public TlsStreamCipher(TlsClientContext context, IStreamCipher encryptCipher, IStreamCipher decryptCipher, IDigest writeDigest, IDigest readDigest, int cipherKeySize) { this.context = context; this.encryptCipher = encryptCipher; this.decryptCipher = decryptCipher; int prfSize = (2 * cipherKeySize) + writeDigest.GetDigestSize() + readDigest.GetDigestSize(); SecurityParameters securityParameters = context.SecurityParameters; byte[] keyBlock = TlsUtilities.PRF(securityParameters.masterSecret, "key expansion", TlsUtilities.Concat(securityParameters.serverRandom, securityParameters.clientRandom), prfSize); int offset = 0; // Init MACs writeMac = CreateTlsMac(writeDigest, keyBlock, ref offset); readMac = CreateTlsMac(readDigest, keyBlock, ref offset); // Build keys KeyParameter encryptKey = CreateKeyParameter(keyBlock, ref offset, cipherKeySize); KeyParameter decryptKey = CreateKeyParameter(keyBlock, ref offset, cipherKeySize); if (offset != prfSize) throw new TlsFatalAlert(AlertDescription.internal_error); // Init Ciphers encryptCipher.Init(true, encryptKey); decryptCipher.Init(false, decryptKey); }
public TlsStreamCipher(TlsClientContext context, IStreamCipher encryptCipher, IStreamCipher decryptCipher, IDigest writeDigest, IDigest readDigest, int cipherKeySize) { this.context = context; this.encryptCipher = encryptCipher; this.decryptCipher = decryptCipher; int prfSize = (2 * cipherKeySize) + writeDigest.GetDigestSize() + readDigest.GetDigestSize(); SecurityParameters securityParameters = context.SecurityParameters; byte[] keyBlock = TlsUtilities.PRF(securityParameters.masterSecret, "key expansion", TlsUtilities.Concat(securityParameters.serverRandom, securityParameters.clientRandom), prfSize); int offset = 0; // Init MACs writeMac = CreateTlsMac(writeDigest, keyBlock, ref offset); readMac = CreateTlsMac(readDigest, keyBlock, ref offset); // Build keys KeyParameter encryptKey = CreateKeyParameter(keyBlock, ref offset, cipherKeySize); KeyParameter decryptKey = CreateKeyParameter(keyBlock, ref offset, cipherKeySize); if (offset != prfSize) { throw new TlsFatalAlert(AlertDescription.internal_error); } // Init Ciphers encryptCipher.Init(true, encryptKey); decryptCipher.Init(false, decryptKey); }
internal TlsSrpKeyExchange(TlsClientContext context, KeyExchangeAlgorithm keyExchange, byte[] identity, byte[] password) { switch (keyExchange) { case KeyExchangeAlgorithm.SRP: this.tlsSigner = null; break; case KeyExchangeAlgorithm.SRP_RSA: this.tlsSigner = new TlsRsaSigner(); break; case KeyExchangeAlgorithm.SRP_DSS: this.tlsSigner = new TlsDssSigner(); break; default: throw new ArgumentException("unsupported key exchange algorithm", "keyExchange"); } this.context = context; this.keyExchange = keyExchange; this.identity = identity; this.password = password; }
public virtual TlsCipher CreateCipher(TlsClientContext context, EncryptionAlgorithm encryptionAlgorithm, DigestAlgorithm digestAlgorithm) { switch (encryptionAlgorithm) { case EncryptionAlgorithm.cls_3DES_EDE_CBC: return CreateDesEdeCipher(context, 24, digestAlgorithm); case EncryptionAlgorithm.AES_128_CBC: return CreateAesCipher(context, 16, digestAlgorithm); case EncryptionAlgorithm.AES_256_CBC: return CreateAesCipher(context, 32, digestAlgorithm); default: throw new TlsFatalAlert(AlertDescription.internal_error); } }
internal TlsPskKeyExchange(TlsClientContext context, KeyExchangeAlgorithm keyExchange, TlsPskIdentity pskIdentity) { switch (keyExchange) { case KeyExchangeAlgorithm.PSK: case KeyExchangeAlgorithm.RSA_PSK: case KeyExchangeAlgorithm.DHE_PSK: break; default: throw new ArgumentException("unsupported key exchange algorithm", "keyExchange"); } this.context = context; this.keyExchange = keyExchange; this.pskIdentity = pskIdentity; }
public TlsBlockCipher(TlsClientContext context, IBlockCipher encryptCipher, IBlockCipher decryptCipher, IDigest writeDigest, IDigest readDigest, int cipherKeySize) { this.context = context; this.randomData = new byte[256]; context.SecureRandom.NextBytes(randomData); this.encryptCipher = encryptCipher; this.decryptCipher = decryptCipher; int prfSize = (2 * cipherKeySize) + writeDigest.GetDigestSize() + readDigest.GetDigestSize() + encryptCipher.GetBlockSize() + decryptCipher.GetBlockSize(); SecurityParameters securityParameters = context.SecurityParameters; byte[] keyBlock = TlsUtilities.PRF(securityParameters.masterSecret, "key expansion", TlsUtilities.Concat(securityParameters.serverRandom, securityParameters.clientRandom), prfSize); int offset = 0; // Init MACs wMac = CreateTlsMac(writeDigest, keyBlock, ref offset); rMac = CreateTlsMac(readDigest, keyBlock, ref offset); // Build keys KeyParameter encryptKey = CreateKeyParameter(keyBlock, ref offset, cipherKeySize); KeyParameter decryptKey = CreateKeyParameter(keyBlock, ref offset, cipherKeySize); // Add IVs ParametersWithIV encryptParams = CreateParametersWithIV(encryptKey, keyBlock, ref offset, encryptCipher.GetBlockSize()); ParametersWithIV decryptParams = CreateParametersWithIV(decryptKey, keyBlock, ref offset, decryptCipher.GetBlockSize()); if (offset != prfSize) { throw new TlsFatalAlert(AlertDescription.internal_error); } // Init Ciphers encryptCipher.Init(true, encryptParams); decryptCipher.Init(false, decryptParams); }
public virtual TlsCipher CreateCipher(TlsClientContext context, EncryptionAlgorithm encryptionAlgorithm, DigestAlgorithm digestAlgorithm) { switch (encryptionAlgorithm) { case EncryptionAlgorithm.cls_3DES_EDE_CBC: return(CreateDesEdeCipher(context, 24, digestAlgorithm)); case EncryptionAlgorithm.AES_128_CBC: return(CreateAesCipher(context, 16, digestAlgorithm)); case EncryptionAlgorithm.AES_256_CBC: return(CreateAesCipher(context, 32, digestAlgorithm)); default: throw new TlsFatalAlert(AlertDescription.internal_error); } }
public TlsBlockCipher(TlsClientContext context, IBlockCipher encryptCipher, IBlockCipher decryptCipher, IDigest writeDigest, IDigest readDigest, int cipherKeySize) { this.context = context; this.randomData = new byte[256]; context.SecureRandom.NextBytes(randomData); this.encryptCipher = encryptCipher; this.decryptCipher = decryptCipher; int prfSize = (2 * cipherKeySize) + writeDigest.GetDigestSize() + readDigest.GetDigestSize() + encryptCipher.GetBlockSize() + decryptCipher.GetBlockSize(); SecurityParameters securityParameters = context.SecurityParameters; byte[] keyBlock = TlsUtilities.PRF(securityParameters.masterSecret, "key expansion", TlsUtilities.Concat(securityParameters.serverRandom, securityParameters.clientRandom), prfSize); int offset = 0; // Init MACs wMac = CreateTlsMac(writeDigest, keyBlock, ref offset); rMac = CreateTlsMac(readDigest, keyBlock, ref offset); // Build keys KeyParameter encryptKey = CreateKeyParameter(keyBlock, ref offset, cipherKeySize); KeyParameter decryptKey = CreateKeyParameter(keyBlock, ref offset, cipherKeySize); // Add IVs ParametersWithIV encryptParams = CreateParametersWithIV(encryptKey, keyBlock, ref offset, encryptCipher.GetBlockSize()); ParametersWithIV decryptParams = CreateParametersWithIV(decryptKey, keyBlock, ref offset, decryptCipher.GetBlockSize()); if (offset != prfSize) throw new TlsFatalAlert(AlertDescription.internal_error); // Init Ciphers encryptCipher.Init(true, encryptParams); decryptCipher.Init(false, decryptParams); }
public DefaultTlsSignerCredentials(TlsClientContext context, Certificate clientCertificate, AsymmetricKeyParameter clientPrivateKey) { if (clientCertificate == null) { throw new ArgumentNullException("clientCertificate"); } if (clientCertificate.Length == 0) { throw new ArgumentException("cannot be empty", "clientCertificate"); } if (clientPrivateKey == null) { throw new ArgumentNullException("clientPrivateKey"); } if (!clientPrivateKey.IsPrivate) { throw new ArgumentException("must be private", "clientPrivateKey"); } if (clientPrivateKey is RsaKeyParameters) { clientSigner = new TlsRsaSigner(); } else if (clientPrivateKey is DsaPrivateKeyParameters) { clientSigner = new TlsDssSigner(); } else if (clientPrivateKey is ECPrivateKeyParameters) { clientSigner = new TlsECDsaSigner(); } else { throw new ArgumentException("type not supported: " + clientPrivateKey.GetType().FullName, "clientPrivateKey"); } this.context = context; this.clientCert = clientCertificate; this.clientPrivateKey = clientPrivateKey; }
internal TlsDHKeyExchange(TlsClientContext context, KeyExchangeAlgorithm keyExchange) { switch (keyExchange) { case KeyExchangeAlgorithm.DH_RSA: case KeyExchangeAlgorithm.DH_DSS: this.tlsSigner = null; break; case KeyExchangeAlgorithm.DHE_RSA: this.tlsSigner = new TlsRsaSigner(); break; case KeyExchangeAlgorithm.DHE_DSS: this.tlsSigner = new TlsDssSigner(); break; default: throw new ArgumentException("unsupported key exchange algorithm", "keyExchange"); } this.context = context; this.keyExchange = keyExchange; }
internal TlsECDHKeyExchange(TlsClientContext context, KeyExchangeAlgorithm keyExchange) { switch (keyExchange) { case KeyExchangeAlgorithm.ECDHE_RSA: this.tlsSigner = new TlsRsaSigner(); break; case KeyExchangeAlgorithm.ECDHE_ECDSA: this.tlsSigner = new TlsECDsaSigner(); break; case KeyExchangeAlgorithm.ECDH_RSA: case KeyExchangeAlgorithm.ECDH_ECDSA: this.tlsSigner = null; break; default: throw new ArgumentException("unsupported key exchange algorithm", "keyExchange"); } this.context = context; this.keyExchange = keyExchange; }
/// <exception cref="IOException"></exception> protected virtual TlsCipher CreateRC4Cipher(TlsClientContext context, int cipherKeySize, DigestAlgorithm digestAlgorithm) { return(new TlsStreamCipher(context, CreateRC4StreamCipher(), CreateRC4StreamCipher(), CreateDigest(digestAlgorithm), CreateDigest(digestAlgorithm), cipherKeySize)); }
internal TlsECDheKeyExchange(TlsClientContext context, int keyExchange) : base(context, keyExchange) { }
public void InitClient(TlsClientContext context) { base.Init(context); this.certificateData = new CertificateData(keystore, keystorePassword, context, true, null); }
/// <exception cref="IOException"></exception> protected virtual TlsCipher CreateDesEdeCipher(TlsClientContext context, int cipherKeySize, DigestAlgorithm digestAlgorithm) { return(new TlsBlockCipher(context, CreateDesEdeBlockCipher(), CreateDesEdeBlockCipher(), CreateDigest(digestAlgorithm), CreateDigest(digestAlgorithm), cipherKeySize)); }
internal TlsRsaKeyExchange(TlsClientContext context) { this.context = context; }
internal TlsDheKeyExchange(TlsClientContext context, KeyExchangeAlgorithm keyExchange) : base(context, keyExchange) { }
public virtual void Init(TlsClientContext context) { this.context = context; }
/// <exception cref="IOException"></exception> protected virtual TlsCipher CreateRC4Cipher(TlsClientContext context, int cipherKeySize, DigestAlgorithm digestAlgorithm) { return new TlsStreamCipher(context, CreateRC4StreamCipher(), CreateRC4StreamCipher(), CreateDigest(digestAlgorithm), CreateDigest(digestAlgorithm), cipherKeySize); }
/// <exception cref="IOException"></exception> protected virtual TlsCipher CreateDesEdeCipher(TlsClientContext context, int cipherKeySize, DigestAlgorithm digestAlgorithm) { return new TlsBlockCipher(context, CreateDesEdeBlockCipher(), CreateDesEdeBlockCipher(), CreateDigest(digestAlgorithm), CreateDigest(digestAlgorithm), cipherKeySize); }
public virtual void Init(TlsClientContext context) { this.mContext = context; }