diff options
| author | Peter Dettman <peter.dettman@bouncycastle.org> | 2021-07-12 15:15:36 +0700 |
|---|---|---|
| committer | Peter Dettman <peter.dettman@bouncycastle.org> | 2021-07-12 15:15:36 +0700 |
| commit | 68c795fe81277f73aeb90d8ad4c6f4305f32c906 (patch) | |
| tree | 59643344aafef91bbd4c4a3a7973deba3d837a00 /crypto/src/tls/SimulatedTlsSrpIdentityManager.cs | |
| parent | TLS test tweaks (diff) | |
| download | BouncyCastle.NET-ed25519-68c795fe81277f73aeb90d8ad4c6f4305f32c906.tar.xz | |
Port of new TLS API from bc-java
Diffstat (limited to 'crypto/src/tls/SimulatedTlsSrpIdentityManager.cs')
| -rw-r--r-- | crypto/src/tls/SimulatedTlsSrpIdentityManager.cs | 69 |
1 files changed, 69 insertions, 0 deletions
diff --git a/crypto/src/tls/SimulatedTlsSrpIdentityManager.cs b/crypto/src/tls/SimulatedTlsSrpIdentityManager.cs new file mode 100644 index 000000000..904bdae6d --- /dev/null +++ b/crypto/src/tls/SimulatedTlsSrpIdentityManager.cs @@ -0,0 +1,69 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Tls.Crypto; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Tls +{ + /// <summary>An implementation of <see cref="TlsSrpIdentityManager"/> that simulates the existence of "unknown" + /// identities to obscure the fact that there is no verifier for them.</summary> + public class SimulatedTlsSrpIdentityManager + : TlsSrpIdentityManager + { + private static readonly byte[] PrefixPassword = Strings.ToByteArray("password"); + private static readonly byte[] PrefixSalt = Strings.ToByteArray("salt"); + + /// <summary>Create a <see cref="SimulatedTlsSrpIdentityManager"/> that implements the algorithm from RFC 5054 + /// 2.5.1.3.</summary> + /// <param name="crypto"><see cref="TlsCrypto"/></param> + /// <param name="group">the <see cref="Srp6Group"/> defining the group that SRP is operating in.</param> + /// <param name="seedKey">the secret "seed key" referred to in RFC 5054 2.5.1.3.</param> + /// <returns>an instance of <see cref="SimulatedTlsSrpIdentityManager"/>.</returns> + /// <exception cref="IOException"/> + public static SimulatedTlsSrpIdentityManager GetRfc5054Default(TlsCrypto crypto, Srp6Group group, byte[] seedKey) + { + TlsMac mac = crypto.CreateHmac(MacAlgorithm.hmac_sha1); + + mac.SetKey(seedKey, 0, seedKey.Length); + + TlsSrpConfig srpConfig = new TlsSrpConfig(); + + srpConfig.SetExplicitNG(new BigInteger[]{ group.N, group.G }); + + return new SimulatedTlsSrpIdentityManager(group, crypto.CreateSrp6VerifierGenerator(srpConfig), mac); + } + + protected readonly Srp6Group m_group; + protected readonly TlsSrp6VerifierGenerator m_verifierGenerator; + protected readonly TlsMac m_mac; + + public SimulatedTlsSrpIdentityManager(Srp6Group group, TlsSrp6VerifierGenerator verifierGenerator, TlsMac mac) + { + this.m_group = group; + this.m_verifierGenerator = verifierGenerator; + this.m_mac = mac; + } + + public virtual TlsSrpLoginParameters GetLoginParameters(byte[] identity) + { + m_mac.Update(PrefixSalt, 0, PrefixSalt.Length); + m_mac.Update(identity, 0, identity.Length); + + byte[] salt = m_mac.CalculateMac(); + + m_mac.Update(PrefixPassword, 0, PrefixPassword.Length); + m_mac.Update(identity, 0, identity.Length); + + byte[] password = m_mac.CalculateMac(); + + BigInteger verifier = m_verifierGenerator.GenerateVerifier(salt, identity, password); + + TlsSrpConfig srpConfig = new TlsSrpConfig(); + srpConfig.SetExplicitNG(new BigInteger[]{ m_group.N, m_group.G }); + + return new TlsSrpLoginParameters(identity, srpConfig, verifier, salt); + } + } +} |