public override void GenerateClientKeyExchange(Stream output) { if (mAgreementCredentials == null) { mDHAgreePrivateKey = TlsDHUtilities.GenerateEphemeralClientKeyExchange(mContext.SecureRandom, mDHParameters, output); } }
public byte[] GenerateServerKeyExchange() { if (this.mDHParameters == null) { throw new TlsFatalAlert(AlertDescription.internal_error); } DigestInputBuffer buf = new DigestInputBuffer(); this.mDHAgreePrivateKey = TlsDHUtilities.GenerateEphemeralServerKeyExchange(mContext.SecureRandom, this.mDHParameters, buf); /* * RFC 5246 4.7. digitally-signed element needs SignatureAndHashAlgorithm from TLS 1.2 */ SignatureAndHashAlgorithm signatureAndHashAlgorithm = TlsUtilities.GetSignatureAndHashAlgorithm( mContext, mServerCredentials); IDigest d = TlsUtilities.CreateHash(signatureAndHashAlgorithm); SecurityParameters securityParameters = mContext.SecurityParameters; d.BlockUpdate(securityParameters.ClientRandom, 0, securityParameters.ClientRandom.Length); d.BlockUpdate(securityParameters.ServerRandom, 0, securityParameters.ServerRandom.Length); buf.UpdateDigest(d); byte[] hash = DigestUtilities.DoFinal(d); byte[] signature = mServerCredentials.GenerateCertificateSignature(hash); DigitallySigned signed_params = new DigitallySigned(signatureAndHashAlgorithm, signature); signed_params.Encode(buf); return(buf.ToArray()); }
public override void ProcessClientKeyExchange(Stream input) { byte[] array = TlsUtilities.ReadOpaque16(input); mPsk = mPskIdentityManager.GetPsk(array); if (mPsk == null) { throw new TlsFatalAlert(115); } mContext.SecurityParameters.pskIdentity = array; if (mKeyExchange == 14) { BigInteger y = TlsDHUtilities.ReadDHParameter(input); mDHAgreePublicKey = TlsDHUtilities.ValidateDHPublicKey(new DHPublicKeyParameters(y, mDHParameters)); } else if (mKeyExchange == 24) { byte[] encoding = TlsUtilities.ReadOpaque8(input); ECDomainParameters parameters = mECAgreePrivateKey.Parameters; mECAgreePublicKey = TlsEccUtilities.ValidateECPublicKey(TlsEccUtilities.DeserializeECPublicKey(mServerECPointFormats, parameters, encoding)); } else if (mKeyExchange == 15) { byte[] encryptedPreMasterSecret = (!TlsUtilities.IsSsl(mContext)) ? TlsUtilities.ReadOpaque16(input) : Streams.ReadAll(input); mPremasterSecret = mServerCredentials.DecryptPreMasterSecret(encryptedPreMasterSecret); } }
public override void GenerateClientKeyExchange(Stream output) { if (mPskIdentityHint == null) { mPskIdentity.SkipIdentityHint(); } else { mPskIdentity.NotifyIdentityHint(mPskIdentityHint); } byte[] pskIdentity = mPskIdentity.GetPskIdentity(); if (pskIdentity == null) { throw new TlsFatalAlert(80); } mPsk = mPskIdentity.GetPsk(); if (mPsk == null) { throw new TlsFatalAlert(80); } TlsUtilities.WriteOpaque16(pskIdentity, output); mContext.SecurityParameters.pskIdentity = pskIdentity; if (mKeyExchange == 14) { mDHAgreePrivateKey = TlsDHUtilities.GenerateEphemeralClientKeyExchange(mContext.SecureRandom, mDHParameters, output); } else if (mKeyExchange == 24) { mECAgreePrivateKey = TlsEccUtilities.GenerateEphemeralClientKeyExchange(mContext.SecureRandom, mServerECPointFormats, mECAgreePublicKey.Parameters, output); } else if (mKeyExchange == 15) { mPremasterSecret = TlsRsaUtilities.GenerateEncryptedPreMasterSecret(mContext, mRsaServerPublicKey, output); } }
public override byte[] GenerateServerKeyExchange() { mPskIdentityHint = mPskIdentityManager.GetHint(); if (mPskIdentityHint == null && !RequiresServerKeyExchange) { return(null); } MemoryStream memoryStream = new MemoryStream(); if (mPskIdentityHint == null) { TlsUtilities.WriteOpaque16(TlsUtilities.EmptyBytes, memoryStream); } else { TlsUtilities.WriteOpaque16(mPskIdentityHint, memoryStream); } if (mKeyExchange == 14) { if (mDHParameters == null) { throw new TlsFatalAlert(80); } mDHAgreePrivateKey = TlsDHUtilities.GenerateEphemeralServerKeyExchange(mContext.SecureRandom, mDHParameters, memoryStream); } else if (mKeyExchange == 24) { mECAgreePrivateKey = TlsEccUtilities.GenerateEphemeralServerKeyExchange(mContext.SecureRandom, mNamedCurves, mClientECPointFormats, memoryStream); } return(memoryStream.ToArray()); }
protected virtual DHParameters ValidateDHParameters(DHParameters parameters) { if (parameters.P.BitLength < MinimumPrimeBits) { throw new TlsFatalAlert(71); } return(TlsDHUtilities.ValidateDHParameters(parameters)); }
public override void ProcessClientKeyExchange(Stream input) { if (mDHAgreePublicKey == null) { BigInteger y = TlsDHUtilities.ReadDHParameter(input); mDHAgreePublicKey = TlsDHUtilities.ValidateDHPublicKey(new DHPublicKeyParameters(y, mDHParameters)); } }
public static ServerDHParams Parse(Stream input) { BigInteger p = TlsDHUtilities.ReadDHParameter(input); BigInteger g = TlsDHUtilities.ReadDHParameter(input); BigInteger y = TlsDHUtilities.ReadDHParameter(input); return(new ServerDHParams(TlsDHUtilities.ValidateDHPublicKey(new DHPublicKeyParameters(y, new DHParameters(p, g))))); }
public virtual void Encode(Stream output) { DHParameters parameters = mPublicKey.Parameters; BigInteger y = mPublicKey.Y; TlsDHUtilities.WriteDHParameter(parameters.P, output); TlsDHUtilities.WriteDHParameter(parameters.G, output); TlsDHUtilities.WriteDHParameter(y, output); }
public override byte[] GeneratePremasterSecret() { if (mAgreementCredentials != null) { return(mAgreementCredentials.GenerateAgreement(mDHAgreePublicKey)); } if (mDHAgreePrivateKey != null) { return(TlsDHUtilities.CalculateDHBasicAgreement(mDHAgreePublicKey, mDHAgreePrivateKey)); } throw new TlsFatalAlert(80); }
public override void ProcessServerKeyExchange(Stream input) { mPskIdentityHint = TlsUtilities.ReadOpaque16(input); if (mKeyExchange == 14) { ServerDHParams serverDHParams = ServerDHParams.Parse(input); mDHAgreePublicKey = TlsDHUtilities.ValidateDHPublicKey(serverDHParams.PublicKey); mDHParameters = mDHAgreePublicKey.Parameters; } else if (mKeyExchange == 24) { ECDomainParameters curve_params = TlsEccUtilities.ReadECParameters(mNamedCurves, mClientECPointFormats, input); byte[] encoding = TlsUtilities.ReadOpaque8(input); mECAgreePublicKey = TlsEccUtilities.ValidateECPublicKey(TlsEccUtilities.DeserializeECPublicKey(mClientECPointFormats, curve_params, encoding)); } }
public override void ProcessServerKeyExchange(Stream input) { SecurityParameters securityParameters = mContext.SecurityParameters; SignerInputBuffer signerInputBuffer = new SignerInputBuffer(); Stream input2 = new TeeInputStream(input, signerInputBuffer); ServerDHParams serverDHParams = ServerDHParams.Parse(input2); DigitallySigned digitallySigned = ParseSignature(input); ISigner signer = InitVerifyer(mTlsSigner, digitallySigned.Algorithm, securityParameters); signerInputBuffer.UpdateSigner(signer); if (!signer.VerifySignature(digitallySigned.Signature)) { throw new TlsFatalAlert(51); } mDHAgreePublicKey = TlsDHUtilities.ValidateDHPublicKey(serverDHParams.PublicKey); mDHParameters = ValidateDHParameters(mDHAgreePublicKey.Parameters); }
public override void ProcessServerCertificate(Certificate serverCertificate) { if (serverCertificate.IsEmpty) { throw new TlsFatalAlert(42); } X509CertificateStructure certificateAt = serverCertificate.GetCertificateAt(0); SubjectPublicKeyInfo subjectPublicKeyInfo = certificateAt.SubjectPublicKeyInfo; try { mServerPublicKey = PublicKeyFactory.CreateKey(subjectPublicKeyInfo); } catch (Exception alertCause) { throw new TlsFatalAlert(43, alertCause); } if (mTlsSigner == null) { try { mDHAgreePublicKey = TlsDHUtilities.ValidateDHPublicKey((DHPublicKeyParameters)mServerPublicKey); mDHParameters = ValidateDHParameters(mDHAgreePublicKey.Parameters); } catch (InvalidCastException alertCause2) { throw new TlsFatalAlert(46, alertCause2); } TlsUtilities.ValidateKeyUsage(certificateAt, 8); } else { if (!mTlsSigner.IsValidPublicKey(mServerPublicKey)) { throw new TlsFatalAlert(46); } TlsUtilities.ValidateKeyUsage(certificateAt, 128); } base.ProcessServerCertificate(serverCertificate); }
public override byte[] GenerateServerKeyExchange() { if (mDHParameters == null) { throw new TlsFatalAlert(80); } DigestInputBuffer digestInputBuffer = new DigestInputBuffer(); mDHAgreePrivateKey = TlsDHUtilities.GenerateEphemeralServerKeyExchange(mContext.SecureRandom, mDHParameters, digestInputBuffer); SignatureAndHashAlgorithm signatureAndHashAlgorithm = TlsUtilities.GetSignatureAndHashAlgorithm(mContext, mServerCredentials); IDigest digest = TlsUtilities.CreateHash(signatureAndHashAlgorithm); SecurityParameters securityParameters = mContext.SecurityParameters; digest.BlockUpdate(securityParameters.clientRandom, 0, securityParameters.clientRandom.Length); digest.BlockUpdate(securityParameters.serverRandom, 0, securityParameters.serverRandom.Length); digestInputBuffer.UpdateDigest(digest); byte[] hash = DigestUtilities.DoFinal(digest); byte[] signature = mServerCredentials.GenerateCertificateSignature(hash); DigitallySigned digitallySigned = new DigitallySigned(signatureAndHashAlgorithm, signature); digitallySigned.Encode(digestInputBuffer); return(digestInputBuffer.ToArray()); }
public override void ProcessServerKeyExchange(Stream input) { SecurityParameters securityParameters = mContext.SecurityParameters; SignerInputBuffer buf = new SignerInputBuffer(); Stream teeIn = new TeeInputStream(input, buf); ServerDHParams dhParams = ServerDHParams.Parse(teeIn); DigitallySigned signed_params = ParseSignature(input); mSignatureAndHashAlgorithm = signed_params.Algorithm; ISigner signer = InitVerifyer(mTlsSigner, signed_params.Algorithm, securityParameters); buf.UpdateSigner(signer); if (!signer.VerifySignature(signed_params.Signature)) { throw new TlsFatalAlert(AlertDescription.decrypt_error); } this.mDHAgreePublicKey = TlsDHUtilities.ValidateDHPublicKey(dhParams.PublicKey); this.mDHParameters = ValidateDHParameters(mDHAgreePublicKey.Parameters); }
protected virtual byte[] GenerateOtherSecret(int pskLength) { if (mKeyExchange == 14) { if (mDHAgreePrivateKey != null) { return(TlsDHUtilities.CalculateDHBasicAgreement(mDHAgreePublicKey, mDHAgreePrivateKey)); } throw new TlsFatalAlert(80); } if (mKeyExchange == 24) { if (mECAgreePrivateKey != null) { return(TlsEccUtilities.CalculateECDHBasicAgreement(mECAgreePublicKey, mECAgreePrivateKey)); } throw new TlsFatalAlert(80); } if (mKeyExchange == 15) { return(mPremasterSecret); } return(new byte[pskLength]); }