diff --git a/crypto/src/tls/AbstractTlsClient.cs b/crypto/src/tls/AbstractTlsClient.cs
index d5e1925a8..cf4e1d565 100644
--- a/crypto/src/tls/AbstractTlsClient.cs
+++ b/crypto/src/tls/AbstractTlsClient.cs
@@ -1,7 +1,8 @@
using System;
-using System.Collections;
+using System.Collections.Generic;
using System.IO;
+using Org.BouncyCastle.Asn1.X509;
using Org.BouncyCastle.Tls.Crypto;
using Org.BouncyCastle.Utilities;
@@ -15,9 +16,9 @@ namespace Org.BouncyCastle.Tls
protected ProtocolVersion[] m_protocolVersions;
protected int[] m_cipherSuites;
- protected IList m_supportedGroups;
- protected IList m_supportedSignatureAlgorithms;
- protected IList m_supportedSignatureAlgorithmsCert;
+ protected IList<int> m_supportedGroups;
+ protected IList<SignatureAndHashAlgorithm> m_supportedSignatureAlgorithms;
+ protected IList<SignatureAndHashAlgorithm> m_supportedSignatureAlgorithmsCert;
protected AbstractTlsClient(TlsCrypto crypto)
: base(crypto)
@@ -52,14 +53,14 @@ namespace Org.BouncyCastle.Tls
}
}
- protected virtual IList GetNamedGroupRoles()
+ protected virtual IList<int> GetNamedGroupRoles()
{
- IList namedGroupRoles = TlsUtilities.GetNamedGroupRoles(GetCipherSuites());
- IList sigAlgs = m_supportedSignatureAlgorithms, sigAlgsCert = m_supportedSignatureAlgorithmsCert;
+ var namedGroupRoles = TlsUtilities.GetNamedGroupRoles(GetCipherSuites());
+ var sigAlgs = m_supportedSignatureAlgorithms;
+ var sigAlgsCert = m_supportedSignatureAlgorithmsCert;
- if ((null == sigAlgs || TlsUtilities.ContainsAnySignatureAlgorithm(sigAlgs, SignatureAlgorithm.ecdsa))
- || (null != sigAlgsCert
- && TlsUtilities.ContainsAnySignatureAlgorithm(sigAlgsCert, SignatureAlgorithm.ecdsa)))
+ if ((null == sigAlgs || TlsUtilities.ContainsAnySignatureAlgorithm(sigAlgs, SignatureAlgorithm.ecdsa)) ||
+ (null != sigAlgsCert && TlsUtilities.ContainsAnySignatureAlgorithm(sigAlgsCert, SignatureAlgorithm.ecdsa)))
{
TlsUtilities.AddToSet(namedGroupRoles, NamedGroupRole.ecdsa);
}
@@ -68,7 +69,8 @@ namespace Org.BouncyCastle.Tls
}
/// <exception cref="IOException"/>
- protected virtual void CheckForUnexpectedServerExtension(IDictionary serverExtensions, int extensionType)
+ protected virtual void CheckForUnexpectedServerExtension(IDictionary<int, byte[]> serverExtensions,
+ int extensionType)
{
byte[] extensionData = TlsUtilities.GetExtensionData(serverExtensions, extensionType);
if (extensionData != null && !AllowUnexpectedServerExtension(extensionType, extensionData))
@@ -97,12 +99,12 @@ namespace Org.BouncyCastle.Tls
return new DefaultTlsSrpConfigVerifier();
}
- protected virtual IList GetCertificateAuthorities()
+ protected virtual IList<X509Name> GetCertificateAuthorities()
{
return null;
}
- protected virtual IList GetProtocolNames()
+ protected virtual IList<ProtocolName> GetProtocolNames()
{
return null;
}
@@ -113,12 +115,12 @@ namespace Org.BouncyCastle.Tls
}
/// <returns>an <see cref="IList"/> of <see cref="CertificateStatusRequestItemV2"/> (or null).</returns>
- protected virtual IList GetMultiCertStatusRequest()
+ protected virtual IList<CertificateStatusRequestItemV2> GetMultiCertStatusRequest()
{
return null;
}
- protected virtual IList GetSniServerNames()
+ protected virtual IList<ServerName> GetSniServerNames()
{
return null;
}
@@ -130,10 +132,10 @@ namespace Org.BouncyCastle.Tls
/// algorithms.</param>
/// <returns>an <see cref="IList"/> of <see cref="Int32"/>. See <see cref="NamedGroup"/> for group constants.
/// </returns>
- protected virtual IList GetSupportedGroups(IList namedGroupRoles)
+ protected virtual IList<int> GetSupportedGroups(IList<int> namedGroupRoles)
{
TlsCrypto crypto = Crypto;
- IList supportedGroups = Platform.CreateArrayList();
+ var supportedGroups = new List<int>();
if (namedGroupRoles.Contains(NamedGroupRole.ecdh))
{
@@ -157,17 +159,17 @@ namespace Org.BouncyCastle.Tls
return supportedGroups;
}
- protected virtual IList GetSupportedSignatureAlgorithms()
+ protected virtual IList<SignatureAndHashAlgorithm> GetSupportedSignatureAlgorithms()
{
return TlsUtilities.GetDefaultSupportedSignatureAlgorithms(m_context);
}
- protected virtual IList GetSupportedSignatureAlgorithmsCert()
+ protected virtual IList<SignatureAndHashAlgorithm> GetSupportedSignatureAlgorithmsCert()
{
return null;
}
- protected virtual IList GetTrustedCAIndication()
+ protected virtual IList<TrustedAuthority> GetTrustedCAIndication()
{
return null;
}
@@ -205,7 +207,7 @@ namespace Org.BouncyCastle.Tls
return null;
}
- public virtual IList GetExternalPsks()
+ public virtual IList<TlsPskExternal> GetExternalPsks()
{
return null;
}
@@ -221,9 +223,9 @@ namespace Org.BouncyCastle.Tls
}
/// <exception cref="IOException"/>
- public virtual IDictionary GetClientExtensions()
+ public virtual IDictionary<int, byte[]> GetClientExtensions()
{
- IDictionary clientExtensions = Platform.CreateHashtable();
+ var clientExtensions = new Dictionary<int, byte[]>();
bool offeringTlsV13Plus = false;
bool offeringPreTlsV13 = false;
@@ -242,13 +244,13 @@ namespace Org.BouncyCastle.Tls
}
}
- IList protocolNames = GetProtocolNames();
+ var protocolNames = GetProtocolNames();
if (protocolNames != null)
{
TlsExtensionsUtilities.AddAlpnExtensionClient(clientExtensions, protocolNames);
}
- IList sniServerNames = GetSniServerNames();
+ var sniServerNames = GetSniServerNames();
if (sniServerNames != null)
{
TlsExtensionsUtilities.AddServerNameExtensionClient(clientExtensions, sniServerNames);
@@ -262,7 +264,7 @@ namespace Org.BouncyCastle.Tls
if (offeringTlsV13Plus)
{
- IList certificateAuthorities = GetCertificateAuthorities();
+ var certificateAuthorities = GetCertificateAuthorities();
if (certificateAuthorities != null)
{
TlsExtensionsUtilities.AddCertificateAuthoritiesExtension(clientExtensions, certificateAuthorities);
@@ -274,13 +276,13 @@ namespace Org.BouncyCastle.Tls
// TODO Shouldn't add if no offered cipher suite uses a block cipher?
TlsExtensionsUtilities.AddEncryptThenMacExtension(clientExtensions);
- IList statusRequestV2 = GetMultiCertStatusRequest();
+ var statusRequestV2 = GetMultiCertStatusRequest();
if (statusRequestV2 != null)
{
TlsExtensionsUtilities.AddStatusRequestV2Extension(clientExtensions, statusRequestV2);
}
- IList trustedCAKeys = GetTrustedCAIndication();
+ var trustedCAKeys = GetTrustedCAIndication();
if (trustedCAKeys != null)
{
TlsExtensionsUtilities.AddTrustedCAKeysExtensionClient(clientExtensions, trustedCAKeys);
@@ -295,7 +297,7 @@ namespace Org.BouncyCastle.Tls
*/
if (TlsUtilities.IsSignatureAlgorithmsExtensionAllowed(clientVersion))
{
- IList supportedSigAlgs = GetSupportedSignatureAlgorithms();
+ var supportedSigAlgs = GetSupportedSignatureAlgorithms();
if (null != supportedSigAlgs && supportedSigAlgs.Count > 0)
{
this.m_supportedSignatureAlgorithms = supportedSigAlgs;
@@ -303,7 +305,7 @@ namespace Org.BouncyCastle.Tls
TlsExtensionsUtilities.AddSignatureAlgorithmsExtension(clientExtensions, supportedSigAlgs);
}
- IList supportedSigAlgsCert = GetSupportedSignatureAlgorithmsCert();
+ var supportedSigAlgsCert = GetSupportedSignatureAlgorithmsCert();
if (null != supportedSigAlgsCert && supportedSigAlgsCert.Count > 0)
{
this.m_supportedSignatureAlgorithmsCert = supportedSigAlgsCert;
@@ -312,9 +314,9 @@ namespace Org.BouncyCastle.Tls
}
}
- IList namedGroupRoles = GetNamedGroupRoles();
+ var namedGroupRoles = GetNamedGroupRoles();
- IList supportedGroups = GetSupportedGroups(namedGroupRoles);
+ var supportedGroups = GetSupportedGroups(namedGroupRoles);
if (supportedGroups != null && supportedGroups.Count > 0)
{
this.m_supportedGroups = supportedGroups;
@@ -335,7 +337,7 @@ namespace Org.BouncyCastle.Tls
return clientExtensions;
}
- public virtual IList GetEarlyKeyShareGroups()
+ public virtual IList<int> GetEarlyKeyShareGroups()
{
/*
* RFC 8446 4.2.8. Each KeyShareEntry value MUST correspond to a group offered in the
@@ -379,7 +381,7 @@ namespace Org.BouncyCastle.Tls
}
/// <exception cref="IOException"/>
- public virtual void ProcessServerExtensions(IDictionary serverExtensions)
+ public virtual void ProcessServerExtensions(IDictionary<int, byte[]> serverExtensions)
{
if (null == serverExtensions)
return;
@@ -423,7 +425,7 @@ namespace Org.BouncyCastle.Tls
}
/// <exception cref="IOException"/>
- public virtual void ProcessServerSupplementalData(IList serverSupplementalData)
+ public virtual void ProcessServerSupplementalData(IList<SupplementalDataEntry> serverSupplementalData)
{
if (serverSupplementalData != null)
throw new TlsFatalAlert(AlertDescription.unexpected_message);
@@ -432,7 +434,7 @@ namespace Org.BouncyCastle.Tls
public abstract TlsAuthentication GetAuthentication();
/// <exception cref="IOException"/>
- public virtual IList GetClientSupplementalData()
+ public virtual IList<SupplementalDataEntry> GetClientSupplementalData()
{
return null;
}
diff --git a/crypto/src/tls/AbstractTlsServer.cs b/crypto/src/tls/AbstractTlsServer.cs
index f12233326..a41bc4710 100644
--- a/crypto/src/tls/AbstractTlsServer.cs
+++ b/crypto/src/tls/AbstractTlsServer.cs
@@ -1,5 +1,5 @@
using System;
-using System.Collections;
+using System.Collections.Generic;
using System.IO;
using Org.BouncyCastle.Tls.Crypto;
@@ -16,21 +16,21 @@ namespace Org.BouncyCastle.Tls
protected int[] m_cipherSuites;
protected int[] m_offeredCipherSuites;
- protected IDictionary m_clientExtensions;
+ protected IDictionary<int, byte[]> m_clientExtensions;
protected bool m_encryptThenMACOffered;
protected short m_maxFragmentLengthOffered;
protected bool m_truncatedHMacOffered;
protected bool m_clientSentECPointFormats;
protected CertificateStatusRequest m_certificateStatusRequest;
- protected IList m_statusRequestV2;
- protected IList m_trustedCAKeys;
+ protected IList<CertificateStatusRequestItemV2> m_statusRequestV2;
+ protected IList<TrustedAuthority> m_trustedCAKeys;
protected int m_selectedCipherSuite;
- protected IList m_clientProtocolNames;
+ protected IList<ProtocolName> m_clientProtocolNames;
protected ProtocolName m_selectedProtocolName;
- protected readonly IDictionary m_serverExtensions = Platform.CreateHashtable();
+ protected readonly IDictionary<int, byte[]> m_serverExtensions = new Dictionary<int, byte[]>();
public AbstractTlsServer(TlsCrypto crypto)
: base(crypto)
@@ -99,13 +99,13 @@ namespace Org.BouncyCastle.Tls
return maxBits;
}
- protected virtual IList GetProtocolNames()
+ protected virtual IList<ProtocolName> GetProtocolNames()
{
return null;
}
protected virtual bool IsSelectableCipherSuite(int cipherSuite, int availCurveBits, int availFiniteFieldBits,
- IList sigAlgs)
+ IList<short> sigAlgs)
{
// TODO[tls13] The version check should be separated out (eventually select ciphersuite before version)
return TlsUtilities.IsValidVersionForCipherSuite(cipherSuite, m_context.ServerVersion)
@@ -180,7 +180,7 @@ namespace Org.BouncyCastle.Tls
protected virtual ProtocolName SelectProtocolName()
{
- IList serverProtocolNames = GetProtocolNames();
+ IList<ProtocolName> serverProtocolNames = GetProtocolNames();
if (null == serverProtocolNames || serverProtocolNames.Count < 1)
return null;
@@ -191,7 +191,8 @@ namespace Org.BouncyCastle.Tls
return result;
}
- protected virtual ProtocolName SelectProtocolName(IList clientProtocolNames, IList serverProtocolNames)
+ protected virtual ProtocolName SelectProtocolName(IList<ProtocolName> clientProtocolNames,
+ IList<ProtocolName> serverProtocolNames)
{
foreach (ProtocolName serverProtocolName in serverProtocolNames)
{
@@ -250,7 +251,7 @@ namespace Org.BouncyCastle.Tls
return null;
}
- public virtual TlsPskExternal GetExternalPsk(IList identities)
+ public virtual TlsPskExternal GetExternalPsk(IList<PskIdentity> identities)
{
return null;
}
@@ -302,7 +303,7 @@ namespace Org.BouncyCastle.Tls
this.m_offeredCipherSuites = offeredCipherSuites;
}
- public virtual void ProcessClientExtensions(IDictionary clientExtensions)
+ public virtual void ProcessClientExtensions(IDictionary<int, byte[]> clientExtensions)
{
this.m_clientExtensions = clientExtensions;
@@ -382,7 +383,7 @@ namespace Org.BouncyCastle.Tls
* somewhat inelegant but is a compromise designed to minimize changes to the original
* cipher suite design.
*/
- IList sigAlgs = TlsUtilities.GetUsableSignatureAlgorithms(securityParameters.ClientSigAlgs);
+ var sigAlgs = TlsUtilities.GetUsableSignatureAlgorithms(securityParameters.ClientSigAlgs);
/*
* RFC 4429 5.1. A server that receives a ClientHello containing one or both of these
@@ -412,7 +413,7 @@ namespace Org.BouncyCastle.Tls
}
// IDictionary is (Int32 -> byte[])
- public virtual IDictionary GetServerExtensions()
+ public virtual IDictionary<int, byte[]> GetServerExtensions()
{
bool isTlsV13 = TlsUtilities.IsTlsV13(m_context);
@@ -493,7 +494,7 @@ namespace Org.BouncyCastle.Tls
return m_serverExtensions;
}
- public virtual void GetServerExtensionsForConnection(IDictionary serverExtensions)
+ public virtual void GetServerExtensionsForConnection(IDictionary<int, byte[]> serverExtensions)
{
if (!ShouldSelectProtocolNameEarly())
{
@@ -518,7 +519,7 @@ namespace Org.BouncyCastle.Tls
}
}
- public virtual IList GetServerSupplementalData()
+ public virtual IList<SupplementalDataEntry> GetServerSupplementalData()
{
return null;
}
@@ -559,7 +560,7 @@ namespace Org.BouncyCastle.Tls
return TlsEccUtilities.CreateNamedECConfig(m_context, namedGroup);
}
- public virtual void ProcessClientSupplementalData(IList clientSupplementalData)
+ public virtual void ProcessClientSupplementalData(IList<SupplementalDataEntry> clientSupplementalData)
{
if (clientSupplementalData != null)
throw new TlsFatalAlert(AlertDescription.unexpected_message);
diff --git a/crypto/src/tls/Certificate.cs b/crypto/src/tls/Certificate.cs
index fef35fc1e..c7f08b2aa 100644
--- a/crypto/src/tls/Certificate.cs
+++ b/crypto/src/tls/Certificate.cs
@@ -1,9 +1,8 @@
using System;
-using System.Collections;
+using System.Collections.Generic;
using System.IO;
using Org.BouncyCastle.Tls.Crypto;
-using Org.BouncyCastle.Utilities;
namespace Org.BouncyCastle.Tls
{
@@ -137,8 +136,8 @@ namespace Org.BouncyCastle.Tls
}
int count = m_certificateEntryList.Length;
- IList certEncodings = Platform.CreateArrayList(count);
- IList extEncodings = isTlsV13 ? Platform.CreateArrayList(count) : null;
+ var certEncodings = new List<byte[]>(count);
+ var extEncodings = isTlsV13 ? new List<byte[]>(count) : null;
long totalLength = 0;
for (int i = 0; i < count; ++i)
@@ -158,7 +157,7 @@ namespace Org.BouncyCastle.Tls
if (isTlsV13)
{
- IDictionary extensions = entry.Extensions;
+ var extensions = entry.Extensions;
byte[] extEncoding = (null == extensions)
? TlsUtilities.EmptyBytes
: TlsProtocol.WriteExtensionsData(extensions);
@@ -174,13 +173,11 @@ namespace Org.BouncyCastle.Tls
for (int i = 0; i < count; ++i)
{
- byte[] certEncoding = (byte[])certEncodings[i];
- TlsUtilities.WriteOpaque24(certEncoding, messageOutput);
+ TlsUtilities.WriteOpaque24(certEncodings[i], messageOutput);
if (isTlsV13)
{
- byte[] extEncoding = (byte[])extEncodings[i];
- TlsUtilities.WriteOpaque16(extEncoding, messageOutput);
+ TlsUtilities.WriteOpaque16(extEncodings[i], messageOutput);
}
}
}
@@ -219,7 +216,7 @@ namespace Org.BouncyCastle.Tls
TlsCrypto crypto = context.Crypto;
int maxChainLength = System.Math.Max(1, options.MaxChainLength);
- IList certificate_list = Platform.CreateArrayList();
+ var certificate_list = new List<CertificateEntry>();
while (buf.Position < buf.Length)
{
if (certificate_list.Count >= maxChainLength)
@@ -236,7 +233,7 @@ namespace Org.BouncyCastle.Tls
CalculateEndPointHash(context, cert, derEncoding, endPointHashOutput);
}
- IDictionary extensions = null;
+ IDictionary<int, byte[]> extensions = null;
if (isTlsV13)
{
byte[] extEncoding = TlsUtilities.ReadOpaque16(buf);
diff --git a/crypto/src/tls/CertificateEntry.cs b/crypto/src/tls/CertificateEntry.cs
index b88677536..78bc4d3b9 100644
--- a/crypto/src/tls/CertificateEntry.cs
+++ b/crypto/src/tls/CertificateEntry.cs
@@ -1,5 +1,5 @@
using System;
-using System.Collections;
+using System.Collections.Generic;
using Org.BouncyCastle.Tls.Crypto;
@@ -8,9 +8,9 @@ namespace Org.BouncyCastle.Tls
public sealed class CertificateEntry
{
private readonly TlsCertificate m_certificate;
- private readonly IDictionary m_extensions;
+ private readonly IDictionary<int, byte[]> m_extensions;
- public CertificateEntry(TlsCertificate certificate, IDictionary extensions)
+ public CertificateEntry(TlsCertificate certificate, IDictionary<int, byte[]> extensions)
{
if (null == certificate)
throw new ArgumentNullException("certificate");
@@ -24,7 +24,7 @@ namespace Org.BouncyCastle.Tls
get { return m_certificate; }
}
- public IDictionary Extensions
+ public IDictionary<int, byte[]> Extensions
{
get { return m_extensions; }
}
diff --git a/crypto/src/tls/CertificateRequest.cs b/crypto/src/tls/CertificateRequest.cs
index 8005731f4..d2bbe57c1 100644
--- a/crypto/src/tls/CertificateRequest.cs
+++ b/crypto/src/tls/CertificateRequest.cs
@@ -1,5 +1,5 @@
using System;
-using System.Collections;
+using System.Collections.Generic;
using System.IO;
using Org.BouncyCastle.Asn1;
@@ -37,8 +37,8 @@ namespace Org.BouncyCastle.Tls
public sealed class CertificateRequest
{
/// <exception cref="IOException"/>
- private static IList CheckSupportedSignatureAlgorithms(IList supportedSignatureAlgorithms,
- short alertDescription)
+ private static IList<SignatureAndHashAlgorithm> CheckSupportedSignatureAlgorithms(
+ IList<SignatureAndHashAlgorithm> supportedSignatureAlgorithms, short alertDescription)
{
if (null == supportedSignatureAlgorithms)
throw new TlsFatalAlert(alertDescription, "'signature_algorithms' is required");
@@ -48,25 +48,26 @@ namespace Org.BouncyCastle.Tls
private readonly byte[] m_certificateRequestContext;
private readonly short[] m_certificateTypes;
- private readonly IList m_supportedSignatureAlgorithms;
- private readonly IList m_supportedSignatureAlgorithmsCert;
- private readonly IList m_certificateAuthorities;
+ private readonly IList<SignatureAndHashAlgorithm> m_supportedSignatureAlgorithms;
+ private readonly IList<SignatureAndHashAlgorithm> m_supportedSignatureAlgorithmsCert;
+ private readonly IList<X509Name> m_certificateAuthorities;
/// <param name="certificateTypes">see <see cref="ClientCertificateType"/> for valid constants.</param>
/// <param name="supportedSignatureAlgorithms"></param>
/// <param name="certificateAuthorities">an <see cref="IList"/> of <see cref="X509Name"/>.</param>
- public CertificateRequest(short[] certificateTypes, IList supportedSignatureAlgorithms,
- IList certificateAuthorities)
+ public CertificateRequest(short[] certificateTypes,
+ IList<SignatureAndHashAlgorithm> supportedSignatureAlgorithms, IList<X509Name> certificateAuthorities)
: this(null, certificateTypes, supportedSignatureAlgorithms, null, certificateAuthorities)
{
}
// TODO[tls13] Prefer to manage the certificateRequestContext internally only?
/// <exception cref="IOException"/>
- public CertificateRequest(byte[] certificateRequestContext, IList supportedSignatureAlgorithms,
- IList supportedSignatureAlgorithmsCert, IList certificateAuthorities)
+ public CertificateRequest(byte[] certificateRequestContext,
+ IList<SignatureAndHashAlgorithm> supportedSignatureAlgorithms,
+ IList<SignatureAndHashAlgorithm> supportedSignatureAlgorithmsCert, IList<X509Name> certificateAuthorities)
: this(certificateRequestContext, null,
- CheckSupportedSignatureAlgorithms(supportedSignatureAlgorithms, AlertDescription.internal_error),
+ CheckSupportedSignatureAlgorithms(supportedSignatureAlgorithms, AlertDescription.internal_error),
supportedSignatureAlgorithmsCert, certificateAuthorities)
{
/*
@@ -77,7 +78,8 @@ namespace Org.BouncyCastle.Tls
}
private CertificateRequest(byte[] certificateRequestContext, short[] certificateTypes,
- IList supportedSignatureAlgorithms, IList supportedSignatureAlgorithmsCert, IList certificateAuthorities)
+ IList<SignatureAndHashAlgorithm> supportedSignatureAlgorithms,
+ IList<SignatureAndHashAlgorithm> supportedSignatureAlgorithmsCert, IList<X509Name> certificateAuthorities)
{
if (null != certificateRequestContext && !TlsUtilities.IsValidUint8(certificateRequestContext.Length))
throw new ArgumentException("cannot be longer than 255", "certificateRequestContext");
@@ -108,20 +110,20 @@ namespace Org.BouncyCastle.Tls
/// <returns>an <see cref="IList"/> of <see cref="SignatureAndHashAlgorithm"/> (or null before TLS 1.2).
/// </returns>
- public IList SupportedSignatureAlgorithms
+ public IList<SignatureAndHashAlgorithm> SupportedSignatureAlgorithms
{
get { return m_supportedSignatureAlgorithms; }
}
/// <returns>an optional <see cref="IList"/> of <see cref="SignatureAndHashAlgorithm"/>. May be non-null from
/// TLS 1.3 onwards.</returns>
- public IList SupportedSignatureAlgorithmsCert
+ public IList<SignatureAndHashAlgorithm> SupportedSignatureAlgorithmsCert
{
get { return m_supportedSignatureAlgorithmsCert; }
}
/// <returns>an <see cref="IList"/> of <see cref="X509Name"/>.</returns>
- public IList CertificateAuthorities
+ public IList<X509Name> CertificateAuthorities
{
get { return m_certificateAuthorities; }
}
@@ -153,7 +155,7 @@ namespace Org.BouncyCastle.Tls
{
TlsUtilities.WriteOpaque8(m_certificateRequestContext, output);
- IDictionary extensions = Platform.CreateHashtable();
+ var extensions = new Dictionary<int, byte[]>();
TlsExtensionsUtilities.AddSignatureAlgorithmsExtension(extensions, m_supportedSignatureAlgorithms);
if (null != m_supportedSignatureAlgorithmsCert)
@@ -187,7 +189,7 @@ namespace Org.BouncyCastle.Tls
}
else
{
- IList derEncodings = Platform.CreateArrayList(m_certificateAuthorities.Count);
+ var derEncodings = new List<byte[]>(m_certificateAuthorities.Count);
int totalLength = 0;
foreach (X509Name certificateAuthority in m_certificateAuthorities)
@@ -229,15 +231,14 @@ namespace Org.BouncyCastle.Tls
byte[] extEncoding = TlsUtilities.ReadOpaque16(input);
- IDictionary extensions = TlsProtocol.ReadExtensionsData13(HandshakeType.certificate_request,
- extEncoding);
+ var extensions = TlsProtocol.ReadExtensionsData13(HandshakeType.certificate_request, extEncoding);
- IList supportedSignatureAlgorithms13 = CheckSupportedSignatureAlgorithms(
+ var supportedSignatureAlgorithms13 = CheckSupportedSignatureAlgorithms(
TlsExtensionsUtilities.GetSignatureAlgorithmsExtension(extensions),
AlertDescription.missing_extension);
- IList supportedSignatureAlgorithmsCert13 = TlsExtensionsUtilities
+ var supportedSignatureAlgorithmsCert13 = TlsExtensionsUtilities
.GetSignatureAlgorithmsCertExtension(extensions);
- IList certificateAuthorities13 = TlsExtensionsUtilities.GetCertificateAuthoritiesExtension(extensions);
+ var certificateAuthorities13 = TlsExtensionsUtilities.GetCertificateAuthoritiesExtension(extensions);
return new CertificateRequest(certificateRequestContext, supportedSignatureAlgorithms13,
supportedSignatureAlgorithmsCert13, certificateAuthorities13);
@@ -247,18 +248,18 @@ namespace Org.BouncyCastle.Tls
short[] certificateTypes = TlsUtilities.ReadUint8ArrayWithUint8Length(input, 1);
- IList supportedSignatureAlgorithms = null;
+ IList<SignatureAndHashAlgorithm> supportedSignatureAlgorithms = null;
if (isTLSv12)
{
supportedSignatureAlgorithms = TlsUtilities.ParseSupportedSignatureAlgorithms(input);
}
- IList certificateAuthorities = null;
+ IList<X509Name> certificateAuthorities = null;
{
byte[] certAuthData = TlsUtilities.ReadOpaque16(input);
if (certAuthData.Length > 0)
{
- certificateAuthorities = Platform.CreateArrayList();
+ certificateAuthorities = new List<X509Name>();
MemoryStream bis = new MemoryStream(certAuthData, false);
do
{
diff --git a/crypto/src/tls/CertificateStatus.cs b/crypto/src/tls/CertificateStatus.cs
index 11c4d4571..51f488fd6 100644
--- a/crypto/src/tls/CertificateStatus.cs
+++ b/crypto/src/tls/CertificateStatus.cs
@@ -1,5 +1,5 @@
using System;
-using System.Collections;
+using System.Collections.Generic;
using System.IO;
using Org.BouncyCastle.Asn1;
@@ -44,14 +44,14 @@ namespace Org.BouncyCastle.Tls
}
/// <summary>an <see cref="IList"/> of (possibly null) <see cref="Asn1.Ocsp.OcspResponse"/>.</summary>
- public IList OcspResponseList
+ public IList<OcspResponse> OcspResponseList
{
get
{
if (!IsCorrectType(CertificateStatusType.ocsp_multi, m_response))
throw new InvalidOperationException("'response' is not an OCSPResponseList");
- return (IList)m_response;
+ return (IList<OcspResponse>)m_response;
}
}
@@ -73,10 +73,10 @@ namespace Org.BouncyCastle.Tls
}
case CertificateStatusType.ocsp_multi:
{
- IList ocspResponseList = (IList)m_response;
+ var ocspResponseList = (IList<OcspResponse>)m_response;
int count = ocspResponseList.Count;
- IList derEncodings = Platform.CreateArrayList(count);
+ var derEncodings = new List<byte[]>(count);
long totalLength = 0;
foreach (OcspResponse ocspResponse in ocspResponseList)
{
@@ -147,7 +147,7 @@ namespace Org.BouncyCastle.Tls
byte[] ocsp_response_list = TlsUtilities.ReadOpaque24(input, 1);
MemoryStream buf = new MemoryStream(ocsp_response_list, false);
- IList ocspResponseList = Platform.CreateArrayList();
+ var ocspResponseList = new List<OcspResponse>();
while (buf.Position < buf.Length)
{
if (ocspResponseList.Count >= certificateCount)
@@ -191,20 +191,7 @@ namespace Org.BouncyCastle.Tls
private static bool IsOcspResponseList(object response)
{
- if (!(response is IList))
- return false;
-
- IList v = (IList)response;
- int count = v.Count;
- if (count < 1)
- return false;
-
- foreach (object e in v)
- {
- if (null != e && !(e is OcspResponse))
- return false;
- }
- return true;
+ return response is IList<OcspResponse> v && v.Count > 0;
}
/// <exception cref="IOException"/>
diff --git a/crypto/src/tls/CertificateUrl.cs b/crypto/src/tls/CertificateUrl.cs
index d2445772a..6629e67f9 100644
--- a/crypto/src/tls/CertificateUrl.cs
+++ b/crypto/src/tls/CertificateUrl.cs
@@ -1,5 +1,5 @@
using System;
-using System.Collections;
+using System.Collections.Generic;
using System.IO;
using Org.BouncyCastle.Utilities;
@@ -11,11 +11,11 @@ namespace Org.BouncyCastle.Tls
public sealed class CertificateUrl
{
private readonly short m_type;
- private readonly IList m_urlAndHashList;
+ private readonly IList<UrlAndHash> m_urlAndHashList;
/// <param name="type">see <see cref="CertChainType"/> for valid constants.</param>
/// <param name="urlAndHashList">an <see cref="IList"/> of <see cref="UrlAndHash"/>.</param>
- public CertificateUrl(short type, IList urlAndHashList)
+ public CertificateUrl(short type, IList<UrlAndHash> urlAndHashList)
{
if (!CertChainType.IsValid(type))
throw new ArgumentException("not a valid CertChainType value", "type");
@@ -36,7 +36,7 @@ namespace Org.BouncyCastle.Tls
}
/// <returns>an <see cref="IList"/> of <see cref="UrlAndHash"/>.</returns>
- public IList UrlAndHashList
+ public IList<UrlAndHash> UrlAndHashList
{
get { return m_urlAndHashList; }
}
@@ -75,7 +75,7 @@ namespace Org.BouncyCastle.Tls
MemoryStream buf = new MemoryStream(urlAndHashListData, false);
- IList url_and_hash_list = Platform.CreateArrayList();
+ var url_and_hash_list = new List<UrlAndHash>();
while (buf.Position < buf.Length)
{
UrlAndHash url_and_hash = UrlAndHash.Parse(context, buf);
diff --git a/crypto/src/tls/ClientHello.cs b/crypto/src/tls/ClientHello.cs
index 7f1018e89..14e8b4cde 100644
--- a/crypto/src/tls/ClientHello.cs
+++ b/crypto/src/tls/ClientHello.cs
@@ -1,5 +1,5 @@
using System;
-using System.Collections;
+using System.Collections.Generic;
using System.IO;
using Org.BouncyCastle.Utilities;
@@ -14,11 +14,11 @@ namespace Org.BouncyCastle.Tls
private readonly byte[] m_sessionID;
private readonly byte[] m_cookie;
private readonly int[] m_cipherSuites;
- private readonly IDictionary m_extensions;
+ private readonly IDictionary<int, byte[]> m_extensions;
private readonly int m_bindersSize;
public ClientHello(ProtocolVersion version, byte[] random, byte[] sessionID, byte[] cookie,
- int[] cipherSuites, IDictionary extensions, int bindersSize)
+ int[] cipherSuites, IDictionary<int, byte[]> extensions, int bindersSize)
{
this.m_version = version;
this.m_random = random;
@@ -44,7 +44,7 @@ namespace Org.BouncyCastle.Tls
get { return m_cookie; }
}
- public IDictionary Extensions
+ public IDictionary<int, byte[]> Extensions
{
get { return m_extensions; }
}
@@ -161,7 +161,7 @@ namespace Org.BouncyCastle.Tls
* NOTE: Can't use TlsProtocol.ReadExtensions directly because TeeInputStream a) won't have
* 'Length' or 'Position' properties in the FIPS provider, b) isn't a MemoryStream.
*/
- IDictionary extensions = null;
+ IDictionary<int, byte[]> extensions = null;
if (messageInput.Position < messageInput.Length)
{
byte[] extBytes = TlsUtilities.ReadOpaque16(input);
diff --git a/crypto/src/tls/DefaultTlsDHGroupVerifier.cs b/crypto/src/tls/DefaultTlsDHGroupVerifier.cs
index 8b9cf2e0f..9aa3a23b4 100644
--- a/crypto/src/tls/DefaultTlsDHGroupVerifier.cs
+++ b/crypto/src/tls/DefaultTlsDHGroupVerifier.cs
@@ -1,9 +1,8 @@
using System;
-using System.Collections;
+using System.Collections.Generic;
using Org.BouncyCastle.Math;
using Org.BouncyCastle.Tls.Crypto;
-using Org.BouncyCastle.Utilities;
namespace Org.BouncyCastle.Tls
{
@@ -12,7 +11,7 @@ namespace Org.BouncyCastle.Tls
{
public static readonly int DefaultMinimumPrimeBits = 2048;
- private static readonly IList DefaultGroups = Platform.CreateArrayList();
+ private static readonly List<DHGroup> DefaultGroups = new List<DHGroup>();
private static void AddDefaultGroup(DHGroup dhGroup)
{
@@ -41,7 +40,7 @@ namespace Org.BouncyCastle.Tls
}
// IList is (DHGroup)
- protected readonly IList m_groups;
+ protected readonly IList<DHGroup> m_groups;
protected readonly int m_minimumPrimeBits;
/// <summary>Accept named groups and various standard DH groups with 'P' at least
@@ -63,9 +62,9 @@ namespace Org.BouncyCastle.Tls
/// </summary>
/// <param name="groups">a <see cref="IList">list</see> of acceptable <see cref="DHGroup"/>s.</param>
/// <param name="minimumPrimeBits">the minimum bitlength of 'P'.</param>
- public DefaultTlsDHGroupVerifier(IList groups, int minimumPrimeBits)
+ public DefaultTlsDHGroupVerifier(IList<DHGroup> groups, int minimumPrimeBits)
{
- this.m_groups = Platform.CreateArrayList(groups);
+ this.m_groups = new List<DHGroup>(groups);
this.m_minimumPrimeBits = minimumPrimeBits;
}
diff --git a/crypto/src/tls/DefaultTlsSrpConfigVerifier.cs b/crypto/src/tls/DefaultTlsSrpConfigVerifier.cs
index 781249829..30b107ed2 100644
--- a/crypto/src/tls/DefaultTlsSrpConfigVerifier.cs
+++ b/crypto/src/tls/DefaultTlsSrpConfigVerifier.cs
@@ -1,16 +1,15 @@
using System;
-using System.Collections;
+using System.Collections.Generic;
using Org.BouncyCastle.Math;
using Org.BouncyCastle.Tls.Crypto;
-using Org.BouncyCastle.Utilities;
namespace Org.BouncyCastle.Tls
{
public class DefaultTlsSrpConfigVerifier
: TlsSrpConfigVerifier
{
- private static readonly IList DefaultGroups = Platform.CreateArrayList();
+ private static readonly List<Srp6Group> DefaultGroups = new List<Srp6Group>();
static DefaultTlsSrpConfigVerifier()
{
@@ -24,7 +23,7 @@ namespace Org.BouncyCastle.Tls
}
// IList is (SRP6Group)
- protected readonly IList m_groups;
+ protected readonly IList<Srp6Group> m_groups;
/// <summary>Accept only the group parameters specified in RFC 5054 Appendix A.</summary>
public DefaultTlsSrpConfigVerifier()
@@ -34,9 +33,9 @@ namespace Org.BouncyCastle.Tls
/// <summary>Specify a custom set of acceptable group parameters.</summary>
/// <param name="groups">an <see cref="IList"/> of acceptable <see cref="Srp6Group"/>.</param>
- public DefaultTlsSrpConfigVerifier(IList groups)
+ public DefaultTlsSrpConfigVerifier(IList<Srp6Group> groups)
{
- this.m_groups = Platform.CreateArrayList(groups);
+ this.m_groups = new List<Srp6Group>(groups);
}
public virtual bool Accept(TlsSrpConfig srpConfig)
diff --git a/crypto/src/tls/DeferredHash.cs b/crypto/src/tls/DeferredHash.cs
index ac66c8f0c..82f7899a5 100644
--- a/crypto/src/tls/DeferredHash.cs
+++ b/crypto/src/tls/DeferredHash.cs
@@ -1,9 +1,8 @@
using System;
-using System.Collections;
+using System.Collections.Generic;
using System.IO;
using Org.BouncyCastle.Tls.Crypto;
-using Org.BouncyCastle.Utilities;
namespace Org.BouncyCastle.Tls
{
@@ -16,7 +15,7 @@ namespace Org.BouncyCastle.Tls
private readonly TlsContext m_context;
private DigestInputBuffer m_buf;
- private IDictionary m_hashes;
+ private IDictionary<int, TlsHash> m_hashes;
private bool m_forceBuffering;
private bool m_sealed;
@@ -24,7 +23,7 @@ namespace Org.BouncyCastle.Tls
{
this.m_context = context;
this.m_buf = new DigestInputBuffer();
- this.m_hashes = Platform.CreateHashtable();
+ this.m_hashes = new Dictionary<int, TlsHash>();
this.m_forceBuffering = false;
this.m_sealed = false;
}
@@ -91,7 +90,7 @@ namespace Org.BouncyCastle.Tls
{
SecurityParameters securityParameters = m_context.SecurityParameters;
- IDictionary newHashes = Platform.CreateHashtable();
+ IDictionary<int, TlsHash> newHashes = new Dictionary<int, TlsHash>();
switch (securityParameters.PrfAlgorithm)
{
case PrfAlgorithm.ssl_prf_legacy:
@@ -148,8 +147,7 @@ namespace Org.BouncyCastle.Tls
public byte[] GetFinalHash(int cryptoHashAlgorithm)
{
- TlsHash hash = (TlsHash)m_hashes[cryptoHashAlgorithm];
- if (hash == null)
+ if (!m_hashes.TryGetValue(cryptoHashAlgorithm, out var hash))
throw new InvalidOperationException("CryptoHashAlgorithm." + cryptoHashAlgorithm
+ " is not being tracked");
@@ -217,7 +215,7 @@ namespace Org.BouncyCastle.Tls
private void CheckTrackingHash(int cryptoHashAlgorithm)
{
- if (!m_hashes.Contains(cryptoHashAlgorithm))
+ if (!m_hashes.ContainsKey(cryptoHashAlgorithm))
{
TlsHash hash = m_context.Crypto.CreateHash(cryptoHashAlgorithm);
m_hashes[cryptoHashAlgorithm] = hash;
@@ -226,10 +224,10 @@ namespace Org.BouncyCastle.Tls
private TlsHash CloneHash(int cryptoHashAlgorithm)
{
- return ((TlsHash)m_hashes[cryptoHashAlgorithm]).CloneHash();
+ return m_hashes[cryptoHashAlgorithm].CloneHash();
}
- private void CloneHash(IDictionary newHashes, int cryptoHashAlgorithm)
+ private void CloneHash(IDictionary<int, TlsHash> newHashes, int cryptoHashAlgorithm)
{
TlsHash hash = CloneHash(cryptoHashAlgorithm);
if (m_buf != null)
diff --git a/crypto/src/tls/DtlsClientProtocol.cs b/crypto/src/tls/DtlsClientProtocol.cs
index fd71a07ed..3e3aab662 100644
--- a/crypto/src/tls/DtlsClientProtocol.cs
+++ b/crypto/src/tls/DtlsClientProtocol.cs
@@ -1,5 +1,5 @@
using System;
-using System.Collections;
+using System.Collections.Generic;
using System.IO;
using Org.BouncyCastle.Tls.Crypto;
@@ -307,7 +307,7 @@ namespace Org.BouncyCastle.Tls
state.keyExchange.ProcessClientCredentials(clientAuthCredentials);
}
- IList clientSupplementalData = state.client.GetClientSupplementalData();
+ var clientSupplementalData = state.client.GetClientSupplementalData();
if (clientSupplementalData != null)
{
byte[] supplementalDataBody = GenerateSupplementalData(clientSupplementalData);
@@ -838,8 +838,8 @@ namespace Org.BouncyCastle.Tls
- IDictionary sessionClientExtensions = state.clientExtensions,
- sessionServerExtensions = state.serverExtensions;
+ var sessionClientExtensions = state.clientExtensions;
+ var sessionServerExtensions = state.serverExtensions;
if (state.resumedSession)
{
@@ -914,7 +914,7 @@ namespace Org.BouncyCastle.Tls
protected virtual void ProcessServerSupplementalData(ClientHandshakeState state, byte[] body)
{
MemoryStream buf = new MemoryStream(body, false);
- IList serverSupplementalData = TlsProtocol.ReadSupplementalDataMessage(buf);
+ var serverSupplementalData = TlsProtocol.ReadSupplementalDataMessage(buf);
state.client.ProcessServerSupplementalData(serverSupplementalData);
}
@@ -970,11 +970,11 @@ namespace Org.BouncyCastle.Tls
internal TlsSecret sessionMasterSecret = null;
internal SessionParameters.Builder sessionParametersBuilder = null;
internal int[] offeredCipherSuites = null;
- internal IDictionary clientExtensions = null;
- internal IDictionary serverExtensions = null;
+ internal IDictionary<int, byte[]> clientExtensions = null;
+ internal IDictionary<int, byte[]> serverExtensions = null;
internal bool resumedSession = false;
internal bool expectSessionTicket = false;
- internal IDictionary clientAgreements = null;
+ internal IDictionary<int, TlsAgreement> clientAgreements = null;
internal TlsKeyExchange keyExchange = null;
internal TlsAuthentication authentication = null;
internal CertificateStatus certificateStatus = null;
diff --git a/crypto/src/tls/DtlsProtocol.cs b/crypto/src/tls/DtlsProtocol.cs
index f0f42f968..3d72bca9f 100644
--- a/crypto/src/tls/DtlsProtocol.cs
+++ b/crypto/src/tls/DtlsProtocol.cs
@@ -1,5 +1,5 @@
using System;
-using System.Collections;
+using System.Collections.Generic;
using System.IO;
using Org.BouncyCastle.Utilities;
@@ -39,8 +39,9 @@ namespace Org.BouncyCastle.Tls
}
/// <exception cref="IOException"/>
- internal static short EvaluateMaxFragmentLengthExtension(bool resumedSession, IDictionary clientExtensions,
- IDictionary serverExtensions, short alertDescription)
+ internal static short EvaluateMaxFragmentLengthExtension(bool resumedSession,
+ IDictionary<int, byte[]> clientExtensions, IDictionary<int, byte[]> serverExtensions,
+ short alertDescription)
{
short maxFragmentLength = TlsExtensionsUtilities.GetMaxFragmentLengthExtension(serverExtensions);
if (maxFragmentLength >= 0)
@@ -64,7 +65,7 @@ namespace Org.BouncyCastle.Tls
}
/// <exception cref="IOException"/>
- internal static byte[] GenerateSupplementalData(IList supplementalData)
+ internal static byte[] GenerateSupplementalData(IList<SupplementalDataEntry> supplementalData)
{
MemoryStream buf = new MemoryStream();
TlsProtocol.WriteSupplementalData(buf, supplementalData);
diff --git a/crypto/src/tls/DtlsReassembler.cs b/crypto/src/tls/DtlsReassembler.cs
index 964c8eb84..f53295eb1 100644
--- a/crypto/src/tls/DtlsReassembler.cs
+++ b/crypto/src/tls/DtlsReassembler.cs
@@ -1,7 +1,5 @@
using System;
-using System.Collections;
-
-using Org.BouncyCastle.Utilities;
+using System.Collections.Generic;
namespace Org.BouncyCastle.Tls
{
@@ -10,7 +8,7 @@ namespace Org.BouncyCastle.Tls
private readonly short m_msg_type;
private readonly byte[] m_body;
- private readonly IList m_missing = Platform.CreateArrayList();
+ private readonly List<Range> m_missing = new List<Range>();
internal DtlsReassembler(short msg_type, int length)
{
diff --git a/crypto/src/tls/DtlsReliableHandshake.cs b/crypto/src/tls/DtlsReliableHandshake.cs
index 7581e4766..1d35cf2ce 100644
--- a/crypto/src/tls/DtlsReliableHandshake.cs
+++ b/crypto/src/tls/DtlsReliableHandshake.cs
@@ -1,5 +1,5 @@
using System;
-using System.Collections;
+using System.Collections.Generic;
using System.IO;
using Org.BouncyCastle.Utilities;
@@ -82,9 +82,9 @@ namespace Org.BouncyCastle.Tls
private TlsHandshakeHash m_handshakeHash;
- private IDictionary m_currentInboundFlight = Platform.CreateHashtable();
- private IDictionary m_previousInboundFlight = null;
- private IList m_outboundFlight = Platform.CreateArrayList();
+ private IDictionary<int, DtlsReassembler> m_currentInboundFlight = new Dictionary<int, DtlsReassembler>();
+ private IDictionary<int, DtlsReassembler> m_previousInboundFlight = null;
+ private IList<Message> m_outboundFlight = new List<Message>();
private int m_resendMillis = -1;
private Timeout m_resendTimeout = null;
@@ -124,9 +124,9 @@ namespace Org.BouncyCastle.Tls
internal void ResetAfterHelloVerifyRequestClient()
{
- this.m_currentInboundFlight = Platform.CreateHashtable();
+ this.m_currentInboundFlight = new Dictionary<int, DtlsReassembler>();
this.m_previousInboundFlight = null;
- this.m_outboundFlight = Platform.CreateArrayList();
+ this.m_outboundFlight = new List<Message>();
this.m_resendMillis = -1;
this.m_resendTimeout = null;
@@ -280,8 +280,7 @@ namespace Org.BouncyCastle.Tls
/// <exception cref="IOException"/>
private Message GetPendingMessage()
{
- DtlsReassembler next = (DtlsReassembler)m_currentInboundFlight[m_next_receive_seq];
- if (next != null)
+ if (m_currentInboundFlight.TryGetValue(m_next_receive_seq, out var next))
{
byte[] body = next.GetBodyIfComplete();
if (body != null)
@@ -303,7 +302,7 @@ namespace Org.BouncyCastle.Tls
m_resendMillis = INITIAL_RESEND_MILLIS;
m_resendTimeout = new Timeout(m_resendMillis, currentTimeMillis);
- PrepareInboundFlight(Platform.CreateHashtable());
+ PrepareInboundFlight(new Dictionary<int, DtlsReassembler>());
}
byte[] buf = null;
@@ -349,7 +348,7 @@ namespace Org.BouncyCastle.Tls
}
}
- private void PrepareInboundFlight(IDictionary nextFlight)
+ private void PrepareInboundFlight(IDictionary<int, DtlsReassembler> nextFlight)
{
ResetAll(m_currentInboundFlight);
m_previousInboundFlight = m_currentInboundFlight;
@@ -395,8 +394,7 @@ namespace Org.BouncyCastle.Tls
}
else if (message_seq >= m_next_receive_seq)
{
- DtlsReassembler reassembler = (DtlsReassembler)m_currentInboundFlight[message_seq];
- if (reassembler == null)
+ if (!m_currentInboundFlight.TryGetValue(message_seq, out var reassembler))
{
reassembler = new DtlsReassembler(msg_type, length);
m_currentInboundFlight[message_seq] = reassembler;
@@ -412,8 +410,7 @@ namespace Org.BouncyCastle.Tls
* retransmit our last flight
*/
- DtlsReassembler reassembler = (DtlsReassembler)m_previousInboundFlight[message_seq];
- if (reassembler != null)
+ if (m_previousInboundFlight.TryGetValue(message_seq, out var reassembler))
{
reassembler.ContributeFragment(msg_type, length, buf, off + MESSAGE_HEADER_LENGTH,
fragment_offset, fragment_length);
@@ -485,7 +482,7 @@ namespace Org.BouncyCastle.Tls
fragment.SendToRecordLayer(m_recordLayer);
}
- private static bool CheckAll(IDictionary inboundFlight)
+ private static bool CheckAll(IDictionary<int, DtlsReassembler> inboundFlight)
{
foreach (DtlsReassembler r in inboundFlight.Values)
{
@@ -495,7 +492,7 @@ namespace Org.BouncyCastle.Tls
return true;
}
- private static void ResetAll(IDictionary inboundFlight)
+ private static void ResetAll(IDictionary<int, DtlsReassembler> inboundFlight)
{
foreach (DtlsReassembler r in inboundFlight.Values)
{
diff --git a/crypto/src/tls/DtlsServerProtocol.cs b/crypto/src/tls/DtlsServerProtocol.cs
index b01c6e34f..51e013290 100644
--- a/crypto/src/tls/DtlsServerProtocol.cs
+++ b/crypto/src/tls/DtlsServerProtocol.cs
@@ -1,5 +1,5 @@
using System;
-using System.Collections;
+using System.Collections.Generic;
using System.IO;
using Org.BouncyCastle.Tls.Crypto;
@@ -147,7 +147,7 @@ namespace Org.BouncyCastle.Tls
handshake.HandshakeHash.NotifyPrfDetermined();
- IList serverSupplementalData = state.server.GetServerSupplementalData();
+ var serverSupplementalData = state.server.GetServerSupplementalData();
if (serverSupplementalData != null)
{
byte[] supplementalDataBody = GenerateSupplementalData(serverSupplementalData);
@@ -829,7 +829,7 @@ namespace Org.BouncyCastle.Tls
protected virtual void ProcessClientSupplementalData(ServerHandshakeState state, byte[] body)
{
MemoryStream buf = new MemoryStream(body, false);
- IList clientSupplementalData = TlsProtocol.ReadSupplementalDataMessage(buf);
+ var clientSupplementalData = TlsProtocol.ReadSupplementalDataMessage(buf);
state.server.ProcessClientSupplementalData(clientSupplementalData);
}
@@ -853,8 +853,8 @@ namespace Org.BouncyCastle.Tls
internal TlsSecret sessionMasterSecret = null;
internal SessionParameters.Builder sessionParametersBuilder = null;
internal int[] offeredCipherSuites = null;
- internal IDictionary clientExtensions = null;
- internal IDictionary serverExtensions = null;
+ internal IDictionary<int, byte[]> clientExtensions = null;
+ internal IDictionary<int, byte[]> serverExtensions = null;
internal bool offeredExtendedMasterSecret = false;
internal bool resumedSession = false;
internal bool expectSessionTicket = false;
diff --git a/crypto/src/tls/OcspStatusRequest.cs b/crypto/src/tls/OcspStatusRequest.cs
index 8679022ec..00728f64e 100644
--- a/crypto/src/tls/OcspStatusRequest.cs
+++ b/crypto/src/tls/OcspStatusRequest.cs
@@ -1,11 +1,10 @@
using System;
-using System.Collections;
+using System.Collections.Generic;
using System.IO;
using Org.BouncyCastle.Asn1;
using Org.BouncyCastle.Asn1.Ocsp;
using Org.BouncyCastle.Asn1.X509;
-using Org.BouncyCastle.Utilities;
using Org.BouncyCastle.Utilities.IO;
namespace Org.BouncyCastle.Tls
@@ -13,7 +12,7 @@ namespace Org.BouncyCastle.Tls
/// <summary>RFC 3546 3.6</summary>
public sealed class OcspStatusRequest
{
- private readonly IList m_responderIDList;
+ private readonly IList<ResponderID> m_responderIDList;
private readonly X509Extensions m_requestExtensions;
/// <param name="responderIDList">an <see cref="IList"/> of <see cref="ResponderID"/>, specifying the list of
@@ -21,14 +20,14 @@ namespace Org.BouncyCastle.Tls
/// the server - e.g., by prior arrangement.</param>
/// <param name="requestExtensions">OCSP request extensions. A null value means that there are no extensions.
/// </param>
- public OcspStatusRequest(IList responderIDList, X509Extensions requestExtensions)
+ public OcspStatusRequest(IList<ResponderID> responderIDList, X509Extensions requestExtensions)
{
this.m_responderIDList = responderIDList;
this.m_requestExtensions = requestExtensions;
}
/// <returns>an <see cref="IList"/> of <see cref="ResponderID"/>.</returns>
- public IList ResponderIDList
+ public IList<ResponderID> ResponderIDList
{
get { return m_responderIDList; }
}
@@ -80,7 +79,7 @@ namespace Org.BouncyCastle.Tls
/// <exception cref="IOException"/>
public static OcspStatusRequest Parse(Stream input)
{
- IList responderIDList = Platform.CreateArrayList();
+ var responderIDList = new List<ResponderID>();
{
byte[] data = TlsUtilities.ReadOpaque16(input);
if (data.Length > 0)
diff --git a/crypto/src/tls/OfferedPsks.cs b/crypto/src/tls/OfferedPsks.cs
index 1cc8a2a68..d2860fff6 100644
--- a/crypto/src/tls/OfferedPsks.cs
+++ b/crypto/src/tls/OfferedPsks.cs
@@ -1,5 +1,5 @@
using System;
-using System.Collections;
+using System.Collections.Generic;
using System.IO;
using Org.BouncyCastle.Tls.Crypto;
@@ -42,16 +42,16 @@ namespace Org.BouncyCastle.Tls
}
}
- private readonly IList m_identities;
- private readonly IList m_binders;
+ private readonly IList<PskIdentity> m_identities;
+ private readonly IList<byte[]> m_binders;
private readonly int m_bindersSize;
- public OfferedPsks(IList identities)
+ public OfferedPsks(IList<PskIdentity> identities)
: this(identities, null, -1)
{
}
- private OfferedPsks(IList identities, IList binders, int bindersSize)
+ private OfferedPsks(IList<PskIdentity> identities, IList<byte[]> binders, int bindersSize)
{
if (null == identities || identities.Count < 1)
throw new ArgumentException("cannot be null or empty", "identities");
@@ -65,7 +65,7 @@ namespace Org.BouncyCastle.Tls
this.m_bindersSize = bindersSize;
}
- public IList Binders
+ public IList<byte[]> Binders
{
get { return m_binders; }
}
@@ -75,7 +75,7 @@ namespace Org.BouncyCastle.Tls
get { return m_bindersSize; }
}
- public IList Identities
+ public IList<PskIdentity> Identities
{
get { return m_identities; }
}
@@ -186,7 +186,7 @@ namespace Org.BouncyCastle.Tls
/// <exception cref="IOException"/>
public static OfferedPsks Parse(Stream input)
{
- IList identities = Platform.CreateArrayList();
+ var identities = new List<PskIdentity>();
{
int totalLengthIdentities = TlsUtilities.ReadUint16(input);
if (totalLengthIdentities < 7)
@@ -202,7 +202,7 @@ namespace Org.BouncyCastle.Tls
while (buf.Position < buf.Length);
}
- IList binders = Platform.CreateArrayList();
+ var binders = new List<byte[]>();
int totalLengthBinders = TlsUtilities.ReadUint16(input);
{
if (totalLengthBinders < 33)
diff --git a/crypto/src/tls/ProtocolVersion.cs b/crypto/src/tls/ProtocolVersion.cs
index f516aed2a..e9c08e8cd 100644
--- a/crypto/src/tls/ProtocolVersion.cs
+++ b/crypto/src/tls/ProtocolVersion.cs
@@ -1,5 +1,5 @@
using System;
-using System.Collections;
+using System.Collections.Generic;
using Org.BouncyCastle.Utilities;
@@ -169,7 +169,7 @@ namespace Org.BouncyCastle.Tls
if (!IsEqualOrLaterVersionOf(min))
throw new ArgumentException("must be an equal or earlier version of this one", "min");
- IList result = Platform.CreateArrayList();
+ var result = new List<ProtocolVersion>();
result.Add(this);
ProtocolVersion current = this;
@@ -179,12 +179,7 @@ namespace Org.BouncyCastle.Tls
result.Add(current);
}
- ProtocolVersion[] versions = new ProtocolVersion[result.Count];
- for (int i = 0; i < result.Count; ++i)
- {
- versions[i] = (ProtocolVersion)result[i];
- }
- return versions;
+ return result.ToArray();
}
public int FullVersion
diff --git a/crypto/src/tls/SecurityParameters.cs b/crypto/src/tls/SecurityParameters.cs
index 548e4a4ca..0681401eb 100644
--- a/crypto/src/tls/SecurityParameters.cs
+++ b/crypto/src/tls/SecurityParameters.cs
@@ -1,5 +1,5 @@
using System;
-using System.Collections;
+using System.Collections.Generic;
using Org.BouncyCastle.Tls.Crypto;
@@ -39,12 +39,12 @@ namespace Org.BouncyCastle.Tls
internal ProtocolName m_applicationProtocol = null;
internal bool m_applicationProtocolSet = false;
internal short[] m_clientCertTypes = null;
- internal IList m_clientServerNames = null;
- internal IList m_clientSigAlgs = null;
- internal IList m_clientSigAlgsCert = null;
+ internal IList<ServerName> m_clientServerNames = null;
+ internal IList<SignatureAndHashAlgorithm> m_clientSigAlgs = null;
+ internal IList<SignatureAndHashAlgorithm> m_clientSigAlgsCert = null;
internal int[] m_clientSupportedGroups = null;
- internal IList m_serverSigAlgs = null;
- internal IList m_serverSigAlgsCert = null;
+ internal IList<SignatureAndHashAlgorithm> m_serverSigAlgs = null;
+ internal IList<SignatureAndHashAlgorithm> m_serverSigAlgsCert = null;
internal int[] m_serverSupportedGroups = null;
internal int m_keyExchangeAlgorithm = -1;
internal Certificate m_localCertificate = null;
@@ -109,17 +109,17 @@ namespace Org.BouncyCastle.Tls
get { return m_clientRandom; }
}
- public IList ClientServerNames
+ public IList<ServerName> ClientServerNames
{
get { return m_clientServerNames; }
}
- public IList ClientSigAlgs
+ public IList<SignatureAndHashAlgorithm> ClientSigAlgs
{
get { return m_clientSigAlgs; }
}
- public IList ClientSigAlgsCert
+ public IList<SignatureAndHashAlgorithm> ClientSigAlgsCert
{
get { return m_clientSigAlgsCert; }
}
@@ -249,12 +249,12 @@ namespace Org.BouncyCastle.Tls
get { return m_serverRandom; }
}
- public IList ServerSigAlgs
+ public IList<SignatureAndHashAlgorithm> ServerSigAlgs
{
get { return m_serverSigAlgs; }
}
- public IList ServerSigAlgsCert
+ public IList<SignatureAndHashAlgorithm> ServerSigAlgsCert
{
get { return m_serverSigAlgsCert; }
}
diff --git a/crypto/src/tls/ServerHello.cs b/crypto/src/tls/ServerHello.cs
index 15cc09032..ca206e1fc 100644
--- a/crypto/src/tls/ServerHello.cs
+++ b/crypto/src/tls/ServerHello.cs
@@ -1,5 +1,5 @@
using System;
-using System.Collections;
+using System.Collections.Generic;
using System.IO;
using Org.BouncyCastle.Utilities;
@@ -16,15 +16,15 @@ namespace Org.BouncyCastle.Tls
private readonly byte[] m_random;
private readonly byte[] m_sessionID;
private readonly int m_cipherSuite;
- private readonly IDictionary m_extensions;
+ private readonly IDictionary<int, byte[]> m_extensions;
- public ServerHello(byte[] sessionID, int cipherSuite, IDictionary extensions)
+ public ServerHello(byte[] sessionID, int cipherSuite, IDictionary<int, byte[]> extensions)
: this(ProtocolVersion.TLSv12, Arrays.Clone(HelloRetryRequestMagic), sessionID, cipherSuite, extensions)
{
}
public ServerHello(ProtocolVersion version, byte[] random, byte[] sessionID, int cipherSuite,
- IDictionary extensions)
+ IDictionary<int, byte[]> extensions)
{
this.m_version = version;
this.m_random = random;
@@ -38,7 +38,7 @@ namespace Org.BouncyCastle.Tls
get { return m_cipherSuite; }
}
- public IDictionary Extensions
+ public IDictionary<int, byte[]> Extensions
{
get { return m_extensions; }
}
@@ -100,7 +100,7 @@ namespace Org.BouncyCastle.Tls
if (CompressionMethod.cls_null != compressionMethod)
throw new TlsFatalAlert(AlertDescription.illegal_parameter);
- IDictionary extensions = TlsProtocol.ReadExtensions(input);
+ var extensions = TlsProtocol.ReadExtensions(input);
return new ServerHello(version, random, sessionID, cipherSuite, extensions);
}
diff --git a/crypto/src/tls/ServerNameList.cs b/crypto/src/tls/ServerNameList.cs
index 915e94390..358e82a67 100644
--- a/crypto/src/tls/ServerNameList.cs
+++ b/crypto/src/tls/ServerNameList.cs
@@ -1,5 +1,5 @@
using System;
-using System.Collections;
+using System.Collections.Generic;
using System.IO;
using Org.BouncyCastle.Utilities;
@@ -9,10 +9,10 @@ namespace Org.BouncyCastle.Tls
{
public sealed class ServerNameList
{
- private readonly IList m_serverNameList;
+ private readonly IList<ServerName> m_serverNameList;
/// <param name="serverNameList">an <see cref="IList"/> of <see cref="ServerName"/>.</param>
- public ServerNameList(IList serverNameList)
+ public ServerNameList(IList<ServerName> serverNameList)
{
if (null == serverNameList)
throw new ArgumentNullException("serverNameList");
@@ -21,7 +21,7 @@ namespace Org.BouncyCastle.Tls
}
/// <returns>an <see cref="IList"/> of <see cref="ServerName"/>.</returns>
- public IList ServerNames
+ public IList<ServerName> ServerNames
{
get { return m_serverNameList; }
}
@@ -60,7 +60,7 @@ namespace Org.BouncyCastle.Tls
MemoryStream buf = new MemoryStream(data, false);
short[] nameTypesSeen = TlsUtilities.EmptyShorts;
- IList server_name_list = Platform.CreateArrayList();
+ var server_name_list = new List<ServerName>();
while (buf.Position < buf.Length)
{
ServerName entry = ServerName.Parse(buf);
diff --git a/crypto/src/tls/SessionParameters.cs b/crypto/src/tls/SessionParameters.cs
index 9a62e351c..1472c7907 100644
--- a/crypto/src/tls/SessionParameters.cs
+++ b/crypto/src/tls/SessionParameters.cs
@@ -1,5 +1,5 @@
using System;
-using System.Collections;
+using System.Collections.Generic;
using System.IO;
using Org.BouncyCastle.Tls.Crypto;
@@ -82,7 +82,7 @@ namespace Org.BouncyCastle.Tls
}
/// <exception cref="IOException"/>
- public Builder SetServerExtensions(IDictionary serverExtensions)
+ public Builder SetServerExtensions(IDictionary<int, byte[]> serverExtensions)
{
if (serverExtensions == null || serverExtensions.Count < 1)
{
@@ -179,7 +179,7 @@ namespace Org.BouncyCastle.Tls
}
/// <exception cref="IOException"/>
- public IDictionary ReadServerExtensions()
+ public IDictionary<int, byte[]> ReadServerExtensions()
{
if (m_encodedServerExtensions == null)
return null;
diff --git a/crypto/src/tls/SrpTlsClient.cs b/crypto/src/tls/SrpTlsClient.cs
index f6f6472bc..cd78dc887 100644
--- a/crypto/src/tls/SrpTlsClient.cs
+++ b/crypto/src/tls/SrpTlsClient.cs
@@ -1,5 +1,5 @@
using System;
-using System.Collections;
+using System.Collections.Generic;
using System.IO;
using Org.BouncyCastle.Tls.Crypto;
@@ -44,16 +44,16 @@ namespace Org.BouncyCastle.Tls
}
/// <exception cref="IOException"/>
- public override IDictionary GetClientExtensions()
+ public override IDictionary<int, byte[]> GetClientExtensions()
{
- IDictionary clientExtensions = TlsExtensionsUtilities.EnsureExtensionsInitialised(
+ var clientExtensions = TlsExtensionsUtilities.EnsureExtensionsInitialised(
base.GetClientExtensions());
TlsSrpUtilities.AddSrpExtension(clientExtensions, m_srpIdentity.GetSrpIdentity());
return clientExtensions;
}
/// <exception cref="IOException"/>
- public override void ProcessServerExtensions(IDictionary serverExtensions)
+ public override void ProcessServerExtensions(IDictionary<int, byte[]> serverExtensions)
{
if (!TlsUtilities.HasExpectedEmptyExtensionData(serverExtensions, ExtensionType.srp,
AlertDescription.illegal_parameter))
diff --git a/crypto/src/tls/SrpTlsServer.cs b/crypto/src/tls/SrpTlsServer.cs
index 1e2f09e03..63d41ede2 100644
--- a/crypto/src/tls/SrpTlsServer.cs
+++ b/crypto/src/tls/SrpTlsServer.cs
@@ -1,5 +1,5 @@
using System;
-using System.Collections;
+using System.Collections.Generic;
using System.IO;
using Org.BouncyCastle.Tls.Crypto;
@@ -52,7 +52,7 @@ namespace Org.BouncyCastle.Tls
return TlsUtilities.GetSupportedCipherSuites(Crypto, DefaultCipherSuites);
}
- public override void ProcessClientExtensions(IDictionary clientExtensions)
+ public override void ProcessClientExtensions(IDictionary<int, byte[]> clientExtensions)
{
base.ProcessClientExtensions(clientExtensions);
diff --git a/crypto/src/tls/TlsClient.cs b/crypto/src/tls/TlsClient.cs
index 66bb3bc86..368161c32 100644
--- a/crypto/src/tls/TlsClient.cs
+++ b/crypto/src/tls/TlsClient.cs
@@ -1,5 +1,5 @@
using System;
-using System.Collections;
+using System.Collections.Generic;
using System.IO;
namespace Org.BouncyCastle.Tls
@@ -22,13 +22,13 @@ namespace Org.BouncyCastle.Tls
/// <remarks>This will only be called when TLS 1.3 or higher is amongst the offered protocol versions.</remarks>
/// <returns>an <see cref="IList"/> of <see cref="TlsPskExternal"/> instances, or null if none should be
/// offered.</returns>
- IList GetExternalPsks();
+ IList<TlsPskExternal> GetExternalPsks();
bool IsFallback();
/// <returns>(Int32 -> byte[])</returns>
/// <exception cref="IOException"/>
- IDictionary GetClientExtensions();
+ IDictionary<int, byte[]> GetClientExtensions();
/// <summary>If this client is offering TLS 1.3 or higher, this method may be called to determine for which
/// groups a key share should be included in the initial ClientHello.</summary>
@@ -38,7 +38,7 @@ namespace Org.BouncyCastle.Tls
/// </remarks>
/// <returns>an <see cref="IList"/> of <see cref="NamedGroup">named group</see> values, possibly empty or null.
/// </returns>
- IList GetEarlyKeyShareGroups();
+ IList<int> GetEarlyKeyShareGroups();
/// <exception cref="IOException"/>
void NotifyServerVersion(ProtocolVersion selectedVersion);
@@ -72,11 +72,11 @@ namespace Org.BouncyCastle.Tls
/// </remarks>
/// <param name="serverExtensions">(Int32 -> byte[])</param>
/// <exception cref="IOException"/>
- void ProcessServerExtensions(IDictionary serverExtensions);
+ void ProcessServerExtensions(IDictionary<int, byte[]> serverExtensions);
/// <param name="serverSupplementalData">(SupplementalDataEntry)</param>
/// <exception cref="IOException"/>
- void ProcessServerSupplementalData(IList serverSupplementalData);
+ void ProcessServerSupplementalData(IList<SupplementalDataEntry> serverSupplementalData);
/// <exception cref="IOException"/>
TlsPskIdentity GetPskIdentity();
@@ -95,7 +95,7 @@ namespace Org.BouncyCastle.Tls
/// <returns>(SupplementalDataEntry)</returns>
/// <exception cref="IOException"/>
- IList GetClientSupplementalData();
+ IList<SupplementalDataEntry> GetClientSupplementalData();
/// <summary>RFC 5077 3.3. NewSessionTicket Handshake Message</summary>
/// <remarks>
diff --git a/crypto/src/tls/TlsClientProtocol.cs b/crypto/src/tls/TlsClientProtocol.cs
index 399d8c9b8..d750c5e2c 100644
--- a/crypto/src/tls/TlsClientProtocol.cs
+++ b/crypto/src/tls/TlsClientProtocol.cs
@@ -1,5 +1,5 @@
using System;
-using System.Collections;
+using System.Collections.Generic;
using System.IO;
using Org.BouncyCastle.Tls.Crypto;
@@ -13,7 +13,7 @@ namespace Org.BouncyCastle.Tls
protected TlsClient m_tlsClient = null;
internal TlsClientContextImpl m_tlsClientContext = null;
- protected IDictionary m_clientAgreements = null;
+ protected IDictionary<int, TlsAgreement> m_clientAgreements = null;
internal OfferedPsks.BindersConfig m_clientBinders = null;
protected ClientHello m_clientHello = null;
protected TlsKeyExchange m_keyExchange = null;
@@ -580,7 +580,7 @@ namespace Org.BouncyCastle.Tls
m_keyExchange.ProcessClientCredentials(clientAuthCredentials);
}
- IList clientSupplementalData = m_tlsClient.GetClientSupplementalData();
+ var clientSupplementalData = m_tlsClient.GetClientSupplementalData();
if (clientSupplementalData != null)
{
SendSupplementalDataMessage(clientSupplementalData);
@@ -769,7 +769,7 @@ namespace Org.BouncyCastle.Tls
}
/// <exception cref="IOException"/>
- protected virtual void HandleSupplementalData(IList serverSupplementalData)
+ protected virtual void HandleSupplementalData(IList<SupplementalDataEntry> serverSupplementalData)
{
m_tlsClient.ProcessServerSupplementalData(serverSupplementalData);
this.m_connectionState = CS_SERVER_SUPPLEMENTAL_DATA;
@@ -803,7 +803,7 @@ namespace Org.BouncyCastle.Tls
throw new TlsFatalAlert(AlertDescription.illegal_parameter);
}
- IDictionary extensions = helloRetryRequest.Extensions;
+ var extensions = helloRetryRequest.Extensions;
if (null == extensions)
throw new TlsFatalAlert(AlertDescription.illegal_parameter);
@@ -899,7 +899,7 @@ namespace Org.BouncyCastle.Tls
throw new TlsFatalAlert(AlertDescription.illegal_parameter);
}
- IDictionary extensions = serverHello.Extensions;
+ var extensions = serverHello.Extensions;
if (null == extensions)
throw new TlsFatalAlert(AlertDescription.illegal_parameter);
@@ -953,7 +953,8 @@ namespace Org.BouncyCastle.Tls
*
* OCSP information is carried in an extension for a CertificateEntry.
*/
- securityParameters.m_statusRequestVersion = m_clientExtensions.Contains(ExtensionType.status_request) ? 1 : 0;
+ securityParameters.m_statusRequestVersion =
+ m_clientExtensions.ContainsKey(ExtensionType.status_request) ? 1 : 0;
TlsSecret pskEarlySecret = null;
{
@@ -1045,7 +1046,7 @@ namespace Org.BouncyCastle.Tls
/// <exception cref="IOException"/>
protected virtual void ProcessServerHello(ServerHello serverHello)
{
- IDictionary serverHelloExtensions = serverHello.Extensions;
+ var serverHelloExtensions = serverHello.Extensions;
ProtocolVersion legacy_version = serverHello.Version;
ProtocolVersion supported_version = TlsExtensionsUtilities.GetSupportedVersionsExtensionServer(
@@ -1256,7 +1257,8 @@ namespace Org.BouncyCastle.Tls
m_serverExtensions);
securityParameters.m_applicationProtocolSet = true;
- IDictionary sessionClientExtensions = m_clientExtensions, sessionServerExtensions = m_serverExtensions;
+ var sessionClientExtensions = m_clientExtensions;
+ var sessionServerExtensions = m_serverExtensions;
if (m_resumedSession)
{
if (securityParameters.CipherSuite != m_sessionParameters.CipherSuite
@@ -1393,7 +1395,8 @@ namespace Org.BouncyCastle.Tls
m_serverExtensions);
securityParameters.m_applicationProtocolSet = true;
- IDictionary sessionClientExtensions = m_clientExtensions, sessionServerExtensions = m_serverExtensions;
+ var sessionClientExtensions = m_clientExtensions;
+ var sessionServerExtensions = m_serverExtensions;
if (m_resumedSession)
{
if (securityParameters.CipherSuite != m_sessionParameters.CipherSuite
@@ -1417,8 +1420,8 @@ namespace Org.BouncyCastle.Tls
*
* OCSP information is carried in an extension for a CertificateEntry.
*/
- securityParameters.m_statusRequestVersion = m_clientExtensions.Contains(ExtensionType.status_request)
- ? 1 : 0;
+ securityParameters.m_statusRequestVersion =
+ m_clientExtensions.ContainsKey(ExtensionType.status_request) ? 1 : 0;
this.m_expectSessionTicket = false;
@@ -1524,7 +1527,7 @@ namespace Org.BouncyCastle.Tls
/// <exception cref="IOException"/>
protected virtual void Send13ClientHelloRetry()
{
- IDictionary clientHelloExtensions = m_clientHello.Extensions;
+ var clientHelloExtensions = m_clientHello.Extensions;
clientHelloExtensions.Remove(ExtensionType.cookie);
clientHelloExtensions.Remove(ExtensionType.early_data);
diff --git a/crypto/src/tls/TlsExtensionsUtilities.cs b/crypto/src/tls/TlsExtensionsUtilities.cs
index e1db93016..9ffdcfe40 100644
--- a/crypto/src/tls/TlsExtensionsUtilities.cs
+++ b/crypto/src/tls/TlsExtensionsUtilities.cs
@@ -1,5 +1,5 @@
using System;
-using System.Collections;
+using System.Collections.Generic;
using System.IO;
using Org.BouncyCastle.Asn1;
@@ -8,516 +8,543 @@ using Org.BouncyCastle.Utilities;
namespace Org.BouncyCastle.Tls
{
- public abstract class TlsExtensionsUtilities
+ public static class TlsExtensionsUtilities
{
- public static IDictionary EnsureExtensionsInitialised(IDictionary extensions)
+ public static IDictionary<int, byte[]> EnsureExtensionsInitialised(IDictionary<int, byte[]> extensions)
{
- return extensions == null ? Platform.CreateHashtable() : extensions;
+ return extensions == null ? new Dictionary<int, byte[]>() : extensions;
}
/// <param name="extensions">(Int32 -> byte[])</param>
/// <param name="protocolNameList">an <see cref="IList"/> of <see cref="ProtocolName"/>.</param>
/// <exception cref="IOException"/>
- public static void AddAlpnExtensionClient(IDictionary extensions, IList protocolNameList)
+ public static void AddAlpnExtensionClient(IDictionary<int, byte[]> extensions,
+ IList<ProtocolName> protocolNameList)
{
- extensions[ExtensionType.application_layer_protocol_negotiation] = CreateAlpnExtensionClient(protocolNameList);
+ extensions[ExtensionType.application_layer_protocol_negotiation] =
+ CreateAlpnExtensionClient(protocolNameList);
}
/// <exception cref="IOException"/>
- public static void AddAlpnExtensionServer(IDictionary extensions, ProtocolName protocolName)
+ public static void AddAlpnExtensionServer(IDictionary<int, byte[]> extensions, ProtocolName protocolName)
{
extensions[ExtensionType.application_layer_protocol_negotiation] = CreateAlpnExtensionServer(protocolName);
}
/// <exception cref="IOException"/>
- public static void AddCertificateAuthoritiesExtension(IDictionary extensions, IList authorities)
+ public static void AddCertificateAuthoritiesExtension(IDictionary<int, byte[]> extensions,
+ IList<X509Name> authorities)
{
extensions[ExtensionType.certificate_authorities] = CreateCertificateAuthoritiesExtension(authorities);
}
/// <exception cref="IOException"/>
- public static void AddClientCertificateTypeExtensionClient(IDictionary extensions, short[] certificateTypes)
+ public static void AddClientCertificateTypeExtensionClient(IDictionary<int, byte[]> extensions,
+ short[] certificateTypes)
{
extensions[ExtensionType.client_certificate_type] = CreateCertificateTypeExtensionClient(certificateTypes);
}
/// <exception cref="IOException"/>
- public static void AddClientCertificateTypeExtensionServer(IDictionary extensions, short certificateType)
+ public static void AddClientCertificateTypeExtensionServer(IDictionary<int, byte[]> extensions,
+ short certificateType)
{
extensions[ExtensionType.client_certificate_type] = CreateCertificateTypeExtensionServer(certificateType);
}
- public static void AddClientCertificateUrlExtension(IDictionary extensions)
+ public static void AddClientCertificateUrlExtension(IDictionary<int, byte[]> extensions)
{
extensions[ExtensionType.client_certificate_url] = CreateClientCertificateUrlExtension();
}
/// <exception cref="IOException"/>
- public static void AddCompressCertificateExtension(IDictionary extensions, int[] algorithms)
+ public static void AddCompressCertificateExtension(IDictionary<int, byte[]> extensions, int[] algorithms)
{
extensions[ExtensionType.compress_certificate] = CreateCompressCertificateExtension(algorithms);
}
/// <exception cref="IOException"/>
- public static void AddCookieExtension(IDictionary extensions, byte[] cookie)
+ public static void AddCookieExtension(IDictionary<int, byte[]> extensions, byte[] cookie)
{
extensions[ExtensionType.cookie] = CreateCookieExtension(cookie);
}
- public static void AddEarlyDataIndication(IDictionary extensions)
+ public static void AddEarlyDataIndication(IDictionary<int, byte[]> extensions)
{
extensions[ExtensionType.early_data] = CreateEarlyDataIndication();
}
/// <exception cref="IOException"/>
- public static void AddEarlyDataMaxSize(IDictionary extensions, long maxSize)
+ public static void AddEarlyDataMaxSize(IDictionary<int, byte[]> extensions, long maxSize)
{
extensions[ExtensionType.early_data] = CreateEarlyDataMaxSize(maxSize);
}
- public static void AddEmptyExtensionData(IDictionary extensions, Int32 extType)
+ public static void AddEmptyExtensionData(IDictionary<int, byte[]> extensions, int extType)
{
extensions[extType] = CreateEmptyExtensionData();
}
- public static void AddEncryptThenMacExtension(IDictionary extensions)
+ public static void AddEncryptThenMacExtension(IDictionary<int, byte[]> extensions)
{
extensions[ExtensionType.encrypt_then_mac] = CreateEncryptThenMacExtension();
}
- public static void AddExtendedMasterSecretExtension(IDictionary extensions)
+ public static void AddExtendedMasterSecretExtension(IDictionary<int, byte[]> extensions)
{
extensions[ExtensionType.extended_master_secret] = CreateExtendedMasterSecretExtension();
}
/// <exception cref="IOException"/>
- public static void AddHeartbeatExtension(IDictionary extensions, HeartbeatExtension heartbeatExtension)
+ public static void AddHeartbeatExtension(IDictionary<int, byte[]> extensions,
+ HeartbeatExtension heartbeatExtension)
{
extensions[ExtensionType.heartbeat] = CreateHeartbeatExtension(heartbeatExtension);
}
/// <exception cref="IOException"/>
- public static void AddKeyShareClientHello(IDictionary extensions, IList clientShares)
+ public static void AddKeyShareClientHello(IDictionary<int, byte[]> extensions,
+ IList<KeyShareEntry> clientShares)
{
extensions[ExtensionType.key_share] = CreateKeyShareClientHello(clientShares);
}
/// <exception cref="IOException"/>
- public static void AddKeyShareHelloRetryRequest(IDictionary extensions, int namedGroup)
+ public static void AddKeyShareHelloRetryRequest(IDictionary<int, byte[]> extensions, int namedGroup)
{
extensions[ExtensionType.key_share] = CreateKeyShareHelloRetryRequest(namedGroup);
}
/// <exception cref="IOException"/>
- public static void AddKeyShareServerHello(IDictionary extensions, KeyShareEntry serverShare)
+ public static void AddKeyShareServerHello(IDictionary<int, byte[]> extensions, KeyShareEntry serverShare)
{
extensions[ExtensionType.key_share] = CreateKeyShareServerHello(serverShare);
}
/// <exception cref="IOException"/>
- public static void AddMaxFragmentLengthExtension(IDictionary extensions, short maxFragmentLength)
+ public static void AddMaxFragmentLengthExtension(IDictionary<int, byte[]> extensions, short maxFragmentLength)
{
extensions[ExtensionType.max_fragment_length] = CreateMaxFragmentLengthExtension(maxFragmentLength);
}
/// <exception cref="IOException"/>
- public static void AddOidFiltersExtension(IDictionary extensions, IDictionary filters)
+ public static void AddOidFiltersExtension(IDictionary<int, byte[]> extensions,
+ IDictionary<DerObjectIdentifier, byte[]> filters)
{
extensions[ExtensionType.oid_filters] = CreateOidFiltersExtension(filters);
}
/// <exception cref="IOException"/>
- public static void AddPaddingExtension(IDictionary extensions, int dataLength)
+ public static void AddPaddingExtension(IDictionary<int, byte[]> extensions, int dataLength)
{
extensions[ExtensionType.padding] = CreatePaddingExtension(dataLength);
}
- public static void AddPostHandshakeAuthExtension(IDictionary extensions)
+ public static void AddPostHandshakeAuthExtension(IDictionary<int, byte[]> extensions)
{
extensions[ExtensionType.post_handshake_auth] = CreatePostHandshakeAuthExtension();
}
/// <exception cref="IOException"/>
- public static void AddPreSharedKeyClientHello(IDictionary extensions, OfferedPsks offeredPsks)
+ public static void AddPreSharedKeyClientHello(IDictionary<int, byte[]> extensions, OfferedPsks offeredPsks)
{
extensions[ExtensionType.pre_shared_key] = CreatePreSharedKeyClientHello(offeredPsks);
}
/// <exception cref="IOException"/>
- public static void AddPreSharedKeyServerHello(IDictionary extensions, int selectedIdentity)
+ public static void AddPreSharedKeyServerHello(IDictionary<int, byte[]> extensions, int selectedIdentity)
{
extensions[ExtensionType.pre_shared_key] = CreatePreSharedKeyServerHello(selectedIdentity);
}
/// <exception cref="IOException"/>
- public static void AddPskKeyExchangeModesExtension(IDictionary extensions, short[] modes)
+ public static void AddPskKeyExchangeModesExtension(IDictionary<int, byte[]> extensions, short[] modes)
{
extensions[ExtensionType.psk_key_exchange_modes] = CreatePskKeyExchangeModesExtension(modes);
}
/// <exception cref="IOException"/>
- public static void AddRecordSizeLimitExtension(IDictionary extensions, int recordSizeLimit)
+ public static void AddRecordSizeLimitExtension(IDictionary<int, byte[]> extensions, int recordSizeLimit)
{
extensions[ExtensionType.record_size_limit] = CreateRecordSizeLimitExtension(recordSizeLimit);
}
/// <exception cref="IOException"/>
- public static void AddServerCertificateTypeExtensionClient(IDictionary extensions, short[] certificateTypes)
+ public static void AddServerCertificateTypeExtensionClient(IDictionary<int, byte[]> extensions,
+ short[] certificateTypes)
{
extensions[ExtensionType.server_certificate_type] = CreateCertificateTypeExtensionClient(certificateTypes);
}
/// <exception cref="IOException"/>
- public static void AddServerCertificateTypeExtensionServer(IDictionary extensions, short certificateType)
+ public static void AddServerCertificateTypeExtensionServer(IDictionary<int, byte[]> extensions,
+ short certificateType)
{
extensions[ExtensionType.server_certificate_type] = CreateCertificateTypeExtensionServer(certificateType);
}
/// <exception cref="IOException"/>
- public static void AddServerNameExtensionClient(IDictionary extensions, IList serverNameList)
+ public static void AddServerNameExtensionClient(IDictionary<int, byte[]> extensions,
+ IList<ServerName> serverNameList)
{
extensions[ExtensionType.server_name] = CreateServerNameExtensionClient(serverNameList);
}
/// <exception cref="IOException"/>
- public static void AddServerNameExtensionServer(IDictionary extensions)
+ public static void AddServerNameExtensionServer(IDictionary<int, byte[]> extensions)
{
extensions[ExtensionType.server_name] = CreateServerNameExtensionServer();
}
/// <exception cref="IOException"/>
- public static void AddSignatureAlgorithmsExtension(IDictionary extensions, IList supportedSignatureAlgorithms)
+ public static void AddSignatureAlgorithmsExtension(IDictionary<int, byte[]> extensions,
+ IList<SignatureAndHashAlgorithm> supportedSignatureAlgorithms)
{
- extensions[ExtensionType.signature_algorithms] = CreateSignatureAlgorithmsExtension(supportedSignatureAlgorithms);
+ extensions[ExtensionType.signature_algorithms] =
+ CreateSignatureAlgorithmsExtension(supportedSignatureAlgorithms);
}
/// <exception cref="IOException"/>
- public static void AddSignatureAlgorithmsCertExtension(IDictionary extensions, IList supportedSignatureAlgorithms)
+ public static void AddSignatureAlgorithmsCertExtension(IDictionary<int, byte[]> extensions,
+ IList<SignatureAndHashAlgorithm> supportedSignatureAlgorithms)
{
- extensions[ExtensionType.signature_algorithms_cert] = CreateSignatureAlgorithmsCertExtension(supportedSignatureAlgorithms);
+ extensions[ExtensionType.signature_algorithms_cert] =
+ CreateSignatureAlgorithmsCertExtension(supportedSignatureAlgorithms);
}
/// <exception cref="IOException"/>
- public static void AddStatusRequestExtension(IDictionary extensions, CertificateStatusRequest statusRequest)
+ public static void AddStatusRequestExtension(IDictionary<int, byte[]> extensions,
+ CertificateStatusRequest statusRequest)
{
extensions[ExtensionType.status_request] = CreateStatusRequestExtension(statusRequest);
}
/// <exception cref="IOException"/>
- public static void AddStatusRequestV2Extension(IDictionary extensions, IList statusRequestV2)
+ public static void AddStatusRequestV2Extension(IDictionary<int, byte[]> extensions,
+ IList<CertificateStatusRequestItemV2> statusRequestV2)
{
extensions[ExtensionType.status_request_v2] = CreateStatusRequestV2Extension(statusRequestV2);
}
/// <exception cref="IOException"/>
- public static void AddSupportedGroupsExtension(IDictionary extensions, IList namedGroups)
+ public static void AddSupportedGroupsExtension(IDictionary<int, byte[]> extensions, IList<int> namedGroups)
{
extensions[ExtensionType.supported_groups] = CreateSupportedGroupsExtension(namedGroups);
}
/// <exception cref="IOException"/>
- public static void AddSupportedPointFormatsExtension(IDictionary extensions, short[] ecPointFormats)
+ public static void AddSupportedPointFormatsExtension(IDictionary<int, byte[]> extensions,
+ short[] ecPointFormats)
{
extensions[ExtensionType.ec_point_formats] = CreateSupportedPointFormatsExtension(ecPointFormats);
}
/// <exception cref="IOException"/>
- public static void AddSupportedVersionsExtensionClient(IDictionary extensions, ProtocolVersion[] versions)
+ public static void AddSupportedVersionsExtensionClient(IDictionary<int, byte[]> extensions,
+ ProtocolVersion[] versions)
{
extensions[ExtensionType.supported_versions] = CreateSupportedVersionsExtensionClient(versions);
}
/// <exception cref="IOException"/>
- public static void AddSupportedVersionsExtensionServer(IDictionary extensions, ProtocolVersion selectedVersion)
+ public static void AddSupportedVersionsExtensionServer(IDictionary<int, byte[]> extensions,
+ ProtocolVersion selectedVersion)
{
extensions[ExtensionType.supported_versions] = CreateSupportedVersionsExtensionServer(selectedVersion);
}
- public static void AddTruncatedHmacExtension(IDictionary extensions)
+ public static void AddTruncatedHmacExtension(IDictionary<int, byte[]> extensions)
{
extensions[ExtensionType.truncated_hmac] = CreateTruncatedHmacExtension();
}
/// <exception cref="IOException"/>
- public static void AddTrustedCAKeysExtensionClient(IDictionary extensions, IList trustedAuthoritiesList)
+ public static void AddTrustedCAKeysExtensionClient(IDictionary<int, byte[]> extensions,
+ IList<TrustedAuthority> trustedAuthoritiesList)
{
extensions[ExtensionType.trusted_ca_keys] = CreateTrustedCAKeysExtensionClient(trustedAuthoritiesList);
}
- public static void AddTrustedCAKeysExtensionServer(IDictionary extensions)
+ public static void AddTrustedCAKeysExtensionServer(IDictionary<int, byte[]> extensions)
{
extensions[ExtensionType.trusted_ca_keys] = CreateTrustedCAKeysExtensionServer();
}
/// <returns>an <see cref="IList"/> of <see cref="ProtocolName"/>.</returns>
/// <exception cref="IOException"/>
- public static IList GetAlpnExtensionClient(IDictionary extensions)
+ public static IList<ProtocolName> GetAlpnExtensionClient(IDictionary<int, byte[]> extensions)
{
- byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.application_layer_protocol_negotiation);
+ byte[] extensionData = TlsUtilities.GetExtensionData(extensions,
+ ExtensionType.application_layer_protocol_negotiation);
return extensionData == null ? null : ReadAlpnExtensionClient(extensionData);
}
/// <exception cref="IOException"/>
- public static ProtocolName GetAlpnExtensionServer(IDictionary extensions)
+ public static ProtocolName GetAlpnExtensionServer(IDictionary<int, byte[]> extensions)
{
- byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.application_layer_protocol_negotiation);
+ byte[] extensionData = TlsUtilities.GetExtensionData(extensions,
+ ExtensionType.application_layer_protocol_negotiation);
return extensionData == null ? null : ReadAlpnExtensionServer(extensionData);
}
/// <exception cref="IOException"/>
- public static IList GetCertificateAuthoritiesExtension(IDictionary extensions)
+ public static IList<X509Name> GetCertificateAuthoritiesExtension(IDictionary<int, byte[]> extensions)
{
byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.certificate_authorities);
return extensionData == null ? null : ReadCertificateAuthoritiesExtension(extensionData);
}
/// <exception cref="IOException"/>
- public static short[] GetClientCertificateTypeExtensionClient(IDictionary extensions)
+ public static short[] GetClientCertificateTypeExtensionClient(IDictionary<int, byte[]> extensions)
{
byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.client_certificate_type);
return extensionData == null ? null : ReadCertificateTypeExtensionClient(extensionData);
}
/// <exception cref="IOException"/>
- public static short GetClientCertificateTypeExtensionServer(IDictionary extensions)
+ public static short GetClientCertificateTypeExtensionServer(IDictionary<int, byte[]> extensions)
{
byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.client_certificate_type);
return extensionData == null ? (short)-1 : ReadCertificateTypeExtensionServer(extensionData);
}
/// <exception cref="IOException"/>
- public static int[] GetCompressCertificateExtension(IDictionary extensions)
+ public static int[] GetCompressCertificateExtension(IDictionary<int, byte[]> extensions)
{
byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.compress_certificate);
return extensionData == null ? null : ReadCompressCertificateExtension(extensionData);
}
/// <exception cref="IOException"/>
- public static byte[] GetCookieExtension(IDictionary extensions)
+ public static byte[] GetCookieExtension(IDictionary<int, byte[]> extensions)
{
byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.cookie);
return extensionData == null ? null : ReadCookieExtension(extensionData);
}
/// <exception cref="IOException"/>
- public static long GetEarlyDataMaxSize(IDictionary extensions)
+ public static long GetEarlyDataMaxSize(IDictionary<int, byte[]> extensions)
{
byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.early_data);
return extensionData == null ? -1L : ReadEarlyDataMaxSize(extensionData);
}
/// <exception cref="IOException"/>
- public static HeartbeatExtension GetHeartbeatExtension(IDictionary extensions)
+ public static HeartbeatExtension GetHeartbeatExtension(IDictionary<int, byte[]> extensions)
{
byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.heartbeat);
return extensionData == null ? null : ReadHeartbeatExtension(extensionData);
}
/// <exception cref="IOException"/>
- public static IList GetKeyShareClientHello(IDictionary extensions)
+ public static IList<KeyShareEntry> GetKeyShareClientHello(IDictionary<int, byte[]> extensions)
{
byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.key_share);
return extensionData == null ? null : ReadKeyShareClientHello(extensionData);
}
/// <exception cref="IOException"/>
- public static int GetKeyShareHelloRetryRequest(IDictionary extensions)
+ public static int GetKeyShareHelloRetryRequest(IDictionary<int, byte[]> extensions)
{
byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.key_share);
return extensionData == null ? -1 : ReadKeyShareHelloRetryRequest(extensionData);
}
/// <exception cref="IOException"/>
- public static KeyShareEntry GetKeyShareServerHello(IDictionary extensions)
+ public static KeyShareEntry GetKeyShareServerHello(IDictionary<int, byte[]> extensions)
{
byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.key_share);
return extensionData == null ? null : ReadKeyShareServerHello(extensionData);
}
/// <exception cref="IOException"/>
- public static short GetMaxFragmentLengthExtension(IDictionary extensions)
+ public static short GetMaxFragmentLengthExtension(IDictionary<int, byte[]> extensions)
{
byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.max_fragment_length);
return extensionData == null ? (short)-1 : ReadMaxFragmentLengthExtension(extensionData);
}
/// <exception cref="IOException"/>
- public static IDictionary GetOidFiltersExtension(IDictionary extensions)
+ public static IDictionary<DerObjectIdentifier, byte[]> GetOidFiltersExtension(
+ IDictionary<int, byte[]> extensions)
{
byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.oid_filters);
return extensionData == null ? null : ReadOidFiltersExtension(extensionData);
}
/// <exception cref="IOException"/>
- public static int GetPaddingExtension(IDictionary extensions)
+ public static int GetPaddingExtension(IDictionary<int, byte[]> extensions)
{
byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.padding);
return extensionData == null ? -1 : ReadPaddingExtension(extensionData);
}
/// <exception cref="IOException"/>
- public static OfferedPsks GetPreSharedKeyClientHello(IDictionary extensions)
+ public static OfferedPsks GetPreSharedKeyClientHello(IDictionary<int, byte[]> extensions)
{
byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.pre_shared_key);
return extensionData == null ? null : ReadPreSharedKeyClientHello(extensionData);
}
/// <exception cref="IOException"/>
- public static int GetPreSharedKeyServerHello(IDictionary extensions)
+ public static int GetPreSharedKeyServerHello(IDictionary<int, byte[]> extensions)
{
byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.pre_shared_key);
return extensionData == null ? -1 : ReadPreSharedKeyServerHello(extensionData);
}
/// <exception cref="IOException"/>
- public static short[] GetPskKeyExchangeModesExtension(IDictionary extensions)
+ public static short[] GetPskKeyExchangeModesExtension(IDictionary<int, byte[]> extensions)
{
byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.psk_key_exchange_modes);
return extensionData == null ? null : ReadPskKeyExchangeModesExtension(extensionData);
}
/// <exception cref="IOException"/>
- public static int GetRecordSizeLimitExtension(IDictionary extensions)
+ public static int GetRecordSizeLimitExtension(IDictionary<int, byte[]> extensions)
{
byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.record_size_limit);
return extensionData == null ? -1 : ReadRecordSizeLimitExtension(extensionData);
}
/// <exception cref="IOException"/>
- public static short[] GetServerCertificateTypeExtensionClient(IDictionary extensions)
+ public static short[] GetServerCertificateTypeExtensionClient(IDictionary<int, byte[]> extensions)
{
byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.server_certificate_type);
return extensionData == null ? null : ReadCertificateTypeExtensionClient(extensionData);
}
/// <exception cref="IOException"/>
- public static short GetServerCertificateTypeExtensionServer(IDictionary extensions)
+ public static short GetServerCertificateTypeExtensionServer(IDictionary<int, byte[]> extensions)
{
byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.server_certificate_type);
return extensionData == null ? (short)-1 : ReadCertificateTypeExtensionServer(extensionData);
}
/// <exception cref="IOException"/>
- public static IList GetServerNameExtensionClient(IDictionary extensions)
+ public static IList<ServerName> GetServerNameExtensionClient(IDictionary<int, byte[]> extensions)
{
byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.server_name);
return extensionData == null ? null : ReadServerNameExtensionClient(extensionData);
}
/// <exception cref="IOException"/>
- public static IList GetSignatureAlgorithmsExtension(IDictionary extensions)
+ public static IList<SignatureAndHashAlgorithm> GetSignatureAlgorithmsExtension(
+ IDictionary<int, byte[]> extensions)
{
byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.signature_algorithms);
return extensionData == null ? null : ReadSignatureAlgorithmsExtension(extensionData);
}
/// <exception cref="IOException"/>
- public static IList GetSignatureAlgorithmsCertExtension(IDictionary extensions)
+ public static IList<SignatureAndHashAlgorithm> GetSignatureAlgorithmsCertExtension(
+ IDictionary<int, byte[]> extensions)
{
byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.signature_algorithms_cert);
return extensionData == null ? null : ReadSignatureAlgorithmsCertExtension(extensionData);
}
/// <exception cref="IOException"/>
- public static CertificateStatusRequest GetStatusRequestExtension(IDictionary extensions)
+ public static CertificateStatusRequest GetStatusRequestExtension(IDictionary<int, byte[]> extensions)
{
byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.status_request);
return extensionData == null ? null : ReadStatusRequestExtension(extensionData);
}
/// <exception cref="IOException"/>
- public static IList GetStatusRequestV2Extension(IDictionary extensions)
+ public static IList<CertificateStatusRequestItemV2> GetStatusRequestV2Extension(
+ IDictionary<int, byte[]> extensions)
{
byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.status_request_v2);
return extensionData == null ? null : ReadStatusRequestV2Extension(extensionData);
}
/// <exception cref="IOException"/>
- public static int[] GetSupportedGroupsExtension(IDictionary extensions)
+ public static int[] GetSupportedGroupsExtension(IDictionary<int, byte[]> extensions)
{
byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.supported_groups);
return extensionData == null ? null : ReadSupportedGroupsExtension(extensionData);
}
/// <exception cref="IOException"/>
- public static short[] GetSupportedPointFormatsExtension(IDictionary extensions)
+ public static short[] GetSupportedPointFormatsExtension(IDictionary<int, byte[]> extensions)
{
byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.ec_point_formats);
return extensionData == null ? null : ReadSupportedPointFormatsExtension(extensionData);
}
/// <exception cref="IOException"/>
- public static ProtocolVersion[] GetSupportedVersionsExtensionClient(IDictionary extensions)
+ public static ProtocolVersion[] GetSupportedVersionsExtensionClient(IDictionary<int, byte[]> extensions)
{
byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.supported_versions);
return extensionData == null ? null : ReadSupportedVersionsExtensionClient(extensionData);
}
/// <exception cref="IOException"/>
- public static ProtocolVersion GetSupportedVersionsExtensionServer(IDictionary extensions)
+ public static ProtocolVersion GetSupportedVersionsExtensionServer(IDictionary<int, byte[]> extensions)
{
byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.supported_versions);
return extensionData == null ? null : ReadSupportedVersionsExtensionServer(extensionData);
}
/// <exception cref="IOException"/>
- public static IList GetTrustedCAKeysExtensionClient(IDictionary extensions)
+ public static IList<TrustedAuthority> GetTrustedCAKeysExtensionClient(IDictionary<int, byte[]> extensions)
{
byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.trusted_ca_keys);
return extensionData == null ? null : ReadTrustedCAKeysExtensionClient(extensionData);
}
/// <exception cref="IOException"/>
- public static bool HasClientCertificateUrlExtension(IDictionary extensions)
+ public static bool HasClientCertificateUrlExtension(IDictionary<int, byte[]> extensions)
{
byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.client_certificate_url);
return extensionData == null ? false : ReadClientCertificateUrlExtension(extensionData);
}
/// <exception cref="IOException"/>
- public static bool HasEarlyDataIndication(IDictionary extensions)
+ public static bool HasEarlyDataIndication(IDictionary<int, byte[]> extensions)
{
byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.early_data);
return extensionData == null ? false : ReadEarlyDataIndication(extensionData);
}
/// <exception cref="IOException"/>
- public static bool HasEncryptThenMacExtension(IDictionary extensions)
+ public static bool HasEncryptThenMacExtension(IDictionary<int, byte[]> extensions)
{
byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.encrypt_then_mac);
return extensionData == null ? false : ReadEncryptThenMacExtension(extensionData);
}
/// <exception cref="IOException"/>
- public static bool HasExtendedMasterSecretExtension(IDictionary extensions)
+ public static bool HasExtendedMasterSecretExtension(IDictionary<int, byte[]> extensions)
{
byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.extended_master_secret);
return extensionData == null ? false : ReadExtendedMasterSecretExtension(extensionData);
}
/// <exception cref="IOException"/>
- public static bool HasServerNameExtensionServer(IDictionary extensions)
+ public static bool HasServerNameExtensionServer(IDictionary<int, byte[]> extensions)
{
byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.server_name);
return extensionData == null ? false : ReadServerNameExtensionServer(extensionData);
}
/// <exception cref="IOException"/>
- public static bool HasPostHandshakeAuthExtension(IDictionary extensions)
+ public static bool HasPostHandshakeAuthExtension(IDictionary<int, byte[]> extensions)
{
byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.post_handshake_auth);
return extensionData == null ? false : ReadPostHandshakeAuthExtension(extensionData);
}
/// <exception cref="IOException"/>
- public static bool HasTruncatedHmacExtension(IDictionary extensions)
+ public static bool HasTruncatedHmacExtension(IDictionary<int, byte[]> extensions)
{
byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.truncated_hmac);
return extensionData == null ? false : ReadTruncatedHmacExtension(extensionData);
}
/// <exception cref="IOException"/>
- public static bool HasTrustedCAKeysExtensionServer(IDictionary extensions)
+ public static bool HasTrustedCAKeysExtensionServer(IDictionary<int, byte[]> extensions)
{
byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.trusted_ca_keys);
return extensionData == null ? false : ReadTrustedCAKeysExtensionServer(extensionData);
@@ -525,7 +552,7 @@ namespace Org.BouncyCastle.Tls
/// <param name="protocolNameList">an <see cref="IList"/> of <see cref="ProtocolName"/>.</param>
/// <exception cref="IOException"/>
- public static byte[] CreateAlpnExtensionClient(IList protocolNameList)
+ public static byte[] CreateAlpnExtensionClient(IList<ProtocolName> protocolNameList)
{
if (protocolNameList == null || protocolNameList.Count < 1)
throw new TlsFatalAlert(AlertDescription.internal_error);
@@ -546,14 +573,14 @@ namespace Org.BouncyCastle.Tls
/// <exception cref="IOException"/>
public static byte[] CreateAlpnExtensionServer(ProtocolName protocolName)
{
- IList protocol_name_list = Platform.CreateArrayList();
+ var protocol_name_list = new List<ProtocolName>();
protocol_name_list.Add(protocolName);
return CreateAlpnExtensionClient(protocol_name_list);
}
/// <exception cref="IOException"/>
- public static byte[] CreateCertificateAuthoritiesExtension(IList authorities)
+ public static byte[] CreateCertificateAuthoritiesExtension(IList<X509Name> authorities)
{
if (null == authorities || authorities.Count < 1)
throw new TlsFatalAlert(AlertDescription.internal_error);
@@ -652,7 +679,7 @@ namespace Org.BouncyCastle.Tls
}
/// <exception cref="IOException"/>
- public static byte[] CreateKeyShareClientHello(IList clientShares)
+ public static byte[] CreateKeyShareClientHello(IList<KeyShareEntry> clientShares)
{
if (clientShares == null || clientShares.Count < 1)
return TlsUtilities.EncodeUint16(0);
@@ -698,7 +725,7 @@ namespace Org.BouncyCastle.Tls
}
/// <exception cref="IOException"/>
- public static byte[] CreateOidFiltersExtension(IDictionary filters)
+ public static byte[] CreateOidFiltersExtension(IDictionary<DerObjectIdentifier, byte[]> filters)
{
MemoryStream buf = new MemoryStream();
@@ -707,9 +734,11 @@ namespace Org.BouncyCastle.Tls
if (null != filters)
{
- foreach (DerObjectIdentifier certificateExtensionOid in filters.Keys)
+ //foreach (DerObjectIdentifier certificateExtensionOid in filters.Keys)
+ foreach (var filter in filters)
{
- byte[] certificateExtensionValues = (byte[])filters[certificateExtensionOid];
+ var certificateExtensionOid = filter.Key;
+ var certificateExtensionValues = filter.Value;
if (null == certificateExtensionOid || null == certificateExtensionValues)
throw new TlsFatalAlert(AlertDescription.internal_error);
@@ -774,7 +803,7 @@ namespace Org.BouncyCastle.Tls
}
/// <exception cref="IOException"/>
- public static byte[] CreateServerNameExtensionClient(IList serverNameList)
+ public static byte[] CreateServerNameExtensionClient(IList<ServerName> serverNameList)
{
if (serverNameList == null)
throw new TlsFatalAlert(AlertDescription.internal_error);
@@ -792,7 +821,8 @@ namespace Org.BouncyCastle.Tls
}
/// <exception cref="IOException"/>
- public static byte[] CreateSignatureAlgorithmsExtension(IList supportedSignatureAlgorithms)
+ public static byte[] CreateSignatureAlgorithmsExtension(
+ IList<SignatureAndHashAlgorithm> supportedSignatureAlgorithms)
{
MemoryStream buf = new MemoryStream();
@@ -802,7 +832,8 @@ namespace Org.BouncyCastle.Tls
}
/// <exception cref="IOException"/>
- public static byte[] CreateSignatureAlgorithmsCertExtension(IList supportedSignatureAlgorithms)
+ public static byte[] CreateSignatureAlgorithmsCertExtension(
+ IList<SignatureAndHashAlgorithm> supportedSignatureAlgorithms)
{
return CreateSignatureAlgorithmsExtension(supportedSignatureAlgorithms);
}
@@ -821,7 +852,7 @@ namespace Org.BouncyCastle.Tls
}
/// <exception cref="IOException"/>
- public static byte[] CreateStatusRequestV2Extension(IList statusRequestV2)
+ public static byte[] CreateStatusRequestV2Extension(IList<CertificateStatusRequestItemV2> statusRequestV2)
{
if (statusRequestV2 == null || statusRequestV2.Count < 1)
throw new TlsFatalAlert(AlertDescription.internal_error);
@@ -840,7 +871,7 @@ namespace Org.BouncyCastle.Tls
}
/// <exception cref="IOException"/>
- public static byte[] CreateSupportedGroupsExtension(IList namedGroups)
+ public static byte[] CreateSupportedGroupsExtension(IList<int> namedGroups)
{
if (namedGroups == null || namedGroups.Count < 1)
throw new TlsFatalAlert(AlertDescription.internal_error);
@@ -849,7 +880,7 @@ namespace Org.BouncyCastle.Tls
int[] values = new int[count];
for (int i = 0; i < count; ++i)
{
- values[i] = (Int32)namedGroups[i];
+ values[i] = namedGroups[i];
}
return TlsUtilities.EncodeUint16ArrayWithUint16Length(values);
@@ -883,7 +914,7 @@ namespace Org.BouncyCastle.Tls
TlsUtilities.WriteUint8(count * 2, data, 0);
for (int i = 0; i < count; ++i)
{
- TlsUtilities.WriteVersion((ProtocolVersion)versions[i], data, 1 + i * 2);
+ TlsUtilities.WriteVersion(versions[i], data, 1 + i * 2);
}
return data;
}
@@ -900,7 +931,7 @@ namespace Org.BouncyCastle.Tls
}
/// <exception cref="IOException"/>
- public static byte[] CreateTrustedCAKeysExtensionClient(IList trustedAuthoritiesList)
+ public static byte[] CreateTrustedCAKeysExtensionClient(IList<TrustedAuthority> trustedAuthoritiesList)
{
MemoryStream buf = new MemoryStream();
@@ -937,7 +968,7 @@ namespace Org.BouncyCastle.Tls
/// <returns>an <see cref="IList"/> of <see cref="ProtocolName"/>.</returns>
/// <exception cref="IOException"/>
- public static IList ReadAlpnExtensionClient(byte[] extensionData)
+ public static IList<ProtocolName> ReadAlpnExtensionClient(byte[] extensionData)
{
if (extensionData == null)
throw new ArgumentNullException("extensionData");
@@ -948,7 +979,7 @@ namespace Org.BouncyCastle.Tls
if (length != (extensionData.Length - 2))
throw new TlsFatalAlert(AlertDescription.decode_error);
- IList protocol_name_list = Platform.CreateArrayList();
+ var protocol_name_list = new List<ProtocolName>();
while (buf.Position < buf.Length)
{
ProtocolName protocolName = ProtocolName.Parse(buf);
@@ -961,15 +992,15 @@ namespace Org.BouncyCastle.Tls
/// <exception cref="IOException"/>
public static ProtocolName ReadAlpnExtensionServer(byte[] extensionData)
{
- IList protocol_name_list = ReadAlpnExtensionClient(extensionData);
+ var protocol_name_list = ReadAlpnExtensionClient(extensionData);
if (protocol_name_list.Count != 1)
throw new TlsFatalAlert(AlertDescription.decode_error);
- return (ProtocolName)protocol_name_list[0];
+ return protocol_name_list[0];
}
/// <exception cref="IOException"/>
- public static IList ReadCertificateAuthoritiesExtension(byte[] extensionData)
+ public static IList<X509Name> ReadCertificateAuthoritiesExtension(byte[] extensionData)
{
if (extensionData == null)
throw new ArgumentNullException("extensionData");
@@ -982,7 +1013,7 @@ namespace Org.BouncyCastle.Tls
if (length != (extensionData.Length - 2))
throw new TlsFatalAlert(AlertDescription.decode_error);
- IList authorities = Platform.CreateArrayList();
+ var authorities = new List<X509Name>();
while (buf.Position < buf.Length)
{
byte[] derEncoding = TlsUtilities.ReadOpaque16(buf, 1);
@@ -1072,7 +1103,7 @@ namespace Org.BouncyCastle.Tls
}
/// <exception cref="IOException"/>
- public static IList ReadKeyShareClientHello(byte[] extensionData)
+ public static IList<KeyShareEntry> ReadKeyShareClientHello(byte[] extensionData)
{
if (extensionData == null)
throw new ArgumentNullException("extensionData");
@@ -1090,7 +1121,7 @@ namespace Org.BouncyCastle.Tls
if (length != (extensionData.Length - 2))
throw new TlsFatalAlert(AlertDescription.decode_error);
- IList clientShares = Platform.CreateArrayList();
+ var clientShares = new List<KeyShareEntry>();
while (buf.Position < buf.Length)
{
KeyShareEntry clientShare = KeyShareEntry.Parse(buf);
@@ -1128,7 +1159,7 @@ namespace Org.BouncyCastle.Tls
}
/// <exception cref="IOException"/>
- public static IDictionary ReadOidFiltersExtension(byte[] extensionData)
+ public static IDictionary<DerObjectIdentifier, byte[]> ReadOidFiltersExtension(byte[] extensionData)
{
if (extensionData == null)
throw new ArgumentNullException("extensionData");
@@ -1141,7 +1172,7 @@ namespace Org.BouncyCastle.Tls
if (length != (extensionData.Length - 2))
throw new TlsFatalAlert(AlertDescription.decode_error);
- IDictionary filters = Platform.CreateHashtable();
+ var filters = new Dictionary<DerObjectIdentifier, byte[]>();
while (buf.Position < buf.Length)
{
byte[] derEncoding = TlsUtilities.ReadOpaque8(buf, 1);
@@ -1149,7 +1180,7 @@ namespace Org.BouncyCastle.Tls
DerObjectIdentifier certificateExtensionOid = DerObjectIdentifier.GetInstance(asn1);
TlsUtilities.RequireDerEncoding(certificateExtensionOid, derEncoding);
- if (filters.Contains(certificateExtensionOid))
+ if (filters.ContainsKey(certificateExtensionOid))
throw new TlsFatalAlert(AlertDescription.illegal_parameter);
byte[] certificateExtensionValues = TlsUtilities.ReadOpaque16(buf);
@@ -1219,7 +1250,7 @@ namespace Org.BouncyCastle.Tls
}
/// <exception cref="IOException"/>
- public static IList ReadServerNameExtensionClient(byte[] extensionData)
+ public static IList<ServerName> ReadServerNameExtensionClient(byte[] extensionData)
{
if (extensionData == null)
throw new ArgumentNullException("extensionData");
@@ -1240,14 +1271,14 @@ namespace Org.BouncyCastle.Tls
}
/// <exception cref="IOException"/>
- public static IList ReadSignatureAlgorithmsExtension(byte[] extensionData)
+ public static IList<SignatureAndHashAlgorithm> ReadSignatureAlgorithmsExtension(byte[] extensionData)
{
if (extensionData == null)
throw new ArgumentNullException("extensionData");
MemoryStream buf = new MemoryStream(extensionData, false);
- IList supported_signature_algorithms = TlsUtilities.ParseSupportedSignatureAlgorithms(buf);
+ var supported_signature_algorithms = TlsUtilities.ParseSupportedSignatureAlgorithms(buf);
TlsProtocol.AssertEmpty(buf);
@@ -1255,7 +1286,7 @@ namespace Org.BouncyCastle.Tls
}
/// <exception cref="IOException"/>
- public static IList ReadSignatureAlgorithmsCertExtension(byte[] extensionData)
+ public static IList<SignatureAndHashAlgorithm> ReadSignatureAlgorithmsCertExtension(byte[] extensionData)
{
return ReadSignatureAlgorithmsExtension(extensionData);
}
@@ -1276,7 +1307,7 @@ namespace Org.BouncyCastle.Tls
}
/// <exception cref="IOException"/>
- public static IList ReadStatusRequestV2Extension(byte[] extensionData)
+ public static IList<CertificateStatusRequestItemV2> ReadStatusRequestV2Extension(byte[] extensionData)
{
if (extensionData == null)
throw new ArgumentNullException("extensionData");
@@ -1289,7 +1320,7 @@ namespace Org.BouncyCastle.Tls
if (length != (extensionData.Length - 2))
throw new TlsFatalAlert(AlertDescription.decode_error);
- IList statusRequestV2 = Platform.CreateArrayList();
+ var statusRequestV2 = new List<CertificateStatusRequestItemV2>();
while (buf.Position < buf.Length)
{
CertificateStatusRequestItemV2 entry = CertificateStatusRequestItemV2.Parse(buf);
@@ -1371,7 +1402,7 @@ namespace Org.BouncyCastle.Tls
}
/// <exception cref="IOException"/>
- public static IList ReadTrustedCAKeysExtensionClient(byte[] extensionData)
+ public static IList<TrustedAuthority> ReadTrustedCAKeysExtensionClient(byte[] extensionData)
{
if (extensionData == null)
throw new ArgumentNullException("extensionData");
@@ -1384,7 +1415,7 @@ namespace Org.BouncyCastle.Tls
if (length != (extensionData.Length - 2))
throw new TlsFatalAlert(AlertDescription.decode_error);
- IList trusted_authorities_list = Platform.CreateArrayList();
+ var trusted_authorities_list = new List<TrustedAuthority>();
while (buf.Position < buf.Length)
{
TrustedAuthority entry = TrustedAuthority.Parse(buf);
diff --git a/crypto/src/tls/TlsProtocol.cs b/crypto/src/tls/TlsProtocol.cs
index e442dd585..67ee5773b 100644
--- a/crypto/src/tls/TlsProtocol.cs
+++ b/crypto/src/tls/TlsProtocol.cs
@@ -1,5 +1,5 @@
using System;
-using System.Collections;
+using System.Collections.Generic;
using System.IO;
using Org.BouncyCastle.Tls.Crypto;
@@ -146,8 +146,8 @@ namespace Org.BouncyCastle.Tls
protected byte[] m_retryCookie = null;
protected int m_retryGroup = -1;
- protected IDictionary m_clientExtensions = null;
- protected IDictionary m_serverExtensions = null;
+ protected IDictionary<int, byte[]> m_clientExtensions = null;
+ protected IDictionary<int, byte[]> m_serverExtensions = null;
protected short m_connectionState = CS_START;
protected bool m_resumedSession = false;
@@ -1601,7 +1601,7 @@ namespace Org.BouncyCastle.Tls
}
/// <exception cref="IOException"/>
- protected virtual void SendSupplementalDataMessage(IList supplementalData)
+ protected virtual void SendSupplementalDataMessage(IList<SupplementalDataEntry> supplementalData)
{
HandshakeMessageOutput message = new HandshakeMessageOutput(HandshakeType.supplemental_data);
WriteSupplementalData(message, supplementalData);
@@ -1654,8 +1654,8 @@ namespace Org.BouncyCastle.Tls
}
/// <exception cref="IOException"/>
- protected virtual short ProcessMaxFragmentLengthExtension(IDictionary clientExtensions,
- IDictionary serverExtensions, short alertDescription)
+ protected virtual short ProcessMaxFragmentLengthExtension(IDictionary<int, byte[]> clientExtensions,
+ IDictionary<int, byte[]> serverExtensions, short alertDescription)
{
short maxFragmentLength = TlsExtensionsUtilities.GetMaxFragmentLengthExtension(serverExtensions);
if (maxFragmentLength >= 0)
@@ -1732,7 +1732,7 @@ namespace Org.BouncyCastle.Tls
}
/// <exception cref="IOException"/>
- internal static IDictionary ReadExtensions(MemoryStream input)
+ internal static IDictionary<int, byte[]> ReadExtensions(MemoryStream input)
{
if (input.Position >= input.Length)
return null;
@@ -1745,10 +1745,10 @@ namespace Org.BouncyCastle.Tls
}
/// <exception cref="IOException"/>
- internal static IDictionary ReadExtensionsData(byte[] extBytes)
+ internal static IDictionary<int, byte[]> ReadExtensionsData(byte[] extBytes)
{
// Int32 -> byte[]
- IDictionary extensions = Platform.CreateHashtable();
+ var extensions = new Dictionary<int, byte[]>();
if (extBytes.Length > 0)
{
@@ -1762,12 +1762,11 @@ namespace Org.BouncyCastle.Tls
/*
* RFC 3546 2.3 There MUST NOT be more than one extension of the same type.
*/
- Int32 key = extension_type;
- if (extensions.Contains(key))
+ if (extensions.ContainsKey(extension_type))
throw new TlsFatalAlert(AlertDescription.illegal_parameter,
"Repeated extension: " + ExtensionType.GetText(extension_type));
- extensions.Add(key, extension_data);
+ extensions.Add(extension_type, extension_data);
}
while (buf.Position < buf.Length);
}
@@ -1776,10 +1775,10 @@ namespace Org.BouncyCastle.Tls
}
/// <exception cref="IOException"/>
- internal static IDictionary ReadExtensionsData13(int handshakeType, byte[] extBytes)
+ internal static IDictionary<int, byte[]> ReadExtensionsData13(int handshakeType, byte[] extBytes)
{
// Int32 -> byte[]
- IDictionary extensions = Platform.CreateHashtable();
+ var extensions = new Dictionary<int, byte[]>();
if (extBytes.Length > 0)
{
@@ -1800,12 +1799,11 @@ namespace Org.BouncyCastle.Tls
/*
* RFC 3546 2.3 There MUST NOT be more than one extension of the same type.
*/
- Int32 key = extension_type;
- if (extensions.Contains(key))
+ if (extensions.ContainsKey(extension_type))
throw new TlsFatalAlert(AlertDescription.illegal_parameter,
"Repeated extension: " + ExtensionType.GetText(extension_type));
- extensions.Add(key, extension_data);
+ extensions.Add(extension_type, extension_data);
}
while (buf.Position < buf.Length);
}
@@ -1814,7 +1812,7 @@ namespace Org.BouncyCastle.Tls
}
/// <exception cref="IOException"/>
- internal static IDictionary ReadExtensionsDataClientHello(byte[] extBytes)
+ internal static IDictionary<int, byte[]> ReadExtensionsDataClientHello(byte[] extBytes)
{
/*
* TODO[tls13] We are currently allowing any extensions to appear in ClientHello. It is
@@ -1824,7 +1822,7 @@ namespace Org.BouncyCastle.Tls
*/
// Int32 -> byte[]
- IDictionary extensions = Platform.CreateHashtable();
+ var extensions = new Dictionary<int, byte[]>();
if (extBytes.Length > 0)
{
@@ -1841,12 +1839,11 @@ namespace Org.BouncyCastle.Tls
/*
* RFC 3546 2.3 There MUST NOT be more than one extension of the same type.
*/
- Int32 key = extension_type;
- if (extensions.Contains(key))
+ if (extensions.ContainsKey(extension_type))
throw new TlsFatalAlert(AlertDescription.illegal_parameter,
"Repeated extension: " + ExtensionType.GetText(extension_type));
- extensions.Add(key, extension_data);
+ extensions.Add(extension_type, extension_data);
pre_shared_key_found |= (ExtensionType.pre_shared_key == extension_type);
}
@@ -1861,7 +1858,7 @@ namespace Org.BouncyCastle.Tls
}
/// <exception cref="IOException"/>
- internal static IList ReadSupplementalDataMessage(MemoryStream input)
+ internal static IList<SupplementalDataEntry> ReadSupplementalDataMessage(MemoryStream input)
{
byte[] supp_data = TlsUtilities.ReadOpaque24(input, 1);
@@ -1869,7 +1866,7 @@ namespace Org.BouncyCastle.Tls
MemoryStream buf = new MemoryStream(supp_data, false);
- IList supplementalData = Platform.CreateArrayList();
+ var supplementalData = new List<SupplementalDataEntry>();
while (buf.Position < buf.Length)
{
@@ -1883,13 +1880,13 @@ namespace Org.BouncyCastle.Tls
}
/// <exception cref="IOException"/>
- internal static void WriteExtensions(Stream output, IDictionary extensions)
+ internal static void WriteExtensions(Stream output, IDictionary<int, byte[]> extensions)
{
WriteExtensions(output, extensions, 0);
}
/// <exception cref="IOException"/>
- internal static void WriteExtensions(Stream output, IDictionary extensions, int bindersSize)
+ internal static void WriteExtensions(Stream output, IDictionary<int, byte[]> extensions, int bindersSize)
{
if (null == extensions || extensions.Count < 1)
return;
@@ -1903,13 +1900,13 @@ namespace Org.BouncyCastle.Tls
}
/// <exception cref="IOException"/>
- internal static byte[] WriteExtensionsData(IDictionary extensions)
+ internal static byte[] WriteExtensionsData(IDictionary<int, byte[]> extensions)
{
return WriteExtensionsData(extensions, 0);
}
/// <exception cref="IOException"/>
- internal static byte[] WriteExtensionsData(IDictionary extensions, int bindersSize)
+ internal static byte[] WriteExtensionsData(IDictionary<int, byte[]> extensions, int bindersSize)
{
MemoryStream buf = new MemoryStream();
WriteExtensionsData(extensions, buf, bindersSize);
@@ -1917,13 +1914,13 @@ namespace Org.BouncyCastle.Tls
}
/// <exception cref="IOException"/>
- internal static void WriteExtensionsData(IDictionary extensions, MemoryStream buf)
+ internal static void WriteExtensionsData(IDictionary<int, byte[]> extensions, MemoryStream buf)
{
WriteExtensionsData(extensions, buf, 0);
}
/// <exception cref="IOException"/>
- internal static void WriteExtensionsData(IDictionary extensions, MemoryStream buf, int bindersSize)
+ internal static void WriteExtensionsData(IDictionary<int, byte[]> extensions, MemoryStream buf, int bindersSize)
{
/*
* NOTE: There are reports of servers that don't accept a zero-length extension as the last
@@ -1935,10 +1932,10 @@ namespace Org.BouncyCastle.Tls
}
/// <exception cref="IOException"/>
- internal static void WritePreSharedKeyExtension(MemoryStream buf, IDictionary extensions, int bindersSize)
+ internal static void WritePreSharedKeyExtension(MemoryStream buf, IDictionary<int, byte[]> extensions,
+ int bindersSize)
{
- byte[] extension_data = (byte[])extensions[ExtensionType.pre_shared_key];
- if (null != extension_data)
+ if (extensions.TryGetValue(ExtensionType.pre_shared_key, out var extension_data))
{
TlsUtilities.CheckUint16(ExtensionType.pre_shared_key);
TlsUtilities.WriteUint16(ExtensionType.pre_shared_key, buf);
@@ -1951,17 +1948,18 @@ namespace Org.BouncyCastle.Tls
}
/// <exception cref="IOException"/>
- internal static void WriteSelectedExtensions(Stream output, IDictionary extensions, bool selectEmpty)
+ internal static void WriteSelectedExtensions(Stream output, IDictionary<int, byte[]> extensions,
+ bool selectEmpty)
{
- foreach (Int32 key in extensions.Keys)
+ foreach (var extension in extensions)
{
- int extension_type = key;
+ int extension_type = extension.Key;
// NOTE: Must be last; handled by 'WritePreSharedKeyExtension'
if (ExtensionType.pre_shared_key == extension_type)
continue;
- byte[] extension_data = (byte[])extensions[key];
+ byte[] extension_data = extension.Value;
if (selectEmpty == (extension_data.Length == 0))
{
@@ -1973,7 +1971,7 @@ namespace Org.BouncyCastle.Tls
}
/// <exception cref="IOException"/>
- internal static void WriteSupplementalData(Stream output, IList supplementalData)
+ internal static void WriteSupplementalData(Stream output, IList<SupplementalDataEntry> supplementalData)
{
MemoryStream buf = new MemoryStream();
diff --git a/crypto/src/tls/TlsServer.cs b/crypto/src/tls/TlsServer.cs
index fe88d7c43..9d8ae966d 100644
--- a/crypto/src/tls/TlsServer.cs
+++ b/crypto/src/tls/TlsServer.cs
@@ -1,5 +1,5 @@
using System;
-using System.Collections;
+using System.Collections.Generic;
using System.IO;
using Org.BouncyCastle.Tls.Crypto;
@@ -32,7 +32,7 @@ namespace Org.BouncyCastle.Tls
/// <param name="identities">an <see cref="IList"/> of <see cref="PskIdentity"/> instances.</param>
/// <returns>The <see cref="TlsPskExternal"/> corresponding to the selected identity, or null to not select
/// any.</returns>
- TlsPskExternal GetExternalPsk(IList identities);
+ TlsPskExternal GetExternalPsk(IList<PskIdentity> identities);
void NotifySession(TlsSession session);
@@ -47,7 +47,7 @@ namespace Org.BouncyCastle.Tls
/// <param name="clientExtensions">(Int32 -> byte[])</param>
/// <exception cref="IOException"/>
- void ProcessClientExtensions(IDictionary clientExtensions);
+ void ProcessClientExtensions(IDictionary<int, byte[]> clientExtensions);
/// <exception cref="IOException"/>
ProtocolVersion GetServerVersion();
@@ -60,15 +60,15 @@ namespace Org.BouncyCastle.Tls
/// <returns>(Int32 -> byte[])</returns>
/// <exception cref="IOException"/>
- IDictionary GetServerExtensions();
+ IDictionary<int, byte[]> GetServerExtensions();
/// <param name="serverExtensions">(Int32 -> byte[])</param>
/// <exception cref="IOException"/>
- void GetServerExtensionsForConnection(IDictionary serverExtensions);
+ void GetServerExtensionsForConnection(IDictionary<int, byte[]> serverExtensions);
/// <returns>(SupplementalDataEntry)</returns>
/// <exception cref="IOException"/>
- IList GetServerSupplementalData();
+ IList<SupplementalDataEntry> GetServerSupplementalData();
/// <summary>Return server credentials to use.</summary>
/// <remarks>
@@ -107,7 +107,7 @@ namespace Org.BouncyCastle.Tls
/// <param name="clientSupplementalData">(SupplementalDataEntry)</param>
/// <exception cref="IOException"/>
- void ProcessClientSupplementalData(IList clientSupplementalData);
+ void ProcessClientSupplementalData(IList<SupplementalDataEntry> clientSupplementalData);
/// <summary>Called by the protocol handler to report the client certificate, only if
/// <see cref="GetCertificateRequest"/> returned non-null.</summary>
diff --git a/crypto/src/tls/TlsServerProtocol.cs b/crypto/src/tls/TlsServerProtocol.cs
index 88bc9d5fa..a222b998d 100644
--- a/crypto/src/tls/TlsServerProtocol.cs
+++ b/crypto/src/tls/TlsServerProtocol.cs
@@ -1,5 +1,5 @@
using System;
-using System.Collections;
+using System.Collections.Generic;
using System.IO;
using Org.BouncyCastle.Tls.Crypto;
@@ -103,7 +103,7 @@ namespace Org.BouncyCastle.Tls
SecurityParameters securityParameters = m_tlsServerContext.SecurityParameters;
ProtocolVersion serverVersion = securityParameters.NegotiatedVersion;
- IDictionary serverHelloExtensions = Platform.CreateHashtable();
+ var serverHelloExtensions = new Dictionary<int, byte[]>();
TlsExtensionsUtilities.AddSupportedVersionsExtensionServer(serverHelloExtensions, serverVersion);
if (m_retryGroup >= 0)
{
@@ -129,7 +129,7 @@ namespace Org.BouncyCastle.Tls
byte[] legacy_session_id = clientHello.SessionID;
- IDictionary clientHelloExtensions = clientHello.Extensions;
+ var clientHelloExtensions = clientHello.Extensions;
if (null == clientHelloExtensions)
throw new TlsFatalAlert(AlertDescription.missing_extension);
@@ -141,7 +141,7 @@ namespace Org.BouncyCastle.Tls
OfferedPsks.SelectedConfig selectedPsk = TlsUtilities.SelectPreSharedKey(m_tlsServerContext, m_tlsServer,
clientHelloExtensions, clientHelloMessage, m_handshakeHash, afterHelloRetryRequest);
- IList clientShares = TlsExtensionsUtilities.GetKeyShareClientHello(clientHelloExtensions);
+ var clientShares = TlsExtensionsUtilities.GetKeyShareClientHello(clientHelloExtensions);
KeyShareEntry clientShare = null;
if (afterHelloRetryRequest)
@@ -287,8 +287,8 @@ namespace Org.BouncyCastle.Tls
}
- IDictionary serverHelloExtensions = Platform.CreateHashtable();
- IDictionary serverEncryptedExtensions = TlsExtensionsUtilities.EnsureExtensionsInitialised(
+ var serverHelloExtensions = new Dictionary<int, byte[]>();
+ var serverEncryptedExtensions = TlsExtensionsUtilities.EnsureExtensionsInitialised(
m_tlsServer.GetServerExtensions());
m_tlsServer.GetServerExtensionsForConnection(serverEncryptedExtensions);
@@ -326,8 +326,8 @@ namespace Org.BouncyCastle.Tls
*
* OCSP information is carried in an extension for a CertificateEntry.
*/
- securityParameters.m_statusRequestVersion = clientHelloExtensions.Contains(ExtensionType.status_request)
- ? 1 : 0;
+ securityParameters.m_statusRequestVersion =
+ clientHelloExtensions.ContainsKey(ExtensionType.status_request) ? 1 : 0;
this.m_expectSessionTicket = false;
@@ -584,7 +584,7 @@ namespace Org.BouncyCastle.Tls
m_tlsServerContext.SetRsaPreMasterSecretVersion(clientLegacyVersion);
{
- IDictionary sessionServerExtensions = m_resumedSession
+ var sessionServerExtensions = m_resumedSession
? m_sessionParameters.ReadServerExtensions()
: m_tlsServer.GetServerExtensions();
@@ -944,7 +944,7 @@ namespace Org.BouncyCastle.Tls
break;
}
- IList serverSupplementalData = m_tlsServer.GetServerSupplementalData();
+ var serverSupplementalData = m_tlsServer.GetServerSupplementalData();
if (serverSupplementalData != null)
{
SendSupplementalDataMessage(serverSupplementalData);
@@ -1383,7 +1383,7 @@ namespace Org.BouncyCastle.Tls
}
/// <exception cref="IOException"/>
- protected virtual void Send13EncryptedExtensionsMessage(IDictionary serverExtensions)
+ protected virtual void Send13EncryptedExtensionsMessage(IDictionary<int, byte[]> serverExtensions)
{
// TODO[tls13] Avoid extra copy; use placeholder to write opaque-16 data directly to message buffer
diff --git a/crypto/src/tls/TlsSrpUtilities.cs b/crypto/src/tls/TlsSrpUtilities.cs
index c36a667ac..6b01ed512 100644
--- a/crypto/src/tls/TlsSrpUtilities.cs
+++ b/crypto/src/tls/TlsSrpUtilities.cs
@@ -1,5 +1,5 @@
using System;
-using System.Collections;
+using System.Collections.Generic;
using System.IO;
using Org.BouncyCastle.Math;
@@ -10,13 +10,13 @@ namespace Org.BouncyCastle.Tls
public abstract class TlsSrpUtilities
{
/// <exception cref="IOException"/>
- public static void AddSrpExtension(IDictionary extensions, byte[] identity)
+ public static void AddSrpExtension(IDictionary<int, byte[]> extensions, byte[] identity)
{
extensions[ExtensionType.srp] = CreateSrpExtension(identity);
}
/// <exception cref="IOException"/>
- public static byte[] GetSrpExtension(IDictionary extensions)
+ public static byte[] GetSrpExtension(IDictionary<int, byte[]> extensions)
{
byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.srp);
return extensionData == null ? null : ReadSrpExtension(extensionData);
diff --git a/crypto/src/tls/TlsSrtpUtilities.cs b/crypto/src/tls/TlsSrtpUtilities.cs
index 72a9e774b..b7ceed260 100644
--- a/crypto/src/tls/TlsSrtpUtilities.cs
+++ b/crypto/src/tls/TlsSrtpUtilities.cs
@@ -1,5 +1,5 @@
using System;
-using System.Collections;
+using System.Collections.Generic;
using System.IO;
namespace Org.BouncyCastle.Tls
@@ -8,13 +8,13 @@ namespace Org.BouncyCastle.Tls
public abstract class TlsSrtpUtilities
{
/// <exception cref="IOException"/>
- public static void AddUseSrtpExtension(IDictionary extensions, UseSrtpData useSrtpData)
+ public static void AddUseSrtpExtension(IDictionary<int, byte[]> extensions, UseSrtpData useSrtpData)
{
extensions[ExtensionType.use_srtp] = CreateUseSrtpExtension(useSrtpData);
}
/// <exception cref="IOException"/>
- public static UseSrtpData GetUseSrtpExtension(IDictionary extensions)
+ public static UseSrtpData GetUseSrtpExtension(IDictionary<int, byte[]> extensions)
{
byte[] extensionData = TlsUtilities.GetExtensionData(extensions, ExtensionType.use_srtp);
return extensionData == null ? null : ReadUseSrtpExtension(extensionData);
diff --git a/crypto/src/tls/TlsUtilities.cs b/crypto/src/tls/TlsUtilities.cs
index 1e0b403c9..97895e8f2 100644
--- a/crypto/src/tls/TlsUtilities.cs
+++ b/crypto/src/tls/TlsUtilities.cs
@@ -1,9 +1,7 @@
using System;
-using System.Collections;
+using System.Collections.Generic;
using System.IO;
-#if !PORTABLE || DOTNET
using System.Net.Sockets;
-#endif
using Org.BouncyCastle.Asn1;
using Org.BouncyCastle.Asn1.Bsi;
@@ -18,6 +16,7 @@ using Org.BouncyCastle.Asn1.X9;
using Org.BouncyCastle.Math;
using Org.BouncyCastle.Tls.Crypto;
using Org.BouncyCastle.Utilities;
+using Org.BouncyCastle.Utilities.Collections;
using Org.BouncyCastle.Utilities.Date;
using Org.BouncyCastle.Utilities.Encoders;
using Org.BouncyCastle.Utilities.IO;
@@ -29,24 +28,24 @@ namespace Org.BouncyCastle.Tls
private static readonly byte[] DowngradeTlsV11 = Hex.DecodeStrict("444F574E47524400");
private static readonly byte[] DowngradeTlsV12 = Hex.DecodeStrict("444F574E47524401");
- private static readonly IDictionary CertSigAlgOids = CreateCertSigAlgOids();
- private static readonly IList DefaultSupportedSigAlgs = CreateDefaultSupportedSigAlgs();
+ private static readonly IDictionary<string, SignatureAndHashAlgorithm> CertSigAlgOids = CreateCertSigAlgOids();
+ private static readonly IList<SignatureAndHashAlgorithm> DefaultSupportedSigAlgs = CreateDefaultSupportedSigAlgs();
- private static void AddCertSigAlgOid(IDictionary d, DerObjectIdentifier oid,
+ private static void AddCertSigAlgOid(IDictionary<string, SignatureAndHashAlgorithm> d, DerObjectIdentifier oid,
SignatureAndHashAlgorithm sigAndHash)
{
d[oid.Id] = sigAndHash;
}
- private static void AddCertSigAlgOid(IDictionary d, DerObjectIdentifier oid, short hashAlgorithm,
- short signatureAlgorithm)
+ private static void AddCertSigAlgOid(IDictionary<string, SignatureAndHashAlgorithm> d, DerObjectIdentifier oid,
+ short hashAlgorithm, short signatureAlgorithm)
{
AddCertSigAlgOid(d, oid, SignatureAndHashAlgorithm.GetInstance(hashAlgorithm, signatureAlgorithm));
}
- private static IDictionary CreateCertSigAlgOids()
+ private static IDictionary<string, SignatureAndHashAlgorithm> CreateCertSigAlgOids()
{
- IDictionary d = Platform.CreateHashtable();
+ var d = new Dictionary<string, SignatureAndHashAlgorithm>();
AddCertSigAlgOid(d, NistObjectIdentifiers.DsaWithSha224, HashAlgorithm.sha224, SignatureAlgorithm.dsa);
AddCertSigAlgOid(d, NistObjectIdentifiers.DsaWithSha256, HashAlgorithm.sha256, SignatureAlgorithm.dsa);
@@ -97,9 +96,9 @@ namespace Org.BouncyCastle.Tls
return d;
}
- private static IList CreateDefaultSupportedSigAlgs()
+ private static IList<SignatureAndHashAlgorithm> CreateDefaultSupportedSigAlgs()
{
- IList result = Platform.CreateArrayList();
+ var result = new List<SignatureAndHashAlgorithm>();
result.Add(SignatureAndHashAlgorithm.ed25519);
result.Add(SignatureAndHashAlgorithm.ed448);
result.Add(SignatureAndHashAlgorithm.GetInstance(HashAlgorithm.sha256, SignatureAlgorithm.ecdsa));
@@ -970,7 +969,8 @@ namespace Org.BouncyCastle.Tls
buf[offset + 1] = (byte)version.MinorVersion;
}
- public static void AddIfSupported(IList supportedAlgs, TlsCrypto crypto, SignatureAndHashAlgorithm alg)
+ public static void AddIfSupported(IList<SignatureAndHashAlgorithm> supportedAlgs, TlsCrypto crypto,
+ SignatureAndHashAlgorithm alg)
{
if (crypto.HasSignatureAndHashAlgorithm(alg))
{
@@ -978,7 +978,7 @@ namespace Org.BouncyCastle.Tls
}
}
- public static void AddIfSupported(IList supportedGroups, TlsCrypto crypto, int namedGroup)
+ public static void AddIfSupported(IList<int> supportedGroups, TlsCrypto crypto, int namedGroup)
{
if (crypto.HasNamedGroup(namedGroup))
{
@@ -986,7 +986,7 @@ namespace Org.BouncyCastle.Tls
}
}
- public static void AddIfSupported(IList supportedGroups, TlsCrypto crypto, int[] namedGroups)
+ public static void AddIfSupported(IList<int> supportedGroups, TlsCrypto crypto, int[] namedGroups)
{
for (int i = 0; i < namedGroups.Length; ++i)
{
@@ -994,7 +994,7 @@ namespace Org.BouncyCastle.Tls
}
}
- public static bool AddToSet(IList s, int i)
+ public static bool AddToSet<T>(IList<T> s, T i)
{
bool result = !s.Contains(i);
if (result)
@@ -1004,17 +1004,17 @@ namespace Org.BouncyCastle.Tls
return result;
}
- public static IList GetDefaultDssSignatureAlgorithms()
+ public static IList<SignatureAndHashAlgorithm> GetDefaultDssSignatureAlgorithms()
{
return GetDefaultSignatureAlgorithms(SignatureAlgorithm.dsa);
}
- public static IList GetDefaultECDsaSignatureAlgorithms()
+ public static IList<SignatureAndHashAlgorithm> GetDefaultECDsaSignatureAlgorithms()
{
return GetDefaultSignatureAlgorithms(SignatureAlgorithm.ecdsa);
}
- public static IList GetDefaultRsaSignatureAlgorithms()
+ public static IList<SignatureAndHashAlgorithm> GetDefaultRsaSignatureAlgorithms()
{
return GetDefaultSignatureAlgorithms(SignatureAlgorithm.rsa);
}
@@ -1046,23 +1046,24 @@ namespace Org.BouncyCastle.Tls
}
}
- public static IList GetDefaultSignatureAlgorithms(short signatureAlgorithm)
+ public static IList<SignatureAndHashAlgorithm> GetDefaultSignatureAlgorithms(short signatureAlgorithm)
{
SignatureAndHashAlgorithm sigAndHashAlg = GetDefaultSignatureAlgorithm(signatureAlgorithm);
- return null == sigAndHashAlg ? Platform.CreateArrayList() : VectorOfOne(sigAndHashAlg);
+ return null == sigAndHashAlg ? new List<SignatureAndHashAlgorithm>() : VectorOfOne(sigAndHashAlg);
}
- public static IList GetDefaultSupportedSignatureAlgorithms(TlsContext context)
+ public static IList<SignatureAndHashAlgorithm> GetDefaultSupportedSignatureAlgorithms(TlsContext context)
{
return GetSupportedSignatureAlgorithms(context, DefaultSupportedSigAlgs);
}
- public static IList GetSupportedSignatureAlgorithms(TlsContext context, IList candidates)
+ public static IList<SignatureAndHashAlgorithm> GetSupportedSignatureAlgorithms(TlsContext context,
+ IList<SignatureAndHashAlgorithm> candidates)
{
TlsCrypto crypto = context.Crypto;
- IList result = Platform.CreateArrayList(DefaultSupportedSigAlgs.Count);
+ var result = new List<SignatureAndHashAlgorithm>(candidates.Count);
foreach (SignatureAndHashAlgorithm sigAndHashAlg in candidates)
{
AddIfSupported(result, crypto, sigAndHashAlg);
@@ -1088,14 +1089,15 @@ namespace Org.BouncyCastle.Tls
return signatureAndHashAlgorithm;
}
- public static byte[] GetExtensionData(IDictionary extensions, int extensionType)
+ public static byte[] GetExtensionData(IDictionary<int, byte[]> extensions, int extensionType)
{
- return extensions == null || !extensions.Contains(extensionType)
- ? null
- : (byte[])extensions[extensionType];
+ if (extensions == null || !extensions.TryGetValue(extensionType, out var extensionData))
+ return null;
+
+ return extensionData;
}
- public static bool HasExpectedEmptyExtensionData(IDictionary extensions, int extensionType,
+ public static bool HasExpectedEmptyExtensionData(IDictionary<int, byte[]> extensions, int extensionType,
short alertDescription)
{
byte[] extension_data = GetExtensionData(extensions, extensionType);
@@ -1140,22 +1142,7 @@ namespace Org.BouncyCastle.Tls
return false;
}
- public static bool IsNullOrEmpty(byte[] array)
- {
- return null == array || array.Length < 1;
- }
-
- public static bool IsNullOrEmpty(short[] array)
- {
- return null == array || array.Length < 1;
- }
-
- public static bool IsNullOrEmpty(int[] array)
- {
- return null == array || array.Length < 1;
- }
-
- public static bool IsNullOrEmpty(object[] array)
+ public static bool IsNullOrEmpty<T>(T[] array)
{
return null == array || array.Length < 1;
}
@@ -1165,7 +1152,7 @@ namespace Org.BouncyCastle.Tls
return null == s || s.Length < 1;
}
- public static bool IsNullOrEmpty(IList v)
+ public static bool IsNullOrEmpty<T>(IList<T> v)
{
return null == v || v.Count < 1;
}
@@ -1275,9 +1262,9 @@ namespace Org.BouncyCastle.Tls
}
}
- public static IList GetLegacySupportedSignatureAlgorithms()
+ public static IList<SignatureAndHashAlgorithm> GetLegacySupportedSignatureAlgorithms()
{
- IList result = Platform.CreateArrayList(3);
+ var result = new List<SignatureAndHashAlgorithm>(3);
result.Add(SignatureAndHashAlgorithm.GetInstance(HashAlgorithm.sha1, SignatureAlgorithm.dsa));
result.Add(SignatureAndHashAlgorithm.GetInstance(HashAlgorithm.sha1, SignatureAlgorithm.ecdsa));
result.Add(SignatureAndHashAlgorithm.GetInstance(HashAlgorithm.sha1, SignatureAlgorithm.rsa));
@@ -1285,10 +1272,12 @@ namespace Org.BouncyCastle.Tls
}
/// <exception cref="IOException"/>
- public static void EncodeSupportedSignatureAlgorithms(IList supportedSignatureAlgorithms, Stream output)
+ public static void EncodeSupportedSignatureAlgorithms(
+ IList<SignatureAndHashAlgorithm> supportedSignatureAlgorithms, Stream output)
{
- if (supportedSignatureAlgorithms == null || supportedSignatureAlgorithms.Count < 1
- || supportedSignatureAlgorithms.Count >= (1 << 15))
+ if (supportedSignatureAlgorithms == null ||
+ supportedSignatureAlgorithms.Count < 1 ||
+ supportedSignatureAlgorithms.Count >= (1 << 15))
{
throw new ArgumentException("must have length from 1 to (2^15 - 1)", "supportedSignatureAlgorithms");
}
@@ -1313,7 +1302,7 @@ namespace Org.BouncyCastle.Tls
}
/// <exception cref="IOException"/>
- public static IList ParseSupportedSignatureAlgorithms(Stream input)
+ public static IList<SignatureAndHashAlgorithm> ParseSupportedSignatureAlgorithms(Stream input)
{
// supported_signature_algorithms
int length = ReadUint16(input);
@@ -1321,7 +1310,7 @@ namespace Org.BouncyCastle.Tls
throw new TlsFatalAlert(AlertDescription.decode_error);
int count = length / 2;
- IList supportedSignatureAlgorithms = Platform.CreateArrayList(count);
+ var supportedSignatureAlgorithms = new List<SignatureAndHashAlgorithm>(count);
for (int i = 0; i < count; ++i)
{
SignatureAndHashAlgorithm sigAndHashAlg = SignatureAndHashAlgorithm.Parse(input);
@@ -1335,16 +1324,17 @@ namespace Org.BouncyCastle.Tls
}
/// <exception cref="IOException"/>
- public static void VerifySupportedSignatureAlgorithm(IList supportedSignatureAlgorithms,
- SignatureAndHashAlgorithm signatureAlgorithm)
+ public static void VerifySupportedSignatureAlgorithm(
+ IList<SignatureAndHashAlgorithm> supportedSignatureAlgorithms, SignatureAndHashAlgorithm signatureAlgorithm)
{
VerifySupportedSignatureAlgorithm(supportedSignatureAlgorithms, signatureAlgorithm,
AlertDescription.illegal_parameter);
}
/// <exception cref="IOException"/>
- internal static void VerifySupportedSignatureAlgorithm(IList supportedSignatureAlgorithms,
- SignatureAndHashAlgorithm signatureAlgorithm, short alertDescription)
+ internal static void VerifySupportedSignatureAlgorithm(
+ IList<SignatureAndHashAlgorithm> supportedSignatureAlgorithms, SignatureAndHashAlgorithm signatureAlgorithm,
+ short alertDescription)
{
if (supportedSignatureAlgorithms == null || supportedSignatureAlgorithms.Count < 1
|| supportedSignatureAlgorithms.Count >= (1 << 15))
@@ -1362,7 +1352,7 @@ namespace Org.BouncyCastle.Tls
}
/// <exception cref="IOException"/>
- public static bool ContainsSignatureAlgorithm(IList supportedSignatureAlgorithms,
+ public static bool ContainsSignatureAlgorithm(IList<SignatureAndHashAlgorithm> supportedSignatureAlgorithms,
SignatureAndHashAlgorithm signatureAlgorithm)
{
foreach (SignatureAndHashAlgorithm entry in supportedSignatureAlgorithms)
@@ -1374,7 +1364,8 @@ namespace Org.BouncyCastle.Tls
return false;
}
- public static bool ContainsAnySignatureAlgorithm(IList supportedSignatureAlgorithms, short signatureAlgorithm)
+ public static bool ContainsAnySignatureAlgorithm(IList<SignatureAndHashAlgorithm> supportedSignatureAlgorithms,
+ short signatureAlgorithm)
{
foreach (SignatureAndHashAlgorithm entry in supportedSignatureAlgorithms)
{
@@ -1464,9 +1455,9 @@ namespace Org.BouncyCastle.Tls
}
else
{
- if (CertSigAlgOids.Contains(sigAlgOid))
+ if (CertSigAlgOids.TryGetValue(sigAlgOid, out var algorithm))
{
- hashAlgorithm = ((SignatureAndHashAlgorithm)CertSigAlgOids[sigAlgOid]).Hash;
+ hashAlgorithm = algorithm.Hash;
}
}
}
@@ -2271,7 +2262,7 @@ namespace Org.BouncyCastle.Tls
{
SecurityParameters securityParameters = serverContext.SecurityParameters;
- IList supportedAlgorithms = securityParameters.ServerSigAlgs;
+ var supportedAlgorithms = securityParameters.ServerSigAlgs;
TlsCertificate certificate = securityParameters.PeerCertificate.GetCertificateAt(0);
Verify13CertificateVerify(supportedAlgorithms, "TLS 1.3, client CertificateVerify", handshakeHash,
@@ -2284,7 +2275,7 @@ namespace Org.BouncyCastle.Tls
{
SecurityParameters securityParameters = clientContext.SecurityParameters;
- IList supportedAlgorithms = securityParameters.ClientSigAlgs;
+ var supportedAlgorithms = securityParameters.ClientSigAlgs;
TlsCertificate certificate = securityParameters.PeerCertificate.GetCertificateAt(0);
Verify13CertificateVerify(supportedAlgorithms, "TLS 1.3, server CertificateVerify", handshakeHash,
@@ -2292,8 +2283,9 @@ namespace Org.BouncyCastle.Tls
}
/// <exception cref="IOException"/>
- private static void Verify13CertificateVerify(IList supportedAlgorithms, string contextString,
- TlsHandshakeHash handshakeHash, TlsCertificate certificate, CertificateVerify certificateVerify)
+ private static void Verify13CertificateVerify(IList<SignatureAndHashAlgorithm> supportedAlgorithms,
+ string contextString, TlsHandshakeHash handshakeHash, TlsCertificate certificate,
+ CertificateVerify certificateVerify)
{
// Verify the CertificateVerify message contains a correct signature.
bool verified;
@@ -2430,7 +2422,8 @@ namespace Org.BouncyCastle.Tls
}
}
- internal static void TrackHashAlgorithms(TlsHandshakeHash handshakeHash, IList supportedSignatureAlgorithms)
+ internal static void TrackHashAlgorithms(TlsHandshakeHash handshakeHash,
+ IList<SignatureAndHashAlgorithm> supportedSignatureAlgorithms)
{
foreach (SignatureAndHashAlgorithm signatureAndHashAlgorithm in supportedSignatureAlgorithms)
{
@@ -2459,9 +2452,9 @@ namespace Org.BouncyCastle.Tls
}
}
- public static IList VectorOfOne(object obj)
+ public static IList<T> VectorOfOne<T>(T obj)
{
- IList v = Platform.CreateArrayList(1);
+ var v = new List<T>(1);
v.Add(obj);
return v;
}
@@ -3203,9 +3196,9 @@ namespace Org.BouncyCastle.Tls
}
}
- public static IList GetKeyExchangeAlgorithms(int[] cipherSuites)
+ public static IList<int> GetKeyExchangeAlgorithms(int[] cipherSuites)
{
- IList result = Platform.CreateArrayList();
+ var result = new List<int>();
if (null != cipherSuites)
{
for (int i = 0; i < cipherSuites.Length; ++i)
@@ -3723,14 +3716,14 @@ namespace Org.BouncyCastle.Tls
}
}
- public static IList GetNamedGroupRoles(int[] cipherSuites)
+ public static IList<int> GetNamedGroupRoles(int[] cipherSuites)
{
return GetNamedGroupRoles(GetKeyExchangeAlgorithms(cipherSuites));
}
- public static IList GetNamedGroupRoles(IList keyExchangeAlgorithms)
+ public static IList<int> GetNamedGroupRoles(IList<int> keyExchangeAlgorithms)
{
- IList result = Platform.CreateArrayList();
+ var result = new List<int>();
foreach (int keyExchangeAlgorithm in keyExchangeAlgorithms)
{
switch (keyExchangeAlgorithm)
@@ -3795,7 +3788,7 @@ namespace Org.BouncyCastle.Tls
/// <returns>Whether a server can select the specified cipher suite given the available signature algorithms
/// for ServerKeyExchange.</returns>
- public static bool IsValidCipherSuiteForSignatureAlgorithms(int cipherSuite, IList sigAlgs)
+ public static bool IsValidCipherSuiteForSignatureAlgorithms(int cipherSuite, IList<short> sigAlgs)
{
int keyExchangeAlgorithm = GetKeyExchangeAlgorithm(cipherSuite);
@@ -3832,11 +3825,11 @@ namespace Org.BouncyCastle.Tls
}
internal static bool IsValidKeyShareSelection(ProtocolVersion negotiatedVersion, int[] clientSupportedGroups,
- IDictionary clientAgreements, int keyShareGroup)
+ IDictionary<int, TlsAgreement> clientAgreements, int keyShareGroup)
{
return null != clientSupportedGroups
&& Arrays.Contains(clientSupportedGroups, keyShareGroup)
- && !clientAgreements.Contains(keyShareGroup)
+ && !clientAgreements.ContainsKey(keyShareGroup)
&& NamedGroup.CanBeNegotiated(keyShareGroup, negotiatedVersion);
}
@@ -3910,20 +3903,19 @@ namespace Org.BouncyCastle.Tls
}
/// <exception cref="IOException"/>
- public static SignatureAndHashAlgorithm ChooseSignatureAndHashAlgorithm(TlsContext context, IList sigHashAlgs,
- short signatureAlgorithm)
+ public static SignatureAndHashAlgorithm ChooseSignatureAndHashAlgorithm(TlsContext context,
+ IList<SignatureAndHashAlgorithm> sigHashAlgs, short signatureAlgorithm)
{
return ChooseSignatureAndHashAlgorithm(context.ServerVersion, sigHashAlgs, signatureAlgorithm);
}
/// <exception cref="IOException"/>
public static SignatureAndHashAlgorithm ChooseSignatureAndHashAlgorithm(ProtocolVersion negotiatedVersion,
- IList sigHashAlgs, short signatureAlgorithm)
+ IList<SignatureAndHashAlgorithm> sigHashAlgs, short signatureAlgorithm)
{
if (!IsTlsV12(negotiatedVersion))
return null;
-
if (sigHashAlgs == null)
{
/*
@@ -3972,33 +3964,25 @@ namespace Org.BouncyCastle.Tls
return result;
}
- public static IList GetUsableSignatureAlgorithms(IList sigHashAlgs)
+ public static IList<short> GetUsableSignatureAlgorithms(IList<SignatureAndHashAlgorithm> sigHashAlgs)
{
if (sigHashAlgs == null)
+ return new List<short>(){ SignatureAlgorithm.rsa, SignatureAlgorithm.dsa, SignatureAlgorithm.ecdsa };
+
+ var v = new List<short>();
+ foreach (SignatureAndHashAlgorithm sigHashAlg in sigHashAlgs)
{
- IList v = Platform.CreateArrayList(3);
- v.Add(SignatureAlgorithm.rsa);
- v.Add(SignatureAlgorithm.dsa);
- v.Add(SignatureAlgorithm.ecdsa);
- return v;
- }
- else
- {
- IList v = Platform.CreateArrayList();
- foreach (SignatureAndHashAlgorithm sigHashAlg in sigHashAlgs)
+ if (sigHashAlg.Hash >= MinimumHashStrict)
{
- if (sigHashAlg.Hash >= MinimumHashStrict)
+ short sigAlg = sigHashAlg.Signature;
+ if (!v.Contains(sigAlg))
{
- short sigAlg = sigHashAlg.Signature;
- if (!v.Contains(sigAlg))
- {
- // TODO Check for crypto support before choosing (or pass in cached list?)
- v.Add(sigAlg);
- }
+ // TODO Check for crypto support before choosing (or pass in cached list?)
+ v.Add(sigAlg);
}
}
- return v;
}
+ return v;
}
public static int GetCommonCipherSuite13(ProtocolVersion negotiatedVersion, int[] peerCipherSuites,
@@ -4355,7 +4339,7 @@ namespace Org.BouncyCastle.Tls
{
SecurityParameters securityParameters = context.SecurityParameters;
short[] clientCertTypes = securityParameters.ClientCertTypes;
- IList serverSigAlgsCert = securityParameters.ServerSigAlgsCert;
+ var serverSigAlgsCert = securityParameters.ServerSigAlgsCert;
int trustAnchorPos = clientCertPath.Length - 1;
for (int i = 0; i < trustAnchorPos; ++i)
@@ -4405,8 +4389,8 @@ namespace Org.BouncyCastle.Tls
private static void CheckSigAlgOfServerCerts(TlsContext context, TlsCertificate[] serverCertPath)
{
SecurityParameters securityParameters = context.SecurityParameters;
- IList clientSigAlgsCert = securityParameters.ClientSigAlgsCert;
- IList clientSigAlgs = securityParameters.ClientSigAlgs;
+ var clientSigAlgsCert = securityParameters.ClientSigAlgsCert;
+ var clientSigAlgs = securityParameters.ClientSigAlgs;
/*
* NOTE: For TLS 1.2, we'll check 'signature_algorithms' too (if it's distinct), since
@@ -4457,8 +4441,8 @@ namespace Org.BouncyCastle.Tls
}
}
- internal static void CheckTlsFeatures(Certificate serverCertificate, IDictionary clientExtensions,
- IDictionary serverExtensions)
+ internal static void CheckTlsFeatures(Certificate serverCertificate, IDictionary<int, byte[]> clientExtensions,
+ IDictionary<int, byte[]> serverExtensions)
{
/*
* RFC 7633 4.3.3. A client MUST treat a certificate with a TLS feature extension as an
@@ -4485,7 +4469,7 @@ namespace Org.BouncyCastle.Tls
{
int extensionType = tlsExtension.IntValueExact;
- if (clientExtensions.Contains(extensionType) && !serverExtensions.Contains(extensionType))
+ if (clientExtensions.ContainsKey(extensionType) && !serverExtensions.ContainsKey(extensionType))
throw new TlsFatalAlert(AlertDescription.certificate_unknown);
}
}
@@ -4533,7 +4517,8 @@ namespace Org.BouncyCastle.Tls
internal static void ProcessServerCertificate(TlsClientContext clientContext,
CertificateStatus serverCertificateStatus, TlsKeyExchange keyExchange,
- TlsAuthentication clientAuthentication, IDictionary clientExtensions, IDictionary serverExtensions)
+ TlsAuthentication clientAuthentication, IDictionary<int, byte[]> clientExtensions,
+ IDictionary<int, byte[]> serverExtensions)
{
SecurityParameters securityParameters = clientContext.SecurityParameters;
bool isTlsV13 = IsTlsV13(securityParameters.NegotiatedVersion);
@@ -4569,12 +4554,7 @@ namespace Org.BouncyCastle.Tls
if (null != sigAlgOid)
{
if (!PkcsObjectIdentifiers.IdRsassaPss.Id.Equals(sigAlgOid))
- {
- if (!CertSigAlgOids.Contains(sigAlgOid))
- return null;
-
- return (SignatureAndHashAlgorithm)CertSigAlgOids[sigAlgOid];
- }
+ return CollectionUtilities.GetValueOrNull(CertSigAlgOids, sigAlgOid);
RsassaPssParameters pssParams = RsassaPssParameters.GetInstance(subjectCert.GetSigAlgParams());
if (null != pssParams)
@@ -4871,8 +4851,8 @@ namespace Org.BouncyCastle.Tls
return false;
}
- internal static IDictionary AddKeyShareToClientHello(TlsClientContext clientContext, TlsClient client,
- IDictionary clientExtensions)
+ internal static IDictionary<int, TlsAgreement> AddKeyShareToClientHello(TlsClientContext clientContext,
+ TlsClient client, IDictionary<int, byte[]> clientExtensions)
{
/*
* RFC 8446 9.2. If containing a "supported_groups" extension, it MUST also contain a
@@ -4880,15 +4860,15 @@ namespace Org.BouncyCastle.Tls
* permitted.
*/
if (!IsTlsV13(clientContext.ClientVersion)
- || !clientExtensions.Contains(ExtensionType.supported_groups))
+ || !clientExtensions.ContainsKey(ExtensionType.supported_groups))
{
return null;
}
- int[] supportedGroups = TlsExtensionsUtilities.GetSupportedGroupsExtension(clientExtensions);
- IList keyShareGroups = client.GetEarlyKeyShareGroups();
- IDictionary clientAgreements = Platform.CreateHashtable(3);
- IList clientShares = Platform.CreateArrayList(2);
+ var supportedGroups = TlsExtensionsUtilities.GetSupportedGroupsExtension(clientExtensions);
+ var keyShareGroups = client.GetEarlyKeyShareGroups();
+ var clientAgreements = new Dictionary<int, TlsAgreement>(3);
+ var clientShares = new List<KeyShareEntry>(2);
CollectKeyShares(clientContext.Crypto, supportedGroups, keyShareGroups, clientAgreements, clientShares);
@@ -4898,13 +4878,13 @@ namespace Org.BouncyCastle.Tls
return clientAgreements;
}
- internal static IDictionary AddKeyShareToClientHelloRetry(TlsClientContext clientContext,
- IDictionary clientExtensions, int keyShareGroup)
+ internal static IDictionary<int, TlsAgreement> AddKeyShareToClientHelloRetry(TlsClientContext clientContext,
+ IDictionary<int, byte[]> clientExtensions, int keyShareGroup)
{
int[] supportedGroups = new int[]{ keyShareGroup };
- IList keyShareGroups = VectorOfOne(keyShareGroup);
- IDictionary clientAgreements = Platform.CreateHashtable(1);
- IList clientShares = Platform.CreateArrayList(1);
+ var keyShareGroups = VectorOfOne(keyShareGroup);
+ var clientAgreements = new Dictionary<int, TlsAgreement>(1);
+ var clientShares = new List<KeyShareEntry>(1);
CollectKeyShares(clientContext.Crypto, supportedGroups, keyShareGroups, clientAgreements, clientShares);
@@ -4919,8 +4899,8 @@ namespace Org.BouncyCastle.Tls
return clientAgreements;
}
- private static void CollectKeyShares(TlsCrypto crypto, int[] supportedGroups, IList keyShareGroups,
- IDictionary clientAgreements, IList clientShares)
+ private static void CollectKeyShares(TlsCrypto crypto, int[] supportedGroups, IList<int> keyShareGroups,
+ IDictionary<int, TlsAgreement> clientAgreements, IList<KeyShareEntry> clientShares)
{
if (IsNullOrEmpty(supportedGroups))
return;
@@ -4933,7 +4913,7 @@ namespace Org.BouncyCastle.Tls
int supportedGroup = supportedGroups[i];
if (!keyShareGroups.Contains(supportedGroup)
- || clientAgreements.Contains(supportedGroup)
+ || clientAgreements.ContainsKey(supportedGroup)
|| !crypto.HasNamedGroup(supportedGroup))
{
continue;
@@ -4966,7 +4946,7 @@ namespace Org.BouncyCastle.Tls
}
}
- internal static KeyShareEntry SelectKeyShare(IList clientShares, int keyShareGroup)
+ internal static KeyShareEntry SelectKeyShare(IList<KeyShareEntry> clientShares, int keyShareGroup)
{
if (null != clientShares && 1 == clientShares.Count)
{
@@ -4980,7 +4960,7 @@ namespace Org.BouncyCastle.Tls
}
internal static KeyShareEntry SelectKeyShare(TlsCrypto crypto, ProtocolVersion negotiatedVersion,
- IList clientShares, int[] clientSupportedGroups, int[] serverSupportedGroups)
+ IList<KeyShareEntry> clientShares, int[] clientSupportedGroups, int[] serverSupportedGroups)
{
if (null != clientShares && !IsNullOrEmpty(clientSupportedGroups) && !IsNullOrEmpty(serverSupportedGroups))
{
@@ -5104,7 +5084,7 @@ namespace Org.BouncyCastle.Tls
}
internal static void EstablishClientSigAlgs(SecurityParameters securityParameters,
- IDictionary clientExtensions)
+ IDictionary<int, byte[]> clientExtensions)
{
securityParameters.m_clientSigAlgs = TlsExtensionsUtilities.GetSignatureAlgorithmsExtension(
clientExtensions);
@@ -5429,7 +5409,8 @@ namespace Org.BouncyCastle.Tls
}
/// <exception cref="IOException"/>
- internal static void CheckExtensionData13(IDictionary extensions, int handshakeType, short alertDescription)
+ internal static void CheckExtensionData13(IDictionary<int, byte[]> extensions, int handshakeType,
+ short alertDescription)
{
foreach (int extensionType in extensions.Keys)
{
@@ -5451,17 +5432,15 @@ namespace Org.BouncyCastle.Tls
return preMasterSecret;
}
-#if !PORTABLE || DOTNET
public static bool IsTimeout(SocketException e)
{
return SocketError.TimedOut == e.SocketErrorCode;
}
-#endif
/// <exception cref="IOException"/>
- internal static void AddPreSharedKeyToClientExtensions(TlsPsk[] psks, IDictionary clientExtensions)
+ internal static void AddPreSharedKeyToClientExtensions(TlsPsk[] psks, IDictionary<int, byte[]> clientExtensions)
{
- IList identities = Platform.CreateArrayList(psks.Length);
+ var identities = new List<PskIdentity>(psks.Length);
for (int i = 0; i < psks.Length; ++i)
{
TlsPsk psk = psks[i];
@@ -5475,7 +5454,7 @@ namespace Org.BouncyCastle.Tls
/// <exception cref="IOException"/>
internal static OfferedPsks.BindersConfig AddPreSharedKeyToClientHello(TlsClientContext clientContext,
- TlsClient client, IDictionary clientExtensions, int[] offeredCipherSuites)
+ TlsClient client, IDictionary<int, byte[]> clientExtensions, int[] offeredCipherSuites)
{
if (!IsTlsV13(clientContext.ClientVersion))
return null;
@@ -5501,13 +5480,13 @@ namespace Org.BouncyCastle.Tls
/// <exception cref="IOException"/>
internal static OfferedPsks.BindersConfig AddPreSharedKeyToClientHelloRetry(TlsClientContext clientContext,
- OfferedPsks.BindersConfig clientBinders, IDictionary clientExtensions)
+ OfferedPsks.BindersConfig clientBinders, IDictionary<int, byte[]> clientExtensions)
{
SecurityParameters securityParameters = clientContext.SecurityParameters;
int prfAlgorithm = GetPrfAlgorithm13(securityParameters.CipherSuite);
- IList pskIndices = GetPskIndices(clientBinders.m_psks, prfAlgorithm);
+ var pskIndices = GetPskIndices(clientBinders.m_psks, prfAlgorithm);
if (pskIndices.Count < 1)
return null;
@@ -5540,8 +5519,8 @@ namespace Org.BouncyCastle.Tls
}
internal static OfferedPsks.SelectedConfig SelectPreSharedKey(TlsServerContext serverContext, TlsServer server,
- IDictionary clientHelloExtensions, HandshakeMessageInput clientHelloMessage, TlsHandshakeHash handshakeHash,
- bool afterHelloRetryRequest)
+ IDictionary<int, byte[]> clientHelloExtensions, HandshakeMessageInput clientHelloMessage,
+ TlsHandshakeHash handshakeHash, bool afterHelloRetryRequest)
{
bool handshakeHashUpdated = false;
@@ -5633,7 +5612,7 @@ namespace Org.BouncyCastle.Tls
/// <exception cref="IOException"/>
internal static TlsPskExternal[] GetPskExternalsClient(TlsClient client, int[] offeredCipherSuites)
{
- IList externalPsks = client.GetExternalPsks();
+ var externalPsks = client.GetExternalPsks();
if (IsNullOrEmpty(externalPsks))
return null;
@@ -5659,9 +5638,9 @@ namespace Org.BouncyCastle.Tls
return result;
}
- internal static IList GetPskIndices(TlsPsk[] psks, int prfAlgorithm)
+ internal static IList<int> GetPskIndices(TlsPsk[] psks, int prfAlgorithm)
{
- IList v = Platform.CreateArrayList(psks.Length);
+ var v = new List<int>(psks.Length);
for (int i = 0; i < psks.Length; ++i)
{
if (psks[i].PrfAlgorithm == prfAlgorithm)
diff --git a/crypto/src/tls/crypto/TlsCrypto.cs b/crypto/src/tls/crypto/TlsCrypto.cs
index 27c5fb9e1..a99be8612 100644
--- a/crypto/src/tls/crypto/TlsCrypto.cs
+++ b/crypto/src/tls/crypto/TlsCrypto.cs
@@ -1,5 +1,5 @@
using System;
-using System.Collections;
+using System.Collections.Generic;
using System.IO;
using Org.BouncyCastle.Math;
@@ -18,7 +18,7 @@ namespace Org.BouncyCastle.Tls.Crypto
/// <see cref="SignatureAndHashAlgorithm"/> values.</param>
/// <returns>true if this instance would use a stream verifier for any of the passed in algorithms, otherwise
/// false.</returns>
- bool HasAnyStreamVerifiers(IList signatureAndHashAlgorithms);
+ bool HasAnyStreamVerifiers(IList<SignatureAndHashAlgorithm> signatureAndHashAlgorithms);
/// <summary>Return true if this TlsCrypto would use a stream verifier for any of the passed in algorithms.
/// </summary>
diff --git a/crypto/src/tls/crypto/impl/AbstractTlsCrypto.cs b/crypto/src/tls/crypto/impl/AbstractTlsCrypto.cs
index 87fe66dff..b2e1e7fe0 100644
--- a/crypto/src/tls/crypto/impl/AbstractTlsCrypto.cs
+++ b/crypto/src/tls/crypto/impl/AbstractTlsCrypto.cs
@@ -1,5 +1,5 @@
using System;
-using System.Collections;
+using System.Collections.Generic;
using Org.BouncyCastle.Math;
using Org.BouncyCastle.Security;
@@ -12,7 +12,7 @@ namespace Org.BouncyCastle.Tls.Crypto.Impl
public abstract class AbstractTlsCrypto
: TlsCrypto
{
- public abstract bool HasAnyStreamVerifiers(IList signatureAndHashAlgorithms);
+ public abstract bool HasAnyStreamVerifiers(IList<SignatureAndHashAlgorithm> signatureAndHashAlgorithms);
public abstract bool HasAnyStreamVerifiersLegacy(short[] clientCertificateTypes);
diff --git a/crypto/src/tls/crypto/impl/bc/BcTlsCrypto.cs b/crypto/src/tls/crypto/impl/bc/BcTlsCrypto.cs
index 38062829e..d6a41b86d 100644
--- a/crypto/src/tls/crypto/impl/bc/BcTlsCrypto.cs
+++ b/crypto/src/tls/crypto/impl/bc/BcTlsCrypto.cs
@@ -1,5 +1,5 @@
using System;
-using System.Collections;
+using System.Collections.Generic;
using Org.BouncyCastle.Crypto;
using Org.BouncyCastle.Crypto.Agreement.Srp;
@@ -153,7 +153,7 @@ namespace Org.BouncyCastle.Tls.Crypto.Impl.BC
return new BcTlsNonceGenerator(randomGenerator);
}
- public override bool HasAnyStreamVerifiers(IList signatureAndHashAlgorithms)
+ public override bool HasAnyStreamVerifiers(IList<SignatureAndHashAlgorithm> signatureAndHashAlgorithms)
{
foreach (SignatureAndHashAlgorithm algorithm in signatureAndHashAlgorithms)
{
|
