public override byte[] GenerateServerKeyExchange()
        {
            DigestInputBuffer buf = new DigestInputBuffer();

            this.mECAgreePrivateKey = TlsEccUtilities.GenerateEphemeralServerKeyExchange(mContext.SecureRandom, mNamedCurves,
                                                                                         mClientECPointFormats, buf);

            /*
             * RFC 5246 4.7. digitally-signed element needs SignatureAndHashAlgorithm from TLS 1.2
             */
            SignatureAndHashAlgorithm signatureAndHashAlgorithm = TlsUtilities.GetSignatureAndHashAlgorithm(
                mContext, mServerCredentials);

            IDigest d = TlsUtilities.CreateHash(signatureAndHashAlgorithm);

            SecurityParameters securityParameters = mContext.SecurityParameters;

            d.BlockUpdate(securityParameters.clientRandom, 0, securityParameters.clientRandom.Length);
            d.BlockUpdate(securityParameters.serverRandom, 0, securityParameters.serverRandom.Length);
            buf.UpdateDigest(d);

            byte[] hash = DigestUtilities.DoFinal(d);

            byte[] signature = mServerCredentials.GenerateCertificateSignature(hash);

            DigitallySigned signed_params = new DigitallySigned(signatureAndHashAlgorithm, signature);

            signed_params.Encode(buf);

            return(buf.ToArray());
        }
        public override byte[] GenerateServerKeyExchange()
        {
            if (this.mDHParameters == null)
                throw new TlsFatalAlert(AlertDescription.internal_error);

            DigestInputBuffer buf = new DigestInputBuffer();

            this.mDHAgreePrivateKey = TlsDHUtilities.GenerateEphemeralServerKeyExchange(mContext.SecureRandom,
                this.mDHParameters, buf);

            /*
             * RFC 5246 4.7. digitally-signed element needs SignatureAndHashAlgorithm from TLS 1.2
             */
            SignatureAndHashAlgorithm signatureAndHashAlgorithm = TlsUtilities.GetSignatureAndHashAlgorithm(
                mContext, mServerCredentials);

            IDigest d = TlsUtilities.CreateHash(signatureAndHashAlgorithm);

            SecurityParameters securityParameters = mContext.SecurityParameters;
            d.BlockUpdate(securityParameters.clientRandom, 0, securityParameters.clientRandom.Length);
            d.BlockUpdate(securityParameters.serverRandom, 0, securityParameters.serverRandom.Length);
            buf.UpdateDigest(d);

            byte[] hash = DigestUtilities.DoFinal(d);

            byte[] signature = mServerCredentials.GenerateCertificateSignature(hash);

            DigitallySigned signed_params = new DigitallySigned(signatureAndHashAlgorithm, signature);
            signed_params.Encode(buf);

            return buf.ToArray();
        }
        public override byte[] GenerateServerKeyExchange()
        {
            DigestInputBuffer buf = new DigestInputBuffer();

            this.mECAgreePrivateKey = TlsEccUtilities.GenerateEphemeralServerKeyExchange(mContext.SecureRandom, mNamedCurves,
                mClientECPointFormats, buf);

            /*
             * RFC 5246 4.7. digitally-signed element needs SignatureAndHashAlgorithm from TLS 1.2
             */
            SignatureAndHashAlgorithm signatureAndHashAlgorithm = TlsUtilities.GetSignatureAndHashAlgorithm(
                mContext, mServerCredentials);

            IDigest d = TlsUtilities.CreateHash(signatureAndHashAlgorithm);

            SecurityParameters securityParameters = mContext.SecurityParameters;
            d.BlockUpdate(securityParameters.clientRandom, 0, securityParameters.clientRandom.Length);
            d.BlockUpdate(securityParameters.serverRandom, 0, securityParameters.serverRandom.Length);
            buf.UpdateDigest(d);

            byte[] hash = DigestUtilities.DoFinal(d);

            byte[] signature = mServerCredentials.GenerateCertificateSignature(hash);

            DigitallySigned signed_params = new DigitallySigned(signatureAndHashAlgorithm, signature);
            signed_params.Encode(buf);

            return buf.ToArray();
        }
Esempio n. 4
0
        public override byte[] GenerateServerKeyExchange()
        {
            if (this.mDHParameters == null)
            {
                throw new TlsFatalAlert(AlertDescription.internal_error);
            }

            DigestInputBuffer buf = new DigestInputBuffer();

            this.mDHAgreeServerPrivateKey = TlsDHUtilities.GenerateEphemeralServerKeyExchange(context.SecureRandom,
                                                                                              this.mDHParameters, buf);

            /*
             * RFC 5246 4.7. digitally-signed element needs SignatureAndHashAlgorithm from TLS 1.2
             */
            SignatureAndHashAlgorithm signatureAndHashAlgorithm;
            IDigest d;

            if (TlsUtilities.IsTlsV12(context))
            {
                signatureAndHashAlgorithm = mServerCredentials.SignatureAndHashAlgorithm;
                if (signatureAndHashAlgorithm == null)
                {
                    throw new TlsFatalAlert(AlertDescription.internal_error);
                }

                d = TlsUtilities.CreateHash(signatureAndHashAlgorithm.Hash);
            }
            else
            {
                signatureAndHashAlgorithm = null;
                d = new CombinedHash();
            }

            SecurityParameters securityParameters = context.SecurityParameters;

            d.BlockUpdate(securityParameters.clientRandom, 0, securityParameters.clientRandom.Length);
            d.BlockUpdate(securityParameters.serverRandom, 0, securityParameters.serverRandom.Length);
            buf.UpdateDigest(d);

            byte[] hash = DigestUtilities.DoFinal(d);

            byte[] signature = mServerCredentials.GenerateCertificateSignature(hash);

            DigitallySigned signed_params = new DigitallySigned(signatureAndHashAlgorithm, signature);

            signed_params.Encode(buf);

            return(buf.ToArray());
        }
Esempio n. 5
0
        public override byte[] GenerateServerKeyExchange()
        {
            DigestInputBuffer output = new DigestInputBuffer();

            base.mECAgreePrivateKey = TlsEccUtilities.GenerateEphemeralServerKeyExchange(base.mContext.SecureRandom, base.mNamedCurves, base.mClientECPointFormats, output);
            SignatureAndHashAlgorithm signatureAndHashAlgorithm = TlsUtilities.GetSignatureAndHashAlgorithm(base.mContext, this.mServerCredentials);
            IDigest            d = TlsUtilities.CreateHash(signatureAndHashAlgorithm);
            SecurityParameters securityParameters = base.mContext.SecurityParameters;

            d.BlockUpdate(securityParameters.clientRandom, 0, securityParameters.clientRandom.Length);
            d.BlockUpdate(securityParameters.serverRandom, 0, securityParameters.serverRandom.Length);
            output.UpdateDigest(d);
            byte[] hash      = DigestUtilities.DoFinal(d);
            byte[] signature = this.mServerCredentials.GenerateCertificateSignature(hash);
            new DigitallySigned(signatureAndHashAlgorithm, signature).Encode(output);
            return(output.ToArray());
        }
        public override byte[] GenerateServerKeyExchange()
        {
            DigestInputBuffer digestInputBuffer = new DigestInputBuffer();

            mECAgreePrivateKey = TlsEccUtilities.GenerateEphemeralServerKeyExchange(mContext.SecureRandom, mNamedCurves, mClientECPointFormats, digestInputBuffer);
            SignatureAndHashAlgorithm signatureAndHashAlgorithm = TlsUtilities.GetSignatureAndHashAlgorithm(mContext, mServerCredentials);
            IDigest            digest             = TlsUtilities.CreateHash(signatureAndHashAlgorithm);
            SecurityParameters securityParameters = mContext.SecurityParameters;

            digest.BlockUpdate(securityParameters.clientRandom, 0, securityParameters.clientRandom.Length);
            digest.BlockUpdate(securityParameters.serverRandom, 0, securityParameters.serverRandom.Length);
            digestInputBuffer.UpdateDigest(digest);
            byte[]          hash            = DigestUtilities.DoFinal(digest);
            byte[]          signature       = mServerCredentials.GenerateCertificateSignature(hash);
            DigitallySigned digitallySigned = new DigitallySigned(signatureAndHashAlgorithm, signature);

            digitallySigned.Encode(digestInputBuffer);
            return(digestInputBuffer.ToArray());
        }
        public override byte[] GenerateServerKeyExchange()
        {
            if (this.mDHParameters == null)
            {
                throw new TlsFatalAlert(80);
            }
            DigestInputBuffer digestInputBuffer = new DigestInputBuffer();

            this.mDHAgreePrivateKey = TlsDHUtilities.GenerateEphemeralServerKeyExchange(this.mContext.SecureRandom, this.mDHParameters, digestInputBuffer);
            SignatureAndHashAlgorithm signatureAndHashAlgorithm = TlsUtilities.GetSignatureAndHashAlgorithm(this.mContext, this.mServerCredentials);
            IDigest            digest             = TlsUtilities.CreateHash(signatureAndHashAlgorithm);
            SecurityParameters securityParameters = this.mContext.SecurityParameters;

            digest.BlockUpdate(securityParameters.clientRandom, 0, securityParameters.clientRandom.Length);
            digest.BlockUpdate(securityParameters.serverRandom, 0, securityParameters.serverRandom.Length);
            digestInputBuffer.UpdateDigest(digest);
            byte[]          hash            = DigestUtilities.DoFinal(digest);
            byte[]          signature       = this.mServerCredentials.GenerateCertificateSignature(hash);
            DigitallySigned digitallySigned = new DigitallySigned(signatureAndHashAlgorithm, signature);

            digitallySigned.Encode(digestInputBuffer);
            return(digestInputBuffer.ToArray());
        }
        public override byte[] GenerateServerKeyExchange()
        {
            mSrpServer.Init(mSrpGroup, mSrpVerifier, TlsUtilities.CreateHash(HashAlgorithm.sha1), mContext.SecureRandom);
            BigInteger B = mSrpServer.GenerateServerCredentials();

            ServerSrpParams srpParams = new ServerSrpParams(mSrpGroup.N, mSrpGroup.G, mSrpSalt, B);

            DigestInputBuffer buf = new DigestInputBuffer();

            srpParams.Encode(buf);

            if (mServerCredentials != null)
            {
                /*
                 * RFC 5246 4.7. digitally-signed element needs SignatureAndHashAlgorithm from TLS 1.2
                 */
                SignatureAndHashAlgorithm signatureAndHashAlgorithm = TlsUtilities.GetSignatureAndHashAlgorithm(
                    mContext, mServerCredentials);

                IDigest d = TlsUtilities.CreateHash(signatureAndHashAlgorithm);

                SecurityParameters securityParameters = mContext.SecurityParameters;
                d.BlockUpdate(securityParameters.clientRandom, 0, securityParameters.clientRandom.Length);
                d.BlockUpdate(securityParameters.serverRandom, 0, securityParameters.serverRandom.Length);
                buf.UpdateDigest(d);

                byte[] hash = new byte[d.GetDigestSize()];
                d.DoFinal(hash, 0);

                byte[] signature = mServerCredentials.GenerateCertificateSignature(hash);

                DigitallySigned signed_params = new DigitallySigned(signatureAndHashAlgorithm, signature);
                signed_params.Encode(buf);
            }

            return(buf.ToArray());
        }
        public override byte[] GenerateServerKeyExchange()
        {
            this.mSrpServer.Init(this.mSrpGroup, this.mSrpVerifier, TlsUtilities.CreateHash(2), this.mContext.SecureRandom);
            BigInteger        b = this.mSrpServer.GenerateServerCredentials();
            ServerSrpParams   serverSrpParams   = new ServerSrpParams(this.mSrpGroup.N, this.mSrpGroup.G, this.mSrpSalt, b);
            DigestInputBuffer digestInputBuffer = new DigestInputBuffer();

            serverSrpParams.Encode(digestInputBuffer);
            if (this.mServerCredentials != null)
            {
                SignatureAndHashAlgorithm signatureAndHashAlgorithm = TlsUtilities.GetSignatureAndHashAlgorithm(this.mContext, this.mServerCredentials);
                IDigest            digest             = TlsUtilities.CreateHash(signatureAndHashAlgorithm);
                SecurityParameters securityParameters = this.mContext.SecurityParameters;
                digest.BlockUpdate(securityParameters.clientRandom, 0, securityParameters.clientRandom.Length);
                digest.BlockUpdate(securityParameters.serverRandom, 0, securityParameters.serverRandom.Length);
                digestInputBuffer.UpdateDigest(digest);
                byte[] array = new byte[digest.GetDigestSize()];
                digest.DoFinal(array, 0);
                byte[]          signature       = this.mServerCredentials.GenerateCertificateSignature(array);
                DigitallySigned digitallySigned = new DigitallySigned(signatureAndHashAlgorithm, signature);
                digitallySigned.Encode(digestInputBuffer);
            }
            return(digestInputBuffer.ToArray());
        }
Esempio n. 10
0
        public override byte[] GenerateServerKeyExchange()
        {
            /*
             * First we try to find a supported named curve from the client's list.
             */
            int namedCurve = -1;
            if (mNamedCurves == null)
            {
                // TODO Let the peer choose the default named curve
                namedCurve = NamedCurve.secp256r1;
            }
            else
            {
                for (int i = 0; i < mNamedCurves.Length; ++i)
                {
                    int entry = mNamedCurves[i];
                    if (NamedCurve.IsValid(entry) && TlsEccUtilities.IsSupportedNamedCurve(entry))
                    {
                        namedCurve = entry;
                        break;
                    }
                }
            }

            ECDomainParameters curve_params = null;
            if (namedCurve >= 0)
            {
                curve_params = TlsEccUtilities.GetParametersForNamedCurve(namedCurve);
            }
            else
            {
                /*
                 * If no named curves are suitable, check if the client supports explicit curves.
                 */
                if (Arrays.Contains(mNamedCurves, NamedCurve.arbitrary_explicit_prime_curves))
                {
                    curve_params = TlsEccUtilities.GetParametersForNamedCurve(NamedCurve.secp256r1);
                }
                else if (Arrays.Contains(mNamedCurves, NamedCurve.arbitrary_explicit_char2_curves))
                {
                    curve_params = TlsEccUtilities.GetParametersForNamedCurve(NamedCurve.sect283r1);
                }
            }

            if (curve_params == null)
            {
                /*
                 * NOTE: We shouldn't have negotiated ECDHE key exchange since we apparently can't find
                 * a suitable curve.
                 */
                throw new TlsFatalAlert(AlertDescription.internal_error);
            }

            AsymmetricCipherKeyPair kp = TlsEccUtilities.GenerateECKeyPair(context.SecureRandom, curve_params);
            this.mECAgreePrivateKey = (ECPrivateKeyParameters)kp.Private;

            DigestInputBuffer buf = new DigestInputBuffer();

            if (namedCurve < 0)
            {
                TlsEccUtilities.WriteExplicitECParameters(mClientECPointFormats, curve_params, buf);
            }
            else
            {
                TlsEccUtilities.WriteNamedECParameters(namedCurve, buf);
            }

            ECPublicKeyParameters ecPublicKey = (ECPublicKeyParameters)kp.Public;
            TlsEccUtilities.WriteECPoint(mClientECPointFormats, ecPublicKey.Q, buf);

            /*
             * RFC 5246 4.7. digitally-signed element needs SignatureAndHashAlgorithm from TLS 1.2
             */
            SignatureAndHashAlgorithm signatureAndHashAlgorithm;
            IDigest d;

            if (TlsUtilities.IsTlsV12(context))
            {
                signatureAndHashAlgorithm = mServerCredentials.SignatureAndHashAlgorithm;
                if (signatureAndHashAlgorithm == null)
                    throw new TlsFatalAlert(AlertDescription.internal_error);

                d = TlsUtilities.CreateHash(signatureAndHashAlgorithm.Hash);
            }
            else
            {
                signatureAndHashAlgorithm = null;
                d = new CombinedHash();
            }

            SecurityParameters securityParameters = context.SecurityParameters;
            d.BlockUpdate(securityParameters.clientRandom, 0, securityParameters.clientRandom.Length);
            d.BlockUpdate(securityParameters.serverRandom, 0, securityParameters.serverRandom.Length);
            buf.UpdateDigest(d);

            byte[] hash = DigestUtilities.DoFinal(d);

            byte[] signature = mServerCredentials.GenerateCertificateSignature(hash);

            DigitallySigned signed_params = new DigitallySigned(signatureAndHashAlgorithm, signature);
            signed_params.Encode(buf);

            return buf.ToArray();
        }
Esempio n. 11
0
        public override byte[] GenerateServerKeyExchange()
        {
            mSrpServer.Init(mSrpGroup, mSrpVerifier, TlsUtilities.CreateHash(HashAlgorithm.sha1), mContext.SecureRandom);
            BigInteger B = mSrpServer.GenerateServerCredentials();

            ServerSrpParams srpParams = new ServerSrpParams(mSrpGroup.N, mSrpGroup.G, mSrpSalt, B);

            DigestInputBuffer buf = new DigestInputBuffer();

            srpParams.Encode(buf);

            if (mServerCredentials != null)
            {
                /*
                 * RFC 5246 4.7. digitally-signed element needs SignatureAndHashAlgorithm from TLS 1.2
                 */
                SignatureAndHashAlgorithm signatureAndHashAlgorithm = TlsUtilities.GetSignatureAndHashAlgorithm(
                    mContext, mServerCredentials);

                IDigest d = TlsUtilities.CreateHash(signatureAndHashAlgorithm);

                SecurityParameters securityParameters = mContext.SecurityParameters;
                d.BlockUpdate(securityParameters.clientRandom, 0, securityParameters.clientRandom.Length);
                d.BlockUpdate(securityParameters.serverRandom, 0, securityParameters.serverRandom.Length);
                buf.UpdateDigest(d);

                byte[] hash = new byte[d.GetDigestSize()];
                d.DoFinal(hash, 0);

                byte[] signature = mServerCredentials.GenerateCertificateSignature(hash);

                DigitallySigned signed_params = new DigitallySigned(signatureAndHashAlgorithm, signature);
                signed_params.Encode(buf);
            }

            return buf.ToArray();
        }
Esempio n. 12
0
        public override byte[] GenerateServerKeyExchange()
        {
            /*
             * First we try to find a supported named curve from the client's list.
             */
            int namedCurve = -1;

            if (mNamedCurves == null)
            {
                // TODO Let the peer choose the default named curve
                namedCurve = NamedCurve.secp256r1;
            }
            else
            {
                for (int i = 0; i < mNamedCurves.Length; ++i)
                {
                    int entry = mNamedCurves[i];
                    if (NamedCurve.IsValid(entry) && TlsEccUtilities.IsSupportedNamedCurve(entry))
                    {
                        namedCurve = entry;
                        break;
                    }
                }
            }

            ECDomainParameters curve_params = null;

            if (namedCurve >= 0)
            {
                curve_params = TlsEccUtilities.GetParametersForNamedCurve(namedCurve);
            }
            else
            {
                /*
                 * If no named curves are suitable, check if the client supports explicit curves.
                 */
                if (Arrays.Contains(mNamedCurves, NamedCurve.arbitrary_explicit_prime_curves))
                {
                    curve_params = TlsEccUtilities.GetParametersForNamedCurve(NamedCurve.secp256r1);
                }
                else if (Arrays.Contains(mNamedCurves, NamedCurve.arbitrary_explicit_char2_curves))
                {
                    curve_params = TlsEccUtilities.GetParametersForNamedCurve(NamedCurve.sect283r1);
                }
            }

            if (curve_params == null)
            {
                /*
                 * NOTE: We shouldn't have negotiated ECDHE key exchange since we apparently can't find
                 * a suitable curve.
                 */
                throw new TlsFatalAlert(AlertDescription.internal_error);
            }

            AsymmetricCipherKeyPair kp = TlsEccUtilities.GenerateECKeyPair(context.SecureRandom, curve_params);

            this.mECAgreePrivateKey = (ECPrivateKeyParameters)kp.Private;

            DigestInputBuffer buf = new DigestInputBuffer();

            if (namedCurve < 0)
            {
                TlsEccUtilities.WriteExplicitECParameters(mClientECPointFormats, curve_params, buf);
            }
            else
            {
                TlsEccUtilities.WriteNamedECParameters(namedCurve, buf);
            }

            ECPublicKeyParameters ecPublicKey = (ECPublicKeyParameters)kp.Public;

            TlsEccUtilities.WriteECPoint(mClientECPointFormats, ecPublicKey.Q, buf);

            /*
             * RFC 5246 4.7. digitally-signed element needs SignatureAndHashAlgorithm from TLS 1.2
             */
            SignatureAndHashAlgorithm signatureAndHashAlgorithm;
            IDigest d;

            if (TlsUtilities.IsTlsV12(context))
            {
                signatureAndHashAlgorithm = mServerCredentials.SignatureAndHashAlgorithm;
                if (signatureAndHashAlgorithm == null)
                {
                    throw new TlsFatalAlert(AlertDescription.internal_error);
                }

                d = TlsUtilities.CreateHash(signatureAndHashAlgorithm.Hash);
            }
            else
            {
                signatureAndHashAlgorithm = null;
                d = new CombinedHash();
            }

            SecurityParameters securityParameters = context.SecurityParameters;

            d.BlockUpdate(securityParameters.clientRandom, 0, securityParameters.clientRandom.Length);
            d.BlockUpdate(securityParameters.serverRandom, 0, securityParameters.serverRandom.Length);
            buf.UpdateDigest(d);

            byte[] hash = DigestUtilities.DoFinal(d);

            byte[] signature = mServerCredentials.GenerateCertificateSignature(hash);

            DigitallySigned signed_params = new DigitallySigned(signatureAndHashAlgorithm, signature);

            signed_params.Encode(buf);

            return(buf.ToArray());
        }