summary refs log tree commit diff
path: root/crypto/src/tls/DigitallySigned.cs
diff options
context:
space:
mode:
authorPeter Dettman <peter.dettman@bouncycastle.org>2021-07-12 15:15:36 +0700
committerPeter Dettman <peter.dettman@bouncycastle.org>2021-07-12 15:15:36 +0700
commit68c795fe81277f73aeb90d8ad4c6f4305f32c906 (patch)
tree59643344aafef91bbd4c4a3a7973deba3d837a00 /crypto/src/tls/DigitallySigned.cs
parentTLS test tweaks (diff)
downloadBouncyCastle.NET-ed25519-68c795fe81277f73aeb90d8ad4c6f4305f32c906.tar.xz
Port of new TLS API from bc-java
Diffstat (limited to 'crypto/src/tls/DigitallySigned.cs')
-rw-r--r--crypto/src/tls/DigitallySigned.cs62
1 files changed, 62 insertions, 0 deletions
diff --git a/crypto/src/tls/DigitallySigned.cs b/crypto/src/tls/DigitallySigned.cs
new file mode 100644
index 000000000..e977b350b
--- /dev/null
+++ b/crypto/src/tls/DigitallySigned.cs
@@ -0,0 +1,62 @@
+using System;
+using System.IO;
+
+namespace Org.BouncyCastle.Tls
+{
+    public sealed class DigitallySigned
+    {
+        private readonly SignatureAndHashAlgorithm algorithm;
+        private readonly byte[] signature;
+
+        public DigitallySigned(SignatureAndHashAlgorithm algorithm, byte[] signature)
+        {
+            if (signature == null)
+                throw new ArgumentNullException("signature");
+
+            this.algorithm = algorithm;
+            this.signature = signature;
+        }
+
+        /// <returns>a <see cref="SignatureAndHashAlgorithm"/> (or null before TLS 1.2).</returns>
+        public SignatureAndHashAlgorithm Algorithm
+        {
+            get { return algorithm; }
+        }
+
+        public byte[] Signature
+        {
+            get { return signature; }
+        }
+
+        /// <summary>Encode this <see cref="DigitallySigned"/> to a <see cref="Stream"/>.</summary>
+        /// <param name="output">the <see cref="Stream"/> to encode to.</param>
+        /// <exception cref="IOException"/>
+        public void Encode(Stream output)
+        {
+            if (algorithm != null)
+            {
+                algorithm.Encode(output);
+            }
+            TlsUtilities.WriteOpaque16(signature, output);
+        }
+
+        /// <summary>Parse a <see cref="DigitallySigned"/> from a <see cref="Stream"/>.</summary>
+        /// <param name="context">the <see cref="TlsContext"/> of the current connection.</param>
+        /// <param name="input">the <see cref="Stream"/> to parse from.</param>
+        /// <returns>a <see cref="DigitallySigned"/> object.</returns>
+        /// <exception cref="IOException"/>
+        public static DigitallySigned Parse(TlsContext context, Stream input)
+        {
+            SignatureAndHashAlgorithm algorithm = null;
+            if (TlsUtilities.IsTlsV12(context))
+            {
+                algorithm = SignatureAndHashAlgorithm.Parse(input);
+
+                if (SignatureAlgorithm.anonymous == algorithm.Signature)
+                    throw new TlsFatalAlert(AlertDescription.illegal_parameter);
+            }
+            byte[] signature = TlsUtilities.ReadOpaque16(input);
+            return new DigitallySigned(algorithm, signature);
+        }
+    }
+}