public override void ProcessServerKeyExchange(Stream input) { if (!RequiresServerKeyExchange) { throw new TlsFatalAlert(AlertDescription.unexpected_message); } // DH_anon is handled here, DHE_* in a subclass ServerDHParams dhParams = ServerDHParams.Parse(input); this.mDHAgreePublicKey = TlsDHUtilities.ValidateDHPublicKey(dhParams.PublicKey); this.mDHParameters = ValidateDHParameters(mDHAgreePublicKey.Parameters); }
public override void ProcessServerKeyExchange(Stream input) { this.mPskIdentityHint = TlsUtilities.ReadOpaque16(input); if (this.mKeyExchange == KeyExchangeAlgorithm.DHE_PSK) { ServerDHParams serverDHParams = ServerDHParams.Parse(input); this.mDHAgreePublicKey = TlsDHUtilities.ValidateDHPublicKey(serverDHParams.PublicKey); this.mDHParameters = mDHAgreePublicKey.Parameters; } else if (this.mKeyExchange == KeyExchangeAlgorithm.ECDHE_PSK) { ECDomainParameters ecParams = TlsEccUtilities.ReadECParameters(mNamedCurves, mClientECPointFormats, input); byte[] point = TlsUtilities.ReadOpaque8(input); this.mECAgreePublicKey = TlsEccUtilities.ValidateECPublicKey(TlsEccUtilities.DeserializeECPublicKey( mClientECPointFormats, ecParams, point)); } }
public override void ProcessServerKeyExchange(Stream input) { SecurityParameters securityParameters = mContext.SecurityParameters; SignerInputBuffer buf = new SignerInputBuffer(); Stream teeIn = new TeeInputStream(input, buf); ServerDHParams dhParams = ServerDHParams.Parse(teeIn); DigitallySigned signed_params = ParseSignature(input); ISigner signer = InitVerifyer(mTlsSigner, signed_params.Algorithm, securityParameters); buf.UpdateSigner(signer); if (!signer.VerifySignature(signed_params.Signature)) { throw new TlsFatalAlert(AlertDescription.decrypt_error); } this.mDHAgreePublicKey = TlsDHUtilities.ValidateDHPublicKey(dhParams.PublicKey); this.mDHParameters = ValidateDHParameters(mDHAgreePublicKey.Parameters); }