예제 #1
0
        public override void ProcessServerCertificate(Certificate serverCertificate)
        {
            if (mTlsSigner == null)
            {
                throw new TlsFatalAlert(AlertDescription.unexpected_message);
            }
            if (serverCertificate.IsEmpty)
            {
                throw new TlsFatalAlert(AlertDescription.bad_certificate);
            }

            X509CertificateStructure x509Cert = serverCertificate.GetCertificateAt(0);

            SubjectPublicKeyInfo keyInfo = x509Cert.SubjectPublicKeyInfo;

            try
            {
                this.mServerPublicKey = PublicKeyFactory.CreateKey(keyInfo);
            }
            catch (Exception e)
            {
                throw new TlsFatalAlert(AlertDescription.unsupported_certificate, e);
            }

            if (!mTlsSigner.IsValidPublicKey(this.mServerPublicKey))
            {
                throw new TlsFatalAlert(AlertDescription.certificate_unknown);
            }

            TlsUtilities.ValidateKeyUsage(x509Cert, KeyUsage.DigitalSignature);

            base.ProcessServerCertificate(serverCertificate);
        }
예제 #2
0
        public override void ProcessServerCertificate(Certificate serverCertificate)
        {
            if (serverCertificate.IsEmpty)
            {
                throw new TlsFatalAlert(AlertDescription.bad_certificate);
            }

            X509CertificateStructure x509Cert = serverCertificate.GetCertificateAt(0);

            SubjectPublicKeyInfo keyInfo = x509Cert.SubjectPublicKeyInfo;

            try
            {
                this.mServerPublicKey = PublicKeyFactory.CreateKey(keyInfo);
            }
            catch (Exception e)
            {
                throw new TlsFatalAlert(AlertDescription.unsupported_certificate, e);
            }

            // Sanity check the PublicKeyFactory
            if (this.mServerPublicKey.IsPrivate)
            {
                throw new TlsFatalAlert(AlertDescription.internal_error);
            }

            this.mRsaServerPublicKey = ValidateRsaPublicKey((RsaKeyParameters)this.mServerPublicKey);

            TlsUtilities.ValidateKeyUsage(x509Cert, KeyUsage.KeyEncipherment);

            base.ProcessServerCertificate(serverCertificate);
        }
    public override void ProcessServerCertificate(Certificate serverCertificate)
    {
        if (mKeyExchange != 15)
        {
            throw new TlsFatalAlert(10);
        }
        if (serverCertificate.IsEmpty)
        {
            throw new TlsFatalAlert(42);
        }
        X509CertificateStructure certificateAt        = serverCertificate.GetCertificateAt(0);
        SubjectPublicKeyInfo     subjectPublicKeyInfo = certificateAt.SubjectPublicKeyInfo;

        try
        {
            mServerPublicKey = PublicKeyFactory.CreateKey(subjectPublicKeyInfo);
        }
        catch (Exception alertCause)
        {
            throw new TlsFatalAlert(43, alertCause);
        }
        if (mServerPublicKey.IsPrivate)
        {
            throw new TlsFatalAlert(80);
        }
        mRsaServerPublicKey = ValidateRsaPublicKey((RsaKeyParameters)mServerPublicKey);
        TlsUtilities.ValidateKeyUsage(certificateAt, 32);
        base.ProcessServerCertificate(serverCertificate);
    }
    public override void ProcessServerCertificate(Certificate serverCertificate)
    {
        if (mTlsSigner == null)
        {
            throw new TlsFatalAlert(10);
        }
        if (serverCertificate.IsEmpty)
        {
            throw new TlsFatalAlert(42);
        }
        X509CertificateStructure certificateAt        = serverCertificate.GetCertificateAt(0);
        SubjectPublicKeyInfo     subjectPublicKeyInfo = certificateAt.SubjectPublicKeyInfo;

        try
        {
            mServerPublicKey = PublicKeyFactory.CreateKey(subjectPublicKeyInfo);
        }
        catch (Exception alertCause)
        {
            throw new TlsFatalAlert(43, alertCause);
        }
        if (!mTlsSigner.IsValidPublicKey(mServerPublicKey))
        {
            throw new TlsFatalAlert(46);
        }
        TlsUtilities.ValidateKeyUsage(certificateAt, 128);
        base.ProcessServerCertificate(serverCertificate);
    }
예제 #5
0
        public override void ProcessServerCertificate(Certificate serverCertificate)
        {
            if (mKeyExchange == KeyExchangeAlgorithm.DH_anon)
            {
                throw new TlsFatalAlert(AlertDescription.unexpected_message);
            }
            if (serverCertificate.IsEmpty)
            {
                throw new TlsFatalAlert(AlertDescription.bad_certificate);
            }

            X509CertificateStructure x509Cert = serverCertificate.GetCertificateAt(0);

            SubjectPublicKeyInfo keyInfo = x509Cert.SubjectPublicKeyInfo;

            try
            {
                this.mServerPublicKey = PublicKeyFactory.CreateKey(keyInfo);
            }
            catch (Exception e)
            {
                throw new TlsFatalAlert(AlertDescription.unsupported_certificate, e);
            }

            if (mTlsSigner == null)
            {
                try
                {
                    this.mDHAgreePublicKey = (DHPublicKeyParameters)this.mServerPublicKey;
                    this.mDHParameters     = mDHAgreePublicKey.Parameters;
                }
                catch (InvalidCastException e)
                {
                    throw new TlsFatalAlert(AlertDescription.certificate_unknown, e);
                }

                TlsUtilities.ValidateKeyUsage(x509Cert, KeyUsage.KeyAgreement);
            }
            else
            {
                if (!mTlsSigner.IsValidPublicKey(this.mServerPublicKey))
                {
                    throw new TlsFatalAlert(AlertDescription.certificate_unknown);
                }

                TlsUtilities.ValidateKeyUsage(x509Cert, KeyUsage.DigitalSignature);
            }

            base.ProcessServerCertificate(serverCertificate);
        }
예제 #6
0
    public override void ProcessServerCertificate(Certificate serverCertificate)
    {
        if (serverCertificate.IsEmpty)
        {
            throw new TlsFatalAlert(42);
        }
        X509CertificateStructure certificateAt        = serverCertificate.GetCertificateAt(0);
        SubjectPublicKeyInfo     subjectPublicKeyInfo = certificateAt.SubjectPublicKeyInfo;

        try
        {
            mServerPublicKey = PublicKeyFactory.CreateKey(subjectPublicKeyInfo);
        }
        catch (Exception alertCause)
        {
            throw new TlsFatalAlert(43, alertCause);
        }
        if (mTlsSigner == null)
        {
            try
            {
                mDHAgreePublicKey = TlsDHUtilities.ValidateDHPublicKey((DHPublicKeyParameters)mServerPublicKey);
                mDHParameters     = ValidateDHParameters(mDHAgreePublicKey.Parameters);
            }
            catch (InvalidCastException alertCause2)
            {
                throw new TlsFatalAlert(46, alertCause2);
            }
            TlsUtilities.ValidateKeyUsage(certificateAt, 8);
        }
        else
        {
            if (!mTlsSigner.IsValidPublicKey(mServerPublicKey))
            {
                throw new TlsFatalAlert(46);
            }
            TlsUtilities.ValidateKeyUsage(certificateAt, 128);
        }
        base.ProcessServerCertificate(serverCertificate);
    }