80 lines
2.4 KiB
C#
80 lines
2.4 KiB
C#
using System;
|
|
using System.Collections;
|
|
using System.IO;
|
|
using Org.BouncyCastle.Security;
|
|
using Org.BouncyCastle.Utilities;
|
|
|
|
namespace Org.BouncyCastle.Crypto.Tls;
|
|
|
|
public abstract class DtlsProtocol
|
|
{
|
|
protected readonly SecureRandom mSecureRandom;
|
|
|
|
protected DtlsProtocol(SecureRandom secureRandom)
|
|
{
|
|
if (secureRandom == null)
|
|
{
|
|
throw new ArgumentNullException("secureRandom");
|
|
}
|
|
mSecureRandom = secureRandom;
|
|
}
|
|
|
|
protected virtual void ProcessFinished(byte[] body, byte[] expected_verify_data)
|
|
{
|
|
MemoryStream memoryStream = new MemoryStream(body, writable: false);
|
|
byte[] b = TlsUtilities.ReadFully(expected_verify_data.Length, memoryStream);
|
|
TlsProtocol.AssertEmpty(memoryStream);
|
|
if (!Arrays.ConstantTimeAreEqual(expected_verify_data, b))
|
|
{
|
|
throw new TlsFatalAlert(40);
|
|
}
|
|
}
|
|
|
|
internal static void ApplyMaxFragmentLengthExtension(DtlsRecordLayer recordLayer, short maxFragmentLength)
|
|
{
|
|
if (maxFragmentLength >= 0)
|
|
{
|
|
if (!MaxFragmentLength.IsValid((byte)maxFragmentLength))
|
|
{
|
|
throw new TlsFatalAlert(80);
|
|
}
|
|
int plaintextLimit = 1 << 8 + maxFragmentLength;
|
|
recordLayer.SetPlaintextLimit(plaintextLimit);
|
|
}
|
|
}
|
|
|
|
protected static short EvaluateMaxFragmentLengthExtension(bool resumedSession, IDictionary clientExtensions, IDictionary serverExtensions, byte alertDescription)
|
|
{
|
|
short maxFragmentLengthExtension = TlsExtensionsUtilities.GetMaxFragmentLengthExtension(serverExtensions);
|
|
if (maxFragmentLengthExtension >= 0 && (!MaxFragmentLength.IsValid((byte)maxFragmentLengthExtension) || (!resumedSession && maxFragmentLengthExtension != TlsExtensionsUtilities.GetMaxFragmentLengthExtension(clientExtensions))))
|
|
{
|
|
throw new TlsFatalAlert(alertDescription);
|
|
}
|
|
return maxFragmentLengthExtension;
|
|
}
|
|
|
|
protected static byte[] GenerateCertificate(Certificate certificate)
|
|
{
|
|
MemoryStream memoryStream = new MemoryStream();
|
|
certificate.Encode(memoryStream);
|
|
return memoryStream.ToArray();
|
|
}
|
|
|
|
protected static byte[] GenerateSupplementalData(IList supplementalData)
|
|
{
|
|
MemoryStream memoryStream = new MemoryStream();
|
|
TlsProtocol.WriteSupplementalData(memoryStream, supplementalData);
|
|
return memoryStream.ToArray();
|
|
}
|
|
|
|
protected static void ValidateSelectedCipherSuite(int selectedCipherSuite, byte alertDescription)
|
|
{
|
|
switch (TlsUtilities.GetEncryptionAlgorithm(selectedCipherSuite))
|
|
{
|
|
case 1:
|
|
case 2:
|
|
throw new TlsFatalAlert(alertDescription);
|
|
}
|
|
}
|
|
}
|