| public static GenerateEphemeralClientKeyExchange ( SecureRandom random, DHParameters dhParams, Stream output ) : DHPrivateKeyParameters | ||
| random | SecureRandom | |
| dhParams | DHParameters | |
| output | Stream | |
| return | DHPrivateKeyParameters | |
public virtual void GenerateClientKeyExchange(Stream output)
{
if (psk_identity_hint == null || psk_identity_hint.Length == 0)
{
pskIdentity.SkipIdentityHint();
}
else
{
pskIdentity.NotifyIdentityHint(psk_identity_hint);
}
byte[] psk_identity = pskIdentity.GetPskIdentity();
TlsUtilities.WriteOpaque16(psk_identity, output);
if (this.keyExchange == KeyExchangeAlgorithm.RSA_PSK)
{
this.premasterSecret = TlsRsaUtilities.GenerateEncryptedPreMasterSecret(
context.SecureRandom, this.rsaServerPublicKey, output);
}
else if (this.keyExchange == KeyExchangeAlgorithm.DHE_PSK)
{
this.dhAgreeClientPrivateKey = TlsDHUtilities.GenerateEphemeralClientKeyExchange(
context.SecureRandom, this.dhAgreeServerPublicKey.Parameters, output);
}
}
public override void GenerateClientKeyExchange(Stream output)
{
if (this.mAgreementCredentials == null)
{
this.mDHAgreePrivateKey = TlsDHUtilities.GenerateEphemeralClientKeyExchange(base.mContext.SecureRandom, this.mDHParameters, output);
}
}
public override void GenerateClientKeyExchange(Stream output)
{
if (mPskIdentityHint == null)
{
mPskIdentity.SkipIdentityHint();
}
else
{
mPskIdentity.NotifyIdentityHint(mPskIdentityHint);
}
byte[] pskIdentity = mPskIdentity.GetPskIdentity();
if (pskIdentity == null)
{
throw new TlsFatalAlert(80);
}
mPsk = mPskIdentity.GetPsk();
if (mPsk == null)
{
throw new TlsFatalAlert(80);
}
TlsUtilities.WriteOpaque16(pskIdentity, output);
mContext.SecurityParameters.pskIdentity = pskIdentity;
if (mKeyExchange == 14)
{
mDHAgreePrivateKey = TlsDHUtilities.GenerateEphemeralClientKeyExchange(mContext.SecureRandom, mDHParameters, output);
}
else if (mKeyExchange == 24)
{
mECAgreePrivateKey = TlsEccUtilities.GenerateEphemeralClientKeyExchange(mContext.SecureRandom, mServerECPointFormats, mECAgreePublicKey.Parameters, output);
}
else if (mKeyExchange == 15)
{
mPremasterSecret = TlsRsaUtilities.GenerateEncryptedPreMasterSecret(mContext, mRsaServerPublicKey, output);
}
}
public override void GenerateClientKeyExchange(Stream output)
{
if (mPskIdentityHint == null)
{
mPskIdentity.SkipIdentityHint();
}
else
{
mPskIdentity.NotifyIdentityHint(mPskIdentityHint);
}
byte[] psk_identity = mPskIdentity.GetPskIdentity();
TlsUtilities.WriteOpaque16(psk_identity, output);
if (this.mKeyExchange == KeyExchangeAlgorithm.DHE_PSK)
{
this.mDHAgreePrivateKey = TlsDHUtilities.GenerateEphemeralClientKeyExchange(context.SecureRandom,
mDHAgreePublicKey.Parameters, output);
}
else if (this.mKeyExchange == KeyExchangeAlgorithm.ECDHE_PSK)
{
// TODO[RFC 5489]
throw new TlsFatalAlert(AlertDescription.internal_error);
}
else if (this.mKeyExchange == KeyExchangeAlgorithm.RSA_PSK)
{
this.mPremasterSecret = TlsRsaUtilities.GenerateEncryptedPreMasterSecret(context,
this.mRsaServerPublicKey, output);
}
}
public override void GenerateClientKeyExchange(Stream output)
{
/*
* RFC 2246 7.4.7.2 If the client certificate already contains a suitable Diffie-Hellman
* key, then Yc is implicit and does not need to be sent again. In this case, the Client Key
* Exchange message will be sent, but will be empty.
*/
if (mAgreementCredentials == null)
{
this.mDHAgreePrivateKey = TlsDHUtilities.GenerateEphemeralClientKeyExchange(mContext.SecureRandom,
mDHParameters, output);
}
}
protected virtual void GenerateEphemeralClientKeyExchange(DHParameters dhParams, Stream output)
{
this.dhAgreeClientPrivateKey = TlsDHUtilities.GenerateEphemeralClientKeyExchange(
context.SecureRandom, dhParams, output);
}