GenerateEphemeralServerKeyExchange() public static method

public static GenerateEphemeralServerKeyExchange ( SecureRandom random, DHParameters dhParams, Stream output ) : DHPrivateKeyParameters
random SecureRandom
dhParams DHParameters
output Stream
return DHPrivateKeyParameters
        public override byte[] GenerateServerKeyExchange()
        {
            //IL_0023: Unknown result type (might be due to invalid IL or missing references)
            //IL_0029: Expected O, but got Unknown
            mPskIdentityHint = mPskIdentityManager.GetHint();
            if (mPskIdentityHint == null && !RequiresServerKeyExchange)
            {
                return(null);
            }
            MemoryStream val = new MemoryStream();

            if (mPskIdentityHint == null)
            {
                TlsUtilities.WriteOpaque16(TlsUtilities.EmptyBytes, (Stream)(object)val);
            }
            else
            {
                TlsUtilities.WriteOpaque16(mPskIdentityHint, (Stream)(object)val);
            }
            if (mKeyExchange == 14)
            {
                if (mDHParameters == null)
                {
                    throw new TlsFatalAlert(80);
                }
                mDHAgreePrivateKey = TlsDHUtilities.GenerateEphemeralServerKeyExchange(mContext.SecureRandom, mDHParameters, (Stream)(object)val);
            }
            else if (mKeyExchange == 24)
            {
                mECAgreePrivateKey = TlsEccUtilities.GenerateEphemeralServerKeyExchange(mContext.SecureRandom, mNamedCurves, mClientECPointFormats, (Stream)(object)val);
            }
            return(val.ToArray());
        }
        public override byte[] GenerateServerKeyExchange()
        {
            this.mPskIdentityHint = this.mPskIdentityManager.GetHint();
            if (this.mPskIdentityHint == null && !this.RequiresServerKeyExchange)
            {
                return(null);
            }
            MemoryStream memoryStream = new MemoryStream();

            if (this.mPskIdentityHint == null)
            {
                TlsUtilities.WriteOpaque16(TlsUtilities.EmptyBytes, memoryStream);
            }
            else
            {
                TlsUtilities.WriteOpaque16(this.mPskIdentityHint, memoryStream);
            }
            if (this.mKeyExchange == 14)
            {
                if (this.mDHParameters == null)
                {
                    throw new TlsFatalAlert(80);
                }
                this.mDHAgreePrivateKey = TlsDHUtilities.GenerateEphemeralServerKeyExchange(this.mContext.SecureRandom, this.mDHParameters, memoryStream);
            }
            else if (this.mKeyExchange == 24)
            {
                this.mECAgreePrivateKey = TlsEccUtilities.GenerateEphemeralServerKeyExchange(this.mContext.SecureRandom, this.mNamedCurves, this.mClientECPointFormats, memoryStream);
            }
            return(memoryStream.ToArray());
        }
Esempio n. 3
0
        public override byte[] GenerateServerKeyExchange()
        {
            if (this.mDHParameters == null)
            {
                throw new TlsFatalAlert(AlertDescription.internal_error);
            }

            DigestInputBuffer buf = new DigestInputBuffer();

            this.mDHAgreeServerPrivateKey = TlsDHUtilities.GenerateEphemeralServerKeyExchange(context.SecureRandom,
                                                                                              this.mDHParameters, buf);

            /*
             * RFC 5246 4.7. digitally-signed element needs SignatureAndHashAlgorithm from TLS 1.2
             */
            SignatureAndHashAlgorithm signatureAndHashAlgorithm;
            IDigest d;

            if (TlsUtilities.IsTlsV12(context))
            {
                signatureAndHashAlgorithm = mServerCredentials.SignatureAndHashAlgorithm;
                if (signatureAndHashAlgorithm == null)
                {
                    throw new TlsFatalAlert(AlertDescription.internal_error);
                }

                d = TlsUtilities.CreateHash(signatureAndHashAlgorithm.Hash);
            }
            else
            {
                signatureAndHashAlgorithm = null;
                d = new CombinedHash();
            }

            SecurityParameters securityParameters = context.SecurityParameters;

            d.BlockUpdate(securityParameters.clientRandom, 0, securityParameters.clientRandom.Length);
            d.BlockUpdate(securityParameters.serverRandom, 0, securityParameters.serverRandom.Length);
            buf.UpdateDigest(d);

            byte[] hash = DigestUtilities.DoFinal(d);

            byte[] signature = mServerCredentials.GenerateCertificateSignature(hash);

            DigitallySigned signed_params = new DigitallySigned(signatureAndHashAlgorithm, signature);

            signed_params.Encode(buf);

            return(buf.ToArray());
        }
        public override byte[] GenerateServerKeyExchange()
        {
            if (!RequiresServerKeyExchange)
            {
                return(null);
            }

            // DH_anon is handled here, DHE_* in a subclass

            MemoryStream buf = new MemoryStream();

            this.mDHAgreePrivateKey = TlsDHUtilities.GenerateEphemeralServerKeyExchange(mContext.SecureRandom,
                                                                                        this.mDHParameters, buf);
            return(buf.ToArray());
        }
        public override byte[] GenerateServerKeyExchange()
        {
            if (base.mDHParameters == null)
            {
                throw new TlsFatalAlert(80);
            }
            DigestInputBuffer output = new DigestInputBuffer();

            base.mDHAgreePrivateKey = TlsDHUtilities.GenerateEphemeralServerKeyExchange(base.mContext.SecureRandom, base.mDHParameters, output);
            SignatureAndHashAlgorithm signatureAndHashAlgorithm = TlsUtilities.GetSignatureAndHashAlgorithm(base.mContext, this.mServerCredentials);
            IDigest            d = TlsUtilities.CreateHash(signatureAndHashAlgorithm);
            SecurityParameters securityParameters = base.mContext.SecurityParameters;

            d.BlockUpdate(securityParameters.clientRandom, 0, securityParameters.clientRandom.Length);
            d.BlockUpdate(securityParameters.serverRandom, 0, securityParameters.serverRandom.Length);
            output.UpdateDigest(d);
            byte[] hash      = DigestUtilities.DoFinal(d);
            byte[] signature = this.mServerCredentials.GenerateCertificateSignature(hash);
            new DigitallySigned(signatureAndHashAlgorithm, signature).Encode(output);
            return(output.ToArray());
        }
Esempio n. 6
0
        public override byte[] GenerateServerKeyExchange()
        {
            this.mPskIdentityHint = mPskIdentityManager.GetHint();

            if (this.mPskIdentityHint == null && !RequiresServerKeyExchange)
            {
                return(null);
            }

            MemoryStream buf = new MemoryStream();

            if (this.mPskIdentityHint == null)
            {
                TlsUtilities.WriteOpaque16(TlsUtilities.EmptyBytes, buf);
            }
            else
            {
                TlsUtilities.WriteOpaque16(this.mPskIdentityHint, buf);
            }

            if (this.mKeyExchange == KeyExchangeAlgorithm.DHE_PSK)
            {
                if (this.mDHParameters == null)
                {
                    throw new TlsFatalAlert(AlertDescription.internal_error);
                }

                this.mDHAgreePrivateKey = TlsDHUtilities.GenerateEphemeralServerKeyExchange(mContext.SecureRandom,
                                                                                            this.mDHParameters, buf);
            }
            else if (this.mKeyExchange == KeyExchangeAlgorithm.ECDHE_PSK)
            {
                this.mECAgreePrivateKey = TlsEccUtilities.GenerateEphemeralServerKeyExchange(mContext.SecureRandom,
                                                                                             mNamedCurves, mClientECPointFormats, buf);
            }

            return(buf.ToArray());
        }
Esempio n. 7
0
        public override byte[] GenerateServerKeyExchange()
        {
            // TODO[RFC 4279] Need a server-side PSK API to determine hint and resolve identities to keys
            this.mPskIdentityHint = null;

            if (this.mPskIdentityHint == null && !RequiresServerKeyExchange)
            {
                return(null);
            }

            MemoryStream buf = new MemoryStream();

            if (this.mPskIdentityHint == null)
            {
                TlsUtilities.WriteOpaque16(TlsUtilities.EmptyBytes, buf);
            }
            else
            {
                TlsUtilities.WriteOpaque16(this.mPskIdentityHint, buf);
            }

            if (this.mKeyExchange == KeyExchangeAlgorithm.DHE_PSK)
            {
                if (this.mDHParameters == null)
                {
                    throw new TlsFatalAlert(AlertDescription.internal_error);
                }

                this.mDHAgreePrivateKey = TlsDHUtilities.GenerateEphemeralServerKeyExchange(context.SecureRandom,
                                                                                            this.mDHParameters, buf);
            }
            else if (this.mKeyExchange == KeyExchangeAlgorithm.ECDHE_PSK)
            {
                // TODO[RFC 5489]
            }

            return(buf.ToArray());
        }
Esempio n. 8
0
        public override byte[] GenerateServerKeyExchange()
        {
            if (mDHParameters == null)
            {
                throw new TlsFatalAlert(80);
            }
            DigestInputBuffer digestInputBuffer = new DigestInputBuffer();

            mDHAgreePrivateKey = TlsDHUtilities.GenerateEphemeralServerKeyExchange(mContext.SecureRandom, mDHParameters, digestInputBuffer);
            SignatureAndHashAlgorithm signatureAndHashAlgorithm = TlsUtilities.GetSignatureAndHashAlgorithm(mContext, mServerCredentials);
            IDigest            digest             = TlsUtilities.CreateHash(signatureAndHashAlgorithm);
            SecurityParameters securityParameters = mContext.SecurityParameters;

            digest.BlockUpdate(securityParameters.clientRandom, 0, securityParameters.clientRandom.Length);
            digest.BlockUpdate(securityParameters.serverRandom, 0, securityParameters.serverRandom.Length);
            digestInputBuffer.UpdateDigest(digest);
            byte[]          hash            = DigestUtilities.DoFinal(digest);
            byte[]          signature       = mServerCredentials.GenerateCertificateSignature(hash);
            DigitallySigned digitallySigned = new DigitallySigned(signatureAndHashAlgorithm, signature);

            digitallySigned.Encode(digestInputBuffer);
            return(digestInputBuffer.ToArray());
        }