public override void ProcessClientKeyExchange(Stream input) { byte[] array = TlsUtilities.ReadOpaque16(input); mPsk = mPskIdentityManager.GetPsk(array); if (mPsk == null) { throw new TlsFatalAlert(115); } mContext.SecurityParameters.pskIdentity = array; if (mKeyExchange == 14) { BigInteger y = TlsDHUtilities.ReadDHParameter(input); mDHAgreePublicKey = TlsDHUtilities.ValidateDHPublicKey(new DHPublicKeyParameters(y, mDHParameters)); } else if (mKeyExchange == 24) { byte[] encoding = TlsUtilities.ReadOpaque8(input); ECDomainParameters parameters = mECAgreePrivateKey.Parameters; mECAgreePublicKey = TlsEccUtilities.ValidateECPublicKey(TlsEccUtilities.DeserializeECPublicKey(mServerECPointFormats, parameters, encoding)); } else if (mKeyExchange == 15) { byte[] encryptedPreMasterSecret = (!TlsUtilities.IsSsl(mContext)) ? TlsUtilities.ReadOpaque16(input) : Streams.ReadAll(input); mPremasterSecret = mServerCredentials.DecryptPreMasterSecret(encryptedPreMasterSecret); } }
public override void ProcessClientKeyExchange(Stream input) { if (mDHAgreePublicKey == null) { BigInteger y = TlsDHUtilities.ReadDHParameter(input); mDHAgreePublicKey = TlsDHUtilities.ValidateDHPublicKey(new DHPublicKeyParameters(y, mDHParameters)); } }
public static ServerDHParams Parse(Stream input) { BigInteger p = TlsDHUtilities.ReadDHParameter(input); BigInteger g = TlsDHUtilities.ReadDHParameter(input); BigInteger y = TlsDHUtilities.ReadDHParameter(input); return(new ServerDHParams(TlsDHUtilities.ValidateDHPublicKey(new DHPublicKeyParameters(y, new DHParameters(p, g))))); }
public override void ProcessServerKeyExchange(Stream input) { mPskIdentityHint = TlsUtilities.ReadOpaque16(input); if (mKeyExchange == 14) { ServerDHParams serverDHParams = ServerDHParams.Parse(input); mDHAgreePublicKey = TlsDHUtilities.ValidateDHPublicKey(serverDHParams.PublicKey); mDHParameters = mDHAgreePublicKey.Parameters; } else if (mKeyExchange == 24) { ECDomainParameters curve_params = TlsEccUtilities.ReadECParameters(mNamedCurves, mClientECPointFormats, input); byte[] encoding = TlsUtilities.ReadOpaque8(input); mECAgreePublicKey = TlsEccUtilities.ValidateECPublicKey(TlsEccUtilities.DeserializeECPublicKey(mClientECPointFormats, curve_params, encoding)); } }
public override void ProcessServerKeyExchange(Stream input) { SecurityParameters securityParameters = mContext.SecurityParameters; SignerInputBuffer signerInputBuffer = new SignerInputBuffer(); Stream input2 = new TeeInputStream(input, signerInputBuffer); ServerDHParams serverDHParams = ServerDHParams.Parse(input2); DigitallySigned digitallySigned = ParseSignature(input); ISigner signer = InitVerifyer(mTlsSigner, digitallySigned.Algorithm, securityParameters); signerInputBuffer.UpdateSigner(signer); if (!signer.VerifySignature(digitallySigned.Signature)) { throw new TlsFatalAlert(51); } mDHAgreePublicKey = TlsDHUtilities.ValidateDHPublicKey(serverDHParams.PublicKey); mDHParameters = ValidateDHParameters(mDHAgreePublicKey.Parameters); }
public override void ProcessServerCertificate(Certificate serverCertificate) { if (serverCertificate.IsEmpty) { throw new TlsFatalAlert(42); } X509CertificateStructure certificateAt = serverCertificate.GetCertificateAt(0); SubjectPublicKeyInfo subjectPublicKeyInfo = certificateAt.SubjectPublicKeyInfo; try { mServerPublicKey = PublicKeyFactory.CreateKey(subjectPublicKeyInfo); } catch (Exception alertCause) { throw new TlsFatalAlert(43, alertCause); } if (mTlsSigner == null) { try { mDHAgreePublicKey = TlsDHUtilities.ValidateDHPublicKey((DHPublicKeyParameters)mServerPublicKey); mDHParameters = ValidateDHParameters(mDHAgreePublicKey.Parameters); } catch (InvalidCastException alertCause2) { throw new TlsFatalAlert(46, alertCause2); } TlsUtilities.ValidateKeyUsage(certificateAt, 8); } else { if (!mTlsSigner.IsValidPublicKey(mServerPublicKey)) { throw new TlsFatalAlert(46); } TlsUtilities.ValidateKeyUsage(certificateAt, 128); } base.ProcessServerCertificate(serverCertificate); }
public override void ProcessServerKeyExchange(Stream input) { SecurityParameters securityParameters = mContext.SecurityParameters; SignerInputBuffer buf = new SignerInputBuffer(); Stream teeIn = new TeeInputStream(input, buf); ServerDHParams dhParams = ServerDHParams.Parse(teeIn); DigitallySigned signed_params = ParseSignature(input); mSignatureAndHashAlgorithm = signed_params.Algorithm; ISigner signer = InitVerifyer(mTlsSigner, signed_params.Algorithm, securityParameters); buf.UpdateSigner(signer); if (!signer.VerifySignature(signed_params.Signature)) { throw new TlsFatalAlert(AlertDescription.decrypt_error); } this.mDHAgreePublicKey = TlsDHUtilities.ValidateDHPublicKey(dhParams.PublicKey); this.mDHParameters = ValidateDHParameters(mDHAgreePublicKey.Parameters); }