public override byte[] SignData(byte[] buffer, HashAlgorithm hashAlgorithm, CertificatePrivateKey privateKey)
{
if (!(privateKey.Algorithm is ECDsaCng)) {
throw new Exception("ECDSA signature requires ECDSA private key");
}
ECDsaCng ecdsaKey = (ECDsaCng) privateKey.Algorithm;
ecdsaKey.HashAlgorithm = GetCngAlgorithm(hashAlgorithm);
byte[] signature = ecdsaKey.SignData(buffer);
signature = DEREncodeSignature(signature);
return signature;
}
public override void ProcessClientKeys(ProtocolVersion version, ProtocolVersion clientVersion, CertificatePrivateKey privateKey, byte[] data)
{
if (data[0] != data.Length-1) {
throw new Exception("Incorrect ECPoint length");
}
// Exctract the ECPoint
byte[] ecPoint = new byte[data.Length-1];
Buffer.BlockCopy(data, 1, ecPoint, 0, ecPoint.Length);
// Create key blob and public key
byte[] keyBlob = Point2Blob(ecPoint);
_publicKey = ECDiffieHellmanCngPublicKey.FromByteArray(keyBlob, CngKeyBlobFormat.EccPublicBlob);
}
public override byte[] SignData(ProtocolVersion version, byte[] data, HashAlgorithm hashAlgorithm, CertificatePrivateKey privateKey)
{
if (hashAlgorithm != null && !(hashAlgorithm is SHA1)) {
throw new Exception("DSA signature requires SHA1 hash algorithm");
}
if (!(privateKey.Algorithm is DSACryptoServiceProvider)) {
throw new Exception("DSA signature requires DSA private key");
}
DSACryptoServiceProvider dsaKey = (DSACryptoServiceProvider) privateKey.Algorithm;
if (dsaKey.PublicOnly) {
throw new Exception("DSA private key required for signing");
}
return DEREncodeSignature(dsaKey.SignData(data));
}
public CertificatePrivateKey GetPrivateKey(byte[] keyData)
{
foreach (CipherSuitePlugin plugin in _plugins)
{
string[] signatureIDs = plugin.SupportedSignatureAlgorithms;
foreach (string id in signatureIDs)
{
SignatureAlgorithm signatureAlgorithm = plugin.GetSignatureAlgorithm(id);
CertificatePrivateKey privateKey = signatureAlgorithm.ImportPrivateKey(keyData);
if (privateKey != null)
{
return(privateKey);
}
}
}
return(null);
}
public override void ProcessClientKeys(ProtocolVersion version, ProtocolVersion clientVersion, CertificatePrivateKey privateKey, byte[] data)
{
throw new Exception("Client keys received in null key exchange");
}
public override byte[] SignData(ProtocolVersion version, byte[] data, HashAlgorithm hashAlgorithm, CertificatePrivateKey privateKey)
{
return(new byte[0]);
}
public abstract void ProcessClientKeys(ProtocolVersion version, ProtocolVersion clientVersion, CertificatePrivateKey privateKey, byte[] data);
protected byte[] GenerateSignature(CertificatePrivateKey privateKey, byte[] data)
{
// This array contains our results
byte[] signedParams = new byte[0];
byte[] temp;
// Get the corresponding signer for private key
SignatureAlgorithm sigAlg = _pluginManager.GetSignatureAlgorithmByOid(privateKey.Oid);
if (sigAlg == null) {
throw new AlertException(AlertDescription.IllegalParameter,
"Signer for given private key not found");
}
// Select hash algorithm, null means SSLv3/TLSv1 hash
HashAlgorithm hashAlgorithm = null;
if (_version.HasSelectableSighash) {
// FIXME: Not checked to be same as negotiated, but SHA-1 should be safe
byte hashAlgorithmType = 2; // SHA-1
byte signAlgorithmType = sigAlg.SignatureAlgorithmType;
hashAlgorithm = GetSignatureHashAlgorithm(sigAlg, hashAlgorithmType);
// Update signed parameters
temp = new byte[signedParams.Length + 2];
Buffer.BlockCopy(signedParams, 0, temp, 0, signedParams.Length);
temp[signedParams.Length] = hashAlgorithmType;
temp[signedParams.Length+1] = signAlgorithmType;
signedParams = temp;
}
// Sign the actual data
byte[] signature = sigAlg.SignData(_version, data, hashAlgorithm, privateKey);
// Add signature to the end of the signedParams
temp = new byte[signedParams.Length + 2 + signature.Length];
Buffer.BlockCopy(signedParams, 0, temp, 0, signedParams.Length);
temp[signedParams.Length] = (byte) (signature.Length >> 8);
temp[signedParams.Length+1] = (byte) (signature.Length);
Buffer.BlockCopy(signature, 0, temp, signedParams.Length+2, signature.Length);
signedParams = temp;
return signedParams;
}
public override void ProcessClientKeys(ProtocolVersion version, ProtocolVersion clientVersion, CertificatePrivateKey privateKey, byte[] data)
{
if (!(privateKey.Algorithm is RSACryptoServiceProvider)) {
throw new CryptographicException("RSA key exchange requires RSA private key");
}
RSACryptoServiceProvider rsa = (RSACryptoServiceProvider)privateKey.Algorithm;
try {
// TLS 1.0 and later require a useless vector length
if (version != ProtocolVersion.SSL3_0) {
if (((data[0] << 8) | data[1]) != data.Length-2) {
throw new Exception("Client key exchange vector length incorrect");
}
// Remove vector length from the data bytes
byte[] tmpArray = new byte[data.Length-2];
Buffer.BlockCopy(data, 2, tmpArray, 0, tmpArray.Length);
data = tmpArray;
}
data = rsa.Decrypt(data, false);
if (data.Length != 48) {
throw new Exception("Invalid premaster secret length");
}
if (data[0] != clientVersion.Major || data[1] != clientVersion.Minor) {
throw new Exception("RSA client key version mismatch");
}
_preMasterSecret = data;
} catch (Exception) {
// Randomize the pre-master secret in case of an error
RNGCryptoServiceProvider rngCsp = new RNGCryptoServiceProvider();
_preMasterSecret = new byte[48];
rngCsp.GetBytes(_preMasterSecret);
}
}
public override void ProcessClientKeys(ProtocolVersion version, ProtocolVersion clientVersion, CertificatePrivateKey privateKey, byte[] data)
{
throw new Exception("Client keys received in null key exchange");
}
// WARNING: these are called with null hash algorithm for SSL 3.0, TLS 1.0 and TLS 1.1 public abstract byte[] SignData(ProtocolVersion version, byte[] data, HashAlgorithm hashAlgorithm, CertificatePrivateKey privateKey);
public abstract void ProcessClientKeys(ProtocolVersion version, ProtocolVersion clientVersion, CertificatePrivateKey privateKey, byte[] data);