Exemplo n.º 1
0
        public bool IsSupported(CipherSuite suite)
        {
            if (!_registry.IsSupported(suite))
            {
                return(false);
            }

            if (!_cipherAlgorithmRegistry.IsSupported(_registry.MapCipherAlgorithm(suite)))
            {
                return(false);
            }
            if (!_cipherParameterFactoryProvider.IsSupported(_registry.MapCipherAlgorithm(suite)))
            {
                return(false);
            }
            if (!_hashAlgorithmRegistry.IsSupported(_registry.MapHashAlgorithm(suite)))
            {
                return(false);
            }
            if (!_prfHashRegistry.IsSupported(_registry.MapHashAlgorithm(suite)))
            {
                return(false);
            }
            if (!_signatureAlgorithmsRegistry.IsSupported(_registry.MapSignatureAlgorithm(suite)))
            {
                return(false);
            }
            if (!_signatureCipherParameterFactoryProvider.IsSupported(_registry.MapSignatureAlgorithm(suite)))
            {
                return(false);
            }
            if (!_keyExchangeProvider.IsSupported(_registry.MapKeyExchange(suite)))
            {
                return(false);
            }

            return(true);
        }
Exemplo n.º 2
0
        public virtual bool IsCompatible(CipherSuite cipherSuite, X509Certificate certificate)
        {
            var signatureAlgorithm = CipherSuitesRegistry.MapSignatureAlgorithm(cipherSuite);
            var requiresECKey      = Equals(CipherSuitesRegistry.MapKeyExchange(cipherSuite), ECIdentifiers.ECDH);

            if (signatureAlgorithm.Equals(ECIdentifiers.ECDSA))
            {
                if (certificate.SignatureAlgorithm.Algorithm != ECIdentifiers.ECDSAWithSHA256)
                {
                    return(false);
                }

                if (!(certificate.SubjectPublicKey is ECPublicKey))
                {
                    return(false);
                }

                return(true);
            }

            if (signatureAlgorithm.Equals(RSAIdentifiers.RSASig))
            {
                if (!RSAKeyReader.IsRSAIdentifier(certificate.SignatureAlgorithm.Algorithm))
                {
                    return(false);
                }

                if (requiresECKey && !(certificate.SubjectPublicKey is ECPublicKey))
                {
                    return(false);
                }

                if (!requiresECKey && !(certificate.SubjectPublicKey is RSAPublicKey))
                {
                    return(false);
                }

                return(true);
            }

            return(false);
        }
Exemplo n.º 3
0
        public IEnumerable <HelloExtension> GenerateHelloExtensions()
        {
            if (_endConfig.End == ConnectionEnd.Server)
            {
                yield break;
            }

            var suites = _cipherSuiteProvider
                         .GetAllSupportedSuites(_cipherSuitesRegistry);

            _config.SupportedAlgorithms = suites
                                          .Select(x => (_cipherSuitesRegistry.MapHashAlgorithm(x), _cipherSuitesRegistry.MapSignatureAlgorithm(x)))
                                          .Distinct()
                                          .ToArray();

            using (var ms = new MemoryStream())
            {
                var writer = new EndianBinaryWriter(EndianBitConverter.Big, ms);

                writer.Write((ushort)(_config.SupportedAlgorithms.Count * 2));
                foreach (var(hash, sig) in _config.SupportedAlgorithms)
                {
                    writer.Write(hash.Id);
                    writer.Write(sig.Id);
                }

                yield return(new HelloExtension(ExtensionType.SignatureAlgorithms, ms.ToArray()));
            }
        }