public override void GenerateClientKeyExchange(Stream output)
{
BigInteger x = mSrpClient.GenerateClientCredentials(mSrpSalt, mIdentity, mPassword);
TlsSrpUtilities.WriteSrpParameter(x, output);
mContext.SecurityParameters.srpIdentity = Arrays.Clone(mIdentity);
}
/**
* Encode this {@link ServerSRPParams} to an {@link OutputStream}.
*
* @param output
* the {@link OutputStream} to encode to.
* @throws IOException
*/
public virtual void Encode(Stream output)
{
TlsSrpUtilities.WriteSrpParameter(m_N, output);
TlsSrpUtilities.WriteSrpParameter(m_g, output);
TlsUtilities.WriteOpaque8(m_s, output);
TlsSrpUtilities.WriteSrpParameter(m_B, output);
}
public override IDictionary GetClientExtensions()
{
IDictionary clientExtensions = TlsExtensionsUtilities.EnsureExtensionsInitialised(base.GetClientExtensions());
TlsSrpUtilities.AddSrpExtension(clientExtensions, this.mIdentity);
return(clientExtensions);
}
public static byte[] GetSrpExtension(IDictionary extensions)
{
byte[] extensionData = TlsUtilities.GetExtensionData(extensions, 12);
if (extensionData != null)
{
return(TlsSrpUtilities.ReadSrpExtension(extensionData));
}
return(null);
}
/**
* Parse a {@link ServerSRPParams} from an {@link InputStream}.
*
* @param input
* the {@link InputStream} to parse from.
* @return a {@link ServerSRPParams} object.
* @throws IOException
*/
public static ServerSrpParams Parse(Stream input)
{
BigInteger N = TlsSrpUtilities.ReadSrpParameter(input);
BigInteger g = TlsSrpUtilities.ReadSrpParameter(input);
byte[] s = TlsUtilities.ReadOpaque8(input);
BigInteger B = TlsSrpUtilities.ReadSrpParameter(input);
return(new ServerSrpParams(N, g, s, B));
}
public override void ProcessClientKeyExchange(Stream input)
{
try
{
mSrpPeerCredentials = Srp6Utilities.ValidatePublicValue(mSrpGroup.N, TlsSrpUtilities.ReadSrpParameter(input));
}
catch (CryptoException alertCause)
{
throw new TlsFatalAlert(47, alertCause);
}
mContext.SecurityParameters.srpIdentity = Arrays.Clone(mIdentity);
}
public override int GetSelectedCipherSuite()
{
int selectedCipherSuite = base.GetSelectedCipherSuite();
if (TlsSrpUtilities.IsSrpCipherSuite(selectedCipherSuite))
{
if (mSrpIdentity != null)
{
mLoginParameters = mSrpIdentityManager.GetLoginParameters(mSrpIdentity);
}
if (mLoginParameters == null)
{
throw new TlsFatalAlert(115);
}
}
return(selectedCipherSuite);
}
public override int GetSelectedCipherSuite()
{
int cipherSuite = base.GetSelectedCipherSuite();
if (TlsSrpUtilities.IsSrpCipherSuite(cipherSuite))
{
if (mSrpIdentity != null)
{
this.mLoginParameters = mSrpIdentityManager.GetLoginParameters(mSrpIdentity);
}
if (mLoginParameters == null)
{
throw new TlsFatalAlert(AlertDescription.unknown_psk_identity);
}
}
return(cipherSuite);
}
public override void ProcessClientExtensions(IDictionary clientExtensions)
{
base.ProcessClientExtensions(clientExtensions);
mSrpIdentity = TlsSrpUtilities.GetSrpExtension(clientExtensions);
}
public override void ProcessClientKeyExchange(Stream input)
{
/*
* RFC 5054 2.5.4: The server MUST abort the handshake with an "illegal_parameter" alert if
* A % N = 0.
*/
try
{
this.mSrpPeerCredentials = Srp6Utilities.ValidatePublicValue(mSrpGroup.N, TlsSrpUtilities.ReadSrpParameter(input));
}
catch (CryptoException e)
{
throw new TlsFatalAlert(AlertDescription.illegal_parameter, e);
}
mContext.SecurityParameters.srpIdentity = Arrays.Clone(mIdentity);
}
public static void AddSrpExtension(IDictionary extensions, byte[] identity)
{
extensions[12] = TlsSrpUtilities.CreateSrpExtension(identity);
}
