init commit
This commit is contained in:
@@ -0,0 +1,107 @@
|
||||
using System;
|
||||
using Org.BouncyCastle.Crypto.Digests;
|
||||
using Org.BouncyCastle.Crypto.Macs;
|
||||
using Org.BouncyCastle.Crypto.Parameters;
|
||||
using Org.BouncyCastle.Security;
|
||||
using Org.BouncyCastle.Utilities;
|
||||
|
||||
namespace Org.BouncyCastle.Crypto.Tls;
|
||||
|
||||
public class TlsMac
|
||||
{
|
||||
protected readonly TlsContext context;
|
||||
|
||||
protected readonly byte[] secret;
|
||||
|
||||
protected readonly IMac mac;
|
||||
|
||||
protected readonly int digestBlockSize;
|
||||
|
||||
protected readonly int digestOverhead;
|
||||
|
||||
protected readonly int macLength;
|
||||
|
||||
public virtual byte[] MacSecret => secret;
|
||||
|
||||
public virtual int Size => macLength;
|
||||
|
||||
public TlsMac(TlsContext context, IDigest digest, byte[] key, int keyOff, int keyLen)
|
||||
{
|
||||
this.context = context;
|
||||
KeyParameter keyParameter = new KeyParameter(key, keyOff, keyLen);
|
||||
secret = Arrays.Clone(keyParameter.GetKey());
|
||||
if (digest is LongDigest)
|
||||
{
|
||||
digestBlockSize = 128;
|
||||
digestOverhead = 16;
|
||||
}
|
||||
else
|
||||
{
|
||||
digestBlockSize = 64;
|
||||
digestOverhead = 8;
|
||||
}
|
||||
if (TlsUtilities.IsSsl(context))
|
||||
{
|
||||
mac = new Ssl3Mac(digest);
|
||||
if (digest.GetDigestSize() == 20)
|
||||
{
|
||||
digestOverhead = 4;
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
mac = new HMac(digest);
|
||||
}
|
||||
mac.Init(keyParameter);
|
||||
macLength = mac.GetMacSize();
|
||||
if (context.SecurityParameters.truncatedHMac)
|
||||
{
|
||||
macLength = System.Math.Min(macLength, 10);
|
||||
}
|
||||
}
|
||||
|
||||
public virtual byte[] CalculateMac(long seqNo, byte type, byte[] message, int offset, int length)
|
||||
{
|
||||
ProtocolVersion serverVersion = context.ServerVersion;
|
||||
bool isSsl = serverVersion.IsSsl;
|
||||
byte[] array = new byte[isSsl ? 11 : 13];
|
||||
TlsUtilities.WriteUint64(seqNo, array, 0);
|
||||
TlsUtilities.WriteUint8(type, array, 8);
|
||||
if (!isSsl)
|
||||
{
|
||||
TlsUtilities.WriteVersion(serverVersion, array, 9);
|
||||
}
|
||||
TlsUtilities.WriteUint16(length, array, array.Length - 2);
|
||||
mac.BlockUpdate(array, 0, array.Length);
|
||||
mac.BlockUpdate(message, offset, length);
|
||||
return Truncate(MacUtilities.DoFinal(mac));
|
||||
}
|
||||
|
||||
public virtual byte[] CalculateMacConstantTime(long seqNo, byte type, byte[] message, int offset, int length, int fullLength, byte[] dummyData)
|
||||
{
|
||||
byte[] result = CalculateMac(seqNo, type, message, offset, length);
|
||||
int num = (TlsUtilities.IsSsl(context) ? 11 : 13);
|
||||
int num2 = GetDigestBlockCount(num + fullLength) - GetDigestBlockCount(num + length);
|
||||
while (--num2 >= 0)
|
||||
{
|
||||
mac.BlockUpdate(dummyData, 0, digestBlockSize);
|
||||
}
|
||||
mac.Update(dummyData[0]);
|
||||
mac.Reset();
|
||||
return result;
|
||||
}
|
||||
|
||||
protected virtual int GetDigestBlockCount(int inputLength)
|
||||
{
|
||||
return (inputLength + digestOverhead) / digestBlockSize;
|
||||
}
|
||||
|
||||
protected virtual byte[] Truncate(byte[] bs)
|
||||
{
|
||||
if (bs.Length <= macLength)
|
||||
{
|
||||
return bs;
|
||||
}
|
||||
return Arrays.CopyOf(bs, macLength);
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user