public override byte[] GenerateServerKeyExchange()
{
if (this.mDHParameters == null)
throw new TlsFatalAlert(AlertDescription.internal_error);
DigestInputBuffer buf = new DigestInputBuffer();
this.mDHAgreePrivateKey = TlsDHUtilities.GenerateEphemeralServerKeyExchange(mContext.SecureRandom,
this.mDHParameters, buf);
/*
* RFC 5246 4.7. digitally-signed element needs SignatureAndHashAlgorithm from TLS 1.2
*/
SignatureAndHashAlgorithm signatureAndHashAlgorithm = TlsUtilities.GetSignatureAndHashAlgorithm(
mContext, mServerCredentials);
IDigest d = TlsUtilities.CreateHash(signatureAndHashAlgorithm);
SecurityParameters securityParameters = mContext.SecurityParameters;
d.BlockUpdate(securityParameters.clientRandom, 0, securityParameters.clientRandom.Length);
d.BlockUpdate(securityParameters.serverRandom, 0, securityParameters.serverRandom.Length);
buf.UpdateDigest(d);
byte[] hash = DigestUtilities.DoFinal(d);
byte[] signature = mServerCredentials.GenerateCertificateSignature(hash);
DigitallySigned signed_params = new DigitallySigned(signatureAndHashAlgorithm, signature);
signed_params.Encode(buf);
return buf.ToArray();
}
private DeferredHash(byte prfHashAlgorithm, IDigest prfHash)
{
this.mBuf = null;
this.mHashes = Platform.CreateHashtable();
this.mPrfHashAlgorithm = prfHashAlgorithm;
mHashes[prfHashAlgorithm] = prfHash;
}
public override byte[] GenerateServerKeyExchange()
{
DigestInputBuffer buf = new DigestInputBuffer();
this.mECAgreePrivateKey = TlsEccUtilities.GenerateEphemeralServerKeyExchange(mContext.SecureRandom, mNamedCurves,
mClientECPointFormats, buf);
/*
* RFC 5246 4.7. digitally-signed element needs SignatureAndHashAlgorithm from TLS 1.2
*/
SignatureAndHashAlgorithm signatureAndHashAlgorithm = TlsUtilities.GetSignatureAndHashAlgorithm(
mContext, mServerCredentials);
IDigest d = TlsUtilities.CreateHash(signatureAndHashAlgorithm);
SecurityParameters securityParameters = mContext.SecurityParameters;
d.BlockUpdate(securityParameters.clientRandom, 0, securityParameters.clientRandom.Length);
d.BlockUpdate(securityParameters.serverRandom, 0, securityParameters.serverRandom.Length);
buf.UpdateDigest(d);
byte[] hash = DigestUtilities.DoFinal(d);
byte[] signature = mServerCredentials.GenerateCertificateSignature(hash);
DigitallySigned signed_params = new DigitallySigned(signatureAndHashAlgorithm, signature);
signed_params.Encode(buf);
return(buf.ToArray());
}
private DeferredHash(byte prfHashAlgorithm, IDigest prfHash)
{
this.mBuf = null;
this.mHashes = Org.BouncyCastle.Utilities.Platform.CreateHashtable();
this.mPrfHashAlgorithm = prfHashAlgorithm;
mHashes[prfHashAlgorithm] = prfHash;
}
protected virtual void CheckStopBuffering()
{
if (mBuf == null || ((global::System.Collections.ICollection)mHashes).get_Count() > 4)
{
return;
}
global::System.Collections.IEnumerator enumerator = ((global::System.Collections.IEnumerable)mHashes.get_Values()).GetEnumerator();
try
{
while (enumerator.MoveNext())
{
IDigest d = (IDigest)enumerator.get_Current();
mBuf.UpdateDigest(d);
}
}
finally
{
global::System.IDisposable disposable = enumerator as global::System.IDisposable;
if (disposable != null)
{
disposable.Dispose();
}
}
mBuf = null;
}
private DeferredHash(byte prfHashAlgorithm, IDigest prfHash)
{
mBuf = null;
mHashes = Platform.CreateHashtable();
mPrfHashAlgorithm = prfHashAlgorithm;
mHashes.set_Item((object)prfHashAlgorithm, (object)prfHash);
}
public override byte[] GenerateServerKeyExchange()
{
DigestInputBuffer buf = new DigestInputBuffer();
this.mECAgreePrivateKey = TlsEccUtilities.GenerateEphemeralServerKeyExchange(mContext.SecureRandom, mNamedCurves,
mClientECPointFormats, buf);
/*
* RFC 5246 4.7. digitally-signed element needs SignatureAndHashAlgorithm from TLS 1.2
*/
SignatureAndHashAlgorithm signatureAndHashAlgorithm = TlsUtilities.GetSignatureAndHashAlgorithm(
mContext, mServerCredentials);
IDigest d = TlsUtilities.CreateHash(signatureAndHashAlgorithm);
SecurityParameters securityParameters = mContext.SecurityParameters;
d.BlockUpdate(securityParameters.clientRandom, 0, securityParameters.clientRandom.Length);
d.BlockUpdate(securityParameters.serverRandom, 0, securityParameters.serverRandom.Length);
buf.UpdateDigest(d);
byte[] hash = DigestUtilities.DoFinal(d);
byte[] signature = mServerCredentials.GenerateCertificateSignature(hash);
DigitallySigned signed_params = new DigitallySigned(signatureAndHashAlgorithm, signature);
signed_params.Encode(buf);
return buf.ToArray();
}
private DeferredHash(byte prfHashAlgorithm, IDigest prfHash)
{
this.mBuf = null;
this.mHashes = Platform.CreateHashtable();
this.mPrfHashAlgorithm = prfHashAlgorithm;
mHashes[prfHashAlgorithm] = prfHash;
}
protected virtual void CheckStopBuffering()
{
if (this.mBuf != null && this.mHashes.Count <= 4)
{
foreach (IDigest d in this.mHashes.Values)
{
this.mBuf.UpdateDigest(d);
}
this.mBuf = null;
}
}
protected virtual void CheckStopBuffering()
{
if (mBuf != null && mHashes.Count <= 4)
{
foreach (IDigest value in mHashes.Values)
{
mBuf.UpdateDigest(value);
}
mBuf = null;
}
}
protected virtual void CheckStopBuffering()
{
if (mBuf != null && mHashes.Count <= BUFFERING_HASH_LIMIT)
{
foreach (IDigest hash in mHashes.Values)
{
mBuf.UpdateDigest(hash);
}
this.mBuf = null;
}
}
public override byte[] GenerateServerKeyExchange()
{
if (this.mDHParameters == null)
{
throw new TlsFatalAlert(AlertDescription.internal_error);
}
DigestInputBuffer buf = new DigestInputBuffer();
this.mDHAgreeServerPrivateKey = TlsDHUtilities.GenerateEphemeralServerKeyExchange(context.SecureRandom,
this.mDHParameters, buf);
/*
* RFC 5246 4.7. digitally-signed element needs SignatureAndHashAlgorithm from TLS 1.2
*/
SignatureAndHashAlgorithm signatureAndHashAlgorithm;
IDigest d;
if (TlsUtilities.IsTlsV12(context))
{
signatureAndHashAlgorithm = mServerCredentials.SignatureAndHashAlgorithm;
if (signatureAndHashAlgorithm == null)
{
throw new TlsFatalAlert(AlertDescription.internal_error);
}
d = TlsUtilities.CreateHash(signatureAndHashAlgorithm.Hash);
}
else
{
signatureAndHashAlgorithm = null;
d = new CombinedHash();
}
SecurityParameters securityParameters = context.SecurityParameters;
d.BlockUpdate(securityParameters.clientRandom, 0, securityParameters.clientRandom.Length);
d.BlockUpdate(securityParameters.serverRandom, 0, securityParameters.serverRandom.Length);
buf.UpdateDigest(d);
byte[] hash = DigestUtilities.DoFinal(d);
byte[] signature = mServerCredentials.GenerateCertificateSignature(hash);
DigitallySigned signed_params = new DigitallySigned(signatureAndHashAlgorithm, signature);
signed_params.Encode(buf);
return(buf.ToArray());
}
public override byte[] GenerateServerKeyExchange()
{
DigestInputBuffer output = new DigestInputBuffer();
base.mECAgreePrivateKey = TlsEccUtilities.GenerateEphemeralServerKeyExchange(base.mContext.SecureRandom, base.mNamedCurves, base.mClientECPointFormats, output);
SignatureAndHashAlgorithm signatureAndHashAlgorithm = TlsUtilities.GetSignatureAndHashAlgorithm(base.mContext, this.mServerCredentials);
IDigest d = TlsUtilities.CreateHash(signatureAndHashAlgorithm);
SecurityParameters securityParameters = base.mContext.SecurityParameters;
d.BlockUpdate(securityParameters.clientRandom, 0, securityParameters.clientRandom.Length);
d.BlockUpdate(securityParameters.serverRandom, 0, securityParameters.serverRandom.Length);
output.UpdateDigest(d);
byte[] hash = DigestUtilities.DoFinal(d);
byte[] signature = this.mServerCredentials.GenerateCertificateSignature(hash);
new DigitallySigned(signatureAndHashAlgorithm, signature).Encode(output);
return(output.ToArray());
}
public override byte[] GenerateServerKeyExchange()
{
DigestInputBuffer digestInputBuffer = new DigestInputBuffer();
mECAgreePrivateKey = TlsEccUtilities.GenerateEphemeralServerKeyExchange(mContext.SecureRandom, mNamedCurves, mClientECPointFormats, (Stream)(object)digestInputBuffer);
SignatureAndHashAlgorithm signatureAndHashAlgorithm = TlsUtilities.GetSignatureAndHashAlgorithm(mContext, mServerCredentials);
IDigest digest = TlsUtilities.CreateHash(signatureAndHashAlgorithm);
SecurityParameters securityParameters = mContext.SecurityParameters;
digest.BlockUpdate(securityParameters.clientRandom, 0, securityParameters.clientRandom.Length);
digest.BlockUpdate(securityParameters.serverRandom, 0, securityParameters.serverRandom.Length);
digestInputBuffer.UpdateDigest(digest);
byte[] hash = DigestUtilities.DoFinal(digest);
byte[] signature = mServerCredentials.GenerateCertificateSignature(hash);
DigitallySigned digitallySigned = new DigitallySigned(signatureAndHashAlgorithm, signature);
digitallySigned.Encode((Stream)(object)digestInputBuffer);
return(((MemoryStream)digestInputBuffer).ToArray());
}
public override byte[] GenerateServerKeyExchange()
{
if (mDHParameters == null)
{
throw new TlsFatalAlert(80);
}
DigestInputBuffer digestInputBuffer = new DigestInputBuffer();
mDHAgreePrivateKey = TlsDHUtilities.GenerateEphemeralServerKeyExchange(mContext.SecureRandom, mDHParameters, digestInputBuffer);
SignatureAndHashAlgorithm signatureAndHashAlgorithm = TlsUtilities.GetSignatureAndHashAlgorithm(mContext, mServerCredentials);
IDigest digest = TlsUtilities.CreateHash(signatureAndHashAlgorithm);
SecurityParameters securityParameters = mContext.SecurityParameters;
digest.BlockUpdate(securityParameters.clientRandom, 0, securityParameters.clientRandom.Length);
digest.BlockUpdate(securityParameters.serverRandom, 0, securityParameters.serverRandom.Length);
digestInputBuffer.UpdateDigest(digest);
byte[] hash = DigestUtilities.DoFinal(digest);
byte[] signature = mServerCredentials.GenerateCertificateSignature(hash);
DigitallySigned digitallySigned = new DigitallySigned(signatureAndHashAlgorithm, signature);
digitallySigned.Encode(digestInputBuffer);
return(digestInputBuffer.ToArray());
}
public override byte[] GenerateServerKeyExchange()
{
mSrpServer.Init(mSrpGroup, mSrpVerifier, TlsUtilities.CreateHash(HashAlgorithm.sha1), mContext.SecureRandom);
BigInteger B = mSrpServer.GenerateServerCredentials();
ServerSrpParams srpParams = new ServerSrpParams(mSrpGroup.N, mSrpGroup.G, mSrpSalt, B);
DigestInputBuffer buf = new DigestInputBuffer();
srpParams.Encode(buf);
if (mServerCredentials != null)
{
/*
* RFC 5246 4.7. digitally-signed element needs SignatureAndHashAlgorithm from TLS 1.2
*/
SignatureAndHashAlgorithm signatureAndHashAlgorithm = TlsUtilities.GetSignatureAndHashAlgorithm(
mContext, mServerCredentials);
IDigest d = TlsUtilities.CreateHash(signatureAndHashAlgorithm);
SecurityParameters securityParameters = mContext.SecurityParameters;
d.BlockUpdate(securityParameters.clientRandom, 0, securityParameters.clientRandom.Length);
d.BlockUpdate(securityParameters.serverRandom, 0, securityParameters.serverRandom.Length);
buf.UpdateDigest(d);
byte[] hash = new byte[d.GetDigestSize()];
d.DoFinal(hash, 0);
byte[] signature = mServerCredentials.GenerateCertificateSignature(hash);
DigitallySigned signed_params = new DigitallySigned(signatureAndHashAlgorithm, signature);
signed_params.Encode(buf);
}
return(buf.ToArray());
}
public override byte[] GenerateServerKeyExchange()
{
mSrpServer.Init(mSrpGroup, mSrpVerifier, TlsUtilities.CreateHash(2), mContext.SecureRandom);
BigInteger b = mSrpServer.GenerateServerCredentials();
ServerSrpParams serverSrpParams = new ServerSrpParams(mSrpGroup.N, mSrpGroup.G, mSrpSalt, b);
DigestInputBuffer digestInputBuffer = new DigestInputBuffer();
serverSrpParams.Encode((Stream)(object)digestInputBuffer);
if (mServerCredentials != null)
{
SignatureAndHashAlgorithm signatureAndHashAlgorithm = TlsUtilities.GetSignatureAndHashAlgorithm(mContext, mServerCredentials);
IDigest digest = TlsUtilities.CreateHash(signatureAndHashAlgorithm);
SecurityParameters securityParameters = mContext.SecurityParameters;
digest.BlockUpdate(securityParameters.clientRandom, 0, securityParameters.clientRandom.Length);
digest.BlockUpdate(securityParameters.serverRandom, 0, securityParameters.serverRandom.Length);
digestInputBuffer.UpdateDigest(digest);
byte[] array = new byte[digest.GetDigestSize()];
digest.DoFinal(array, 0);
byte[] signature = mServerCredentials.GenerateCertificateSignature(array);
DigitallySigned digitallySigned = new DigitallySigned(signatureAndHashAlgorithm, signature);
digitallySigned.Encode((Stream)(object)digestInputBuffer);
}
return(((MemoryStream)digestInputBuffer).ToArray());
}
protected virtual void CheckStopBuffering()
{
if ((this.mBuf != null) && (this.mHashes.Count <= 4))
{
IEnumerator enumerator = this.mHashes.Values.GetEnumerator();
try
{
while (enumerator.MoveNext())
{
IDigest current = (IDigest)enumerator.Current;
this.mBuf.UpdateDigest(current);
}
}
finally
{
if (enumerator is IDisposable disposable)
{
IDisposable disposable;
disposable.Dispose();
}
}
this.mBuf = null;
}
}
internal DeferredHash()
{
this.mBuf = new DigestInputBuffer();
this.mHashes = Platform.CreateHashtable();
this.mPrfHashAlgorithm = -1;
}
public override byte[] GenerateServerKeyExchange()
{
mSrpServer.Init(mSrpGroup, mSrpVerifier, TlsUtilities.CreateHash(HashAlgorithm.sha1), mContext.SecureRandom);
BigInteger B = mSrpServer.GenerateServerCredentials();
ServerSrpParams srpParams = new ServerSrpParams(mSrpGroup.N, mSrpGroup.G, mSrpSalt, B);
DigestInputBuffer buf = new DigestInputBuffer();
srpParams.Encode(buf);
if (mServerCredentials != null)
{
/*
* RFC 5246 4.7. digitally-signed element needs SignatureAndHashAlgorithm from TLS 1.2
*/
SignatureAndHashAlgorithm signatureAndHashAlgorithm = TlsUtilities.GetSignatureAndHashAlgorithm(
mContext, mServerCredentials);
IDigest d = TlsUtilities.CreateHash(signatureAndHashAlgorithm);
SecurityParameters securityParameters = mContext.SecurityParameters;
d.BlockUpdate(securityParameters.clientRandom, 0, securityParameters.clientRandom.Length);
d.BlockUpdate(securityParameters.serverRandom, 0, securityParameters.serverRandom.Length);
buf.UpdateDigest(d);
byte[] hash = new byte[d.GetDigestSize()];
d.DoFinal(hash, 0);
byte[] signature = mServerCredentials.GenerateCertificateSignature(hash);
DigitallySigned signed_params = new DigitallySigned(signatureAndHashAlgorithm, signature);
signed_params.Encode(buf);
}
return buf.ToArray();
}
internal DeferredHash()
{
this.mBuf = new DigestInputBuffer();
this.mHashes = Org.BouncyCastle.Utilities.Platform.CreateHashtable();
this.mPrfHashAlgorithm = -1;
}
internal DeferredHash()
{
this.mBuf = new DigestInputBuffer();
this.mHashes = Platform.CreateHashtable();
this.mPrfHashAlgorithm = -1;
}
protected virtual void CheckStopBuffering()
{
if (mBuf != null && mHashes.Count <= BUFFERING_HASH_LIMIT)
{
foreach (IDigest hash in mHashes.Values)
{
mBuf.UpdateDigest(hash);
}
this.mBuf = null;
}
}
public override byte[] GenerateServerKeyExchange()
{
/*
* First we try to find a supported named curve from the client's list.
*/
int namedCurve = -1;
if (mNamedCurves == null)
{
// TODO Let the peer choose the default named curve
namedCurve = NamedCurve.secp256r1;
}
else
{
for (int i = 0; i < mNamedCurves.Length; ++i)
{
int entry = mNamedCurves[i];
if (NamedCurve.IsValid(entry) && TlsEccUtilities.IsSupportedNamedCurve(entry))
{
namedCurve = entry;
break;
}
}
}
ECDomainParameters curve_params = null;
if (namedCurve >= 0)
{
curve_params = TlsEccUtilities.GetParametersForNamedCurve(namedCurve);
}
else
{
/*
* If no named curves are suitable, check if the client supports explicit curves.
*/
if (Arrays.Contains(mNamedCurves, NamedCurve.arbitrary_explicit_prime_curves))
{
curve_params = TlsEccUtilities.GetParametersForNamedCurve(NamedCurve.secp256r1);
}
else if (Arrays.Contains(mNamedCurves, NamedCurve.arbitrary_explicit_char2_curves))
{
curve_params = TlsEccUtilities.GetParametersForNamedCurve(NamedCurve.sect283r1);
}
}
if (curve_params == null)
{
/*
* NOTE: We shouldn't have negotiated ECDHE key exchange since we apparently can't find
* a suitable curve.
*/
throw new TlsFatalAlert(AlertDescription.internal_error);
}
AsymmetricCipherKeyPair kp = TlsEccUtilities.GenerateECKeyPair(context.SecureRandom, curve_params);
this.mECAgreePrivateKey = (ECPrivateKeyParameters)kp.Private;
DigestInputBuffer buf = new DigestInputBuffer();
if (namedCurve < 0)
{
TlsEccUtilities.WriteExplicitECParameters(mClientECPointFormats, curve_params, buf);
}
else
{
TlsEccUtilities.WriteNamedECParameters(namedCurve, buf);
}
ECPublicKeyParameters ecPublicKey = (ECPublicKeyParameters)kp.Public;
TlsEccUtilities.WriteECPoint(mClientECPointFormats, ecPublicKey.Q, buf);
/*
* RFC 5246 4.7. digitally-signed element needs SignatureAndHashAlgorithm from TLS 1.2
*/
SignatureAndHashAlgorithm signatureAndHashAlgorithm;
IDigest d;
if (TlsUtilities.IsTlsV12(context))
{
signatureAndHashAlgorithm = mServerCredentials.SignatureAndHashAlgorithm;
if (signatureAndHashAlgorithm == null)
{
throw new TlsFatalAlert(AlertDescription.internal_error);
}
d = TlsUtilities.CreateHash(signatureAndHashAlgorithm.Hash);
}
else
{
signatureAndHashAlgorithm = null;
d = new CombinedHash();
}
SecurityParameters securityParameters = context.SecurityParameters;
d.BlockUpdate(securityParameters.clientRandom, 0, securityParameters.clientRandom.Length);
d.BlockUpdate(securityParameters.serverRandom, 0, securityParameters.serverRandom.Length);
buf.UpdateDigest(d);
byte[] hash = DigestUtilities.DoFinal(d);
byte[] signature = mServerCredentials.GenerateCertificateSignature(hash);
DigitallySigned signed_params = new DigitallySigned(signatureAndHashAlgorithm, signature);
signed_params.Encode(buf);
return(buf.ToArray());
}
public override byte[] GenerateServerKeyExchange()
{
/*
* First we try to find a supported named curve from the client's list.
*/
int namedCurve = -1;
if (mNamedCurves == null)
{
// TODO Let the peer choose the default named curve
namedCurve = NamedCurve.secp256r1;
}
else
{
for (int i = 0; i < mNamedCurves.Length; ++i)
{
int entry = mNamedCurves[i];
if (NamedCurve.IsValid(entry) && TlsEccUtilities.IsSupportedNamedCurve(entry))
{
namedCurve = entry;
break;
}
}
}
ECDomainParameters curve_params = null;
if (namedCurve >= 0)
{
curve_params = TlsEccUtilities.GetParametersForNamedCurve(namedCurve);
}
else
{
/*
* If no named curves are suitable, check if the client supports explicit curves.
*/
if (Arrays.Contains(mNamedCurves, NamedCurve.arbitrary_explicit_prime_curves))
{
curve_params = TlsEccUtilities.GetParametersForNamedCurve(NamedCurve.secp256r1);
}
else if (Arrays.Contains(mNamedCurves, NamedCurve.arbitrary_explicit_char2_curves))
{
curve_params = TlsEccUtilities.GetParametersForNamedCurve(NamedCurve.sect283r1);
}
}
if (curve_params == null)
{
/*
* NOTE: We shouldn't have negotiated ECDHE key exchange since we apparently can't find
* a suitable curve.
*/
throw new TlsFatalAlert(AlertDescription.internal_error);
}
AsymmetricCipherKeyPair kp = TlsEccUtilities.GenerateECKeyPair(context.SecureRandom, curve_params);
this.mECAgreePrivateKey = (ECPrivateKeyParameters)kp.Private;
DigestInputBuffer buf = new DigestInputBuffer();
if (namedCurve < 0)
{
TlsEccUtilities.WriteExplicitECParameters(mClientECPointFormats, curve_params, buf);
}
else
{
TlsEccUtilities.WriteNamedECParameters(namedCurve, buf);
}
ECPublicKeyParameters ecPublicKey = (ECPublicKeyParameters)kp.Public;
TlsEccUtilities.WriteECPoint(mClientECPointFormats, ecPublicKey.Q, buf);
/*
* RFC 5246 4.7. digitally-signed element needs SignatureAndHashAlgorithm from TLS 1.2
*/
SignatureAndHashAlgorithm signatureAndHashAlgorithm;
IDigest d;
if (TlsUtilities.IsTlsV12(context))
{
signatureAndHashAlgorithm = mServerCredentials.SignatureAndHashAlgorithm;
if (signatureAndHashAlgorithm == null)
throw new TlsFatalAlert(AlertDescription.internal_error);
d = TlsUtilities.CreateHash(signatureAndHashAlgorithm.Hash);
}
else
{
signatureAndHashAlgorithm = null;
d = new CombinedHash();
}
SecurityParameters securityParameters = context.SecurityParameters;
d.BlockUpdate(securityParameters.clientRandom, 0, securityParameters.clientRandom.Length);
d.BlockUpdate(securityParameters.serverRandom, 0, securityParameters.serverRandom.Length);
buf.UpdateDigest(d);
byte[] hash = DigestUtilities.DoFinal(d);
byte[] signature = mServerCredentials.GenerateCertificateSignature(hash);
DigitallySigned signed_params = new DigitallySigned(signatureAndHashAlgorithm, signature);
signed_params.Encode(buf);
return buf.ToArray();
}
