summary refs log tree commit diff
diff options
context:
space:
mode:
authorPeter Dettman <peter.dettman@bouncycastle.org>2014-08-22 10:37:16 +0700
committerPeter Dettman <peter.dettman@bouncycastle.org>2014-08-22 10:37:16 +0700
commite8532032118290a201dbec09b5c8eb0804fec8ff (patch)
tree303b0fad647d252c74a9ba2a59fa222785706fb4
parentCater for possibly null ecPointFormats (diff)
downloadBouncyCastle.NET-ed25519-e8532032118290a201dbec09b5c8eb0804fec8ff.tar.xz
Add support for a 'cause' Exception to TlsFatalAlert and use
Diffstat
-rw-r--r--crypto/src/crypto/tls/DefaultTlsSignerCredentials.cs4


-rw-r--r--crypto/src/crypto/tls/TlsAeadCipher.cs8


-rw-r--r--crypto/src/crypto/tls/TlsDHKeyExchange.cs8


-rw-r--r--crypto/src/crypto/tls/TlsECDHKeyExchange.cs8


-rw-r--r--crypto/src/crypto/tls/TlsEccUtilities.cs8


-rw-r--r--crypto/src/crypto/tls/TlsFatalAlert.cs6


-rw-r--r--crypto/src/crypto/tls/TlsPskKeyExchange.cs5


-rw-r--r--crypto/src/crypto/tls/TlsRsaKeyExchange.cs5


-rw-r--r--crypto/src/crypto/tls/TlsRsaUtilities.cs4


-rw-r--r--crypto/src/crypto/tls/TlsSrpKeyExchange.cs13


-rw-r--r--crypto/src/crypto/tls/TlsUtilities.cs7


11 files changed, 40 insertions, 36 deletions
diff --git a/crypto/src/crypto/tls/DefaultTlsSignerCredentials.cs b/crypto/src/crypto/tls/DefaultTlsSignerCredentials.cs
index 8e609938f..ef80c4b06 100644
--- a/crypto/src/crypto/tls/DefaultTlsSignerCredentials.cs
+++ b/crypto/src/crypto/tls/DefaultTlsSignerCredentials.cs
@@ -76,9 +76,9 @@ namespace Org.BouncyCastle.Crypto.Tls
                     return mSigner.GenerateRawSignature(mPrivateKey, hash);
                 }
             }
-            catch (CryptoException)
+            catch (CryptoException e)
             {
-                throw new TlsFatalAlert(AlertDescription.internal_error);
+                throw new TlsFatalAlert(AlertDescription.internal_error, e);
             }
         }
 
diff --git a/crypto/src/crypto/tls/TlsAeadCipher.cs b/crypto/src/crypto/tls/TlsAeadCipher.cs
index e66f92317..951e8663b 100644
--- a/crypto/src/crypto/tls/TlsAeadCipher.cs
+++ b/crypto/src/crypto/tls/TlsAeadCipher.cs
@@ -115,9 +115,9 @@ namespace Org.BouncyCastle.Crypto.Tls
                 outputPos += encryptCipher.ProcessBytes(plaintext, plaintextOffset, plaintextLength, output, outputPos);
                 outputPos += encryptCipher.DoFinal(output, outputPos);
             }
-            catch (Exception)
+            catch (Exception e)
             {
-                throw new TlsFatalAlert(AlertDescription.internal_error);
+                throw new TlsFatalAlert(AlertDescription.internal_error, e);
             }
 
             if (outputPos != output.Length)
@@ -155,9 +155,9 @@ namespace Org.BouncyCastle.Crypto.Tls
                 outputPos += decryptCipher.ProcessBytes(ciphertext, ciphertextOffset, ciphertextLength, output, outputPos);
                 outputPos += decryptCipher.DoFinal(output, outputPos);
             }
-            catch (Exception)
+            catch (Exception e)
             {
-                throw new TlsFatalAlert(AlertDescription.bad_record_mac);
+                throw new TlsFatalAlert(AlertDescription.bad_record_mac, e);
             }
 
             if (outputPos != output.Length)
diff --git a/crypto/src/crypto/tls/TlsDHKeyExchange.cs b/crypto/src/crypto/tls/TlsDHKeyExchange.cs
index 272e38143..ddc6a4527 100644
--- a/crypto/src/crypto/tls/TlsDHKeyExchange.cs
+++ b/crypto/src/crypto/tls/TlsDHKeyExchange.cs
@@ -60,9 +60,9 @@ namespace Org.BouncyCastle.Crypto.Tls
             {
                 this.serverPublicKey = PublicKeyFactory.CreateKey(keyInfo);
             }
-            catch (Exception)
+            catch (Exception e)
             {
-                throw new TlsFatalAlert(AlertDescription.unsupported_certificate);
+                throw new TlsFatalAlert(AlertDescription.unsupported_certificate, e);
             }
 
             if (tlsSigner == null)
@@ -71,9 +71,9 @@ namespace Org.BouncyCastle.Crypto.Tls
                 {
                     this.dhAgreeServerPublicKey = ValidateDHPublicKey((DHPublicKeyParameters)this.serverPublicKey);
                 }
-                catch (InvalidCastException)
+                catch (InvalidCastException e)
                 {
-                    throw new TlsFatalAlert(AlertDescription.certificate_unknown);
+                    throw new TlsFatalAlert(AlertDescription.certificate_unknown, e);
                 }
 
                 TlsUtilities.ValidateKeyUsage(x509Cert, KeyUsage.KeyAgreement);
diff --git a/crypto/src/crypto/tls/TlsECDHKeyExchange.cs b/crypto/src/crypto/tls/TlsECDHKeyExchange.cs
index b02d5a4fd..c4780eaaa 100644
--- a/crypto/src/crypto/tls/TlsECDHKeyExchange.cs
+++ b/crypto/src/crypto/tls/TlsECDHKeyExchange.cs
@@ -63,9 +63,9 @@ namespace Org.BouncyCastle.Crypto.Tls
             {
                 this.serverPublicKey = PublicKeyFactory.CreateKey(keyInfo);
             }
-            catch (Exception)
+            catch (Exception e)
             {
-                throw new TlsFatalAlert(AlertDescription.unsupported_certificate);
+                throw new TlsFatalAlert(AlertDescription.unsupported_certificate, e);
             }
 
             if (tlsSigner == null)
@@ -74,9 +74,9 @@ namespace Org.BouncyCastle.Crypto.Tls
                 {
                     this.ecAgreeServerPublicKey = ValidateECPublicKey((ECPublicKeyParameters)this.serverPublicKey);
                 }
-                catch (InvalidCastException)
+                catch (InvalidCastException e)
                 {
-                    throw new TlsFatalAlert(AlertDescription.certificate_unknown);
+                    throw new TlsFatalAlert(AlertDescription.certificate_unknown, e);
                 }
 
                 TlsUtilities.ValidateKeyUsage(x509Cert, KeyUsage.KeyAgreement);
diff --git a/crypto/src/crypto/tls/TlsEccUtilities.cs b/crypto/src/crypto/tls/TlsEccUtilities.cs
index fd3145305..9bbfa844e 100644
--- a/crypto/src/crypto/tls/TlsEccUtilities.cs
+++ b/crypto/src/crypto/tls/TlsEccUtilities.cs
@@ -389,9 +389,9 @@ namespace Org.BouncyCastle.Crypto.Tls
                 ECPoint Y = DeserializeECPoint(ecPointFormats, curve_params.Curve, encoding);
                 return new ECPublicKeyParameters(Y, curve_params);
             }
-            catch (Exception)
+            catch (Exception e)
             {
-                throw new TlsFatalAlert(AlertDescription.illegal_parameter);
+                throw new TlsFatalAlert(AlertDescription.illegal_parameter, e);
             }
         }
 
@@ -531,9 +531,9 @@ namespace Org.BouncyCastle.Crypto.Tls
                     throw new TlsFatalAlert(AlertDescription.illegal_parameter);
                 }
             }
-            catch (Exception)
+            catch (Exception e)
             {
-                throw new TlsFatalAlert(AlertDescription.illegal_parameter);
+                throw new TlsFatalAlert(AlertDescription.illegal_parameter, e);
             }
         }
 
diff --git a/crypto/src/crypto/tls/TlsFatalAlert.cs b/crypto/src/crypto/tls/TlsFatalAlert.cs
index 4fb2a41bd..0c7ed88d9 100644
--- a/crypto/src/crypto/tls/TlsFatalAlert.cs
+++ b/crypto/src/crypto/tls/TlsFatalAlert.cs
@@ -9,6 +9,12 @@ namespace Org.BouncyCastle.Crypto.Tls
         private readonly byte alertDescription;
 
         public TlsFatalAlert(byte alertDescription)
+            : this(alertDescription, null)
+        {
+        }
+
+        public TlsFatalAlert(byte alertDescription, Exception alertCause)
+            :   base("Fatal alert: " + alertDescription, alertCause)
         {
             this.alertDescription = alertDescription;
         }
diff --git a/crypto/src/crypto/tls/TlsPskKeyExchange.cs b/crypto/src/crypto/tls/TlsPskKeyExchange.cs
index 4a5cb4ead..24bf433dd 100644
--- a/crypto/src/crypto/tls/TlsPskKeyExchange.cs
+++ b/crypto/src/crypto/tls/TlsPskKeyExchange.cs
@@ -64,10 +64,9 @@ namespace Org.BouncyCastle.Crypto.Tls
             {
                 this.serverPublicKey = PublicKeyFactory.CreateKey(keyInfo);
             }
-            //			catch (RuntimeException)
-            catch (Exception)
+            catch (Exception e)
             {
-                throw new TlsFatalAlert(AlertDescription.unsupported_certificate);
+                throw new TlsFatalAlert(AlertDescription.unsupported_certificate, e);
             }
 
             // Sanity check the PublicKeyFactory
diff --git a/crypto/src/crypto/tls/TlsRsaKeyExchange.cs b/crypto/src/crypto/tls/TlsRsaKeyExchange.cs
index 0a9fbc67d..160afa5c9 100644
--- a/crypto/src/crypto/tls/TlsRsaKeyExchange.cs
+++ b/crypto/src/crypto/tls/TlsRsaKeyExchange.cs
@@ -44,10 +44,9 @@ namespace Org.BouncyCastle.Crypto.Tls
             {
                 this.serverPublicKey = PublicKeyFactory.CreateKey(keyInfo);
             }
-//			catch (RuntimeException)
-            catch (Exception)
+            catch (Exception e)
             {
-                throw new TlsFatalAlert(AlertDescription.unsupported_certificate);
+                throw new TlsFatalAlert(AlertDescription.unsupported_certificate, e);
             }
 
             // Sanity check the PublicKeyFactory
diff --git a/crypto/src/crypto/tls/TlsRsaUtilities.cs b/crypto/src/crypto/tls/TlsRsaUtilities.cs
index de56ffc4d..0e42c1733 100644
--- a/crypto/src/crypto/tls/TlsRsaUtilities.cs
+++ b/crypto/src/crypto/tls/TlsRsaUtilities.cs
@@ -39,12 +39,12 @@ namespace Org.BouncyCastle.Crypto.Tls
                     TlsUtilities.WriteOpaque16(encryptedPreMasterSecret, output);
                 }
             }
-            catch (InvalidCipherTextException)
+            catch (InvalidCipherTextException e)
             {
                 /*
                  * This should never happen, only during decryption.
                  */
-                throw new TlsFatalAlert(AlertDescription.internal_error);
+                throw new TlsFatalAlert(AlertDescription.internal_error, e);
             }
 
             return premasterSecret;
diff --git a/crypto/src/crypto/tls/TlsSrpKeyExchange.cs b/crypto/src/crypto/tls/TlsSrpKeyExchange.cs
index 46e0e02b2..ff1bdac86 100644
--- a/crypto/src/crypto/tls/TlsSrpKeyExchange.cs
+++ b/crypto/src/crypto/tls/TlsSrpKeyExchange.cs
@@ -79,10 +79,9 @@ namespace Org.BouncyCastle.Crypto.Tls
             {
                 this.serverPublicKey = PublicKeyFactory.CreateKey(keyInfo);
             }
-//			catch (RuntimeException)
-            catch (Exception)
+            catch (Exception e)
             {
-                throw new TlsFatalAlert(AlertDescription.unsupported_certificate);
+                throw new TlsFatalAlert(AlertDescription.unsupported_certificate, e);
             }
 
             if (!tlsSigner.IsValidPublicKey(this.serverPublicKey))
@@ -149,9 +148,9 @@ namespace Org.BouncyCastle.Crypto.Tls
             {
                 this.B = Srp6Utilities.ValidatePublicValue(N, new BigInteger(1, BBytes));
             }
-            catch (CryptoException)
+            catch (CryptoException e)
             {
-                throw new TlsFatalAlert(AlertDescription.illegal_parameter);
+                throw new TlsFatalAlert(AlertDescription.illegal_parameter, e);
             }
 
             this.srpClient.Init(N, g, new Sha1Digest(), context.SecureRandom);
@@ -186,9 +185,9 @@ namespace Org.BouncyCastle.Crypto.Tls
                 // TODO Check if this needs to be a fixed size
                 return BigIntegers.AsUnsignedByteArray(srpClient.CalculateSecret(B));
             }
-            catch (CryptoException)
+            catch (CryptoException e)
             {
-                throw new TlsFatalAlert(AlertDescription.illegal_parameter);
+                throw new TlsFatalAlert(AlertDescription.illegal_parameter, e);
             }
         }
 
diff --git a/crypto/src/crypto/tls/TlsUtilities.cs b/crypto/src/crypto/tls/TlsUtilities.cs
index bd5362e5b..33d10dcd0 100644
--- a/crypto/src/crypto/tls/TlsUtilities.cs
+++ b/crypto/src/crypto/tls/TlsUtilities.cs
@@ -1016,12 +1016,13 @@ namespace Org.BouncyCastle.Crypto.Tls
                 }
 
                 // TODO Add support for ClientCertificateType.*_fixed_*
+
+                throw new TlsFatalAlert(AlertDescription.unsupported_certificate);
             }
-            catch (Exception)
+            catch (Exception e)
             {
+                throw new TlsFatalAlert(AlertDescription.unsupported_certificate, e);
             }
-
-            throw new TlsFatalAlert(AlertDescription.unsupported_certificate);
         }
 
         internal static void TrackHashAlgorithms(TlsHandshakeHash handshakeHash, IList supportedSignatureAlgorithms)

 

generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-11-09 23:25:02 +0000