/// <summary> /// Parses the raw data in the record into the appropriate structures using the keyexhange and signature algorithms /// provided. /// </summary> /// <param name="algo"></param> /// <param name="sig"></param> public void ParseRawData(KeyExchangeAlgorithm algo, SignatureAlgorithm sig) { KeyExchangeAlgorithm = algo; SignatureAlgorithm = sig; int nAt = 0; // Parse our RawData block into the structures below if (KeyExchangeAlgorithm == TLS.KeyExchangeAlgorithm.rsa) { RSAModulusLength = ByteHelper.ReadUshortBigEndian(RawData, nAt); nAt += 2; rsa_modulus = ByteHelper.ReadByteArray(RawData, nAt, RSAModulusLength); nAt += RSAModulusLength; RSAExponentLength = ByteHelper.ReadUshortBigEndian(RawData, nAt); nAt += 2; rsa_exponent = ByteHelper.ReadByteArray(RawData, nAt, RSAExponentLength); nAt += RSAExponentLength; } else if (KeyExchangeAlgorithm == TLS.KeyExchangeAlgorithm.rsa) { dh_p_length = ByteHelper.ReadUshortBigEndian(RawData, nAt); nAt += 2; dh_p = ByteHelper.ReadByteArray(RawData, nAt, dh_p_length); nAt += dh_p_length; dh_g_length = ByteHelper.ReadUshortBigEndian(RawData, nAt); nAt += 2; dh_g = ByteHelper.ReadByteArray(RawData, nAt, dh_g_length); nAt += dh_g_length; dh_Ys_length = ByteHelper.ReadUshortBigEndian(RawData, nAt); nAt += 2; dh_Ys = ByteHelper.ReadByteArray(RawData, nAt, dh_Ys_length); nAt += dh_Ys_length; } if ((SignatureAlgorithm == TLS.SignatureAlgorithm.dsa) || (SignatureAlgorithm == TLS.SignatureAlgorithm.rsa)) { HashDigitalSignatureLength = ByteHelper.ReadUshortBigEndian(RawData, nAt); nAt += 2; DigitalSignatureOfHash = ByteHelper.ReadByteArray(RawData, nAt, HashDigitalSignatureLength); nAt += HashDigitalSignatureLength; } }
internal TlsSrpKeyExchange(TlsClientContext context, KeyExchangeAlgorithm keyExchange, byte[] identity, byte[] password) { switch (keyExchange) { case KeyExchangeAlgorithm.SRP: this.tlsSigner = null; break; case KeyExchangeAlgorithm.SRP_RSA: this.tlsSigner = new TlsRsaSigner(); break; case KeyExchangeAlgorithm.SRP_DSS: this.tlsSigner = new TlsDssSigner(); break; default: throw new ArgumentException("unsupported key exchange algorithm", "keyExchange"); } this.context = context; this.keyExchange = keyExchange; this.identity = identity; this.password = password; }
public CipherSuiteSelector(X509Certificate cert) { KeyExchangeAlgorithm[] keyExchanges; string algo_oid = cert.GetKeyAlgorithm (); if (algo_oid == "1.2.840.10045.2.1") { keyExchanges = new KeyExchangeAlgorithm[] { KeyExchangeAlgorithm.DH_anon, KeyExchangeAlgorithm.ECDH_anon, KeyExchangeAlgorithm.ECDH_ECDSA, KeyExchangeAlgorithm.ECDHE_ECDSA }; } else if (algo_oid == "1.2.840.10040.4.1") { keyExchanges = new KeyExchangeAlgorithm[] { KeyExchangeAlgorithm.DH_anon, KeyExchangeAlgorithm.DH_DSS, KeyExchangeAlgorithm.DHE_DSS, KeyExchangeAlgorithm.ECDH_anon }; } else if (algo_oid == "1.2.840.113549.1.1.1") { keyExchanges = new KeyExchangeAlgorithm[] { KeyExchangeAlgorithm.DH_anon, KeyExchangeAlgorithm.DH_RSA, KeyExchangeAlgorithm.DHE_RSA, KeyExchangeAlgorithm.ECDH_anon, KeyExchangeAlgorithm.ECDH_RSA, KeyExchangeAlgorithm.ECDHE_RSA, KeyExchangeAlgorithm.RSA }; } else { throw new NotSupportedException (); } _supports = SupportedCipherSuites.FilterKeyExchange (keyExchanges); }
public override string ToString() { return(SslProtocol.ToString() + ", " + CipherAlgorithm.ToString() + " (" + cipherStrength.ToString() + " bit), " + KeyExchangeAlgorithm.ToString() + " (" + keyExchangeStrength.ToString() + " bit), " + HashAlgorithm.ToString() + " (" + hashStrength.ToString() + " bit)"); }
public CipherSuiteInfo(BulkCipherAlgorithm cipher, CipherType cipherType, byte encKeyLen, byte blockLen, byte ivLen, byte recordIVLen, MACAlgorithm mac, KeyExchangeAlgorithm exchangeAlgo) { _bulk_cipher = cipher; _cipherType = cipherType; _enc_key_length = encKeyLen; _block_length = blockLen; _fixed_iv_length = ivLen; _record_iv_length = recordIVLen; _mac = mac; _exchangeAlgo = exchangeAlgo; switch (mac) { case MACAlgorithm.HMAC_MD5: _mac_length = _mac_key_length = 16; break; case MACAlgorithm.HMAC_SHA1: _mac_length = _mac_key_length = 20; break; case MACAlgorithm.HMAC_SHA256: _mac_length = _mac_key_length = 32; break; case MACAlgorithm.HMAC_SHA384: _mac_length = _mac_key_length = 48; break; case MACAlgorithm.HMAC_SHA512: _mac_length = _mac_key_length = 64; break; default: throw new ArgumentOutOfRangeException(); } _isECC = exchangeAlgo == KeyExchangeAlgorithm.ECDH_anon || exchangeAlgo == KeyExchangeAlgorithm.ECDH_ECDSA || exchangeAlgo == KeyExchangeAlgorithm.ECDH_RSA || exchangeAlgo == KeyExchangeAlgorithm.ECDHE_ECDSA || exchangeAlgo == KeyExchangeAlgorithm.ECDHE_RSA; }
public CipherSuiteInfo(BulkCipherAlgorithm cipher, CipherType cipherType, byte encKeyLen, byte blockLen, byte ivLen, byte recordIVLen, MACAlgorithm mac, KeyExchangeAlgorithm exchangeAlgo) { _bulk_cipher = cipher; _cipherType = cipherType; _enc_key_length = encKeyLen; _block_length = blockLen; _fixed_iv_length = ivLen; _record_iv_length = recordIVLen; _mac = mac; _exchangeAlgo = exchangeAlgo; switch (mac) { case MACAlgorithm.HMAC_MD5: _mac_length = _mac_key_length = 16; break; case MACAlgorithm.HMAC_SHA1: _mac_length = _mac_key_length = 20; break; case MACAlgorithm.HMAC_SHA256: _mac_length = _mac_key_length = 32; break; case MACAlgorithm.HMAC_SHA384: _mac_length = _mac_key_length = 48; break; case MACAlgorithm.HMAC_SHA512: _mac_length = _mac_key_length = 64; break; default: throw new ArgumentOutOfRangeException (); } _isECC = exchangeAlgo == KeyExchangeAlgorithm.ECDH_anon || exchangeAlgo == KeyExchangeAlgorithm.ECDH_ECDSA || exchangeAlgo == KeyExchangeAlgorithm.ECDH_RSA || exchangeAlgo == KeyExchangeAlgorithm.ECDHE_ECDSA || exchangeAlgo == KeyExchangeAlgorithm.ECDHE_RSA; }
public static bool IsNeedServerKeyExchangeMessage(KeyExchangeAlgorithm kea) { return(!(kea == KeyExchangeAlgorithm.RSA || kea == KeyExchangeAlgorithm.DH_DSS || kea == KeyExchangeAlgorithm.DH_RSA || kea == KeyExchangeAlgorithm.ECDH_ECDSA || kea == KeyExchangeAlgorithm.ECDH_RSA)); }
public static bool IsNeedServerKeyExchangeMessage(KeyExchangeAlgorithm kea) { return !(kea == KeyExchangeAlgorithm.RSA || kea == KeyExchangeAlgorithm.DH_DSS || kea == KeyExchangeAlgorithm.DH_RSA || kea == KeyExchangeAlgorithm.ECDH_ECDSA || kea == KeyExchangeAlgorithm.ECDH_RSA); }
internal static CipherSuite[] FilterKeyExchange(KeyExchangeAlgorithm[] filter) { List<CipherSuite> list = new List<CipherSuite> (); foreach (KeyValuePair<CipherSuite, CipherSuiteInfo> pair in _list) { if (Array.IndexOf<KeyExchangeAlgorithm> (filter, pair.Value.KeyExchangeAlgorithm) >= 0) list.Add (pair.Key); } return list.ToArray (); }
public EncryptedSocket(Socket baseSocket, KeyExchangeAlgorithm keyExchangeAlgorithm) { this.baseSocket = baseSocket; this.keyExchangeAlgorithm = keyExchangeAlgorithm; if (baseSocket.IsConnected()) { this.stream = new EncryptedStreamDuplex(baseSocket.GetStream(), keyExchangeAlgorithm.Exchange(baseSocket.GetStream())); } }
public void SetCipherSuite(CipherSuite suite, AsymmetricAlgorithm signAlgo) { CipherSuiteInfo info = SupportedCipherSuites.GetSuiteInfo(suite); if (info == null) { throw new NotSupportedException(); } _bulk_cipher = info.BulkCipherAlgorithm; _cipherType = info.CipherType; _enc_key_length = info.EncKeyLength; _block_length = info.BlockLength; _fixed_iv_length = info.FixedIVLength; _record_iv_length = info.RecordIVLength; _mac = info.MACAlgorithm; _mac_length = info.MACLength; _mac_key_length = info.MACKeyLength; _keyExchange = info.KeyExchangeAlgorithm; // TODO: TLS1.2spec ? switch (_prfType) { case PRFAlgorithm.MD5_AND_SHA1: _prf = new MD5_AND_SHA1(); break; case PRFAlgorithm.SSL3: _prf = new SSL3_PRF(this); break; default: throw new NotSupportedException(); } switch (_keyExchange) { case KeyExchangeAlgorithm.ECDHE_ECDSA: _keyExchanger = new ECDHE_ECDSA((openCrypto.EllipticCurve.Signature.ECDSA)signAlgo); break; case KeyExchangeAlgorithm.DHE_DSS: _keyExchanger = new DHE_DSS((DSACryptoServiceProvider)signAlgo); break; case KeyExchangeAlgorithm.RSA: _keyExchanger = new KeyExchange.RSA((RSACryptoServiceProvider)signAlgo); break; default: throw new NotImplementedException(); } }
public CipherSuiteSelector(X509Certificate cert) { KeyExchangeAlgorithm[] keyExchanges; string algo_oid = cert.GetKeyAlgorithm(); if (algo_oid == "1.2.840.10045.2.1") { keyExchanges = new KeyExchangeAlgorithm[] { KeyExchangeAlgorithm.DH_anon, KeyExchangeAlgorithm.ECDH_anon, KeyExchangeAlgorithm.ECDH_ECDSA, KeyExchangeAlgorithm.ECDHE_ECDSA }; } else if (algo_oid == "1.2.840.10040.4.1") { keyExchanges = new KeyExchangeAlgorithm[] { KeyExchangeAlgorithm.DH_anon, KeyExchangeAlgorithm.DH_DSS, KeyExchangeAlgorithm.DHE_DSS, KeyExchangeAlgorithm.ECDH_anon }; } else if (algo_oid == "1.2.840.113549.1.1.1") { keyExchanges = new KeyExchangeAlgorithm[] { KeyExchangeAlgorithm.DH_anon, KeyExchangeAlgorithm.DH_RSA, KeyExchangeAlgorithm.DHE_RSA, KeyExchangeAlgorithm.ECDH_anon, KeyExchangeAlgorithm.ECDH_RSA, KeyExchangeAlgorithm.ECDHE_RSA, KeyExchangeAlgorithm.RSA }; } else { throw new NotSupportedException(); } _supports = SupportedCipherSuites.FilterKeyExchange(keyExchanges); }
internal TlsECDHKeyExchange(TlsClientContext context, KeyExchangeAlgorithm keyExchange) { switch (keyExchange) { case KeyExchangeAlgorithm.ECDHE_RSA: this.tlsSigner = new TlsRsaSigner(); break; case KeyExchangeAlgorithm.ECDHE_ECDSA: this.tlsSigner = new TlsECDsaSigner(); break; case KeyExchangeAlgorithm.ECDH_RSA: case KeyExchangeAlgorithm.ECDH_ECDSA: this.tlsSigner = null; break; default: throw new ArgumentException("unsupported key exchange algorithm", "keyExchange"); } this.context = context; this.keyExchange = keyExchange; }
internal TlsDheKeyExchange(TlsClientContext context, KeyExchangeAlgorithm keyExchange) : base(context, keyExchange) { }
public ProfileMessage Deserialize(Omnix.Serialization.RocketPack.RocketPackReader r, int rank) { if (rank > 256) { throw new System.FormatException(); } // Read property count uint propertyCount = r.GetUInt32(); System.ReadOnlyMemory <byte> p_sessionId = System.ReadOnlyMemory <byte> .Empty; AuthenticationType p_authenticationType = (AuthenticationType)0; KeyExchangeAlgorithm[] p_keyExchangeAlgorithms = System.Array.Empty <KeyExchangeAlgorithm>(); KeyDerivationAlgorithm[] p_keyDerivationAlgorithms = System.Array.Empty <KeyDerivationAlgorithm>(); CryptoAlgorithm[] p_cryptoAlgorithms = System.Array.Empty <CryptoAlgorithm>(); HashAlgorithm[] p_hashAlgorithms = System.Array.Empty <HashAlgorithm>(); for (; propertyCount > 0; propertyCount--) { uint id = r.GetUInt32(); switch (id) { case 0: // SessionId { p_sessionId = r.GetMemory(32); break; } case 1: // AuthenticationType { p_authenticationType = (AuthenticationType)r.GetUInt64(); break; } case 2: // KeyExchangeAlgorithms { var length = r.GetUInt32(); p_keyExchangeAlgorithms = new KeyExchangeAlgorithm[length]; for (int i = 0; i < p_keyExchangeAlgorithms.Length; i++) { p_keyExchangeAlgorithms[i] = (KeyExchangeAlgorithm)r.GetUInt64(); } break; } case 3: // KeyDerivationAlgorithms { var length = r.GetUInt32(); p_keyDerivationAlgorithms = new KeyDerivationAlgorithm[length]; for (int i = 0; i < p_keyDerivationAlgorithms.Length; i++) { p_keyDerivationAlgorithms[i] = (KeyDerivationAlgorithm)r.GetUInt64(); } break; } case 4: // CryptoAlgorithms { var length = r.GetUInt32(); p_cryptoAlgorithms = new CryptoAlgorithm[length]; for (int i = 0; i < p_cryptoAlgorithms.Length; i++) { p_cryptoAlgorithms[i] = (CryptoAlgorithm)r.GetUInt64(); } break; } case 5: // HashAlgorithms { var length = r.GetUInt32(); p_hashAlgorithms = new HashAlgorithm[length]; for (int i = 0; i < p_hashAlgorithms.Length; i++) { p_hashAlgorithms[i] = (HashAlgorithm)r.GetUInt64(); } break; } } } return(new ProfileMessage(p_sessionId, p_authenticationType, p_keyExchangeAlgorithms, p_keyDerivationAlgorithms, p_cryptoAlgorithms, p_hashAlgorithms)); }
public EncryptedSocketListener(SocketListener baseListener, KeyExchangeAlgorithm keyExchangeAlgorithm) { this.baseListener = baseListener; this.keyExchangeAlgorithm = keyExchangeAlgorithm; }
protected virtual TlsKeyExchange CreateECDheKeyExchange(KeyExchangeAlgorithm keyExchange) { return(new TlsECDheKeyExchange(context, keyExchange)); }
public void SetCipherSuite(CipherSuite suite, AsymmetricAlgorithm signAlgo) { CipherSuiteInfo info = SupportedCipherSuites.GetSuiteInfo (suite); if (info == null) throw new NotSupportedException (); _bulk_cipher = info.BulkCipherAlgorithm; _cipherType = info.CipherType; _enc_key_length = info.EncKeyLength; _block_length = info.BlockLength; _fixed_iv_length = info.FixedIVLength; _record_iv_length = info.RecordIVLength; _mac = info.MACAlgorithm; _mac_length = info.MACLength; _mac_key_length = info.MACKeyLength; _keyExchange = info.KeyExchangeAlgorithm; // TODO: TLS1.2spec ? switch (_prfType) { case PRFAlgorithm.MD5_AND_SHA1: _prf = new MD5_AND_SHA1 (); break; case PRFAlgorithm.SSL3: _prf = new SSL3_PRF (this); break; default: throw new NotSupportedException (); } switch (_keyExchange) { case KeyExchangeAlgorithm.ECDHE_ECDSA: _keyExchanger = new ECDHE_ECDSA ((openCrypto.EllipticCurve.Signature.ECDSA)signAlgo); break; case KeyExchangeAlgorithm.DHE_DSS: _keyExchanger = new DHE_DSS ((DSACryptoServiceProvider)signAlgo); break; case KeyExchangeAlgorithm.RSA: _keyExchanger = new KeyExchange.RSA ((RSACryptoServiceProvider)signAlgo); break; default: throw new NotImplementedException (); } }
internal TlsECDheKeyExchange(TlsClientContext context, KeyExchangeAlgorithm keyExchange) : base(context, keyExchange) { }
protected virtual TlsKeyExchange CreateSrpKeyExchange(KeyExchangeAlgorithm keyExchange) { return new TlsSrpKeyExchange(context, keyExchange, identity, password); }
protected virtual TlsKeyExchange CreateSrpKeyExchange(KeyExchangeAlgorithm keyExchange) { return(new TlsSrpKeyExchange(context, keyExchange, identity, password)); }
protected virtual TlsKeyExchange CreateECDheKeyExchange(KeyExchangeAlgorithm keyExchange) { return new TlsECDheKeyExchange(context, keyExchange); }