = TlsUtilities.CreateTlsSigner((byte)mClientCertificateType);
                tlsSigner.Init(Context);
                if (!tlsSigner.VerifyRawSignature(signatureAlgorithm, clientCertificateVerify.Signature, publicKey, hash))
                {
                    throw new TlsFatalAlert(AlertDescription.decrypt_error);
                }
            }
            catch (TlsFatalAlert e)
            {
                throw e;
            }
            catch (Exception e)
            {
                throw new TlsFatalAlert(AlertDescription.decrypt_error, e);
            }
        }

Example #24

0

Show file

File: DtlsServerProtocol.cs Project: smdx24/CPI-Source-Code

        protected virtual void ProcessCertificateVerify(ServerHandshakeState state, byte[] body, TlsHandshakeHash prepareFinishHash)
        {
            //IL_0008: Unknown result type (might be due to invalid IL or missing references)
            //IL_0010: Unknown result type (might be due to invalid IL or missing references)
            //IL_0016: Expected O, but got Unknown
            if (state.certificateRequest == null)
            {
                throw new InvalidOperationException();
            }
            MemoryStream         val             = new MemoryStream(body, false);
            TlsServerContextImpl serverContext   = state.serverContext;
            DigitallySigned      digitallySigned = DigitallySigned.Parse(serverContext, (Stream)(object)val);

            TlsProtocol.AssertEmpty(val);
            try
            {
                SignatureAndHashAlgorithm algorithm = digitallySigned.Algorithm;
                byte[] hash;
                if (TlsUtilities.IsTlsV12(serverContext))
                {
                    TlsUtilities.VerifySupportedSignatureAlgorithm(state.certificateRequest.SupportedSignatureAlgorithms, algorithm);
                    hash = prepareFinishHash.GetFinalHash(algorithm.Hash);
                }
                else
                {
                    hash = serverContext.SecurityParameters.SessionHash;
                }
                X509CertificateStructure certificateAt        = state.clientCertificate.GetCertificateAt(0);
                SubjectPublicKeyInfo     subjectPublicKeyInfo = certificateAt.SubjectPublicKeyInfo;
                AsymmetricKeyParameter   publicKey            = PublicKeyFactory.CreateKey(subjectPublicKeyInfo);
                TlsSigner tlsSigner = TlsUtilities.CreateTlsSigner((byte)state.clientCertificateType);
                tlsSigner.Init(serverContext);
                if (!tlsSigner.VerifyRawSignature(algorithm, digitallySigned.Signature, publicKey, hash))
                {
                    throw new TlsFatalAlert(51);
                }
            }
            catch (TlsFatalAlert tlsFatalAlert)
            {
                throw tlsFatalAlert;
            }
            catch (global::System.Exception alertCause)
            {
                throw new TlsFatalAlert(51, alertCause);
            }
        }

Example #25

0

Show file

        protected virtual void ReceiveCertificateVerifyMessage(MemoryStream buf)
        {
            //IL_0008: Unknown result type (might be due to invalid IL or missing references)
            if (mCertificateRequest == null)
            {
                throw new InvalidOperationException();
            }
            DigitallySigned digitallySigned = DigitallySigned.Parse(Context, (Stream)(object)buf);

            TlsProtocol.AssertEmpty(buf);
            try
            {
                SignatureAndHashAlgorithm algorithm = digitallySigned.Algorithm;
                byte[] hash;
                if (TlsUtilities.IsTlsV12(Context))
                {
                    TlsUtilities.VerifySupportedSignatureAlgorithm(mCertificateRequest.SupportedSignatureAlgorithms, algorithm);
                    hash = mPrepareFinishHash.GetFinalHash(algorithm.Hash);
                }
                else
                {
                    hash = mSecurityParameters.SessionHash;
                }
                X509CertificateStructure certificateAt        = mPeerCertificate.GetCertificateAt(0);
                SubjectPublicKeyInfo     subjectPublicKeyInfo = certificateAt.SubjectPublicKeyInfo;
                AsymmetricKeyParameter   publicKey            = PublicKeyFactory.CreateKey(subjectPublicKeyInfo);
                TlsSigner tlsSigner = TlsUtilities.CreateTlsSigner((byte)mClientCertificateType);
                tlsSigner.Init(Context);
                if (!tlsSigner.VerifyRawSignature(algorithm, digitallySigned.Signature, publicKey, hash))
                {
                    throw new TlsFatalAlert(51);
                }
            }
            catch (TlsFatalAlert tlsFatalAlert)
            {
                throw tlsFatalAlert;
            }
            catch (global::System.Exception alertCause)
            {
                throw new TlsFatalAlert(51, alertCause);
            }
        }

Example #26

0

Show file

File: DefaultTlsSignerCredentials.cs Project: martijn00/pleiobox-clients

        public DefaultTlsSignerCredentials(TlsClientContext context,
                                           Certificate clientCertificate, AsymmetricKeyParameter clientPrivateKey)
        {
            if (clientCertificate == null)
            {
                throw new ArgumentNullException("clientCertificate");
            }
            if (clientCertificate.Length == 0)
            {
                throw new ArgumentException("cannot be empty", "clientCertificate");
            }
            if (clientPrivateKey == null)
            {
                throw new ArgumentNullException("clientPrivateKey");
            }
            if (!clientPrivateKey.IsPrivate)
            {
                throw new ArgumentException("must be private", "clientPrivateKey");
            }

            if (clientPrivateKey is RsaKeyParameters)
            {
                clientSigner = new TlsRsaSigner();
            }
            else if (clientPrivateKey is DsaPrivateKeyParameters)
            {
                clientSigner = new TlsDssSigner();
            }
            else if (clientPrivateKey is ECPrivateKeyParameters)
            {
                clientSigner = new TlsECDsaSigner();
            }
            else
            {
                throw new ArgumentException("type not supported: "
                                            + clientPrivateKey.GetType().FullName, "clientPrivateKey");
            }

            this.context          = context;
            this.clientCert       = clientCertificate;
            this.clientPrivateKey = clientPrivateKey;
        }

Example #27

0

Show file

File: DefaultTlsSignerCredentials.cs Project: MBrekhof/pleiobox-clients

        public DefaultTlsSignerCredentials(TlsClientContext context,
            Certificate clientCertificate, AsymmetricKeyParameter clientPrivateKey)
        {
            if (clientCertificate == null)
            {
                throw new ArgumentNullException("clientCertificate");
            }
            if (clientCertificate.Length == 0)
            {
                throw new ArgumentException("cannot be empty", "clientCertificate");
            }
            if (clientPrivateKey == null)
            {
                throw new ArgumentNullException("clientPrivateKey");
            }
            if (!clientPrivateKey.IsPrivate)
            {
                throw new ArgumentException("must be private", "clientPrivateKey");
            }

            if (clientPrivateKey is RsaKeyParameters)
            {
                clientSigner = new TlsRsaSigner();
            }
            else if (clientPrivateKey is DsaPrivateKeyParameters)
            {
                clientSigner = new TlsDssSigner();
            }
            else if (clientPrivateKey is ECPrivateKeyParameters)
            {
                clientSigner = new TlsECDsaSigner();
            }
            else
            {
                throw new ArgumentException("type not supported: "
                    + clientPrivateKey.GetType().FullName, "clientPrivateKey");
            }

            this.context = context;
            this.clientCert = clientCertificate;
            this.clientPrivateKey = clientPrivateKey;
        }

Example #28

0

Show file

File: TLSUtils.cs Project: fossabot/openrelay-cdk-unity

        public static byte[] Sign(Org.BouncyCastle.Crypto.AsymmetricKeyParameter privateKey, bool client, Version version, HandshakeInfo handshakeInfo, SignatureHashAlgorithm signatureHashAlgorithm, byte[] hash)
        {
            TlsSigner signer = null;

            switch (signatureHashAlgorithm.Signature)
            {
            case TSignatureAlgorithm.Anonymous:
                break;

            case TSignatureAlgorithm.RSA:
                signer = new TlsRsaSigner();
                break;

            case TSignatureAlgorithm.DSA:
                signer = new TlsDssSigner();
                break;

            case TSignatureAlgorithm.ECDSA:

                signer = new TlsECDsaSigner();
                break;

            default:
                break;
            }
            DTLSContext context = new DTLSContext(client, version, handshakeInfo);

            Org.BouncyCastle.Crypto.Prng.CryptoApiRandomGenerator randomGenerator = new Org.BouncyCastle.Crypto.Prng.CryptoApiRandomGenerator();
            context.SecureRandom = new Org.BouncyCastle.Security.SecureRandom(randomGenerator);

            signer.Init(context);
            if (TlsUtilities.IsTlsV12(context))
            {
                SignatureAndHashAlgorithm signatureAndHashAlgorithm = new SignatureAndHashAlgorithm((byte)signatureHashAlgorithm.Hash, (byte)signatureHashAlgorithm.Signature);
                return(signer.GenerateRawSignature(signatureAndHashAlgorithm, privateKey, hash));
            }
            else
            {
                return(signer.GenerateRawSignature(privateKey, hash));
            }
        }

Example #29

0

Show file

File: TlsSrpKeyExchange.cs Project: andibadra/bc-csharp

        public TlsSrpKeyExchange(int keyExchange, IList supportedSignatureAlgorithms, byte[] identity, byte[] password)
            :   base(keyExchange, supportedSignatureAlgorithms)
        {
            switch (keyExchange)
            {
            case KeyExchangeAlgorithm.SRP:
                this.mTlsSigner = null;
                break;
            case KeyExchangeAlgorithm.SRP_RSA:
                this.mTlsSigner = new TlsRsaSigner();
                break;
            case KeyExchangeAlgorithm.SRP_DSS:
                this.mTlsSigner = new TlsDssSigner();
                break;
            default:
                throw new InvalidOperationException("unsupported key exchange algorithm");
            }

            this.mIdentity = identity;
            this.mPassword = password;
        }

Example #30

0

Show file

File: TlsDHKeyExchange.cs Project: ALange/OutlookPrivacyPlugin

        public TlsDHKeyExchange(int keyExchange, IList supportedSignatureAlgorithms, DHParameters dhParameters)
            :   base(keyExchange, supportedSignatureAlgorithms)
        {
            switch (keyExchange)
            {
            case KeyExchangeAlgorithm.DH_RSA:
            case KeyExchangeAlgorithm.DH_DSS:
                this.mTlsSigner = null;
                break;
            case KeyExchangeAlgorithm.DHE_RSA:
                this.mTlsSigner = new TlsRsaSigner();
                break;
            case KeyExchangeAlgorithm.DHE_DSS:
                this.mTlsSigner = new TlsDssSigner();
                break;
            default:
                throw new InvalidOperationException("unsupported key exchange algorithm");
            }

            this.mDHParameters = dhParameters;
        }

Example #31

0

Show file

File: TlsDHKeyExchange.cs Project: UnforeseenOcean/Warmode

        public TlsDHKeyExchange(int keyExchange, IList supportedSignatureAlgorithms, DHParameters dhParameters) : base(keyExchange, supportedSignatureAlgorithms)
        {
            switch (keyExchange)
            {
            case 3:
                this.mTlsSigner = new TlsDssSigner();
                goto IL_5E;

            case 5:
                this.mTlsSigner = new TlsRsaSigner();
                goto IL_5E;

            case 7:
            case 9:
                this.mTlsSigner = null;
                goto IL_5E;
            }
            throw new InvalidOperationException("unsupported key exchange algorithm");
IL_5E:
            this.mDHParameters = dhParameters;
        }

Example #32

0

Show file

File: TlsDHKeyExchange.cs Project: Niladri24dutta/itextsharp

		internal TlsDHKeyExchange(TlsClientContext context, KeyExchangeAlgorithm keyExchange)
		{
			switch (keyExchange)
			{
				case KeyExchangeAlgorithm.DH_RSA:
				case KeyExchangeAlgorithm.DH_DSS:
					this.tlsSigner = null;
					break;
				case KeyExchangeAlgorithm.DHE_RSA:
					this.tlsSigner = new TlsRsaSigner();
					break;
				case KeyExchangeAlgorithm.DHE_DSS:
					this.tlsSigner = new TlsDssSigner();
					break;
				default:
					throw new ArgumentException("unsupported key exchange algorithm", "keyExchange");
			}

			this.context = context;
			this.keyExchange = keyExchange;
		}

Example #33

0

Show file

		internal TlsSrpKeyExchange(TlsProtocolHandler handler, ICertificateVerifyer verifyer,
			TlsKeyExchangeAlgorithm keyExchange)
		{
			switch (keyExchange)
			{
				case TlsKeyExchangeAlgorithm.KE_SRP:
					this.tlsSigner = null;
					break;
				case TlsKeyExchangeAlgorithm.KE_SRP_RSA:
					this.tlsSigner = new TlsRsaSigner();
					break;
				case TlsKeyExchangeAlgorithm.KE_SRP_DSS:
					this.tlsSigner = new TlsDssSigner();
					break;
				default:
					throw new ArgumentException("unsupported key exchange algorithm", "keyExchange");
			}

			this.handler = handler;
			this.verifyer = verifyer;
			this.keyExchange = keyExchange;
		}

Example #34

0

Show file

File: DefaultTlsSignerCredentials.cs Project: ALange/OutlookPrivacyPlugin

        public DefaultTlsSignerCredentials(TlsContext context, Certificate certificate, AsymmetricKeyParameter privateKey,
            SignatureAndHashAlgorithm signatureAndHashAlgorithm)
        {
            if (certificate == null)
                throw new ArgumentNullException("certificate");
            if (certificate.IsEmpty)
                throw new ArgumentException("cannot be empty", "clientCertificate");
            if (privateKey == null)
                throw new ArgumentNullException("privateKey");
            if (!privateKey.IsPrivate)
                throw new ArgumentException("must be private", "privateKey");
            if (TlsUtilities.IsTlsV12(context) && signatureAndHashAlgorithm == null)
                throw new ArgumentException("cannot be null for (D)TLS 1.2+", "signatureAndHashAlgorithm");

            if (privateKey is RsaKeyParameters)
            {
                mSigner = new TlsRsaSigner();
            }
            else if (privateKey is DsaPrivateKeyParameters)
            {
                mSigner = new TlsDssSigner();
            }
            else if (privateKey is ECPrivateKeyParameters)
            {
                mSigner = new TlsECDsaSigner();
            }
            else
            {
                throw new ArgumentException("type not supported: " + privateKey.GetType().FullName, "privateKey");
            }

            this.mSigner.Init(context);

            this.mContext = context;
            this.mCertificate = certificate;
            this.mPrivateKey = privateKey;
            this.mSignatureAndHashAlgorithm = signatureAndHashAlgorithm;
        }

Example #35

0

Show file

File: TlsSrpKeyExchange.cs Project: NelsonSantos/fyiReporting-Android

        internal TlsSrpKeyExchange(TlsClientContext context, KeyExchangeAlgorithm keyExchange,
            byte[] identity, byte[] password)
        {
            switch (keyExchange)
            {
                case KeyExchangeAlgorithm.SRP:
                    this.tlsSigner = null;
                    break;
                case KeyExchangeAlgorithm.SRP_RSA:
                    this.tlsSigner = new TlsRsaSigner();
                    break;
                case KeyExchangeAlgorithm.SRP_DSS:
                    this.tlsSigner = new TlsDssSigner();
                    break;
                default:
                    throw new ArgumentException("unsupported key exchange algorithm", "keyExchange");
            }

            this.context = context;
            this.keyExchange = keyExchange;
            this.identity = identity;
            this.password = password;
        }

Example #36

0

Show file

    public TlsDHKeyExchange(int keyExchange, IList supportedSignatureAlgorithms, DHParameters dhParameters)
        : base(keyExchange, supportedSignatureAlgorithms)
    {
        switch (keyExchange)
        {
        case 7:
        case 9:
            mTlsSigner = null;
            break;

        case 5:
            mTlsSigner = new TlsRsaSigner();
            break;

        case 3:
            mTlsSigner = new TlsDssSigner();
            break;

        default:
            throw new InvalidOperationException("unsupported key exchange algorithm");
        }
        mDHParameters = dhParameters;
    }

Example #37

0

Show file

File: DefaultTlsClient.cs Project: mohsenmetn/itextsharp

        internal void EnableClientAuthentication(Certificate clientCertificate,
                                                 AsymmetricKeyParameter clientPrivateKey)
        {
            if (clientCertificate == null)
            {
                throw new ArgumentNullException("clientCertificate");
            }
            if (clientCertificate.certs.Length == 0)
            {
                throw new ArgumentException("cannot be empty", "clientCertificate");
            }
            if (clientPrivateKey == null)
            {
                throw new ArgumentNullException("clientPrivateKey");
            }
            if (!clientPrivateKey.IsPrivate)
            {
                throw new ArgumentException("must be private", "clientPrivateKey");
            }

            if (clientPrivateKey is RsaKeyParameters)
            {
                clientSigner = new TlsRsaSigner();
            }
            else if (clientPrivateKey is DsaPrivateKeyParameters)
            {
                clientSigner = new TlsDssSigner();
            }
            else
            {
                throw new ArgumentException("type not supported: "
                                            + clientPrivateKey.GetType().FullName, "clientPrivateKey");
            }

            this.clientCert       = clientCertificate;
            this.clientPrivateKey = clientPrivateKey;
        }

Example #38

0

Show file

        public TlsSrpKeyExchange(int keyExchange, IList supportedSignatureAlgorithms, byte[] identity, byte[] password)
            :   base(keyExchange, supportedSignatureAlgorithms)
        {
            switch (keyExchange)
            {
            case KeyExchangeAlgorithm.SRP:
                this.mTlsSigner = null;
                break;

            case KeyExchangeAlgorithm.SRP_RSA:
                this.mTlsSigner = new TlsRsaSigner();
                break;

            case KeyExchangeAlgorithm.SRP_DSS:
                this.mTlsSigner = new TlsDssSigner();
                break;

            default:
                throw new InvalidOperationException("unsupported key exchange algorithm");
            }

            this.mIdentity = identity;
            this.mPassword = password;
        }

Example #39

0

Show file

File: TlsDHKeyExchange.cs Project: smdx24/CPI-Source-Code

        public TlsDHKeyExchange(int keyExchange, global::System.Collections.IList supportedSignatureAlgorithms, DHParameters dhParameters)
            : base(keyExchange, supportedSignatureAlgorithms)
        {
            //IL_0058: Unknown result type (might be due to invalid IL or missing references)
            switch (keyExchange)
            {
            case 7:
            case 9:
                mTlsSigner = null;
                break;

            case 5:
                mTlsSigner = new TlsRsaSigner();
                break;

            case 3:
                mTlsSigner = new TlsDssSigner();
                break;

            default:
                throw new InvalidOperationException("unsupported key exchange algorithm");
            }
            mDHParameters = dhParameters;
        }

Example #40

0

Show file

        internal TlsECDHKeyExchange(TlsClientContext context, KeyExchangeAlgorithm keyExchange)
        {
            switch (keyExchange)
            {
            case KeyExchangeAlgorithm.ECDHE_RSA:
                this.tlsSigner = new TlsRsaSigner();
                break;

            case KeyExchangeAlgorithm.ECDHE_ECDSA:
                this.tlsSigner = new TlsECDsaSigner();
                break;

            case KeyExchangeAlgorithm.ECDH_RSA:
            case KeyExchangeAlgorithm.ECDH_ECDSA:
                this.tlsSigner = null;
                break;

            default:
                throw new ArgumentException("unsupported key exchange algorithm", "keyExchange");
            }

            this.context     = context;
            this.keyExchange = keyExchange;
        }

Example #41

0

Show file

File: TlsServerProtocol.cs Project: mirsys/axcrypt-playground

        protected virtual void ReceiveCertificateVerifyMessage(MemoryStream buf)
        {
            DigitallySigned clientCertificateVerify = DigitallySigned.Parse(Context, buf);

            AssertEmpty(buf);

            // Verify the CertificateVerify message contains a correct signature.
            try
            {
                byte[] certificateVerifyHash;
                if (TlsUtilities.IsTlsV12(Context))
                {
                    certificateVerifyHash = mPrepareFinishHash.GetFinalHash(clientCertificateVerify.Algorithm.Hash);
                }
                else
                {
                    certificateVerifyHash = TlsProtocol.GetCurrentPrfHash(Context, mPrepareFinishHash, null);
                }

                X509CertificateStructure x509Cert  = mPeerCertificate.GetCertificateAt(0);
                SubjectPublicKeyInfo     keyInfo   = x509Cert.SubjectPublicKeyInfo;
                AsymmetricKeyParameter   publicKey = PublicKeyFactory.CreateKey(keyInfo);

                TlsSigner tlsSigner = TlsUtilities.CreateTlsSigner((byte)mClientCertificateType);
                tlsSigner.Init(Context);
                if (!tlsSigner.VerifyRawSignature(clientCertificateVerify.Algorithm,
                                                  clientCertificateVerify.Signature, publicKey, certificateVerifyHash))
                {
                    throw new TlsFatalAlert(AlertDescription.decrypt_error);
                }
            }
            catch (Exception e)
            {
                throw new TlsFatalAlert(AlertDescription.decrypt_error, e);
            }
        }

Example #42

0

Show file

File: TLSUtils.cs Project: kdurkin77/DTLS2.Net

        public static byte[] Sign(AsymmetricKeyParameter privateKey, RSACryptoServiceProvider rsaKey, bool client, Version version, HandshakeInfo handshakeInfo,
                                  SignatureHashAlgorithm signatureHashAlgorithm, byte[] hash)
#endif
        {
            if (privateKey == null && rsaKey == null)
            {
                throw new ArgumentException("No key or Rsa CSP provided");
            }

            if (privateKey == null)
            {
                if (signatureHashAlgorithm.Signature == TSignatureAlgorithm.RSA)
                {
                    return(SignRsa(rsaKey, hash));
                }

                throw new ArgumentException("Need private key for non-RSA Algorithms");
            }

            if (version == null)
            {
                throw new ArgumentNullException(nameof(version));
            }

            if (handshakeInfo == null)
            {
                throw new ArgumentNullException(nameof(handshakeInfo));
            }

            if (signatureHashAlgorithm == null)
            {
                throw new ArgumentNullException(nameof(signatureHashAlgorithm));
            }

            if (hash == null)
            {
                throw new ArgumentNullException(nameof(hash));
            }

            TlsSigner signer = null;

            switch (signatureHashAlgorithm.Signature)
            {
            case TSignatureAlgorithm.Anonymous:
                break;

            case TSignatureAlgorithm.RSA:
                signer = new TlsRsaSigner();
                break;

            case TSignatureAlgorithm.DSA:
                signer = new TlsDssSigner();
                break;

            case TSignatureAlgorithm.ECDSA:

                signer = new TlsECDsaSigner();
                break;

            default:
                break;
            }

            var context         = new DTLSContext(client, version, handshakeInfo);
            var randomGenerator = new CryptoApiRandomGenerator();

            context.SecureRandom = new SecureRandom(randomGenerator);

            signer.Init(context);
            if (TlsUtilities.IsTlsV12(context))
            {
                var signatureAndHashAlgorithm = new SignatureAndHashAlgorithm((byte)signatureHashAlgorithm.Hash, (byte)signatureHashAlgorithm.Signature);
                return(signer.GenerateRawSignature(signatureAndHashAlgorithm, privateKey, hash));
            }
            else
            {
                return(signer.GenerateRawSignature(privateKey, hash));
            }
        }

Example #43

0

Show file

		internal void EnableClientAuthentication(Certificate clientCertificate,
			AsymmetricKeyParameter clientPrivateKey)
		{
			if (clientCertificate == null)
			{
				throw new ArgumentNullException("clientCertificate");
			}
			if (clientCertificate.certs.Length == 0)
			{
				throw new ArgumentException("cannot be empty", "clientCertificate");
			}
			if (clientPrivateKey == null)
			{
				throw new ArgumentNullException("clientPrivateKey");
			}
			if (!clientPrivateKey.IsPrivate)
			{
				throw new ArgumentException("must be private", "clientPrivateKey");
			}

			if (clientPrivateKey is RsaKeyParameters)
			{
				clientSigner = new TlsRsaSigner();
			}
			else if (clientPrivateKey is DsaPrivateKeyParameters)
			{
				clientSigner = new TlsDssSigner();
			}
			else
			{
				throw new ArgumentException("type not supported: "
					+ clientPrivateKey.GetType().FullName, "clientPrivateKey");
			}

			this.clientCert = clientCertificate;
			this.clientPrivateKey = clientPrivateKey;
		}

C# (CSharp) TlsSigner Examples