public override TlsCredentials GetCredentials()
{
switch (TlsUtilities.GetKeyExchangeAlgorithm(mSelectedCipherSuite))
{
case 3:
case 7:
return(GetDsaSignerCredentials());
case 16:
case 17:
return(GetECDsaSignerCredentials());
case 5:
case 19:
return(GetRsaSignerCredentials());
case 1:
return(GetRsaEncryptionCredentials());
default:
throw new TlsFatalAlert(80);
}
}
public override TlsKeyExchange GetKeyExchange()
{
int keyExchangeAlgorithm = TlsUtilities.GetKeyExchangeAlgorithm(mSelectedCipherSuite);
switch (keyExchangeAlgorithm)
{
case KeyExchangeAlgorithm.DH_anon:
case KeyExchangeAlgorithm.DH_DSS:
case KeyExchangeAlgorithm.DH_RSA:
return(CreateDHKeyExchange(keyExchangeAlgorithm));
case KeyExchangeAlgorithm.DHE_DSS:
case KeyExchangeAlgorithm.DHE_RSA:
return(CreateDheKeyExchange(keyExchangeAlgorithm));
case KeyExchangeAlgorithm.ECDH_anon:
case KeyExchangeAlgorithm.ECDH_ECDSA:
case KeyExchangeAlgorithm.ECDH_RSA:
return(CreateECDHKeyExchange(keyExchangeAlgorithm));
case KeyExchangeAlgorithm.ECDHE_ECDSA:
case KeyExchangeAlgorithm.ECDHE_RSA:
return(CreateECDheKeyExchange(keyExchangeAlgorithm));
case KeyExchangeAlgorithm.RSA:
return(CreateRsaKeyExchange());
default:
/*
* Note: internal error here; the TlsProtocol implementation verifies that the
* server-selected cipher suite was in the list of client-offered cipher suites, so if
* we now can't produce an implementation, we shouldn't have offered it!
*/
throw new TlsFatalAlert(AlertDescription.internal_error);
}
}