| public static CreateHash ( Org.BouncyCastle.Crypto.Tls.SignatureAndHashAlgorithm signatureAndHashAlgorithm ) : IDigest | ||
| signatureAndHashAlgorithm | Org.BouncyCastle.Crypto.Tls.SignatureAndHashAlgorithm | |
| Результат | IDigest | |
public override byte[] GenerateServerKeyExchange()
{
DigestInputBuffer buf = new DigestInputBuffer();
this.mECAgreePrivateKey = TlsEccUtilities.GenerateEphemeralServerKeyExchange(mContext.SecureRandom, mNamedCurves,
mClientECPointFormats, buf);
/*
* RFC 5246 4.7. digitally-signed element needs SignatureAndHashAlgorithm from TLS 1.2
*/
SignatureAndHashAlgorithm signatureAndHashAlgorithm = TlsUtilities.GetSignatureAndHashAlgorithm(
mContext, mServerCredentials);
IDigest d = TlsUtilities.CreateHash(signatureAndHashAlgorithm);
SecurityParameters securityParameters = mContext.SecurityParameters;
d.BlockUpdate(securityParameters.clientRandom, 0, securityParameters.clientRandom.Length);
d.BlockUpdate(securityParameters.serverRandom, 0, securityParameters.serverRandom.Length);
buf.UpdateDigest(d);
byte[] hash = DigestUtilities.DoFinal(d);
byte[] signature = mServerCredentials.GenerateCertificateSignature(hash);
DigitallySigned signed_params = new DigitallySigned(signatureAndHashAlgorithm, signature);
signed_params.Encode(buf);
return(buf.ToArray());
}
protected virtual ISigner MakeSigner(SignatureAndHashAlgorithm algorithm, bool raw, bool forSigning, ICipherParameters cp)
{
if (algorithm != null != TlsUtilities.IsTlsV12(mContext))
{
throw new InvalidOperationException();
}
if (algorithm != null && algorithm.Signature != SignatureAlgorithm)
{
throw new InvalidOperationException();
}
byte hashAlgorithm = algorithm?.Hash ?? 2;
object digest2;
if (raw)
{
IDigest digest = new NullDigest();
digest2 = digest;
}
else
{
digest2 = TlsUtilities.CreateHash(hashAlgorithm);
}
IDigest digest3 = (IDigest)digest2;
ISigner signer = new DsaDigestSigner(CreateDsaImpl(hashAlgorithm), digest3);
signer.Init(forSigning, MakeInitParameters(forSigning, cp));
return(signer);
}
/// <exception cref="IOException"></exception>
protected virtual IDigest CreateHMacDigest(int macAlgorithm)
{
switch (macAlgorithm)
{
case MacAlgorithm.cls_null:
return(null);
case MacAlgorithm.hmac_md5:
return(TlsUtilities.CreateHash(HashAlgorithm.md5));
case MacAlgorithm.hmac_sha1:
return(TlsUtilities.CreateHash(HashAlgorithm.sha1));
case MacAlgorithm.hmac_sha256:
return(TlsUtilities.CreateHash(HashAlgorithm.sha256));
case MacAlgorithm.hmac_sha384:
return(TlsUtilities.CreateHash(HashAlgorithm.sha384));
case MacAlgorithm.hmac_sha512:
return(TlsUtilities.CreateHash(HashAlgorithm.sha512));
default:
throw new TlsFatalAlert(AlertDescription.internal_error);
}
}
protected virtual IDigest CreateHMacDigest(int macAlgorithm)
{
switch (macAlgorithm)
{
case 0:
return(null);
case 1:
return(TlsUtilities.CreateHash(1));
case 2:
return(TlsUtilities.CreateHash(2));
case 3:
return(TlsUtilities.CreateHash(4));
case 4:
return(TlsUtilities.CreateHash(5));
case 5:
return(TlsUtilities.CreateHash(6));
default:
throw new TlsFatalAlert(80);
}
}
protected virtual void CheckTrackingHash(byte hashAlgorithm)
{
if (!mHashes.Contains((object)hashAlgorithm))
{
IDigest digest = TlsUtilities.CreateHash(hashAlgorithm);
mHashes.set_Item((object)hashAlgorithm, (object)digest);
}
}
protected virtual void CheckTrackingHash(byte hashAlgorithm)
{
if (!this.mHashes.Contains(hashAlgorithm))
{
IDigest value = TlsUtilities.CreateHash(hashAlgorithm);
this.mHashes[hashAlgorithm] = value;
}
}
protected virtual void CheckTrackingHash(byte hashAlgorithm)
{
if (!mHashes.Contains(hashAlgorithm))
{
IDigest hash = TlsUtilities.CreateHash(hashAlgorithm);
mHashes[hashAlgorithm] = hash;
}
}
public static SimulatedTlsSrpIdentityManager GetRfc5054Default(Srp6GroupParameters group, byte[] seedKey)
{
Srp6VerifierGenerator srp6VerifierGenerator = new Srp6VerifierGenerator();
srp6VerifierGenerator.Init(group, TlsUtilities.CreateHash(2));
HMac hMac = new HMac(TlsUtilities.CreateHash(2));
hMac.Init(new KeyParameter(seedKey));
return(new SimulatedTlsSrpIdentityManager(group, srp6VerifierGenerator, hMac));
}
public override void ProcessServerKeyExchange(Stream input)
{
SecurityParameters securityParameters = context.SecurityParameters;
SignerInputBuffer buf = null;
Stream teeIn = input;
if (mTlsSigner != null)
{
buf = new SignerInputBuffer();
teeIn = new TeeInputStream(input, buf);
}
byte[] NBytes = TlsUtilities.ReadOpaque16(teeIn);
byte[] gBytes = TlsUtilities.ReadOpaque16(teeIn);
byte[] sBytes = TlsUtilities.ReadOpaque8(teeIn);
byte[] BBytes = TlsUtilities.ReadOpaque16(teeIn);
if (buf != null)
{
DigitallySigned signed_params = DigitallySigned.Parse(context, input);
ISigner signer = InitVerifyer(mTlsSigner, signed_params.Algorithm, securityParameters);
buf.UpdateSigner(signer);
if (!signer.VerifySignature(signed_params.Signature))
{
throw new TlsFatalAlert(AlertDescription.decrypt_error);
}
}
BigInteger N = new BigInteger(1, NBytes);
BigInteger g = new BigInteger(1, gBytes);
// TODO Validate group parameters (see RFC 5054)
// throw new TlsFatalAlert(AlertDescription.insufficient_security);
this.mS = sBytes;
/*
* RFC 5054 2.5.3: The client MUST abort the handshake with an "illegal_parameter" alert if
* B % N = 0.
*/
try
{
this.mB = Srp6Utilities.ValidatePublicValue(N, new BigInteger(1, BBytes));
}
catch (CryptoException e)
{
throw new TlsFatalAlert(AlertDescription.illegal_parameter, e);
}
this.mSrpClient.Init(N, g, TlsUtilities.CreateHash(HashAlgorithm.sha1), context.SecureRandom);
}
/**
* Create a {@link SimulatedTlsSRPIdentityManager} that implements the algorithm from RFC 5054 2.5.1.3
*
* @param group the {@link SRP6GroupParameters} defining the group that SRP is operating in
* @param seedKey the secret "seed key" referred to in RFC 5054 2.5.1.3
* @return an instance of {@link SimulatedTlsSRPIdentityManager}
*/
public static SimulatedTlsSrpIdentityManager GetRfc5054Default(Srp6GroupParameters group, byte[] seedKey)
{
Srp6VerifierGenerator verifierGenerator = new Srp6VerifierGenerator();
verifierGenerator.Init(group, TlsUtilities.CreateHash(HashAlgorithm.sha1));
HMac mac = new HMac(TlsUtilities.CreateHash(HashAlgorithm.sha1));
mac.Init(new KeyParameter(seedKey));
return(new SimulatedTlsSrpIdentityManager(group, verifierGenerator, mac));
}
public virtual IDigest ForkPrfHash()
{
this.CheckStopBuffering();
byte b = (byte)this.mPrfHashAlgorithm;
if (this.mBuf != null)
{
IDigest digest = TlsUtilities.CreateHash(b);
this.mBuf.UpdateDigest(digest);
return(digest);
}
return(TlsUtilities.CloneHash(b, (IDigest)this.mHashes[b]));
}
internal AbstractTlsContext(Org.BouncyCastle.Security.SecureRandom secureRandom, Org.BouncyCastle.Crypto.Tls.SecurityParameters securityParameters)
{
IDigest digest = TlsUtilities.CreateHash((byte)4);
byte[] buffer = new byte[digest.GetDigestSize()];
secureRandom.NextBytes(buffer);
this.mNonceRandom = new DigestRandomGenerator(digest);
this.mNonceRandom.AddSeedMaterial(NextCounterValue());
this.mNonceRandom.AddSeedMaterial(Times.NanoTime());
this.mNonceRandom.AddSeedMaterial(buffer);
this.mSecureRandom = secureRandom;
this.mSecurityParameters = securityParameters;
}
public virtual IDigest ForkPrfHash()
{
CheckStopBuffering();
byte b = (byte)mPrfHashAlgorithm;
if (mBuf != null)
{
IDigest digest = TlsUtilities.CreateHash(b);
mBuf.UpdateDigest(digest);
return(digest);
}
return(TlsUtilities.CloneHash(b, (IDigest)mHashes.get_Item((object)b)));
}
internal AbstractTlsContext(SecureRandom secureRandom, SecurityParameters securityParameters)
{
IDigest digest = TlsUtilities.CreateHash(4);
byte[] array = new byte[digest.GetDigestSize()];
secureRandom.NextBytes(array);
mNonceRandom = new DigestRandomGenerator(digest);
mNonceRandom.AddSeedMaterial(NextCounterValue());
mNonceRandom.AddSeedMaterial(Times.NanoTime());
mNonceRandom.AddSeedMaterial(array);
mSecureRandom = secureRandom;
mSecurityParameters = securityParameters;
}
public override void ProcessServerKeyExchange(Stream input)
{
SecurityParameters securityParameters = mContext.SecurityParameters;
SignerInputBuffer buf = null;
Stream teeIn = input;
if (mTlsSigner != null)
{
buf = new SignerInputBuffer();
teeIn = new TeeInputStream(input, buf);
}
ServerSrpParams srpParams = ServerSrpParams.Parse(teeIn);
if (buf != null)
{
DigitallySigned signed_params = DigitallySigned.Parse(mContext, input);
ISigner signer = InitVerifyer(mTlsSigner, signed_params.Algorithm, securityParameters);
buf.UpdateSigner(signer);
if (!signer.VerifySignature(signed_params.Signature))
{
throw new TlsFatalAlert(AlertDescription.decrypt_error);
}
}
this.mSrpGroup = new Srp6GroupParameters(srpParams.N, srpParams.G);
if (!mGroupVerifier.Accept(mSrpGroup))
{
throw new TlsFatalAlert(AlertDescription.insufficient_security);
}
this.mSrpSalt = srpParams.S;
/*
* RFC 5054 2.5.3: The client MUST abort the handshake with an "illegal_parameter" alert if
* B % N = 0.
*/
try
{
this.mSrpPeerCredentials = Srp6Utilities.ValidatePublicValue(mSrpGroup.N, srpParams.B);
}
catch (CryptoException e)
{
throw new TlsFatalAlert(AlertDescription.illegal_parameter, e);
}
this.mSrpClient.Init(mSrpGroup, TlsUtilities.CreateHash(HashAlgorithm.sha1), mContext.SecureRandom);
}
public override byte[] GenerateServerKeyExchange()
{
if (this.mDHParameters == null)
{
throw new TlsFatalAlert(AlertDescription.internal_error);
}
DigestInputBuffer buf = new DigestInputBuffer();
this.mDHAgreeServerPrivateKey = TlsDHUtilities.GenerateEphemeralServerKeyExchange(context.SecureRandom,
this.mDHParameters, buf);
/*
* RFC 5246 4.7. digitally-signed element needs SignatureAndHashAlgorithm from TLS 1.2
*/
SignatureAndHashAlgorithm signatureAndHashAlgorithm;
IDigest d;
if (TlsUtilities.IsTlsV12(context))
{
signatureAndHashAlgorithm = mServerCredentials.SignatureAndHashAlgorithm;
if (signatureAndHashAlgorithm == null)
{
throw new TlsFatalAlert(AlertDescription.internal_error);
}
d = TlsUtilities.CreateHash(signatureAndHashAlgorithm.Hash);
}
else
{
signatureAndHashAlgorithm = null;
d = new CombinedHash();
}
SecurityParameters securityParameters = context.SecurityParameters;
d.BlockUpdate(securityParameters.clientRandom, 0, securityParameters.clientRandom.Length);
d.BlockUpdate(securityParameters.serverRandom, 0, securityParameters.serverRandom.Length);
buf.UpdateDigest(d);
byte[] hash = DigestUtilities.DoFinal(d);
byte[] signature = mServerCredentials.GenerateCertificateSignature(hash);
DigitallySigned signed_params = new DigitallySigned(signatureAndHashAlgorithm, signature);
signed_params.Encode(buf);
return(buf.ToArray());
}
public virtual IDigest ForkPrfHash()
{
CheckStopBuffering();
byte prfHashAlgorithm = (byte)mPrfHashAlgorithm;
if (mBuf != null)
{
IDigest prfHash = TlsUtilities.CreateHash(prfHashAlgorithm);
mBuf.UpdateDigest(prfHash);
return(prfHash);
}
return(TlsUtilities.CloneHash(prfHashAlgorithm, (IDigest)mHashes[prfHashAlgorithm]));
}
internal AbstractTlsContext(SecureRandom secureRandom, SecurityParameters securityParameters)
{
IDigest d = TlsUtilities.CreateHash(HashAlgorithm.sha256);
byte[] seed = new byte[d.GetDigestSize()];
secureRandom.NextBytes(seed);
this.mNonceRandom = new DigestRandomGenerator(d);
mNonceRandom.AddSeedMaterial(NextCounterValue());
mNonceRandom.AddSeedMaterial(Times.NanoTime());
mNonceRandom.AddSeedMaterial(seed);
this.mSecureRandom = secureRandom;
this.mSecurityParameters = securityParameters;
}
protected virtual ISigner MakeSigner(SignatureAndHashAlgorithm algorithm, bool raw, bool forSigning,
ICipherParameters cp)
{
if ((algorithm != null) != TlsUtilities.IsTlsV12(mContext))
{
throw new InvalidOperationException();
}
if (algorithm != null && algorithm.Signature != SignatureAlgorithm.rsa)
{
throw new InvalidOperationException();
}
IDigest d;
if (raw)
{
d = new NullDigest();
}
else if (algorithm == null)
{
d = new CombinedHash();
}
else
{
d = TlsUtilities.CreateHash(algorithm.Hash);
}
ISigner s;
if (algorithm != null)
{
/*
* RFC 5246 4.7. In RSA signing, the opaque vector contains the signature generated
* using the RSASSA-PKCS1-v1_5 signature scheme defined in [PKCS1].
*/
s = new RsaDigestSigner(d, TlsUtilities.GetOidForHashAlgorithm(algorithm.Hash));
}
else
{
/*
* RFC 5246 4.7. Note that earlier versions of TLS used a different RSA signature scheme
* that did not include a DigestInfo encoding.
*/
s = new GenericSigner(CreateRsaImpl(), d);
}
s.Init(forSigning, cp);
return(s);
}
protected virtual ISigner MakeSigner(SignatureAndHashAlgorithm algorithm, bool raw, bool forSigning, ICipherParameters cp)
{
if (algorithm != null != TlsUtilities.IsTlsV12(mContext))
{
throw new InvalidOperationException();
}
if (algorithm != null && algorithm.Signature != 1)
{
throw new InvalidOperationException();
}
IDigest digest = raw ? new NullDigest() : ((algorithm != null) ? TlsUtilities.CreateHash(algorithm.Hash) : new CombinedHash());
ISigner signer = (algorithm == null) ? ((ISigner) new GenericSigner(CreateRsaImpl(), digest)) : ((ISigner) new RsaDigestSigner(digest, TlsUtilities.GetOidForHashAlgorithm(algorithm.Hash)));
signer.Init(forSigning, cp);
return(signer);
}
protected virtual ISigner MakeSigner(SignatureAndHashAlgorithm algorithm, bool raw, bool forSigning, ICipherParameters cp)
{
if (algorithm != null != TlsUtilities.IsTlsV12(this.mContext))
{
throw new InvalidOperationException();
}
if (algorithm != null && algorithm.Signature != this.SignatureAlgorithm)
{
throw new InvalidOperationException();
}
byte hashAlgorithm = (algorithm == null) ? 2 : algorithm.Hash;
IDigest digest = raw ? new NullDigest() : TlsUtilities.CreateHash(hashAlgorithm);
ISigner signer = new DsaDigestSigner(this.CreateDsaImpl(hashAlgorithm), digest);
signer.Init(forSigning, this.MakeInitParameters(forSigning, cp));
return(signer);
}
public override byte[] GenerateServerKeyExchange()
{
DigestInputBuffer output = new DigestInputBuffer();
base.mECAgreePrivateKey = TlsEccUtilities.GenerateEphemeralServerKeyExchange(base.mContext.SecureRandom, base.mNamedCurves, base.mClientECPointFormats, output);
SignatureAndHashAlgorithm signatureAndHashAlgorithm = TlsUtilities.GetSignatureAndHashAlgorithm(base.mContext, this.mServerCredentials);
IDigest d = TlsUtilities.CreateHash(signatureAndHashAlgorithm);
SecurityParameters securityParameters = base.mContext.SecurityParameters;
d.BlockUpdate(securityParameters.clientRandom, 0, securityParameters.clientRandom.Length);
d.BlockUpdate(securityParameters.serverRandom, 0, securityParameters.serverRandom.Length);
output.UpdateDigest(d);
byte[] hash = DigestUtilities.DoFinal(d);
byte[] signature = this.mServerCredentials.GenerateCertificateSignature(hash);
new DigitallySigned(signatureAndHashAlgorithm, signature).Encode(output);
return(output.ToArray());
}
private static IRandomGenerator CreateNonceRandom(SecureRandom secureRandom, int connectionEnd)
{
byte[] additionalSeedMaterial = new byte[16];
Pack.UInt64_To_BE((ulong)NextCounterValue(), additionalSeedMaterial, 0);
Pack.UInt64_To_BE((ulong)Times.NanoTime(), additionalSeedMaterial, 8);
additionalSeedMaterial[0] &= 0x7F;
additionalSeedMaterial[0] |= (byte)(connectionEnd << 7);
IDigest digest = TlsUtilities.CreateHash(HashAlgorithm.sha256);
byte[] seed = new byte[digest.GetDigestSize()];
secureRandom.NextBytes(seed);
IRandomGenerator nonceRandom = new DigestRandomGenerator(digest);
nonceRandom.AddSeedMaterial(additionalSeedMaterial);
nonceRandom.AddSeedMaterial(seed);
return(nonceRandom);
}
protected virtual ISigner MakeSigner(SignatureAndHashAlgorithm algorithm, bool raw, bool forSigning, ICipherParameters cp)
{
//IL_0014: Unknown result type (might be due to invalid IL or missing references)
//IL_002b: Unknown result type (might be due to invalid IL or missing references)
if (algorithm != null != TlsUtilities.IsTlsV12(mContext))
{
throw new InvalidOperationException();
}
if (algorithm != null && algorithm.Signature != SignatureAlgorithm)
{
throw new InvalidOperationException();
}
byte hashAlgorithm = algorithm?.Hash ?? 2;
IDigest digest = (raw ? new NullDigest() : TlsUtilities.CreateHash(hashAlgorithm));
ISigner signer = new DsaDigestSigner(CreateDsaImpl(hashAlgorithm), digest);
signer.Init(forSigning, MakeInitParameters(forSigning, cp));
return(signer);
}
public override byte[] GenerateServerKeyExchange()
{
DigestInputBuffer digestInputBuffer = new DigestInputBuffer();
mECAgreePrivateKey = TlsEccUtilities.GenerateEphemeralServerKeyExchange(mContext.SecureRandom, mNamedCurves, mClientECPointFormats, (Stream)(object)digestInputBuffer);
SignatureAndHashAlgorithm signatureAndHashAlgorithm = TlsUtilities.GetSignatureAndHashAlgorithm(mContext, mServerCredentials);
IDigest digest = TlsUtilities.CreateHash(signatureAndHashAlgorithm);
SecurityParameters securityParameters = mContext.SecurityParameters;
digest.BlockUpdate(securityParameters.clientRandom, 0, securityParameters.clientRandom.Length);
digest.BlockUpdate(securityParameters.serverRandom, 0, securityParameters.serverRandom.Length);
digestInputBuffer.UpdateDigest(digest);
byte[] hash = DigestUtilities.DoFinal(digest);
byte[] signature = mServerCredentials.GenerateCertificateSignature(hash);
DigitallySigned digitallySigned = new DigitallySigned(signatureAndHashAlgorithm, signature);
digitallySigned.Encode((Stream)(object)digestInputBuffer);
return(((MemoryStream)digestInputBuffer).ToArray());
}
protected virtual ISigner MakeSigner(SignatureAndHashAlgorithm algorithm, bool raw, bool forSigning,
ICipherParameters cp)
{
if ((algorithm != null) != TlsUtilities.IsTlsV12(mContext))
{
throw new InvalidOperationException();
}
if (algorithm != null && algorithm.Signature != SignatureAlgorithm)
{
throw new InvalidOperationException();
}
byte hashAlgorithm = algorithm == null ? HashAlgorithm.sha1 : algorithm.Hash;
IDigest d = raw ? new NullDigest() : TlsUtilities.CreateHash(hashAlgorithm);
ISigner s = new DsaDigestSigner(CreateDsaImpl(hashAlgorithm), d);
s.Init(forSigning, MakeInitParameters(forSigning, cp));
return(s);
}
public override void ProcessServerKeyExchange(Stream input)
{
SecurityParameters securityParameters = mContext.SecurityParameters;
SignerInputBuffer signerInputBuffer = null;
Stream input2 = input;
if (mTlsSigner != null)
{
signerInputBuffer = new SignerInputBuffer();
input2 = (Stream)(object)new TeeInputStream(input, (Stream)(object)signerInputBuffer);
}
ServerSrpParams serverSrpParams = ServerSrpParams.Parse(input2);
if (signerInputBuffer != null)
{
DigitallySigned digitallySigned = ParseSignature(input);
ISigner signer = InitVerifyer(mTlsSigner, digitallySigned.Algorithm, securityParameters);
signerInputBuffer.UpdateSigner(signer);
if (!signer.VerifySignature(digitallySigned.Signature))
{
throw new TlsFatalAlert(51);
}
}
mSrpGroup = new Srp6GroupParameters(serverSrpParams.N, serverSrpParams.G);
if (!mGroupVerifier.Accept(mSrpGroup))
{
throw new TlsFatalAlert(71);
}
mSrpSalt = serverSrpParams.S;
try
{
mSrpPeerCredentials = Srp6Utilities.ValidatePublicValue(mSrpGroup.N, serverSrpParams.B);
}
catch (CryptoException alertCause)
{
throw new TlsFatalAlert(47, alertCause);
}
mSrpClient.Init(mSrpGroup, TlsUtilities.CreateHash(2), mContext.SecureRandom);
}
public override byte[] GenerateServerKeyExchange()
{
if (mDHParameters == null)
{
throw new TlsFatalAlert(80);
}
DigestInputBuffer digestInputBuffer = new DigestInputBuffer();
mDHAgreePrivateKey = TlsDHUtilities.GenerateEphemeralServerKeyExchange(mContext.SecureRandom, mDHParameters, digestInputBuffer);
SignatureAndHashAlgorithm signatureAndHashAlgorithm = TlsUtilities.GetSignatureAndHashAlgorithm(mContext, mServerCredentials);
IDigest digest = TlsUtilities.CreateHash(signatureAndHashAlgorithm);
SecurityParameters securityParameters = mContext.SecurityParameters;
digest.BlockUpdate(securityParameters.clientRandom, 0, securityParameters.clientRandom.Length);
digest.BlockUpdate(securityParameters.serverRandom, 0, securityParameters.serverRandom.Length);
digestInputBuffer.UpdateDigest(digest);
byte[] hash = DigestUtilities.DoFinal(digest);
byte[] signature = mServerCredentials.GenerateCertificateSignature(hash);
DigitallySigned digitallySigned = new DigitallySigned(signatureAndHashAlgorithm, signature);
digitallySigned.Encode(digestInputBuffer);
return(digestInputBuffer.ToArray());
}
public override byte[] GenerateServerKeyExchange()
{
mSrpServer.Init(mSrpGroup, mSrpVerifier, TlsUtilities.CreateHash(HashAlgorithm.sha1), mContext.SecureRandom);
BigInteger B = mSrpServer.GenerateServerCredentials();
ServerSrpParams srpParams = new ServerSrpParams(mSrpGroup.N, mSrpGroup.G, mSrpSalt, B);
DigestInputBuffer buf = new DigestInputBuffer();
srpParams.Encode(buf);
if (mServerCredentials != null)
{
/*
* RFC 5246 4.7. digitally-signed element needs SignatureAndHashAlgorithm from TLS 1.2
*/
SignatureAndHashAlgorithm signatureAndHashAlgorithm = TlsUtilities.GetSignatureAndHashAlgorithm(
mContext, mServerCredentials);
IDigest d = TlsUtilities.CreateHash(signatureAndHashAlgorithm);
SecurityParameters securityParameters = mContext.SecurityParameters;
d.BlockUpdate(securityParameters.clientRandom, 0, securityParameters.clientRandom.Length);
d.BlockUpdate(securityParameters.serverRandom, 0, securityParameters.serverRandom.Length);
buf.UpdateDigest(d);
byte[] hash = new byte[d.GetDigestSize()];
d.DoFinal(hash, 0);
byte[] signature = mServerCredentials.GenerateCertificateSignature(hash);
DigitallySigned signed_params = new DigitallySigned(signatureAndHashAlgorithm, signature);
signed_params.Encode(buf);
}
return(buf.ToArray());
}
public override byte[] GenerateServerKeyExchange()
{
mSrpServer.Init(mSrpGroup, mSrpVerifier, TlsUtilities.CreateHash(2), mContext.SecureRandom);
BigInteger b = mSrpServer.GenerateServerCredentials();
ServerSrpParams serverSrpParams = new ServerSrpParams(mSrpGroup.N, mSrpGroup.G, mSrpSalt, b);
DigestInputBuffer digestInputBuffer = new DigestInputBuffer();
serverSrpParams.Encode((Stream)(object)digestInputBuffer);
if (mServerCredentials != null)
{
SignatureAndHashAlgorithm signatureAndHashAlgorithm = TlsUtilities.GetSignatureAndHashAlgorithm(mContext, mServerCredentials);
IDigest digest = TlsUtilities.CreateHash(signatureAndHashAlgorithm);
SecurityParameters securityParameters = mContext.SecurityParameters;
digest.BlockUpdate(securityParameters.clientRandom, 0, securityParameters.clientRandom.Length);
digest.BlockUpdate(securityParameters.serverRandom, 0, securityParameters.serverRandom.Length);
digestInputBuffer.UpdateDigest(digest);
byte[] array = new byte[digest.GetDigestSize()];
digest.DoFinal(array, 0);
byte[] signature = mServerCredentials.GenerateCertificateSignature(array);
DigitallySigned digitallySigned = new DigitallySigned(signatureAndHashAlgorithm, signature);
digitallySigned.Encode((Stream)(object)digestInputBuffer);
}
return(((MemoryStream)digestInputBuffer).ToArray());
}
