init commit

2025-10-09 09:57:24 +09:00
commit 4d551bd74f
6636 changed files with 1218703 additions and 0 deletions
--- a/output/Libraries/BouncyCastle.Crypto/Org/BouncyCastle/Crypto/Tls/AbstractTlsServer.cs
+++ b/output/Libraries/BouncyCastle.Crypto/Org/BouncyCastle/Crypto/Tls/AbstractTlsServer.cs
@@ -0,0 +1,260 @@
+using System.Collections;
+using Org.BouncyCastle.Utilities;
+
+namespace Org.BouncyCastle.Crypto.Tls;
+
+public abstract class AbstractTlsServer : AbstractTlsPeer, TlsServer, TlsPeer
+{
+	protected TlsCipherFactory mCipherFactory;
+
+	protected TlsServerContext mContext;
+
+	protected ProtocolVersion mClientVersion;
+
+	protected int[] mOfferedCipherSuites;
+
+	protected byte[] mOfferedCompressionMethods;
+
+	protected IDictionary mClientExtensions;
+
+	protected bool mEncryptThenMacOffered;
+
+	protected short mMaxFragmentLengthOffered;
+
+	protected bool mTruncatedHMacOffered;
+
+	protected IList mSupportedSignatureAlgorithms;
+
+	protected bool mEccCipherSuitesOffered;
+
+	protected int[] mNamedCurves;
+
+	protected byte[] mClientECPointFormats;
+
+	protected byte[] mServerECPointFormats;
+
+	protected ProtocolVersion mServerVersion;
+
+	protected int mSelectedCipherSuite;
+
+	protected byte mSelectedCompressionMethod;
+
+	protected IDictionary mServerExtensions;
+
+	protected virtual bool AllowEncryptThenMac => true;
+
+	protected virtual bool AllowTruncatedHMac => false;
+
+	protected virtual ProtocolVersion MaximumVersion => ProtocolVersion.TLSv11;
+
+	protected virtual ProtocolVersion MinimumVersion => ProtocolVersion.TLSv10;
+
+	public AbstractTlsServer()
+		: this(new DefaultTlsCipherFactory())
+	{
+	}
+
+	public AbstractTlsServer(TlsCipherFactory cipherFactory)
+	{
+		mCipherFactory = cipherFactory;
+	}
+
+	protected virtual IDictionary CheckServerExtensions()
+	{
+		return mServerExtensions = TlsExtensionsUtilities.EnsureExtensionsInitialised(mServerExtensions);
+	}
+
+	protected abstract int[] GetCipherSuites();
+
+	protected byte[] GetCompressionMethods()
+	{
+		return new byte[1];
+	}
+
+	protected virtual bool SupportsClientEccCapabilities(int[] namedCurves, byte[] ecPointFormats)
+	{
+		if (namedCurves == null)
+		{
+			return TlsEccUtilities.HasAnySupportedNamedCurves();
+		}
+		foreach (int namedCurve in namedCurves)
+		{
+			if (NamedCurve.IsValid(namedCurve) && (!NamedCurve.RefersToASpecificNamedCurve(namedCurve) || TlsEccUtilities.IsSupportedNamedCurve(namedCurve)))
+			{
+				return true;
+			}
+		}
+		return false;
+	}
+
+	public virtual void Init(TlsServerContext context)
+	{
+		mContext = context;
+	}
+
+	public virtual void NotifyClientVersion(ProtocolVersion clientVersion)
+	{
+		mClientVersion = clientVersion;
+	}
+
+	public virtual void NotifyFallback(bool isFallback)
+	{
+		if (isFallback && MaximumVersion.IsLaterVersionOf(mClientVersion))
+		{
+			throw new TlsFatalAlert(86);
+		}
+	}
+
+	public virtual void NotifyOfferedCipherSuites(int[] offeredCipherSuites)
+	{
+		mOfferedCipherSuites = offeredCipherSuites;
+		mEccCipherSuitesOffered = TlsEccUtilities.ContainsEccCipherSuites(mOfferedCipherSuites);
+	}
+
+	public virtual void NotifyOfferedCompressionMethods(byte[] offeredCompressionMethods)
+	{
+		mOfferedCompressionMethods = offeredCompressionMethods;
+	}
+
+	public virtual void ProcessClientExtensions(IDictionary clientExtensions)
+	{
+		mClientExtensions = clientExtensions;
+		if (clientExtensions != null)
+		{
+			mEncryptThenMacOffered = TlsExtensionsUtilities.HasEncryptThenMacExtension(clientExtensions);
+			mMaxFragmentLengthOffered = TlsExtensionsUtilities.GetMaxFragmentLengthExtension(clientExtensions);
+			if (mMaxFragmentLengthOffered >= 0 && !MaxFragmentLength.IsValid((byte)mMaxFragmentLengthOffered))
+			{
+				throw new TlsFatalAlert(47);
+			}
+			mTruncatedHMacOffered = TlsExtensionsUtilities.HasTruncatedHMacExtension(clientExtensions);
+			mSupportedSignatureAlgorithms = TlsUtilities.GetSignatureAlgorithmsExtension(clientExtensions);
+			if (mSupportedSignatureAlgorithms != null && !TlsUtilities.IsSignatureAlgorithmsExtensionAllowed(mClientVersion))
+			{
+				throw new TlsFatalAlert(47);
+			}
+			mNamedCurves = TlsEccUtilities.GetSupportedEllipticCurvesExtension(clientExtensions);
+			mClientECPointFormats = TlsEccUtilities.GetSupportedPointFormatsExtension(clientExtensions);
+		}
+	}
+
+	public virtual ProtocolVersion GetServerVersion()
+	{
+		if (MinimumVersion.IsEqualOrEarlierVersionOf(mClientVersion))
+		{
+			ProtocolVersion maximumVersion = MaximumVersion;
+			if (mClientVersion.IsEqualOrEarlierVersionOf(maximumVersion))
+			{
+				return mServerVersion = mClientVersion;
+			}
+			if (mClientVersion.IsLaterVersionOf(maximumVersion))
+			{
+				return mServerVersion = maximumVersion;
+			}
+		}
+		throw new TlsFatalAlert(70);
+	}
+
+	public virtual int GetSelectedCipherSuite()
+	{
+		IList usableSignatureAlgorithms = TlsUtilities.GetUsableSignatureAlgorithms(mSupportedSignatureAlgorithms);
+		bool flag = SupportsClientEccCapabilities(mNamedCurves, mClientECPointFormats);
+		int[] cipherSuites = GetCipherSuites();
+		foreach (int num in cipherSuites)
+		{
+			if (Arrays.Contains(mOfferedCipherSuites, num) && (flag || !TlsEccUtilities.IsEccCipherSuite(num)) && TlsUtilities.IsValidCipherSuiteForVersion(num, mServerVersion) && TlsUtilities.IsValidCipherSuiteForSignatureAlgorithms(num, usableSignatureAlgorithms))
+			{
+				return mSelectedCipherSuite = num;
+			}
+		}
+		throw new TlsFatalAlert(40);
+	}
+
+	public virtual byte GetSelectedCompressionMethod()
+	{
+		byte[] compressionMethods = GetCompressionMethods();
+		for (int i = 0; i < compressionMethods.Length; i++)
+		{
+			if (Arrays.Contains(mOfferedCompressionMethods, compressionMethods[i]))
+			{
+				return mSelectedCompressionMethod = compressionMethods[i];
+			}
+		}
+		throw new TlsFatalAlert(40);
+	}
+
+	public virtual IDictionary GetServerExtensions()
+	{
+		if (mEncryptThenMacOffered && AllowEncryptThenMac && TlsUtilities.IsBlockCipherSuite(mSelectedCipherSuite))
+		{
+			TlsExtensionsUtilities.AddEncryptThenMacExtension(CheckServerExtensions());
+		}
+		if (mMaxFragmentLengthOffered >= 0 && TlsUtilities.IsValidUint8(mMaxFragmentLengthOffered) && MaxFragmentLength.IsValid((byte)mMaxFragmentLengthOffered))
+		{
+			TlsExtensionsUtilities.AddMaxFragmentLengthExtension(CheckServerExtensions(), (byte)mMaxFragmentLengthOffered);
+		}
+		if (mTruncatedHMacOffered && AllowTruncatedHMac)
+		{
+			TlsExtensionsUtilities.AddTruncatedHMacExtension(CheckServerExtensions());
+		}
+		if (mClientECPointFormats != null && TlsEccUtilities.IsEccCipherSuite(mSelectedCipherSuite))
+		{
+			mServerECPointFormats = new byte[3] { 0, 1, 2 };
+			TlsEccUtilities.AddSupportedPointFormatsExtension(CheckServerExtensions(), mServerECPointFormats);
+		}
+		return mServerExtensions;
+	}
+
+	public virtual IList GetServerSupplementalData()
+	{
+		return null;
+	}
+
+	public abstract TlsCredentials GetCredentials();
+
+	public virtual CertificateStatus GetCertificateStatus()
+	{
+		return null;
+	}
+
+	public abstract TlsKeyExchange GetKeyExchange();
+
+	public virtual CertificateRequest GetCertificateRequest()
+	{
+		return null;
+	}
+
+	public virtual void ProcessClientSupplementalData(IList clientSupplementalData)
+	{
+		if (clientSupplementalData != null)
+		{
+			throw new TlsFatalAlert(10);
+		}
+	}
+
+	public virtual void NotifyClientCertificate(Certificate clientCertificate)
+	{
+		throw new TlsFatalAlert(80);
+	}
+
+	public override TlsCompression GetCompression()
+	{
+		if (mSelectedCompressionMethod == 0)
+		{
+			return new TlsNullCompression();
+		}
+		throw new TlsFatalAlert(80);
+	}
+
+	public override TlsCipher GetCipher()
+	{
+		int encryptionAlgorithm = TlsUtilities.GetEncryptionAlgorithm(mSelectedCipherSuite);
+		int macAlgorithm = TlsUtilities.GetMacAlgorithm(mSelectedCipherSuite);
+		return mCipherFactory.CreateCipher(mContext, encryptionAlgorithm, macAlgorithm);
+	}
+
+	public virtual NewSessionTicket GetNewSessionTicket()
+	{
+		return new NewSessionTicket(0L, TlsUtilities.EmptyBytes);
+	}
+}