public override void ProcessServerKeyExchange(Stream input) { SecurityParameters securityParameters = context.SecurityParameters; SignerInputBuffer buf = null; Stream teeIn = input; if (mTlsSigner != null) { buf = new SignerInputBuffer(); teeIn = new TeeInputStream(input, buf); } byte[] NBytes = TlsUtilities.ReadOpaque16(teeIn); byte[] gBytes = TlsUtilities.ReadOpaque16(teeIn); byte[] sBytes = TlsUtilities.ReadOpaque8(teeIn); byte[] BBytes = TlsUtilities.ReadOpaque16(teeIn); if (buf != null) { DigitallySigned signed_params = DigitallySigned.Parse(context, input); ISigner signer = InitVerifyer(mTlsSigner, signed_params.Algorithm, securityParameters); buf.UpdateSigner(signer); if (!signer.VerifySignature(signed_params.Signature)) { throw new TlsFatalAlert(AlertDescription.decrypt_error); } } BigInteger N = new BigInteger(1, NBytes); BigInteger g = new BigInteger(1, gBytes); // TODO Validate group parameters (see RFC 5054) // throw new TlsFatalAlert(AlertDescription.insufficient_security); this.mS = sBytes; /* * RFC 5054 2.5.3: The client MUST abort the handshake with an "illegal_parameter" alert if * B % N = 0. */ try { this.mB = Srp6Utilities.ValidatePublicValue(N, new BigInteger(1, BBytes)); } catch (CryptoException e) { throw new TlsFatalAlert(AlertDescription.illegal_parameter, e); } this.mSrpClient.Init(N, g, TlsUtilities.CreateHash(HashAlgorithm.sha1), context.SecureRandom); }
public override void ProcessServerKeyExchange(Stream input) { SecurityParameters securityParameters = mContext.SecurityParameters; SignerInputBuffer buf = null; Stream teeIn = input; if (mTlsSigner != null) { buf = new SignerInputBuffer(); teeIn = new TeeInputStream(input, buf); } ServerSrpParams srpParams = ServerSrpParams.Parse(teeIn); if (buf != null) { DigitallySigned signed_params = DigitallySigned.Parse(mContext, input); ISigner signer = InitVerifyer(mTlsSigner, signed_params.Algorithm, securityParameters); buf.UpdateSigner(signer); if (!signer.VerifySignature(signed_params.Signature)) { throw new TlsFatalAlert(AlertDescription.decrypt_error); } } this.mSrpGroup = new Srp6GroupParameters(srpParams.N, srpParams.G); if (!mGroupVerifier.Accept(mSrpGroup)) { throw new TlsFatalAlert(AlertDescription.insufficient_security); } this.mSrpSalt = srpParams.S; /* * RFC 5054 2.5.3: The client MUST abort the handshake with an "illegal_parameter" alert if * B % N = 0. */ try { this.mSrpPeerCredentials = Srp6Utilities.ValidatePublicValue(mSrpGroup.N, srpParams.B); } catch (CryptoException e) { throw new TlsFatalAlert(AlertDescription.illegal_parameter, e); } this.mSrpClient.Init(mSrpGroup, TlsUtilities.CreateHash(HashAlgorithm.sha1), mContext.SecureRandom); }
public override void ProcessServerKeyExchange(Stream input) { SecurityParameters securityParameters = mContext.SecurityParameters; SignerInputBuffer signerInputBuffer = new SignerInputBuffer(); Stream input2 = new TeeInputStream(input, signerInputBuffer); ServerDHParams serverDHParams = ServerDHParams.Parse(input2); DigitallySigned digitallySigned = DigitallySigned.Parse(mContext, input); ISigner signer = InitVerifyer(mTlsSigner, digitallySigned.Algorithm, securityParameters); signerInputBuffer.UpdateSigner(signer); if (!signer.VerifySignature(digitallySigned.Signature)) { throw new TlsFatalAlert(51); } mDHAgreePublicKey = TlsDHUtilities.ValidateDHPublicKey(serverDHParams.PublicKey); mDHParameters = mDHAgreePublicKey.Parameters; }
public override void ProcessServerKeyExchange(Stream input) { SecurityParameters securityParameters = base.mContext.SecurityParameters; SignerInputBuffer tee = new SignerInputBuffer(); Stream stream = new TeeInputStream(input, tee); ServerDHParams @params = ServerDHParams.Parse(stream); DigitallySigned signed = this.ParseSignature(input); ISigner s = this.InitVerifyer(base.mTlsSigner, signed.Algorithm, securityParameters); tee.UpdateSigner(s); if (!s.VerifySignature(signed.Signature)) { throw new TlsFatalAlert(0x33); } base.mDHAgreePublicKey = TlsDHUtilities.ValidateDHPublicKey(@params.PublicKey); base.mDHParameters = this.ValidateDHParameters(base.mDHAgreePublicKey.Parameters); }
public override void ProcessServerKeyExchange(Stream input) { SecurityParameters securityParameters = base.mContext.SecurityParameters; SignerInputBuffer tee = new SignerInputBuffer(); Stream stream = new TeeInputStream(input, tee); ECDomainParameters parameters2 = TlsEccUtilities.ReadECParameters(base.mNamedCurves, base.mClientECPointFormats, stream); byte[] encoding = TlsUtilities.ReadOpaque8(stream); DigitallySigned signed = this.ParseSignature(input); ISigner s = this.InitVerifyer(base.mTlsSigner, signed.Algorithm, securityParameters); tee.UpdateSigner(s); if (!s.VerifySignature(signed.Signature)) { throw new TlsFatalAlert(0x33); } base.mECAgreePublicKey = TlsEccUtilities.ValidateECPublicKey(TlsEccUtilities.DeserializeECPublicKey(base.mClientECPointFormats, parameters2, encoding)); }
public override void ProcessServerKeyExchange(Stream input) { SecurityParameters securityParameters = context.SecurityParameters; SignerInputBuffer buf = new SignerInputBuffer(); Stream teeIn = new TeeInputStream(input, buf); ServerDHParams dhParams = ServerDHParams.Parse(teeIn); DigitallySigned signed_params = DigitallySigned.Parse(context, input); ISigner signer = InitVerifyer(mTlsSigner, signed_params.Algorithm, securityParameters); buf.UpdateSigner(signer); if (!signer.VerifySignature(signed_params.Signature)) throw new TlsFatalAlert(AlertDescription.decrypt_error); this.mDHAgreeServerPublicKey = TlsDHUtilities.ValidateDHPublicKey(dhParams.PublicKey); }
public override void ProcessServerKeyExchange(Stream input) { SecurityParameters securityParameters = mContext.SecurityParameters; SignerInputBuffer signerInputBuffer = new SignerInputBuffer(); Stream input2 = (Stream)(object)new TeeInputStream(input, (Stream)(object)signerInputBuffer); ECDomainParameters curve_params = TlsEccUtilities.ReadECParameters(mNamedCurves, mClientECPointFormats, input2); byte[] encoding = TlsUtilities.ReadOpaque8(input2); DigitallySigned digitallySigned = ParseSignature(input); ISigner signer = InitVerifyer(mTlsSigner, digitallySigned.Algorithm, securityParameters); signerInputBuffer.UpdateSigner(signer); if (!signer.VerifySignature(digitallySigned.Signature)) { throw new TlsFatalAlert(51); } mECAgreePublicKey = TlsEccUtilities.ValidateECPublicKey(TlsEccUtilities.DeserializeECPublicKey(mClientECPointFormats, curve_params, encoding)); }
public override void ProcessServerKeyExchange(Stream input) { SecurityParameters securityParameters = mContext.SecurityParameters; SignerInputBuffer buf = new SignerInputBuffer(); Stream teeIn = new TeeInputStream(input, buf); this.mDHParameters = TlsDHUtilities.ReceiveDHParameters(mDHVerifier, teeIn); this.mDHAgreePublicKey = new DHPublicKeyParameters(TlsDHUtilities.ReadDHParameter(teeIn), mDHParameters); DigitallySigned signed_params = ParseSignature(input); ISigner signer = InitVerifyer(mTlsSigner, signed_params.Algorithm, securityParameters); buf.UpdateSigner(signer); if (!signer.VerifySignature(signed_params.Signature)) { throw new TlsFatalAlert(AlertDescription.decrypt_error); } }
public override void ProcessServerKeyExchange(Stream input) { SecurityParameters securityParameters = context.SecurityParameters; SignerInputBuffer buf = new SignerInputBuffer(); Stream teeIn = new TeeInputStream(input, buf); ServerDHParams dhParams = ServerDHParams.Parse(teeIn); DigitallySigned signed_params = DigitallySigned.Parse(context, input); ISigner signer = InitVerifyer(mTlsSigner, signed_params.Algorithm, securityParameters); buf.UpdateSigner(signer); if (!signer.VerifySignature(signed_params.Signature)) { throw new TlsFatalAlert(AlertDescription.decrypt_error); } this.mDHAgreeServerPublicKey = TlsDHUtilities.ValidateDHPublicKey(dhParams.PublicKey); }
public override void ProcessServerKeyExchange(Stream input) { SecurityParameters securityParameters = mContext.SecurityParameters; SignerInputBuffer buf = new SignerInputBuffer(); Stream teeIn = new TeeInputStream(input, buf); ECDomainParameters curve_params = TlsEccUtilities.ReadECParameters(mNamedCurves, mClientECPointFormats, teeIn); byte[] point = TlsUtilities.ReadOpaque8(teeIn); DigitallySigned signed_params = ParseSignature(input); ISigner signer = InitVerifyer(mTlsSigner, signed_params.Algorithm, securityParameters); buf.UpdateSigner(signer); if (!signer.VerifySignature(signed_params.Signature)) throw new TlsFatalAlert(AlertDescription.decrypt_error); this.mECAgreePublicKey = TlsEccUtilities.ValidateECPublicKey(TlsEccUtilities.DeserializeECPublicKey( mClientECPointFormats, curve_params, point)); }
public override void ProcessServerKeyExchange(Stream input) { SecurityParameters securityParameters = mContext.SecurityParameters; SignerInputBuffer signerInputBuffer = null; Stream input2 = input; if (mTlsSigner != null) { signerInputBuffer = new SignerInputBuffer(); input2 = (Stream)(object)new TeeInputStream(input, (Stream)(object)signerInputBuffer); } ServerSrpParams serverSrpParams = ServerSrpParams.Parse(input2); if (signerInputBuffer != null) { DigitallySigned digitallySigned = ParseSignature(input); ISigner signer = InitVerifyer(mTlsSigner, digitallySigned.Algorithm, securityParameters); signerInputBuffer.UpdateSigner(signer); if (!signer.VerifySignature(digitallySigned.Signature)) { throw new TlsFatalAlert(51); } } mSrpGroup = new Srp6GroupParameters(serverSrpParams.N, serverSrpParams.G); if (!mGroupVerifier.Accept(mSrpGroup)) { throw new TlsFatalAlert(71); } mSrpSalt = serverSrpParams.S; try { mSrpPeerCredentials = Srp6Utilities.ValidatePublicValue(mSrpGroup.N, serverSrpParams.B); } catch (CryptoException alertCause) { throw new TlsFatalAlert(47, alertCause); } mSrpClient.Init(mSrpGroup, TlsUtilities.CreateHash(2), mContext.SecureRandom); }
public override void ProcessServerKeyExchange(Stream input) { SecurityParameters securityParameters = mContext.SecurityParameters; SignerInputBuffer buf = new SignerInputBuffer(); Stream teeIn = new TeeInputStream(input, buf); ECDomainParameters curve_params = TlsEccUtilities.ReadECParameters(mNamedCurves, mClientECPointFormats, teeIn); byte[] point = TlsUtilities.ReadOpaque8(teeIn); DigitallySigned signed_params = DigitallySigned.Parse(mContext, input); ISigner signer = InitVerifyer(mTlsSigner, signed_params.Algorithm, securityParameters); buf.UpdateSigner(signer); if (!signer.VerifySignature(signed_params.Signature)) { throw new TlsFatalAlert(AlertDescription.decrypt_error); } this.mECAgreePublicKey = TlsEccUtilities.ValidateECPublicKey(TlsEccUtilities.DeserializeECPublicKey( mClientECPointFormats, curve_params, point)); }
public override void ProcessServerKeyExchange(Stream input) { SecurityParameters securityParameters = mContext.SecurityParameters; SignerInputBuffer buf = null; Stream teeIn = input; if (mTlsSigner != null) { buf = new SignerInputBuffer(); teeIn = new TeeInputStream(input, buf); } ServerSrpParams srpParams = ServerSrpParams.Parse(teeIn); if (buf != null) { DigitallySigned signed_params = ParseSignature(input); ISigner signer = InitVerifyer(mTlsSigner, signed_params.Algorithm, securityParameters); buf.UpdateSigner(signer); if (!signer.VerifySignature(signed_params.Signature)) throw new TlsFatalAlert(AlertDescription.decrypt_error); } this.mSrpGroup = new Srp6GroupParameters(srpParams.N, srpParams.G); if (!mGroupVerifier.Accept(mSrpGroup)) throw new TlsFatalAlert(AlertDescription.insufficient_security); this.mSrpSalt = srpParams.S; /* * RFC 5054 2.5.3: The client MUST abort the handshake with an "illegal_parameter" alert if * B % N = 0. */ try { this.mSrpPeerCredentials = Srp6Utilities.ValidatePublicValue(mSrpGroup.N, srpParams.B); } catch (CryptoException e) { throw new TlsFatalAlert(AlertDescription.illegal_parameter, e); } this.mSrpClient.Init(mSrpGroup, TlsUtilities.CreateHash(HashAlgorithm.sha1), mContext.SecureRandom); }
public override void ProcessServerKeyExchange(Stream input) { SecurityParameters securityParameters = context.SecurityParameters; SignerInputBuffer buf = null; Stream teeIn = input; if (mTlsSigner != null) { buf = new SignerInputBuffer(); teeIn = new TeeInputStream(input, buf); } byte[] NBytes = TlsUtilities.ReadOpaque16(teeIn); byte[] gBytes = TlsUtilities.ReadOpaque16(teeIn); byte[] sBytes = TlsUtilities.ReadOpaque8(teeIn); byte[] BBytes = TlsUtilities.ReadOpaque16(teeIn); if (buf != null) { DigitallySigned signed_params = DigitallySigned.Parse(context, input); ISigner signer = InitVerifyer(mTlsSigner, signed_params.Algorithm, securityParameters); buf.UpdateSigner(signer); if (!signer.VerifySignature(signed_params.Signature)) throw new TlsFatalAlert(AlertDescription.decrypt_error); } BigInteger N = new BigInteger(1, NBytes); BigInteger g = new BigInteger(1, gBytes); // TODO Validate group parameters (see RFC 5054) // throw new TlsFatalAlert(AlertDescription.insufficient_security); this.mS = sBytes; /* * RFC 5054 2.5.3: The client MUST abort the handshake with an "illegal_parameter" alert if * B % N = 0. */ try { this.mB = Srp6Utilities.ValidatePublicValue(N, new BigInteger(1, BBytes)); } catch (CryptoException e) { throw new TlsFatalAlert(AlertDescription.illegal_parameter, e); } this.mSrpClient.Init(N, g, TlsUtilities.CreateHash(HashAlgorithm.sha1), context.SecureRandom); }