diff options
author | Peter Dettman <peter.dettman@bouncycastle.org> | 2021-07-12 15:15:36 +0700 |
---|---|---|
committer | Peter Dettman <peter.dettman@bouncycastle.org> | 2021-07-12 15:15:36 +0700 |
commit | 68c795fe81277f73aeb90d8ad4c6f4305f32c906 (patch) | |
tree | 59643344aafef91bbd4c4a3a7973deba3d837a00 /crypto/src/tls/DefaultTlsCredentialedSigner.cs | |
parent | TLS test tweaks (diff) | |
download | BouncyCastle.NET-ed25519-68c795fe81277f73aeb90d8ad4c6f4305f32c906.tar.xz |
Port of new TLS API from bc-java
Diffstat (limited to 'crypto/src/tls/DefaultTlsCredentialedSigner.cs')
-rw-r--r-- | crypto/src/tls/DefaultTlsCredentialedSigner.cs | 66 |
1 files changed, 66 insertions, 0 deletions
diff --git a/crypto/src/tls/DefaultTlsCredentialedSigner.cs b/crypto/src/tls/DefaultTlsCredentialedSigner.cs new file mode 100644 index 000000000..64bc30a8e --- /dev/null +++ b/crypto/src/tls/DefaultTlsCredentialedSigner.cs @@ -0,0 +1,66 @@ +using System; + +using Org.BouncyCastle.Tls.Crypto; +using Org.BouncyCastle.Tls.Crypto.Impl; + +namespace Org.BouncyCastle.Tls +{ + /// <summary>Container class for generating signatures that carries the signature type, parameters, public key + /// certificate and public key's associated signer object.</summary> + public class DefaultTlsCredentialedSigner + : TlsCredentialedSigner + { + protected readonly TlsCryptoParameters m_cryptoParams; + protected readonly Certificate m_certificate; + protected readonly SignatureAndHashAlgorithm m_signatureAndHashAlgorithm; + protected readonly TlsSigner m_signer; + + public DefaultTlsCredentialedSigner(TlsCryptoParameters cryptoParams, TlsSigner signer, + Certificate certificate, SignatureAndHashAlgorithm signatureAndHashAlgorithm) + { + if (certificate == null) + throw new ArgumentNullException("certificate"); + if (certificate.IsEmpty) + throw new ArgumentException("cannot be empty", "certificate"); + if (signer == null) + throw new ArgumentNullException("signer"); + + this.m_cryptoParams = cryptoParams; + this.m_certificate = certificate; + this.m_signatureAndHashAlgorithm = signatureAndHashAlgorithm; + this.m_signer = signer; + } + + public virtual Certificate Certificate + { + get { return m_certificate; } + } + + public virtual byte[] GenerateRawSignature(byte[] hash) + { + return m_signer.GenerateRawSignature(GetEffectiveAlgorithm(), hash); + } + + public virtual SignatureAndHashAlgorithm SignatureAndHashAlgorithm + { + get { return m_signatureAndHashAlgorithm; } + } + + public virtual TlsStreamSigner GetStreamSigner() + { + return m_signer.GetStreamSigner(GetEffectiveAlgorithm()); + } + + protected virtual SignatureAndHashAlgorithm GetEffectiveAlgorithm() + { + SignatureAndHashAlgorithm algorithm = null; + if (TlsImplUtilities.IsTlsV12(m_cryptoParams)) + { + algorithm = SignatureAndHashAlgorithm; + if (algorithm == null) + throw new InvalidOperationException("'signatureAndHashAlgorithm' cannot be null for (D)TLS 1.2+"); + } + return algorithm; + } + } +} |