public override void GenerateClientKeyExchange(Stream output) { /* * RFC 2246 7.4.7.2 If the client certificate already contains a suitable Diffie-Hellman * key, then Yc is implicit and does not need to be sent again. In this case, the Client Key * Exchange message will be sent, but will be empty. */ if (mAgreementCredentials == null) { this.mDHAgreePrivateKey = TlsDHUtilities.GenerateEphemeralClientKeyExchange(mContext.SecureRandom, mDHParameters, output); } }
public override void GenerateClientKeyExchange(Stream output) { if (mPskIdentityHint == null) { mPskIdentity.SkipIdentityHint(); } else { mPskIdentity.NotifyIdentityHint(mPskIdentityHint); } byte[] psk_identity = mPskIdentity.GetPskIdentity(); if (psk_identity == null) { throw new TlsFatalAlert(AlertDescription.internal_error); } this.mPsk = mPskIdentity.GetPsk(); if (mPsk == null) { throw new TlsFatalAlert(AlertDescription.internal_error); } TlsUtilities.WriteOpaque16(psk_identity, output); mContext.SecurityParameters.pskIdentity = psk_identity; if (this.mKeyExchange == KeyExchangeAlgorithm.DHE_PSK) { this.mDHAgreePrivateKey = TlsDHUtilities.GenerateEphemeralClientKeyExchange(mContext.SecureRandom, mDHParameters, output); } else if (this.mKeyExchange == KeyExchangeAlgorithm.ECDHE_PSK) { this.mECAgreePrivateKey = TlsEccUtilities.GenerateEphemeralClientKeyExchange(mContext.SecureRandom, mServerECPointFormats, mECAgreePublicKey.Parameters, output); } else if (this.mKeyExchange == KeyExchangeAlgorithm.RSA_PSK) { this.mPremasterSecret = TlsRsaUtilities.GenerateEncryptedPreMasterSecret(mContext, this.mRsaServerPublicKey, output); } }