diff --git a/crypto/src/tls/crypto/impl/AbstractTlsCipher.cs b/crypto/src/tls/crypto/impl/AbstractTlsCipher.cs
new file mode 100644
index 000000000..03d6ddba2
--- /dev/null
+++ b/crypto/src/tls/crypto/impl/AbstractTlsCipher.cs
@@ -0,0 +1,53 @@
+using System;
+
+using Org.BouncyCastle.Utilities.IO.Compression;
+
+namespace Org.BouncyCastle.Tls.Crypto.Impl
+{
+ public abstract class AbstractTlsCipher
+ : TlsCipher
+ {
+ public abstract int GetCiphertextDecodeLimit(int plaintextLimit);
+
+ public abstract int GetCiphertextEncodeLimit(int plaintextLength, int plaintextLimit);
+
+ // TODO[api] Remove this method from TlsCipher
+ public abstract int GetPlaintextLimit(int ciphertextLimit);
+
+ // TODO[api] Add to TlsCipher
+ public virtual int GetPlaintextDecodeLimit(int ciphertextLimit)
+ {
+ return GetPlaintextLimit(ciphertextLimit);
+ }
+
+ // TODO[api] Add to TlsCipher
+ public virtual int GetPlaintextEncodeLimit(int ciphertextLimit)
+ {
+ return GetPlaintextLimit(ciphertextLimit);
+ }
+
+ public abstract TlsEncodeResult EncodePlaintext(long seqNo, short contentType, ProtocolVersion recordVersion,
+ int headerAllocation, byte[] plaintext, int offset, int len);
+
+#if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER
+ public abstract TlsEncodeResult EncodePlaintext(long seqNo, short contentType, ProtocolVersion recordVersion,
+ int headerAllocation, ReadOnlySpan<byte> plaintext);
+#endif
+
+ // TODO[api] Add span-based version?
+ public abstract TlsDecodeResult DecodeCiphertext(long seqNo, short recordType, ProtocolVersion recordVersion,
+ byte[] ciphertext, int offset, int len);
+
+ public virtual void RekeyDecoder()
+ {
+ throw new TlsFatalAlert(AlertDescription.internal_error);
+ }
+
+ public virtual void RekeyEncoder()
+ {
+ throw new TlsFatalAlert(AlertDescription.internal_error);
+ }
+
+ public abstract bool UsesOpaqueRecordType { get; }
+ }
+}
diff --git a/crypto/src/tls/crypto/impl/TlsAeadCipher.cs b/crypto/src/tls/crypto/impl/TlsAeadCipher.cs
index 8525c2fe9..f238a3afb 100644
--- a/crypto/src/tls/crypto/impl/TlsAeadCipher.cs
+++ b/crypto/src/tls/crypto/impl/TlsAeadCipher.cs
@@ -5,7 +5,7 @@ namespace Org.BouncyCastle.Tls.Crypto.Impl
{
/// <summary>A generic TLS 1.2 AEAD cipher.</summary>
public class TlsAeadCipher
- : TlsCipher
+ : AbstractTlsCipher
{
public const int AEAD_CCM = 1;
public const int AEAD_CHACHA20_POLY1305 = 2;
@@ -134,12 +134,12 @@ namespace Org.BouncyCastle.Tls.Crypto.Impl
decryptCipher.Init(dummyNonce, macSize, null);
}
- public virtual int GetCiphertextDecodeLimit(int plaintextLimit)
+ public override int GetCiphertextDecodeLimit(int plaintextLimit)
{
return plaintextLimit + m_macSize + m_record_iv_length + (m_isTlsV13 ? 1 : 0);
}
- public virtual int GetCiphertextEncodeLimit(int plaintextLength, int plaintextLimit)
+ public override int GetCiphertextEncodeLimit(int plaintextLength, int plaintextLimit)
{
int innerPlaintextLimit = plaintextLength;
if (m_isTlsV13)
@@ -153,12 +153,12 @@ namespace Org.BouncyCastle.Tls.Crypto.Impl
return innerPlaintextLimit + m_macSize + m_record_iv_length;
}
- public virtual int GetPlaintextLimit(int ciphertextLimit)
+ public override int GetPlaintextLimit(int ciphertextLimit)
{
return ciphertextLimit - m_macSize - m_record_iv_length - (m_isTlsV13 ? 1 : 0);
}
- public virtual TlsEncodeResult EncodePlaintext(long seqNo, short contentType, ProtocolVersion recordVersion,
+ public override TlsEncodeResult EncodePlaintext(long seqNo, short contentType, ProtocolVersion recordVersion,
int headerAllocation, byte[] plaintext, int plaintextOffset, int plaintextLength)
{
#if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER
@@ -237,7 +237,7 @@ namespace Org.BouncyCastle.Tls.Crypto.Impl
}
#if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER
- public virtual TlsEncodeResult EncodePlaintext(long seqNo, short contentType, ProtocolVersion recordVersion,
+ public override TlsEncodeResult EncodePlaintext(long seqNo, short contentType, ProtocolVersion recordVersion,
int headerAllocation, ReadOnlySpan<byte> plaintext)
{
byte[] nonce = new byte[m_encryptNonce.Length + m_record_iv_length];
@@ -311,7 +311,7 @@ namespace Org.BouncyCastle.Tls.Crypto.Impl
}
#endif
- public virtual TlsDecodeResult DecodeCiphertext(long seqNo, short recordType, ProtocolVersion recordVersion,
+ public override TlsDecodeResult DecodeCiphertext(long seqNo, short recordType, ProtocolVersion recordVersion,
byte[] ciphertext, int ciphertextOffset, int ciphertextLength)
{
if (GetPlaintextLimit(ciphertextLength) < 0)
@@ -398,17 +398,17 @@ namespace Org.BouncyCastle.Tls.Crypto.Impl
return new TlsDecodeResult(ciphertext, encryptionOffset, plaintextLength, contentType);
}
- public virtual void RekeyDecoder()
+ public override void RekeyDecoder()
{
RekeyCipher(m_cryptoParams.SecurityParameters, m_decryptCipher, m_decryptNonce, !m_cryptoParams.IsServer);
}
- public virtual void RekeyEncoder()
+ public override void RekeyEncoder()
{
RekeyCipher(m_cryptoParams.SecurityParameters, m_encryptCipher, m_encryptNonce, m_cryptoParams.IsServer);
}
- public virtual bool UsesOpaqueRecordType
+ public override bool UsesOpaqueRecordType
{
get { return m_isTlsV13; }
}
diff --git a/crypto/src/tls/crypto/impl/TlsBlockCipher.cs b/crypto/src/tls/crypto/impl/TlsBlockCipher.cs
index 64a73bfea..1e6889982 100644
--- a/crypto/src/tls/crypto/impl/TlsBlockCipher.cs
+++ b/crypto/src/tls/crypto/impl/TlsBlockCipher.cs
@@ -8,7 +8,7 @@ namespace Org.BouncyCastle.Tls.Crypto.Impl
{
/// <summary>A generic TLS 1.0-1.2 block cipher. This can be used for AES or 3DES for example.</summary>
public class TlsBlockCipher
- : TlsCipher
+ : AbstractTlsCipher
{
protected readonly TlsCryptoParameters m_cryptoParams;
protected readonly byte[] m_randomData;
@@ -147,7 +147,7 @@ namespace Org.BouncyCastle.Tls.Crypto.Impl
}
}
- public virtual int GetCiphertextDecodeLimit(int plaintextLimit)
+ public override int GetCiphertextDecodeLimit(int plaintextLimit)
{
int blockSize = m_decryptCipher.GetBlockSize();
int macSize = m_readMac.Size;
@@ -156,7 +156,7 @@ namespace Org.BouncyCastle.Tls.Crypto.Impl
return GetCiphertextLength(blockSize, macSize, maxPadding, plaintextLimit);
}
- public virtual int GetCiphertextEncodeLimit(int plaintextLength, int plaintextLimit)
+ public override int GetCiphertextEncodeLimit(int plaintextLength, int plaintextLimit)
{
int blockSize = m_encryptCipher.GetBlockSize();
int macSize = m_writeMac.Size;
@@ -165,7 +165,7 @@ namespace Org.BouncyCastle.Tls.Crypto.Impl
return GetCiphertextLength(blockSize, macSize, maxPadding, plaintextLength);
}
- public virtual int GetPlaintextLimit(int ciphertextLimit)
+ public override int GetPlaintextLimit(int ciphertextLimit)
{
int blockSize = m_encryptCipher.GetBlockSize();
int macSize = m_writeMac.Size;
@@ -196,7 +196,7 @@ namespace Org.BouncyCastle.Tls.Crypto.Impl
return plaintextLimit;
}
- public virtual TlsEncodeResult EncodePlaintext(long seqNo, short contentType, ProtocolVersion recordVersion,
+ public override TlsEncodeResult EncodePlaintext(long seqNo, short contentType, ProtocolVersion recordVersion,
int headerAllocation, byte[] plaintext, int offset, int len)
{
#if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER
@@ -271,7 +271,7 @@ namespace Org.BouncyCastle.Tls.Crypto.Impl
}
#if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER
- public virtual TlsEncodeResult EncodePlaintext(long seqNo, short contentType, ProtocolVersion recordVersion,
+ public override TlsEncodeResult EncodePlaintext(long seqNo, short contentType, ProtocolVersion recordVersion,
int headerAllocation, ReadOnlySpan<byte> plaintext)
{
int blockSize = m_encryptCipher.GetBlockSize();
@@ -342,7 +342,7 @@ namespace Org.BouncyCastle.Tls.Crypto.Impl
}
#endif
- public virtual TlsDecodeResult DecodeCiphertext(long seqNo, short recordType, ProtocolVersion recordVersion,
+ public override TlsDecodeResult DecodeCiphertext(long seqNo, short recordType, ProtocolVersion recordVersion,
byte[] ciphertext, int offset, int len)
{
int blockSize = m_decryptCipher.GetBlockSize();
@@ -427,17 +427,7 @@ namespace Org.BouncyCastle.Tls.Crypto.Impl
return new TlsDecodeResult(ciphertext, offset, dec_output_length, recordType);
}
- public virtual void RekeyDecoder()
- {
- throw new TlsFatalAlert(AlertDescription.internal_error);
- }
-
- public virtual void RekeyEncoder()
- {
- throw new TlsFatalAlert(AlertDescription.internal_error);
- }
-
- public virtual bool UsesOpaqueRecordType
+ public override bool UsesOpaqueRecordType
{
get { return false; }
}
diff --git a/crypto/src/tls/crypto/impl/TlsNullCipher.cs b/crypto/src/tls/crypto/impl/TlsNullCipher.cs
index 9bb08110a..2008fd1d6 100644
--- a/crypto/src/tls/crypto/impl/TlsNullCipher.cs
+++ b/crypto/src/tls/crypto/impl/TlsNullCipher.cs
@@ -5,7 +5,7 @@ namespace Org.BouncyCastle.Tls.Crypto.Impl
{
/// <summary>The NULL cipher.</summary>
public class TlsNullCipher
- : TlsCipher
+ : AbstractTlsCipher
{
protected readonly TlsCryptoParameters m_cryptoParams;
protected readonly TlsSuiteHmac m_readMac, m_writeMac;
@@ -56,22 +56,22 @@ namespace Org.BouncyCastle.Tls.Crypto.Impl
}
}
- public virtual int GetCiphertextDecodeLimit(int plaintextLimit)
+ public override int GetCiphertextDecodeLimit(int plaintextLimit)
{
return plaintextLimit + m_writeMac.Size;
}
- public virtual int GetCiphertextEncodeLimit(int plaintextLength, int plaintextLimit)
+ public override int GetCiphertextEncodeLimit(int plaintextLength, int plaintextLimit)
{
return plaintextLength + m_writeMac.Size;
}
- public virtual int GetPlaintextLimit(int ciphertextLimit)
+ public override int GetPlaintextLimit(int ciphertextLimit)
{
return ciphertextLimit - m_writeMac.Size;
}
- public virtual TlsEncodeResult EncodePlaintext(long seqNo, short contentType, ProtocolVersion recordVersion,
+ public override TlsEncodeResult EncodePlaintext(long seqNo, short contentType, ProtocolVersion recordVersion,
int headerAllocation, byte[] plaintext, int offset, int len)
{
byte[] mac = m_writeMac.CalculateMac(seqNo, contentType, plaintext, offset, len);
@@ -82,7 +82,7 @@ namespace Org.BouncyCastle.Tls.Crypto.Impl
}
#if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER
- public virtual TlsEncodeResult EncodePlaintext(long seqNo, short contentType, ProtocolVersion recordVersion,
+ public override TlsEncodeResult EncodePlaintext(long seqNo, short contentType, ProtocolVersion recordVersion,
int headerAllocation, ReadOnlySpan<byte> plaintext)
{
byte[] mac = m_writeMac.CalculateMac(seqNo, contentType, plaintext);
@@ -93,7 +93,7 @@ namespace Org.BouncyCastle.Tls.Crypto.Impl
}
#endif
- public virtual TlsDecodeResult DecodeCiphertext(long seqNo, short recordType, ProtocolVersion recordVersion,
+ public override TlsDecodeResult DecodeCiphertext(long seqNo, short recordType, ProtocolVersion recordVersion,
byte[] ciphertext, int offset, int len)
{
int macSize = m_readMac.Size;
@@ -111,17 +111,7 @@ namespace Org.BouncyCastle.Tls.Crypto.Impl
return new TlsDecodeResult(ciphertext, offset, macInputLen, recordType);
}
- public virtual void RekeyDecoder()
- {
- throw new TlsFatalAlert(AlertDescription.internal_error);
- }
-
- public virtual void RekeyEncoder()
- {
- throw new TlsFatalAlert(AlertDescription.internal_error);
- }
-
- public virtual bool UsesOpaqueRecordType
+ public override bool UsesOpaqueRecordType
{
get { return false; }
}
|
