Port of new TLS API from bc-java

author: Peter Dettman <peter.dettman@bouncycastle.org> 2021-07-12 15:15:36 +0700
committer: Peter Dettman <peter.dettman@bouncycastle.org> 2021-07-12 15:15:36 +0700
commit: 68c795fe81277f73aeb90d8ad4c6f4305f32c906 (patch)
tree: 59643344aafef91bbd4c4a3a7973deba3d837a00 /crypto/src/tls/DefaultTlsCredentialedSigner.cs
parent: TLS test tweaks (diff)
download: BouncyCastle.NET-ed25519-68c795fe81277f73aeb90d8ad4c6f4305f32c906.tar.xz
1 files changed, 66 insertions, 0 deletions
diff --git a/crypto/src/tls/DefaultTlsCredentialedSigner.cs b/crypto/src/tls/DefaultTlsCredentialedSigner.cs
new file mode 100644
index 000000000..64bc30a8e
--- /dev/null
+++ b/crypto/src/tls/DefaultTlsCredentialedSigner.cs
@@ -0,0 +1,66 @@
+using System;
+
+using Org.BouncyCastle.Tls.Crypto;
+using Org.BouncyCastle.Tls.Crypto.Impl;
+
+namespace Org.BouncyCastle.Tls
+{
+    /// <summary>Container class for generating signatures that carries the signature type, parameters, public key
+    /// certificate and public key's associated signer object.</summary>
+    public class DefaultTlsCredentialedSigner
+        : TlsCredentialedSigner
+    {
+        protected readonly TlsCryptoParameters m_cryptoParams;
+        protected readonly Certificate m_certificate;
+        protected readonly SignatureAndHashAlgorithm m_signatureAndHashAlgorithm;
+        protected readonly TlsSigner m_signer;
+
+        public DefaultTlsCredentialedSigner(TlsCryptoParameters cryptoParams, TlsSigner signer,
+            Certificate certificate, SignatureAndHashAlgorithm signatureAndHashAlgorithm)
+        {
+            if (certificate == null)
+                throw new ArgumentNullException("certificate");
+            if (certificate.IsEmpty)
+                throw new ArgumentException("cannot be empty", "certificate");
+            if (signer == null)
+                throw new ArgumentNullException("signer");
+
+            this.m_cryptoParams = cryptoParams;
+            this.m_certificate = certificate;
+            this.m_signatureAndHashAlgorithm = signatureAndHashAlgorithm;
+            this.m_signer = signer;
+        }
+
+        public virtual Certificate Certificate
+        {
+            get { return m_certificate; }
+        }
+
+        public virtual byte[] GenerateRawSignature(byte[] hash)
+        {
+            return m_signer.GenerateRawSignature(GetEffectiveAlgorithm(), hash);
+        }
+
+        public virtual SignatureAndHashAlgorithm SignatureAndHashAlgorithm
+        {
+            get { return m_signatureAndHashAlgorithm; }
+        }
+
+        public virtual TlsStreamSigner GetStreamSigner()
+        {
+            return m_signer.GetStreamSigner(GetEffectiveAlgorithm());
+        }
+
+        protected virtual SignatureAndHashAlgorithm GetEffectiveAlgorithm()
+        {
+            SignatureAndHashAlgorithm algorithm = null;
+            if (TlsImplUtilities.IsTlsV12(m_cryptoParams))
+            {
+                algorithm = SignatureAndHashAlgorithm;
+                if (algorithm == null)
+                    throw new InvalidOperationException("'signatureAndHashAlgorithm' cannot be null for (D)TLS 1.2+");
+            }
+            return algorithm;
+        }
+    }
+}
author	Peter Dettman <peter.dettman@bouncycastle.org>	2021-07-12 15:15:36 +0700
committer	Peter Dettman <peter.dettman@bouncycastle.org>	2021-07-12 15:15:36 +0700
commit	68c795fe81277f73aeb90d8ad4c6f4305f32c906 (patch)
tree	59643344aafef91bbd4c4a3a7973deba3d837a00 /crypto/src/tls/DefaultTlsCredentialedSigner.cs
parent	TLS test tweaks (diff)
download	BouncyCastle.NET-ed25519-68c795fe81277f73aeb90d8ad4c6f4305f32c906.tar.xz