diff --git a/crypto/src/asn1/ocsp/CertStatus.cs b/crypto/src/asn1/ocsp/CertStatus.cs
index b524364c9..7dd99b844 100644
--- a/crypto/src/asn1/ocsp/CertStatus.cs
+++ b/crypto/src/asn1/ocsp/CertStatus.cs
@@ -48,6 +48,8 @@ namespace Org.BouncyCastle.Asn1.Ocsp
case 2:
value = DerNull.Instance;
break;
+ default:
+ throw new ArgumentException("Unknown tag encountered: " + choice.TagNo);
}
}
diff --git a/crypto/src/crypto/tls/DtlsClientProtocol.cs b/crypto/src/crypto/tls/DtlsClientProtocol.cs
index abb402077..90430d772 100644
--- a/crypto/src/crypto/tls/DtlsClientProtocol.cs
+++ b/crypto/src/crypto/tls/DtlsClientProtocol.cs
@@ -53,19 +53,29 @@ namespace Org.BouncyCastle.Crypto.Tls
}
catch (TlsFatalAlert fatalAlert)
{
- recordLayer.Fail(fatalAlert.AlertDescription);
+ AbortClientHandshake(state, recordLayer, fatalAlert.AlertDescription);
throw fatalAlert;
}
catch (IOException e)
{
- recordLayer.Fail(AlertDescription.internal_error);
+ AbortClientHandshake(state, recordLayer, AlertDescription.internal_error);
throw e;
}
catch (Exception e)
{
- recordLayer.Fail(AlertDescription.internal_error);
+ AbortClientHandshake(state, recordLayer, AlertDescription.internal_error);
throw new TlsFatalAlert(AlertDescription.internal_error, e);
}
+ finally
+ {
+ securityParameters.Clear();
+ }
+ }
+
+ internal virtual void AbortClientHandshake(ClientHandshakeState state, DtlsRecordLayer recordLayer, byte alertDescription)
+ {
+ recordLayer.Fail(alertDescription);
+ InvalidateSession(state);
}
internal virtual DtlsTransport ClientHandshake(ClientHandshakeState state, DtlsRecordLayer recordLayer)
diff --git a/crypto/src/crypto/tls/DtlsRecordLayer.cs b/crypto/src/crypto/tls/DtlsRecordLayer.cs
index 6796f4cbb..4a781b5b5 100644
--- a/crypto/src/crypto/tls/DtlsRecordLayer.cs
+++ b/crypto/src/crypto/tls/DtlsRecordLayer.cs
@@ -237,7 +237,7 @@ namespace Org.BouncyCastle.Crypto.Tls
if (alertLevel == AlertLevel.fatal)
{
- Fail(alertDescription);
+ Failed();
throw new TlsFatalAlert(alertDescription);
}
@@ -375,6 +375,16 @@ namespace Org.BouncyCastle.Crypto.Tls
}
}
+ internal virtual void Failed()
+ {
+ if (!mClosed)
+ {
+ mFailed = true;
+
+ CloseTransport();
+ }
+ }
+
internal virtual void Fail(byte alertDescription)
{
if (!mClosed)
diff --git a/crypto/src/crypto/tls/DtlsServerProtocol.cs b/crypto/src/crypto/tls/DtlsServerProtocol.cs
index d05af193c..fbf33045b 100644
--- a/crypto/src/crypto/tls/DtlsServerProtocol.cs
+++ b/crypto/src/crypto/tls/DtlsServerProtocol.cs
@@ -54,19 +54,29 @@ namespace Org.BouncyCastle.Crypto.Tls
}
catch (TlsFatalAlert fatalAlert)
{
- recordLayer.Fail(fatalAlert.AlertDescription);
+ AbortServerHandshake(state, recordLayer, fatalAlert.AlertDescription);
throw fatalAlert;
}
catch (IOException e)
{
- recordLayer.Fail(AlertDescription.internal_error);
+ AbortServerHandshake(state, recordLayer, AlertDescription.internal_error);
throw e;
}
catch (Exception e)
{
- recordLayer.Fail(AlertDescription.internal_error);
+ AbortServerHandshake(state, recordLayer, AlertDescription.internal_error);
throw new TlsFatalAlert(AlertDescription.internal_error, e);
}
+ finally
+ {
+ securityParameters.Clear();
+ }
+ }
+
+ internal virtual void AbortServerHandshake(ServerHandshakeState state, DtlsRecordLayer recordLayer, byte alertDescription)
+ {
+ recordLayer.Fail(alertDescription);
+ InvalidateSession(state);
}
internal virtual DtlsTransport ServerHandshake(ServerHandshakeState state, DtlsRecordLayer recordLayer)
@@ -263,6 +273,21 @@ namespace Org.BouncyCastle.Crypto.Tls
return new DtlsTransport(recordLayer);
}
+ protected virtual void InvalidateSession(ServerHandshakeState state)
+ {
+ if (state.sessionParameters != null)
+ {
+ state.sessionParameters.Clear();
+ state.sessionParameters = null;
+ }
+
+ if (state.tlsSession != null)
+ {
+ state.tlsSession.Invalidate();
+ state.tlsSession = null;
+ }
+ }
+
protected virtual byte[] GenerateCertificateRequest(ServerHandshakeState state, CertificateRequest certificateRequest)
{
MemoryStream buf = new MemoryStream();
@@ -650,6 +675,9 @@ namespace Org.BouncyCastle.Crypto.Tls
{
internal TlsServer server = null;
internal TlsServerContextImpl serverContext = null;
+ internal TlsSession tlsSession = null;
+ internal SessionParameters sessionParameters = null;
+ internal SessionParameters.Builder sessionParametersBuilder = null;
internal int[] offeredCipherSuites = null;
internal byte[] offeredCompressionMethods = null;
internal IDictionary clientExtensions = null;
diff --git a/crypto/src/crypto/tls/TlsUtilities.cs b/crypto/src/crypto/tls/TlsUtilities.cs
index 25908d163..d51a8ff48 100644
--- a/crypto/src/crypto/tls/TlsUtilities.cs
+++ b/crypto/src/crypto/tls/TlsUtilities.cs
@@ -1246,6 +1246,7 @@ namespace Org.BouncyCastle.Crypto.Tls
case EncryptionAlgorithm.SEED_CBC:
return CipherType.block;
+ case EncryptionAlgorithm.NULL:
case EncryptionAlgorithm.RC4_40:
case EncryptionAlgorithm.RC4_128:
return CipherType.stream;
diff --git a/crypto/src/math/ec/multiplier/WNafUtilities.cs b/crypto/src/math/ec/multiplier/WNafUtilities.cs
index 5491297d7..7d565dfbd 100644
--- a/crypto/src/math/ec/multiplier/WNafUtilities.cs
+++ b/crypto/src/math/ec/multiplier/WNafUtilities.cs
@@ -423,7 +423,7 @@ namespace Org.BouncyCastle.Math.EC.Multiplier
* 1) additions do not use the curve's A, B coefficients.
* 2) no special cases (i.e. Q +/- Q) when calculating 1P, 3P, 5P, ...
*/
- if (ECAlgorithms.IsFpCurve(c) && c.FieldSize >= 64)
+ if (!twiceP.IsInfinity && ECAlgorithms.IsFpCurve(c) && c.FieldSize >= 64)
{
switch (c.CoordinateSystem)
{
diff --git a/crypto/src/math/raw/Nat128.cs b/crypto/src/math/raw/Nat128.cs
index 819c52062..1d3b64d32 100644
--- a/crypto/src/math/raw/Nat128.cs
+++ b/crypto/src/math/raw/Nat128.cs
@@ -626,8 +626,8 @@ namespace Org.BouncyCastle.Math.Raw
}
ulong x_3 = x[3];
- ulong zz_5 = zz[5];
- ulong zz_6 = zz[6];
+ ulong zz_5 = zz[5] + (zz_4 >> 32); zz_4 &= M;
+ ulong zz_6 = zz[6] + (zz_5 >> 32); zz_5 &= M;
{
zz_3 += x_3 * x_0;
w = (uint)zz_3;
@@ -702,8 +702,8 @@ namespace Org.BouncyCastle.Math.Raw
}
ulong x_3 = x[xOff + 3];
- ulong zz_5 = zz[zzOff + 5];
- ulong zz_6 = zz[zzOff + 6];
+ ulong zz_5 = zz[zzOff + 5] + (zz_4 >> 32); zz_4 &= M;
+ ulong zz_6 = zz[zzOff + 6] + (zz_5 >> 32); zz_5 &= M;
{
zz_3 += x_3 * x_0;
w = (uint)zz_3;
diff --git a/crypto/src/math/raw/Nat160.cs b/crypto/src/math/raw/Nat160.cs
index 153ac0a43..1fd00e576 100644
--- a/crypto/src/math/raw/Nat160.cs
+++ b/crypto/src/math/raw/Nat160.cs
@@ -604,8 +604,8 @@ namespace Org.BouncyCastle.Math.Raw
}
ulong x_3 = x[3];
- ulong zz_5 = zz[5];
- ulong zz_6 = zz[6];
+ ulong zz_5 = zz[5] + (zz_4 >> 32); zz_4 &= M;
+ ulong zz_6 = zz[6] + (zz_5 >> 32); zz_5 &= M;
{
zz_3 += x_3 * x_0;
w = (uint)zz_3;
@@ -619,8 +619,8 @@ namespace Org.BouncyCastle.Math.Raw
}
ulong x_4 = x[4];
- ulong zz_7 = zz[7];
- ulong zz_8 = zz[8];
+ ulong zz_7 = zz[7] + (zz_6 >> 32); zz_6 &= M;
+ ulong zz_8 = zz[8] + (zz_7 >> 32); zz_7 &= M;
{
zz_4 += x_4 * x_0;
w = (uint)zz_4;
@@ -699,8 +699,8 @@ namespace Org.BouncyCastle.Math.Raw
}
ulong x_3 = x[xOff + 3];
- ulong zz_5 = zz[zzOff + 5];
- ulong zz_6 = zz[zzOff + 6];
+ ulong zz_5 = zz[zzOff + 5] + (zz_4 >> 32); zz_4 &= M;
+ ulong zz_6 = zz[zzOff + 6] + (zz_5 >> 32); zz_5 &= M;
{
zz_3 += x_3 * x_0;
w = (uint)zz_3;
@@ -714,8 +714,8 @@ namespace Org.BouncyCastle.Math.Raw
}
ulong x_4 = x[xOff + 4];
- ulong zz_7 = zz[zzOff + 7];
- ulong zz_8 = zz[zzOff + 8];
+ ulong zz_7 = zz[zzOff + 7] + (zz_6 >> 32); zz_6 &= M;
+ ulong zz_8 = zz[zzOff + 8] + (zz_7 >> 32); zz_7 &= M;
{
zz_4 += x_4 * x_0;
w = (uint)zz_4;
diff --git a/crypto/src/math/raw/Nat192.cs b/crypto/src/math/raw/Nat192.cs
index 4797609ee..3099bafab 100644
--- a/crypto/src/math/raw/Nat192.cs
+++ b/crypto/src/math/raw/Nat192.cs
@@ -706,8 +706,8 @@ namespace Org.BouncyCastle.Math.Raw
}
ulong x_3 = x[3];
- ulong zz_5 = zz[5];
- ulong zz_6 = zz[6];
+ ulong zz_5 = zz[5] + (zz_4 >> 32); zz_4 &= M;
+ ulong zz_6 = zz[6] + (zz_5 >> 32); zz_5 &= M;
{
zz_3 += x_3 * x_0;
w = (uint)zz_3;
@@ -721,8 +721,8 @@ namespace Org.BouncyCastle.Math.Raw
}
ulong x_4 = x[4];
- ulong zz_7 = zz[7];
- ulong zz_8 = zz[8];
+ ulong zz_7 = zz[7] + (zz_6 >> 32); zz_6 &= M;
+ ulong zz_8 = zz[8] + (zz_7 >> 32); zz_7 &= M;
{
zz_4 += x_4 * x_0;
w = (uint)zz_4;
@@ -738,8 +738,8 @@ namespace Org.BouncyCastle.Math.Raw
}
ulong x_5 = x[5];
- ulong zz_9 = zz[9];
- ulong zz_10 = zz[10];
+ ulong zz_9 = zz[9] + (zz_8 >> 32); zz_8 &= M;
+ ulong zz_10 = zz[10] + (zz_9 >> 32); zz_9 &= M;
{
zz_5 += x_5 * x_0;
w = (uint)zz_5;
@@ -822,8 +822,8 @@ namespace Org.BouncyCastle.Math.Raw
}
ulong x_3 = x[xOff + 3];
- ulong zz_5 = zz[zzOff + 5];
- ulong zz_6 = zz[zzOff + 6];
+ ulong zz_5 = zz[zzOff + 5] + (zz_4 >> 32); zz_4 &= M;
+ ulong zz_6 = zz[zzOff + 6] + (zz_5 >> 32); zz_5 &= M;
{
zz_3 += x_3 * x_0;
w = (uint)zz_3;
@@ -837,8 +837,8 @@ namespace Org.BouncyCastle.Math.Raw
}
ulong x_4 = x[xOff + 4];
- ulong zz_7 = zz[zzOff + 7];
- ulong zz_8 = zz[zzOff + 8];
+ ulong zz_7 = zz[zzOff + 7] + (zz_6 >> 32); zz_6 &= M;
+ ulong zz_8 = zz[zzOff + 8] + (zz_7 >> 32); zz_7 &= M;
{
zz_4 += x_4 * x_0;
w = (uint)zz_4;
@@ -854,8 +854,8 @@ namespace Org.BouncyCastle.Math.Raw
}
ulong x_5 = x[xOff + 5];
- ulong zz_9 = zz[zzOff + 9];
- ulong zz_10 = zz[zzOff + 10];
+ ulong zz_9 = zz[zzOff + 9] + (zz_8 >> 32); zz_8 &= M;
+ ulong zz_10 = zz[zzOff + 10] + (zz_9 >> 32); zz_9 &= M;
{
zz_5 += x_5 * x_0;
w = (uint)zz_5;
diff --git a/crypto/src/math/raw/Nat224.cs b/crypto/src/math/raw/Nat224.cs
index 940e930ac..978caf265 100644
--- a/crypto/src/math/raw/Nat224.cs
+++ b/crypto/src/math/raw/Nat224.cs
@@ -786,8 +786,8 @@ namespace Org.BouncyCastle.Math.Raw
}
ulong x_3 = x[3];
- ulong zz_5 = zz[5];
- ulong zz_6 = zz[6];
+ ulong zz_5 = zz[5] + (zz_4 >> 32); zz_4 &= M;
+ ulong zz_6 = zz[6] + (zz_5 >> 32); zz_5 &= M;
{
zz_3 += x_3 * x_0;
w = (uint)zz_3;
@@ -801,8 +801,8 @@ namespace Org.BouncyCastle.Math.Raw
}
ulong x_4 = x[4];
- ulong zz_7 = zz[7];
- ulong zz_8 = zz[8];
+ ulong zz_7 = zz[7] + (zz_6 >> 32); zz_6 &= M;
+ ulong zz_8 = zz[8] + (zz_7 >> 32); zz_7 &= M;
{
zz_4 += x_4 * x_0;
w = (uint)zz_4;
@@ -818,8 +818,8 @@ namespace Org.BouncyCastle.Math.Raw
}
ulong x_5 = x[5];
- ulong zz_9 = zz[9];
- ulong zz_10 = zz[10];
+ ulong zz_9 = zz[9] + (zz_8 >> 32); zz_8 &= M;
+ ulong zz_10 = zz[10] + (zz_9 >> 32); zz_9 &= M;
{
zz_5 += x_5 * x_0;
w = (uint)zz_5;
@@ -837,8 +837,8 @@ namespace Org.BouncyCastle.Math.Raw
}
ulong x_6 = x[6];
- ulong zz_11 = zz[11];
- ulong zz_12 = zz[12];
+ ulong zz_11 = zz[11] + (zz_10 >> 32); zz_10 &= M;
+ ulong zz_12 = zz[12] + (zz_11 >> 32); zz_11 &= M;
{
zz_6 += x_6 * x_0;
w = (uint)zz_6;
@@ -925,8 +925,8 @@ namespace Org.BouncyCastle.Math.Raw
}
ulong x_3 = x[xOff + 3];
- ulong zz_5 = zz[zzOff + 5];
- ulong zz_6 = zz[zzOff + 6];
+ ulong zz_5 = zz[zzOff + 5] + (zz_4 >> 32); zz_4 &= M;
+ ulong zz_6 = zz[zzOff + 6] + (zz_5 >> 32); zz_5 &= M;
{
zz_3 += x_3 * x_0;
w = (uint)zz_3;
@@ -940,8 +940,8 @@ namespace Org.BouncyCastle.Math.Raw
}
ulong x_4 = x[xOff + 4];
- ulong zz_7 = zz[zzOff + 7];
- ulong zz_8 = zz[zzOff + 8];
+ ulong zz_7 = zz[zzOff + 7] + (zz_6 >> 32); zz_6 &= M;
+ ulong zz_8 = zz[zzOff + 8] + (zz_7 >> 32); zz_7 &= M;
{
zz_4 += x_4 * x_0;
w = (uint)zz_4;
@@ -957,8 +957,8 @@ namespace Org.BouncyCastle.Math.Raw
}
ulong x_5 = x[xOff + 5];
- ulong zz_9 = zz[zzOff + 9];
- ulong zz_10 = zz[zzOff + 10];
+ ulong zz_9 = zz[zzOff + 9] + (zz_8 >> 32); zz_8 &= M;
+ ulong zz_10 = zz[zzOff + 10] + (zz_9 >> 32); zz_9 &= M;
{
zz_5 += x_5 * x_0;
w = (uint)zz_5;
@@ -976,8 +976,8 @@ namespace Org.BouncyCastle.Math.Raw
}
ulong x_6 = x[xOff + 6];
- ulong zz_11 = zz[zzOff + 11];
- ulong zz_12 = zz[zzOff + 12];
+ ulong zz_11 = zz[zzOff + 11] + (zz_10 >> 32); zz_10 &= M;
+ ulong zz_12 = zz[zzOff + 12] + (zz_11 >> 32); zz_11 &= M;
{
zz_6 += x_6 * x_0;
w = (uint)zz_6;
diff --git a/crypto/src/math/raw/Nat256.cs b/crypto/src/math/raw/Nat256.cs
index 19455031a..09c751a5a 100644
--- a/crypto/src/math/raw/Nat256.cs
+++ b/crypto/src/math/raw/Nat256.cs
@@ -917,8 +917,8 @@ namespace Org.BouncyCastle.Math.Raw
}
ulong x_3 = x[3];
- ulong zz_5 = zz[5];
- ulong zz_6 = zz[6];
+ ulong zz_5 = zz[5] + (zz_4 >> 32); zz_4 &= M;
+ ulong zz_6 = zz[6] + (zz_5 >> 32); zz_5 &= M;
{
zz_3 += x_3 * x_0;
w = (uint)zz_3;
@@ -932,8 +932,8 @@ namespace Org.BouncyCastle.Math.Raw
}
ulong x_4 = x[4];
- ulong zz_7 = zz[7];
- ulong zz_8 = zz[8];
+ ulong zz_7 = zz[7] + (zz_6 >> 32); zz_6 &= M;
+ ulong zz_8 = zz[8] + (zz_7 >> 32); zz_7 &= M;
{
zz_4 += x_4 * x_0;
w = (uint)zz_4;
@@ -949,8 +949,8 @@ namespace Org.BouncyCastle.Math.Raw
}
ulong x_5 = x[5];
- ulong zz_9 = zz[9];
- ulong zz_10 = zz[10];
+ ulong zz_9 = zz[9] + (zz_8 >> 32); zz_8 &= M;
+ ulong zz_10 = zz[10] + (zz_9 >> 32); zz_9 &= M;
{
zz_5 += x_5 * x_0;
w = (uint)zz_5;
@@ -968,8 +968,8 @@ namespace Org.BouncyCastle.Math.Raw
}
ulong x_6 = x[6];
- ulong zz_11 = zz[11];
- ulong zz_12 = zz[12];
+ ulong zz_11 = zz[11] + (zz_10 >> 32); zz_10 &= M;
+ ulong zz_12 = zz[12] + (zz_11 >> 32); zz_11 &= M;
{
zz_6 += x_6 * x_0;
w = (uint)zz_6;
@@ -989,8 +989,8 @@ namespace Org.BouncyCastle.Math.Raw
}
ulong x_7 = x[7];
- ulong zz_13 = zz[13];
- ulong zz_14 = zz[14];
+ ulong zz_13 = zz[13] + (zz_12 >> 32); zz_12 &= M;
+ ulong zz_14 = zz[14] + (zz_13 >> 32); zz_13 &= M;
{
zz_7 += x_7 * x_0;
w = (uint)zz_7;
@@ -1081,8 +1081,8 @@ namespace Org.BouncyCastle.Math.Raw
}
ulong x_3 = x[xOff + 3];
- ulong zz_5 = zz[zzOff + 5];
- ulong zz_6 = zz[zzOff + 6];
+ ulong zz_5 = zz[zzOff + 5] + (zz_4 >> 32); zz_4 &= M;
+ ulong zz_6 = zz[zzOff + 6] + (zz_5 >> 32); zz_5 &= M;
{
zz_3 += x_3 * x_0;
w = (uint)zz_3;
@@ -1096,8 +1096,8 @@ namespace Org.BouncyCastle.Math.Raw
}
ulong x_4 = x[xOff + 4];
- ulong zz_7 = zz[zzOff + 7];
- ulong zz_8 = zz[zzOff + 8];
+ ulong zz_7 = zz[zzOff + 7] + (zz_6 >> 32); zz_6 &= M;
+ ulong zz_8 = zz[zzOff + 8] + (zz_7 >> 32); zz_7 &= M;
{
zz_4 += x_4 * x_0;
w = (uint)zz_4;
@@ -1113,8 +1113,8 @@ namespace Org.BouncyCastle.Math.Raw
}
ulong x_5 = x[xOff + 5];
- ulong zz_9 = zz[zzOff + 9];
- ulong zz_10 = zz[zzOff + 10];
+ ulong zz_9 = zz[zzOff + 9] + (zz_8 >> 32); zz_8 &= M;
+ ulong zz_10 = zz[zzOff + 10] + (zz_9 >> 32); zz_9 &= M;
{
zz_5 += x_5 * x_0;
w = (uint)zz_5;
@@ -1132,8 +1132,8 @@ namespace Org.BouncyCastle.Math.Raw
}
ulong x_6 = x[xOff + 6];
- ulong zz_11 = zz[zzOff + 11];
- ulong zz_12 = zz[zzOff + 12];
+ ulong zz_11 = zz[zzOff + 11] + (zz_10 >> 32); zz_10 &= M;
+ ulong zz_12 = zz[zzOff + 12] + (zz_11 >> 32); zz_11 &= M;
{
zz_6 += x_6 * x_0;
w = (uint)zz_6;
@@ -1153,8 +1153,8 @@ namespace Org.BouncyCastle.Math.Raw
}
ulong x_7 = x[xOff + 7];
- ulong zz_13 = zz[zzOff + 13];
- ulong zz_14 = zz[zzOff + 14];
+ ulong zz_13 = zz[zzOff + 13] + (zz_12 >> 32); zz_12 &= M;
+ ulong zz_14 = zz[zzOff + 14] + (zz_13 >> 32); zz_13 &= M;
{
zz_7 += x_7 * x_0;
w = (uint)zz_7;
diff --git a/crypto/src/x509/extension/X509ExtensionUtil.cs b/crypto/src/x509/extension/X509ExtensionUtil.cs
index 845a87bad..5f65ebfda 100644
--- a/crypto/src/x509/extension/X509ExtensionUtil.cs
+++ b/crypto/src/x509/extension/X509ExtensionUtil.cs
@@ -44,9 +44,11 @@ namespace Org.BouncyCastle.X509.Extension
{
Asn1Sequence seq = DerSequence.GetInstance(FromExtensionValue(extVal));
- foreach (GeneralName genName in seq)
+ foreach (Asn1Encodable primName in seq)
{
IList list = Platform.CreateArrayList();
+ GeneralName genName = GeneralName.GetInstance(primName);
+
list.Add(genName.TagNo);
switch (genName.TagNo)
|
