Port from Java many of the new TLS classes and a few minor changes

author: Peter Dettman <peter.dettman@bouncycastle.org> 2014-04-06 12:31:30 +0700
committer: Peter Dettman <peter.dettman@bouncycastle.org> 2014-04-06 12:31:30 +0700
commit: c280c388d58e99c644b8239f2b4b2652877f5970 (patch)
tree: 1a7075252cf00cbc45d09414f50383a077485a87 /crypto/src
parent: Move NullOutputStream to util/io (diff)
download: BouncyCastle.NET-ed25519-c280c388d58e99c644b8239f2b4b2652877f5970.tar.xz
25 files changed, 389 insertions, 45 deletions
diff --git a/crypto/src/crypto/tls/BulkCipherAlgorithm.cs b/crypto/src/crypto/tls/BulkCipherAlgorithm.cs
new file mode 100644
index 000000000..07ff8dc07
--- /dev/null
+++ b/crypto/src/crypto/tls/BulkCipherAlgorithm.cs
@@ -0,0 +1,25 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    /// <summary>RFC 2246</summary>
+    /// <remarks>
+    /// Note that the values here are implementation-specific and arbitrary. It is recommended not to
+    /// depend on the particular values (e.g. serialization).
+    /// </remarks>
+    public abstract class BulkCipherAlgorithm
+    {
+        public const int cls_null = 0;
+        public const int rc4 = 1;
+        public const int rc2 = 2;
+        public const int des = 3;
+        public const int cls_3des = 4;
+        public const int des40 = 5;
+
+        /*
+         * RFC 4346
+         */
+        public const int aes = 6;
+        public const int idea = 7;
+    }
+}
diff --git a/crypto/src/crypto/tls/CertChainType.cs b/crypto/src/crypto/tls/CertChainType.cs
new file mode 100644
index 000000000..b526a79a7
--- /dev/null
+++ b/crypto/src/crypto/tls/CertChainType.cs
@@ -0,0 +1,18 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    /*
+     * RFC 3546 3.3.
+     */
+    public abstract class CertChainType
+    {
+        public const short individual_certs = 0;
+        public const short pkipath = 1;
+
+        public static bool IsValid(short certChainType)
+        {
+            return certChainType >= individual_certs && certChainType <= pkipath;
+        }
+    }
+}
diff --git a/crypto/src/crypto/tls/CertificateStatusType.cs b/crypto/src/crypto/tls/CertificateStatusType.cs
new file mode 100644
index 000000000..222d31635
--- /dev/null
+++ b/crypto/src/crypto/tls/CertificateStatusType.cs
@@ -0,0 +1,12 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public abstract class CertificateStatusType
+    {
+        /*
+         *  RFC 3546 3.6
+         */
+        public const short ocsp = 1;
+    }
+}
diff --git a/crypto/src/crypto/tls/ChangeCipherSpec.cs b/crypto/src/crypto/tls/ChangeCipherSpec.cs
new file mode 100644
index 000000000..2ef4c3b34
--- /dev/null
+++ b/crypto/src/crypto/tls/ChangeCipherSpec.cs
@@ -0,0 +1,9 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public abstract class ChangeCipherSpec
+    {
+        public const short change_cipher_spec = 1;
+    }
+}
diff --git a/crypto/src/crypto/tls/CipherType.cs b/crypto/src/crypto/tls/CipherType.cs
new file mode 100644
index 000000000..b2ad7d8e1
--- /dev/null
+++ b/crypto/src/crypto/tls/CipherType.cs
@@ -0,0 +1,20 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    /// <summary>RFC 2246</summary>
+    /// <remarks>
+    /// Note that the values here are implementation-specific and arbitrary. It is recommended not to
+    /// depend on the particular values (e.g. serialization).
+    /// </remarks>
+    public abstract class CipherType
+    {
+        public const int stream = 0;
+        public const int block = 1;
+
+        /*
+         * RFC 5246
+         */
+        public const int aead = 2;
+    }
+}
diff --git a/crypto/src/crypto/tls/ClientAuthenticationType.cs b/crypto/src/crypto/tls/ClientAuthenticationType.cs
new file mode 100644
index 000000000..51e6e5005
--- /dev/null
+++ b/crypto/src/crypto/tls/ClientAuthenticationType.cs
@@ -0,0 +1,14 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public abstract class ClientAuthenticationType
+    {
+        /*
+         * RFC 5077 4
+         */
+        public const short anonymous = 0;
+        public const short certificate_based = 1;
+        public const short psk = 2;
+    }
+}
diff --git a/crypto/src/crypto/tls/ConnectionEnd.cs b/crypto/src/crypto/tls/ConnectionEnd.cs
new file mode 100644
index 000000000..afc9460f2
--- /dev/null
+++ b/crypto/src/crypto/tls/ConnectionEnd.cs
@@ -0,0 +1,15 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    /// <summary>RFC 2246</summary>
+    /// <remarks>
+    /// Note that the values here are implementation-specific and arbitrary. It is recommended not to
+    /// depend on the particular values (e.g. serialization).
+    /// </remarks>
+    public abstract class ConnectionEnd
+    {
+        public const int server = 0;
+        public const int client = 1;
+    }
+}
diff --git a/crypto/src/crypto/tls/DigestAlgorithm.cs b/crypto/src/crypto/tls/DigestAlgorithm.cs
index cede6b7f8..745bea448 100644
--- a/crypto/src/crypto/tls/DigestAlgorithm.cs
+++ b/crypto/src/crypto/tls/DigestAlgorithm.cs
@@ -2,20 +2,23 @@ using System;
 
 namespace Org.BouncyCastle.Crypto.Tls
 {
-	public enum DigestAlgorithm
-	{
-		/*
-		 * Note that the values here are implementation-specific and arbitrary.
-		 * It is recommended not to depend on the particular values (e.g. serialization).
-		 */
-		NULL,
-		MD5,
-		SHA,
+    /// <summary>RFC 2246</summary>
+    /// <remarks>
+    /// Note that the values here are implementation-specific and arbitrary. It is recommended not to
+    /// depend on the particular values (e.g. serialization).
+    /// </remarks>
+    [Obsolete("Use MacAlgorithm constants instead")]
+    public enum DigestAlgorithm
+    {
+        NULL,
+        MD5,
+        SHA,
 
-		/*
-		 * RFC 5289
-		 */
-		SHA256,
-		SHA384,
-	}
+        /*
+         * RFC 5246
+         */
+        SHA256,
+        SHA384,
+        SHA512,
+    }
 }
diff --git a/crypto/src/crypto/tls/DigestInputBuffer.cs b/crypto/src/crypto/tls/DigestInputBuffer.cs
new file mode 100644
index 000000000..547bcab54
--- /dev/null
+++ b/crypto/src/crypto/tls/DigestInputBuffer.cs
@@ -0,0 +1,39 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.IO;
+using Org.BouncyCastle.Utilities.IO;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    internal class DigestInputBuffer
+        :   MemoryStream
+    {
+        internal void UpdateDigest(IDigest d)
+        {
+            WriteTo(new DigStream(d));
+        }
+
+        private class DigStream
+            :   BaseOutputStream
+        {
+            private readonly IDigest d;
+
+            internal DigStream(IDigest d)
+            {
+                this.d = d;
+            }
+
+            public override void WriteByte(byte b)
+            {
+                d.Update(b);
+            }
+
+            public override void Write(byte[] buf, int off, int len)
+            {
+                d.BlockUpdate(buf, off, len);
+            }
+        }
+    }
+}
diff --git a/crypto/src/crypto/tls/ECBasisType.cs b/crypto/src/crypto/tls/ECBasisType.cs
new file mode 100644
index 000000000..b7c9c6bd7
--- /dev/null
+++ b/crypto/src/crypto/tls/ECBasisType.cs
@@ -0,0 +1,16 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    /// <summary>RFC 4492 5.4. (Errata ID: 2389)</summary>
+    public abstract class ECBasisType
+    {
+        public const short ec_basis_trinomial = 1;
+        public const short ec_basis_pentanomial = 2;
+
+        public static bool IsValid(short ecBasisType)
+        {
+            return ecBasisType >= ec_basis_trinomial && ecBasisType <= ec_basis_pentanomial;
+        }
+    }
+}
diff --git a/crypto/src/crypto/tls/EncryptionAlgorithm.cs b/crypto/src/crypto/tls/EncryptionAlgorithm.cs
index 69aee8abc..dbeaa3356 100644
--- a/crypto/src/crypto/tls/EncryptionAlgorithm.cs
+++ b/crypto/src/crypto/tls/EncryptionAlgorithm.cs
@@ -2,12 +2,11 @@ using System;
 
 namespace Org.BouncyCastle.Crypto.Tls
 {
-    /**
-     * RFC 2246
-     * <p/>
-     * Note that the values here are implementation-specific and arbitrary. It is recommended not to
-     * depend on the particular values (e.g. serialization).
-     */
+    /// <summary>RFC 2246</summary>
+    /// <remarks>
+    /// Note that the values here are implementation-specific and arbitrary. It is recommended not to
+    /// depend on the particular values (e.g. serialization).
+    /// </remarks>
     public abstract class EncryptionAlgorithm
     {
         public const int NULL = 0;
diff --git a/crypto/src/crypto/tls/ExporterLabel.cs b/crypto/src/crypto/tls/ExporterLabel.cs
index e26f15dc7..c186d410b 100644
--- a/crypto/src/crypto/tls/ExporterLabel.cs
+++ b/crypto/src/crypto/tls/ExporterLabel.cs
@@ -2,10 +2,8 @@
 
 namespace Org.BouncyCastle.Crypto.Tls
 {
-    /**
-     * RFC 5705
-     */
-    public class ExporterLabel
+    /// <summary>RFC 5705</summary>
+    public abstract class ExporterLabel
     {
         /*
          * BC-specific
diff --git a/crypto/src/crypto/tls/ExtensionType.cs b/crypto/src/crypto/tls/ExtensionType.cs
index 0e6a45b5e..4e265c358 100644
--- a/crypto/src/crypto/tls/ExtensionType.cs
+++ b/crypto/src/crypto/tls/ExtensionType.cs
@@ -29,11 +29,6 @@ namespace Org.BouncyCastle.Crypto.Tls
         public const int srp = 12;
 
         /*
-         * RFC 5077 7.
-         */
-        public const int session_ticket = 35;
-
-        /*
          * RFC 5246 7.4.1.4.
          */
         public const int signature_algorithms = 13;
@@ -49,6 +44,18 @@ namespace Org.BouncyCastle.Crypto.Tls
         public const int heartbeat = 15;
 
         /*
+         * RFC 5077 7.
+         */
+        public const int session_ticket = 35;
+
+        /*
+         * draft-gutmann-tls-encrypt-then-mac-05
+         * 
+         * NOTE: This value has not yet been reserved by the IETF 
+         */
+        public static readonly int encrypt_then_mac = 66;
+
+        /*
          * RFC 5746 3.2.
          */
         public const int renegotiation_info = 0xff01;
diff --git a/crypto/src/crypto/tls/HashAlgorithm.cs b/crypto/src/crypto/tls/HashAlgorithm.cs
index 41818ca2c..ac6def26f 100644
--- a/crypto/src/crypto/tls/HashAlgorithm.cs
+++ b/crypto/src/crypto/tls/HashAlgorithm.cs
@@ -2,9 +2,7 @@
 
 namespace Org.BouncyCastle.Crypto.Tls
 {
-    /**
-     * RFC 5246 7.4.1.4.1
-     */
+    /// <summary>RFC 5246 7.4.1.4.1</summary>
     public abstract class HashAlgorithm
     {
         public const byte none = 0;
diff --git a/crypto/src/crypto/tls/HeartbeatMessageType.cs b/crypto/src/crypto/tls/HeartbeatMessageType.cs
new file mode 100644
index 000000000..9e3ad213c
--- /dev/null
+++ b/crypto/src/crypto/tls/HeartbeatMessageType.cs
@@ -0,0 +1,18 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    /*
+     * RFC 6520 3.
+     */
+    public abstract class HeartbeatMessageType
+    {
+        public const short heartbeat_request = 1;
+        public const short heartbeat_response = 2;
+
+        public static bool IsValid(short heartbeatMessageType)
+        {
+            return heartbeatMessageType >= heartbeat_request && heartbeatMessageType <= heartbeat_response;
+        }
+    }
+}
diff --git a/crypto/src/crypto/tls/HeartbeatMode.cs b/crypto/src/crypto/tls/HeartbeatMode.cs
new file mode 100644
index 000000000..0968f6e10
--- /dev/null
+++ b/crypto/src/crypto/tls/HeartbeatMode.cs
@@ -0,0 +1,18 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    /*
+     * RFC 6520
+     */
+    public abstract class HeartbeatMode
+    {
+        public const short peer_allowed_to_send = 1;
+        public const short peer_not_allowed_to_send = 2;
+
+        public static bool IsValid(short heartbeatMode)
+        {
+            return heartbeatMode >= peer_allowed_to_send && heartbeatMode <= peer_not_allowed_to_send;
+        }
+    }
+}
diff --git a/crypto/src/crypto/tls/KeyExchangeAlgorithm.cs b/crypto/src/crypto/tls/KeyExchangeAlgorithm.cs
index 3f5088d9b..9b1b3ba5e 100644
--- a/crypto/src/crypto/tls/KeyExchangeAlgorithm.cs
+++ b/crypto/src/crypto/tls/KeyExchangeAlgorithm.cs
@@ -2,12 +2,11 @@ using System;
 
 namespace Org.BouncyCastle.Crypto.Tls
 {
-    /**
-     * RFC 2246
-     * <p/>
-     * Note that the values here are implementation-specific and arbitrary. It is recommended not to
-     * depend on the particular values (e.g. serialization).
-     */
+    /// <summary>RFC 2246</summary>
+    /// <remarks>
+    /// Note that the values here are implementation-specific and arbitrary. It is recommended not to
+    /// depend on the particular values (e.g. serialization).
+    /// </remarks>
     public abstract class KeyExchangeAlgorithm
     {
         public const int NULL = 0;
diff --git a/crypto/src/crypto/tls/MacAlgorithm.cs b/crypto/src/crypto/tls/MacAlgorithm.cs
new file mode 100644
index 000000000..e4aa88de6
--- /dev/null
+++ b/crypto/src/crypto/tls/MacAlgorithm.cs
@@ -0,0 +1,25 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    /// <summary>RFC 2246</summary>
+    /// <remarks>
+    /// Note that the values here are implementation-specific and arbitrary. It is recommended not to
+    /// depend on the particular values (e.g. serialization).
+    /// </remarks>
+    public abstract class MacAlgorithm
+    {
+        public const int cls_null = 0;
+        public const int md5 = 1;
+        public const int sha = 2;
+
+        /*
+         * RFC 5246
+         */
+        public const int hmac_md5 = md5;
+        public const int hmac_sha1 = sha;
+        public const int hmac_sha256 = 3;
+        public const int hmac_sha384 = 4;
+        public const int hmac_sha512 = 5;
+    }
+}
diff --git a/crypto/src/crypto/tls/MaxFragmentLength.cs b/crypto/src/crypto/tls/MaxFragmentLength.cs
new file mode 100644
index 000000000..adb6d129c
--- /dev/null
+++ b/crypto/src/crypto/tls/MaxFragmentLength.cs
@@ -0,0 +1,20 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public abstract class MaxFragmentLength
+    {
+        /*
+         * RFC 3546 3.2.
+         */
+        public const short pow2_9 = 1;
+        public const short pow2_10 = 2;
+        public const short pow2_11 = 3;
+        public const short pow2_12 = 4;
+
+        public static bool IsValid(short maxFragmentLength)
+        {
+            return maxFragmentLength >= pow2_9 && maxFragmentLength <= pow2_12;
+        }
+    }
+}
diff --git a/crypto/src/crypto/tls/NameType.cs b/crypto/src/crypto/tls/NameType.cs
new file mode 100644
index 000000000..ffcb639d0
--- /dev/null
+++ b/crypto/src/crypto/tls/NameType.cs
@@ -0,0 +1,12 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public abstract class NameType
+    {
+        /*
+         * RFC 3546 3.1.
+         */
+        public const short host_name = 0;
+    }
+}
diff --git a/crypto/src/crypto/tls/PrfAlgorithm.cs b/crypto/src/crypto/tls/PrfAlgorithm.cs
index 976113495..871241bd2 100644
--- a/crypto/src/crypto/tls/PrfAlgorithm.cs
+++ b/crypto/src/crypto/tls/PrfAlgorithm.cs
@@ -2,12 +2,11 @@
 
 namespace Org.BouncyCastle.Crypto.Tls
 {
-    /**
-     * RFC 5246
-     * <p/>
-     * Note that the values here are implementation-specific and arbitrary. It is recommended not to
-     * depend on the particular values (e.g. serialization).
-     */
+    /// <summary>RFC 5246</summary>
+    /// <remarks>
+    /// Note that the values here are implementation-specific and arbitrary. It is recommended not to
+    /// depend on the particular values (e.g. serialization).
+    /// </remarks>
     public abstract class PrfAlgorithm
     {
         /*
diff --git a/crypto/src/crypto/tls/SignerInputBuffer.cs b/crypto/src/crypto/tls/SignerInputBuffer.cs
new file mode 100644
index 000000000..ef2827c4d
--- /dev/null
+++ b/crypto/src/crypto/tls/SignerInputBuffer.cs
@@ -0,0 +1,39 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.IO;
+using Org.BouncyCastle.Utilities.IO;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    internal class SignerInputBuffer
+        : MemoryStream
+    {
+        internal void UpdateSigner(ISigner s)
+        {
+            WriteTo(new SigStream(s));
+        }
+
+        private class SigStream
+            : BaseOutputStream
+        {
+            private readonly ISigner s;
+
+            internal SigStream(ISigner s)
+            {
+                this.s = s;
+            }
+
+            public override void WriteByte(byte b)
+            {
+                s.Update(b);
+            }
+
+            public override void Write(byte[] buf, int off, int len)
+            {
+                s.BlockUpdate(buf, off, len);
+            }
+        }
+    }
+}
diff --git a/crypto/src/crypto/tls/SrtpProtectionProfile.cs b/crypto/src/crypto/tls/SrtpProtectionProfile.cs
new file mode 100644
index 000000000..1ce89f85e
--- /dev/null
+++ b/crypto/src/crypto/tls/SrtpProtectionProfile.cs
@@ -0,0 +1,15 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    public abstract class SrtpProtectionProfile
+    {
+        /*
+         * RFC 5764 4.1.2.
+         */
+        public const int SRTP_AES128_CM_HMAC_SHA1_80 = 0x0001;
+        public const int SRTP_AES128_CM_HMAC_SHA1_32 = 0x0002;
+        public const int SRTP_NULL_HMAC_SHA1_80 = 0x0005;
+        public const int SRTP_NULL_HMAC_SHA1_32 = 0x0006;
+    }
+}
diff --git a/crypto/src/crypto/tls/SupplementalDataType.cs b/crypto/src/crypto/tls/SupplementalDataType.cs
new file mode 100644
index 000000000..79511c50a
--- /dev/null
+++ b/crypto/src/crypto/tls/SupplementalDataType.cs
@@ -0,0 +1,13 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    /// <summary>RFC 4680</summary>
+    public abstract class SupplementalDataType
+    {
+        /*
+         * RFC 4681
+         */
+        public const int user_mapping_data = 0;
+    }
+}
diff --git a/crypto/src/crypto/tls/UserMappingType.cs b/crypto/src/crypto/tls/UserMappingType.cs
new file mode 100644
index 000000000..6e6d40a58
--- /dev/null
+++ b/crypto/src/crypto/tls/UserMappingType.cs
@@ -0,0 +1,13 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+    /// <remarks>RFC 4681</remarks>
+    public abstract class UserMappingType
+    {
+        /*
+         * RFC 4681
+         */
+        public const short upn_domain_hint = 64;
+    }
+}
author	Peter Dettman <peter.dettman@bouncycastle.org>	2014-04-06 12:31:30 +0700
committer	Peter Dettman <peter.dettman@bouncycastle.org>	2014-04-06 12:31:30 +0700
commit	c280c388d58e99c644b8239f2b4b2652877f5970 (patch)
tree	1a7075252cf00cbc45d09414f50383a077485a87 /crypto/src
parent	Move NullOutputStream to util/io (diff)
download	BouncyCastle.NET-ed25519-c280c388d58e99c644b8239f2b4b2652877f5970.tar.xz