コード例 #1
0
        public static ServerDHParams Parse(Stream input)
        {
            BigInteger p = TlsDHUtilities.ReadDHParameter(input);
            BigInteger g = TlsDHUtilities.ReadDHParameter(input);

            return(new ServerDHParams(TlsDHUtilities.ValidateDHPublicKey(new DHPublicKeyParameters(TlsDHUtilities.ReadDHParameter(input), new DHParameters(p, g)))));
        }
コード例 #2
0
        public virtual void GenerateClientKeyExchange(Stream output)
        {
            if (psk_identity_hint == null || psk_identity_hint.Length == 0)
            {
                pskIdentity.SkipIdentityHint();
            }
            else
            {
                pskIdentity.NotifyIdentityHint(psk_identity_hint);
            }

            byte[] psk_identity = pskIdentity.GetPskIdentity();

            TlsUtilities.WriteOpaque16(psk_identity, output);

            if (this.keyExchange == KeyExchangeAlgorithm.RSA_PSK)
            {
                this.premasterSecret = TlsRsaUtilities.GenerateEncryptedPreMasterSecret(
                    context.SecureRandom, this.rsaServerPublicKey, output);
            }
            else if (this.keyExchange == KeyExchangeAlgorithm.DHE_PSK)
            {
                this.dhAgreeClientPrivateKey = TlsDHUtilities.GenerateEphemeralClientKeyExchange(
                    context.SecureRandom, this.dhAgreeServerPublicKey.Parameters, output);
            }
        }
コード例 #3
0
        private static DHParameters FromSafeP(string hexP)
        {
            BigInteger bigInteger = TlsDHUtilities.FromHex(hexP);
            BigInteger q          = bigInteger.ShiftRight(1);

            return(new DHParameters(bigInteger, TlsDHUtilities.Two, q));
        }
コード例 #4
0
 public override void GenerateClientKeyExchange(Stream output)
 {
     if (this.mAgreementCredentials == null)
     {
         this.mDHAgreePrivateKey = TlsDHUtilities.GenerateEphemeralClientKeyExchange(base.mContext.SecureRandom, this.mDHParameters, output);
     }
 }
コード例 #5
0
 public override void ProcessClientKeyExchange(Stream input)
 {
     byte[] array = TlsUtilities.ReadOpaque16(input);
     mPsk = mPskIdentityManager.GetPsk(array);
     if (mPsk == null)
     {
         throw new TlsFatalAlert(115);
     }
     mContext.SecurityParameters.pskIdentity = array;
     if (mKeyExchange == 14)
     {
         BigInteger y = TlsDHUtilities.ReadDHParameter(input);
         mDHAgreePublicKey = TlsDHUtilities.ValidateDHPublicKey(new DHPublicKeyParameters(y, mDHParameters));
     }
     else if (mKeyExchange == 24)
     {
         byte[]             encoding   = TlsUtilities.ReadOpaque8(input);
         ECDomainParameters parameters = mECAgreePrivateKey.Parameters;
         mECAgreePublicKey = TlsEccUtilities.ValidateECPublicKey(TlsEccUtilities.DeserializeECPublicKey(mServerECPointFormats, parameters, encoding));
     }
     else if (mKeyExchange == 15)
     {
         byte[] encryptedPreMasterSecret = ((!TlsUtilities.IsSsl(mContext)) ? TlsUtilities.ReadOpaque16(input) : Streams.ReadAll(input));
         mPremasterSecret = mServerCredentials.DecryptPreMasterSecret(encryptedPreMasterSecret);
     }
 }
コード例 #6
0
        public override byte[] GenerateServerKeyExchange()
        {
            //IL_0023: Unknown result type (might be due to invalid IL or missing references)
            //IL_0029: Expected O, but got Unknown
            mPskIdentityHint = mPskIdentityManager.GetHint();
            if (mPskIdentityHint == null && !RequiresServerKeyExchange)
            {
                return(null);
            }
            MemoryStream val = new MemoryStream();

            if (mPskIdentityHint == null)
            {
                TlsUtilities.WriteOpaque16(TlsUtilities.EmptyBytes, (Stream)(object)val);
            }
            else
            {
                TlsUtilities.WriteOpaque16(mPskIdentityHint, (Stream)(object)val);
            }
            if (mKeyExchange == 14)
            {
                if (mDHParameters == null)
                {
                    throw new TlsFatalAlert(80);
                }
                mDHAgreePrivateKey = TlsDHUtilities.GenerateEphemeralServerKeyExchange(mContext.SecureRandom, mDHParameters, (Stream)(object)val);
            }
            else if (mKeyExchange == 24)
            {
                mECAgreePrivateKey = TlsEccUtilities.GenerateEphemeralServerKeyExchange(mContext.SecureRandom, mNamedCurves, mClientECPointFormats, (Stream)(object)val);
            }
            return(val.ToArray());
        }
コード例 #7
0
 public override void GenerateClientKeyExchange(Stream output)
 {
     if (mPskIdentityHint == null)
     {
         mPskIdentity.SkipIdentityHint();
     }
     else
     {
         mPskIdentity.NotifyIdentityHint(mPskIdentityHint);
     }
     byte[] pskIdentity = mPskIdentity.GetPskIdentity();
     if (pskIdentity == null)
     {
         throw new TlsFatalAlert(80);
     }
     mPsk = mPskIdentity.GetPsk();
     if (mPsk == null)
     {
         throw new TlsFatalAlert(80);
     }
     TlsUtilities.WriteOpaque16(pskIdentity, output);
     mContext.SecurityParameters.pskIdentity = pskIdentity;
     if (mKeyExchange == 14)
     {
         mDHAgreePrivateKey = TlsDHUtilities.GenerateEphemeralClientKeyExchange(mContext.SecureRandom, mDHParameters, output);
     }
     else if (mKeyExchange == 24)
     {
         mECAgreePrivateKey = TlsEccUtilities.GenerateEphemeralClientKeyExchange(mContext.SecureRandom, mServerECPointFormats, mECAgreePublicKey.Parameters, output);
     }
     else if (mKeyExchange == 15)
     {
         mPremasterSecret = TlsRsaUtilities.GenerateEncryptedPreMasterSecret(mContext, mRsaServerPublicKey, output);
     }
 }
コード例 #8
0
        protected virtual byte[] GenerateOtherSecret(int pskLength)
        {
            if (this.mKeyExchange == KeyExchangeAlgorithm.DHE_PSK)
            {
                if (mDHAgreePrivateKey != null)
                {
                    return(TlsDHUtilities.CalculateDHBasicAgreement(mDHAgreePublicKey, mDHAgreePrivateKey));
                }

                throw new TlsFatalAlert(AlertDescription.internal_error);
            }

            if (this.mKeyExchange == KeyExchangeAlgorithm.ECDHE_PSK)
            {
                if (mECAgreePrivateKey != null)
                {
                    return(TlsEccUtilities.CalculateECDHBasicAgreement(mECAgreePublicKey, mECAgreePrivateKey));
                }

                throw new TlsFatalAlert(AlertDescription.internal_error);
            }

            if (this.mKeyExchange == KeyExchangeAlgorithm.RSA_PSK)
            {
                return(this.mPremasterSecret);
            }

            return(new byte[pskLength]);
        }
コード例 #9
0
        public override void GenerateClientKeyExchange(Stream output)
        {
            if (mPskIdentityHint == null)
            {
                mPskIdentity.SkipIdentityHint();
            }
            else
            {
                mPskIdentity.NotifyIdentityHint(mPskIdentityHint);
            }

            byte[] psk_identity = mPskIdentity.GetPskIdentity();

            TlsUtilities.WriteOpaque16(psk_identity, output);

            if (this.mKeyExchange == KeyExchangeAlgorithm.DHE_PSK)
            {
                this.mDHAgreePrivateKey = TlsDHUtilities.GenerateEphemeralClientKeyExchange(context.SecureRandom,
                                                                                            mDHAgreePublicKey.Parameters, output);
            }
            else if (this.mKeyExchange == KeyExchangeAlgorithm.ECDHE_PSK)
            {
                // TODO[RFC 5489]
                throw new TlsFatalAlert(AlertDescription.internal_error);
            }
            else if (this.mKeyExchange == KeyExchangeAlgorithm.RSA_PSK)
            {
                this.mPremasterSecret = TlsRsaUtilities.GenerateEncryptedPreMasterSecret(context,
                                                                                         this.mRsaServerPublicKey, output);
            }
        }
コード例 #10
0
        public override byte[] GenerateServerKeyExchange()
        {
            this.mPskIdentityHint = this.mPskIdentityManager.GetHint();
            if (this.mPskIdentityHint == null && !this.RequiresServerKeyExchange)
            {
                return(null);
            }
            MemoryStream memoryStream = new MemoryStream();

            if (this.mPskIdentityHint == null)
            {
                TlsUtilities.WriteOpaque16(TlsUtilities.EmptyBytes, memoryStream);
            }
            else
            {
                TlsUtilities.WriteOpaque16(this.mPskIdentityHint, memoryStream);
            }
            if (this.mKeyExchange == 14)
            {
                if (this.mDHParameters == null)
                {
                    throw new TlsFatalAlert(80);
                }
                this.mDHAgreePrivateKey = TlsDHUtilities.GenerateEphemeralServerKeyExchange(this.mContext.SecureRandom, this.mDHParameters, memoryStream);
            }
            else if (this.mKeyExchange == 24)
            {
                this.mECAgreePrivateKey = TlsEccUtilities.GenerateEphemeralServerKeyExchange(this.mContext.SecureRandom, this.mNamedCurves, this.mClientECPointFormats, memoryStream);
            }
            return(memoryStream.ToArray());
        }
コード例 #11
0
 protected virtual byte[] GenerateOtherSecret(int pskLength)
 {
     if (this.mKeyExchange == 14)
     {
         if (this.mDHAgreePrivateKey != null)
         {
             return(TlsDHUtilities.CalculateDHBasicAgreement(this.mDHAgreePublicKey, this.mDHAgreePrivateKey));
         }
         throw new TlsFatalAlert(80);
     }
     else if (this.mKeyExchange == 24)
     {
         if (this.mECAgreePrivateKey != null)
         {
             return(TlsEccUtilities.CalculateECDHBasicAgreement(this.mECAgreePublicKey, this.mECAgreePrivateKey));
         }
         throw new TlsFatalAlert(80);
     }
     else
     {
         if (this.mKeyExchange == 15)
         {
             return(this.mPremasterSecret);
         }
         return(new byte[pskLength]);
     }
 }
コード例 #12
0
 protected virtual DHParameters ValidateDHParameters(DHParameters parameters)
 {
     if (parameters.P.BitLength < this.MinimumPrimeBits)
     {
         throw new TlsFatalAlert(0x47);
     }
     return(TlsDHUtilities.ValidateDHParameters(parameters));
 }
コード例 #13
0
 public override void ProcessClientKeyExchange(Stream input)
 {
     if (this.mDHAgreePublicKey == null)
     {
         BigInteger y = TlsDHUtilities.ReadDHParameter(input);
         this.mDHAgreePublicKey = TlsDHUtilities.ValidateDHPublicKey(new DHPublicKeyParameters(y, this.mDHParameters));
     }
 }
コード例 #14
0
        public static DHPrivateKeyParameters GenerateEphemeralServerKeyExchange(SecureRandom random, DHParameters dhParams, Stream output)
        {
            AsymmetricCipherKeyPair asymmetricCipherKeyPair = TlsDHUtilities.GenerateDHKeyPair(random, dhParams);
            DHPublicKeyParameters   publicKey = (DHPublicKeyParameters)asymmetricCipherKeyPair.Public;

            new ServerDHParams(publicKey).Encode(output);
            return((DHPrivateKeyParameters)asymmetricCipherKeyPair.Private);
        }
コード例 #15
0
        public static DHPrivateKeyParameters GenerateEphemeralClientKeyExchange(SecureRandom random, DHParameters dhParams, Stream output)
        {
            AsymmetricCipherKeyPair asymmetricCipherKeyPair = TlsDHUtilities.GenerateDHKeyPair(random, dhParams);
            DHPublicKeyParameters   dHPublicKeyParameters   = (DHPublicKeyParameters)asymmetricCipherKeyPair.Public;

            TlsDHUtilities.WriteDHParameter(dHPublicKeyParameters.Y, output);
            return((DHPrivateKeyParameters)asymmetricCipherKeyPair.Private);
        }
コード例 #16
0
 public static short GetNegotiatedDheGroupsServerExtension(IDictionary extensions)
 {
     byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.negotiated_ff_dhe_groups);
     if (extensionData != null)
     {
         return((short)TlsDHUtilities.ReadNegotiatedDheGroupsServerExtension(extensionData));
     }
     return(-1);
 }
コード例 #17
0
 public static byte[] GetNegotiatedDheGroupsClientExtension(IDictionary extensions)
 {
     byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.negotiated_ff_dhe_groups);
     if (extensionData != null)
     {
         return(TlsDHUtilities.ReadNegotiatedDheGroupsClientExtension(extensionData));
     }
     return(null);
 }
コード例 #18
0
        protected virtual DHParameters ValidateDHParameters(DHParameters parameters)
        {
            if (parameters.P.BitLength < MinimumPrimeBits)
            {
                throw new TlsFatalAlert(AlertDescription.insufficient_security);
            }

            return(TlsDHUtilities.ValidateDHParameters(parameters));
        }
コード例 #19
0
        public virtual void Encode(Stream output)
        {
            DHParameters parameters = this.mPublicKey.Parameters;
            BigInteger   y          = this.mPublicKey.Y;

            TlsDHUtilities.WriteDHParameter(parameters.P, output);
            TlsDHUtilities.WriteDHParameter(parameters.G, output);
            TlsDHUtilities.WriteDHParameter(y, output);
        }
コード例 #20
0
        /**
         * Encode this {@link ServerDHParams} to a {@link Stream}.
         *
         * @param output
         *            the {@link Stream} to encode to.
         * @throws IOException
         */
        public virtual void Encode(Stream output)
        {
            DHParameters dhParameters = mPublicKey.Parameters;
            BigInteger   Ys           = mPublicKey.Y;

            TlsDHUtilities.WriteDHParameter(dhParameters.P, output);
            TlsDHUtilities.WriteDHParameter(dhParameters.G, output);
            TlsDHUtilities.WriteDHParameter(Ys, output);
        }
コード例 #21
0
        public override void ProcessClientKeyExchange(Stream input)
        {
            if (mDHAgreePublicKey != null)
            {
                // For dss_fixed_dh and rsa_fixed_dh, the key arrived in the client certificate
                return;
            }

            this.mDHAgreePublicKey = new DHPublicKeyParameters(TlsDHUtilities.ReadDHParameter(input), mDHParameters);
        }
コード例 #22
0
 public static bool ContainsDheCipherSuites(int[] cipherSuites)
 {
     for (int i = 0; i < cipherSuites.Length; i++)
     {
         if (TlsDHUtilities.IsDheCipherSuite(cipherSuites[i]))
         {
             return(true);
         }
     }
     return(false);
 }
コード例 #23
0
        public override void ProcessServerKeyExchange(Stream input)
        {
            if (!RequiresServerKeyExchange)
            {
                throw new TlsFatalAlert(AlertDescription.unexpected_message);
            }

            // DH_anon is handled here, DHE_* in a subclass

            this.mDHParameters     = TlsDHUtilities.ReceiveDHParameters(mDHVerifier, input);
            this.mDHAgreePublicKey = new DHPublicKeyParameters(TlsDHUtilities.ReadDHParameter(input), mDHParameters);
        }
コード例 #24
0
 public override byte[] GeneratePremasterSecret()
 {
     if (this.mAgreementCredentials != null)
     {
         return(this.mAgreementCredentials.GenerateAgreement(this.mDHAgreePublicKey));
     }
     if (this.mDHAgreePrivateKey == null)
     {
         throw new TlsFatalAlert(80);
     }
     return(TlsDHUtilities.CalculateDHBasicAgreement(this.mDHAgreePublicKey, this.mDHAgreePrivateKey));
 }
コード例 #25
0
 public override void GenerateClientKeyExchange(Stream output)
 {
     /*
      * RFC 2246 7.4.7.2 If the client certificate already contains a suitable Diffie-Hellman
      * key, then Yc is implicit and does not need to be sent again. In this case, the Client Key
      * Exchange message will be sent, but will be empty.
      */
     if (mAgreementCredentials == null)
     {
         this.mDHAgreePrivateKey = TlsDHUtilities.GenerateEphemeralClientKeyExchange(mContext.SecureRandom,
                                                                                     mDHParameters, output);
     }
 }
コード例 #26
0
        public override byte[] GeneratePremasterSecret()
        {
            if (mAgreementCredentials != null)
            {
                return(mAgreementCredentials.GenerateAgreement(mDHAgreePublicKey));
            }

            if (mDHAgreePrivateKey != null)
            {
                return(TlsDHUtilities.CalculateDHBasicAgreement(mDHAgreePublicKey, mDHAgreePrivateKey));
            }

            throw new TlsFatalAlert(AlertDescription.internal_error);
        }
コード例 #27
0
        public override void ProcessServerKeyExchange(Stream input)
        {
            if (!RequiresServerKeyExchange)
            {
                throw new TlsFatalAlert(AlertDescription.unexpected_message);
            }

            // DH_anon is handled here, DHE_* in a subclass

            ServerDHParams dhParams = ServerDHParams.Parse(input);

            this.mDHAgreePublicKey = TlsDHUtilities.ValidateDHPublicKey(dhParams.PublicKey);
            this.mDHParameters     = ValidateDHParameters(mDHAgreePublicKey.Parameters);
        }
コード例 #28
0
        public override void ProcessServerCertificate(Certificate serverCertificate)
        {
            if (mKeyExchange == KeyExchangeAlgorithm.DH_anon)
            {
                throw new TlsFatalAlert(AlertDescription.unexpected_message);
            }
            if (serverCertificate.IsEmpty)
            {
                throw new TlsFatalAlert(AlertDescription.bad_certificate);
            }

            X509CertificateStructure x509Cert = serverCertificate.GetCertificateAt(0);

            SubjectPublicKeyInfo keyInfo = x509Cert.SubjectPublicKeyInfo;

            try
            {
                this.mServerPublicKey = PublicKeyFactory.CreateKey(keyInfo);
            }
            catch (Exception e)
            {
                throw new TlsFatalAlert(AlertDescription.unsupported_certificate, e);
            }

            if (mTlsSigner == null)
            {
                try
                {
                    this.mDHAgreePublicKey = TlsDHUtilities.ValidateDHPublicKey((DHPublicKeyParameters)this.mServerPublicKey);
                    this.mDHParameters     = ValidateDHParameters(mDHAgreePublicKey.Parameters);
                }
                catch (InvalidCastException e)
                {
                    throw new TlsFatalAlert(AlertDescription.certificate_unknown, e);
                }

                TlsUtilities.ValidateKeyUsage(x509Cert, KeyUsage.KeyAgreement);
            }
            else
            {
                if (!mTlsSigner.IsValidPublicKey(this.mServerPublicKey))
                {
                    throw new TlsFatalAlert(AlertDescription.certificate_unknown);
                }

                TlsUtilities.ValidateKeyUsage(x509Cert, KeyUsage.DigitalSignature);
            }

            base.ProcessServerCertificate(serverCertificate);
        }
コード例 #29
0
        public override byte[] GenerateServerKeyExchange()
        {
            if (this.mDHParameters == null)
            {
                throw new TlsFatalAlert(AlertDescription.internal_error);
            }

            DigestInputBuffer buf = new DigestInputBuffer();

            this.mDHAgreeServerPrivateKey = TlsDHUtilities.GenerateEphemeralServerKeyExchange(context.SecureRandom,
                                                                                              this.mDHParameters, buf);

            /*
             * RFC 5246 4.7. digitally-signed element needs SignatureAndHashAlgorithm from TLS 1.2
             */
            SignatureAndHashAlgorithm signatureAndHashAlgorithm;
            IDigest d;

            if (TlsUtilities.IsTlsV12(context))
            {
                signatureAndHashAlgorithm = mServerCredentials.SignatureAndHashAlgorithm;
                if (signatureAndHashAlgorithm == null)
                {
                    throw new TlsFatalAlert(AlertDescription.internal_error);
                }

                d = TlsUtilities.CreateHash(signatureAndHashAlgorithm.Hash);
            }
            else
            {
                signatureAndHashAlgorithm = null;
                d = new CombinedHash();
            }

            SecurityParameters securityParameters = context.SecurityParameters;

            d.BlockUpdate(securityParameters.clientRandom, 0, securityParameters.clientRandom.Length);
            d.BlockUpdate(securityParameters.serverRandom, 0, securityParameters.serverRandom.Length);
            buf.UpdateDigest(d);

            byte[] hash = DigestUtilities.DoFinal(d);

            byte[] signature = mServerCredentials.GenerateCertificateSignature(hash);

            DigitallySigned signed_params = new DigitallySigned(signatureAndHashAlgorithm, signature);

            signed_params.Encode(buf);

            return(buf.ToArray());
        }
コード例 #30
0
        protected virtual byte[] GenerateOtherSecret(int pskLength)
        {
            if (this.keyExchange == KeyExchangeAlgorithm.DHE_PSK)
            {
                return(TlsDHUtilities.CalculateDHBasicAgreement(dhAgreeServerPublicKey, dhAgreeClientPrivateKey));
            }

            if (this.keyExchange == KeyExchangeAlgorithm.RSA_PSK)
            {
                return(this.premasterSecret);
            }

            return(new byte[pskLength]);
        }