80 lines
3.3 KiB
C#
80 lines
3.3 KiB
C#
using System;
|
|
using System.Collections;
|
|
using System.IO;
|
|
using Org.BouncyCastle.Crypto.Parameters;
|
|
using Org.BouncyCastle.Security;
|
|
using Org.BouncyCastle.Utilities.IO;
|
|
|
|
namespace Org.BouncyCastle.Crypto.Tls;
|
|
|
|
public class TlsDheKeyExchange : TlsDHKeyExchange
|
|
{
|
|
protected TlsSignerCredentials mServerCredentials = null;
|
|
|
|
[Obsolete("Use constructor that takes a TlsDHVerifier")]
|
|
public TlsDheKeyExchange(int keyExchange, IList supportedSignatureAlgorithms, DHParameters dhParameters)
|
|
: this(keyExchange, supportedSignatureAlgorithms, new DefaultTlsDHVerifier(), dhParameters)
|
|
{
|
|
}
|
|
|
|
public TlsDheKeyExchange(int keyExchange, IList supportedSignatureAlgorithms, TlsDHVerifier dhVerifier, DHParameters dhParameters)
|
|
: base(keyExchange, supportedSignatureAlgorithms, dhVerifier, dhParameters)
|
|
{
|
|
}
|
|
|
|
public override void ProcessServerCredentials(TlsCredentials serverCredentials)
|
|
{
|
|
if (!(serverCredentials is TlsSignerCredentials))
|
|
{
|
|
throw new TlsFatalAlert(80);
|
|
}
|
|
ProcessServerCertificate(serverCredentials.Certificate);
|
|
mServerCredentials = (TlsSignerCredentials)serverCredentials;
|
|
}
|
|
|
|
public override byte[] GenerateServerKeyExchange()
|
|
{
|
|
if (mDHParameters == null)
|
|
{
|
|
throw new TlsFatalAlert(80);
|
|
}
|
|
DigestInputBuffer digestInputBuffer = new DigestInputBuffer();
|
|
mDHAgreePrivateKey = TlsDHUtilities.GenerateEphemeralServerKeyExchange(mContext.SecureRandom, mDHParameters, digestInputBuffer);
|
|
SignatureAndHashAlgorithm signatureAndHashAlgorithm = TlsUtilities.GetSignatureAndHashAlgorithm(mContext, mServerCredentials);
|
|
IDigest digest = TlsUtilities.CreateHash(signatureAndHashAlgorithm);
|
|
SecurityParameters securityParameters = mContext.SecurityParameters;
|
|
digest.BlockUpdate(securityParameters.clientRandom, 0, securityParameters.clientRandom.Length);
|
|
digest.BlockUpdate(securityParameters.serverRandom, 0, securityParameters.serverRandom.Length);
|
|
digestInputBuffer.UpdateDigest(digest);
|
|
byte[] hash = DigestUtilities.DoFinal(digest);
|
|
byte[] signature = mServerCredentials.GenerateCertificateSignature(hash);
|
|
DigitallySigned digitallySigned = new DigitallySigned(signatureAndHashAlgorithm, signature);
|
|
digitallySigned.Encode(digestInputBuffer);
|
|
return digestInputBuffer.ToArray();
|
|
}
|
|
|
|
public override void ProcessServerKeyExchange(Stream input)
|
|
{
|
|
SecurityParameters securityParameters = mContext.SecurityParameters;
|
|
SignerInputBuffer signerInputBuffer = new SignerInputBuffer();
|
|
Stream input2 = new TeeInputStream(input, signerInputBuffer);
|
|
mDHParameters = TlsDHUtilities.ReceiveDHParameters(mDHVerifier, input2);
|
|
mDHAgreePublicKey = new DHPublicKeyParameters(TlsDHUtilities.ReadDHParameter(input2), mDHParameters);
|
|
DigitallySigned digitallySigned = ParseSignature(input);
|
|
ISigner signer = InitVerifyer(mTlsSigner, digitallySigned.Algorithm, securityParameters);
|
|
signerInputBuffer.UpdateSigner(signer);
|
|
if (!signer.VerifySignature(digitallySigned.Signature))
|
|
{
|
|
throw new TlsFatalAlert(51);
|
|
}
|
|
}
|
|
|
|
protected virtual ISigner InitVerifyer(TlsSigner tlsSigner, SignatureAndHashAlgorithm algorithm, SecurityParameters securityParameters)
|
|
{
|
|
ISigner signer = tlsSigner.CreateVerifyer(algorithm, mServerPublicKey);
|
|
signer.BlockUpdate(securityParameters.clientRandom, 0, securityParameters.clientRandom.Length);
|
|
signer.BlockUpdate(securityParameters.serverRandom, 0, securityParameters.serverRandom.Length);
|
|
return signer;
|
|
}
|
|
}
|