diff --git a/crypto/src/tls/CertificateVerify.cs b/crypto/src/tls/CertificateVerify.cs
new file mode 100644
index 000000000..7c9f02735
--- /dev/null
+++ b/crypto/src/tls/CertificateVerify.cs
@@ -0,0 +1,57 @@
+using System;
+using System.IO;
+
+namespace Org.BouncyCastle.Tls
+{
+ public sealed class CertificateVerify
+ {
+ private readonly int m_algorithm;
+ private readonly byte[] m_signature;
+
+ public CertificateVerify(int algorithm, byte[] signature)
+ {
+ if (!TlsUtilities.IsValidUint16(algorithm))
+ throw new ArgumentException("algorithm");
+ if (signature == null)
+ throw new ArgumentNullException("signature");
+
+ this.m_algorithm = algorithm;
+ this.m_signature = signature;
+ }
+
+ /// <returns>a <see cref="SignatureScheme"/> value.</returns>
+ public int Algorithm
+ {
+ get { return m_algorithm; }
+ }
+
+ public byte[] Signature
+ {
+ get { return m_signature; }
+ }
+
+ /// <summary>Encode this <see cref="CertificateVerify"/> to a <see cref="Stream"/>.</summary>
+ /// <param name="output">the <see cref="Stream"/> to encode to.</param>
+ /// <exception cref="IOException"/>
+ public void Encode(Stream output)
+ {
+ TlsUtilities.WriteUint16(m_algorithm, output);
+ TlsUtilities.WriteOpaque16(m_signature, output);
+ }
+
+ /// <summary>Parse a <see cref="CertificateVerify"/> from a <see cref="Stream"/>.</summary>
+ /// <param name="context">the <see cref="TlsContext"/> of the current connection.</param>
+ /// <param name="input">the <see cref="Stream"/> to parse from.</param>
+ /// <returns>a <see cref="CertificateVerify"/> object.</returns>
+ /// <exception cref="IOException"/>
+ public static CertificateVerify Parse(TlsContext context, Stream input)
+ {
+ if (!TlsUtilities.IsTlsV13(context))
+ throw new InvalidOperationException();
+
+ int algorithm = TlsUtilities.ReadUint16(input);
+ byte[] signature = TlsUtilities.ReadOpaque16(input);
+ return new CertificateVerify(algorithm, signature);
+ }
+ }
+}
diff --git a/crypto/src/tls/TlsClientProtocol.cs b/crypto/src/tls/TlsClientProtocol.cs
index cb59289ae..89e7c4ba9 100644
--- a/crypto/src/tls/TlsClientProtocol.cs
+++ b/crypto/src/tls/TlsClientProtocol.cs
@@ -1467,12 +1467,11 @@ namespace Org.BouncyCastle.Tls
if (null == serverCertificate || serverCertificate.IsEmpty)
throw new TlsFatalAlert(AlertDescription.internal_error);
- // TODO[tls13] Actual structure is 'CertificateVerify' in RFC 8446, consider adding for clarity
- DigitallySigned certificateVerify = DigitallySigned.Parse(m_tlsClientContext, buf);
+ CertificateVerify certificateVerify = CertificateVerify.Parse(m_tlsClientContext, buf);
AssertEmpty(buf);
- TlsUtilities.Verify13CertificateVerifyServer(m_tlsClientContext, certificateVerify, m_handshakeHash);
+ TlsUtilities.Verify13CertificateVerifyServer(m_tlsClientContext, m_handshakeHash, certificateVerify);
}
/// <exception cref="IOException"/>
diff --git a/crypto/src/tls/TlsServerProtocol.cs b/crypto/src/tls/TlsServerProtocol.cs
index 0ab8a7a98..523fc0030 100644
--- a/crypto/src/tls/TlsServerProtocol.cs
+++ b/crypto/src/tls/TlsServerProtocol.cs
@@ -1281,13 +1281,11 @@ namespace Org.BouncyCastle.Tls
if (null == clientCertificate || clientCertificate.IsEmpty)
throw new TlsFatalAlert(AlertDescription.internal_error);
- // TODO[tls13] Actual structure is 'CertificateVerify' in RFC 8446, consider adding for clarity
- DigitallySigned certificateVerify = DigitallySigned.Parse(m_tlsServerContext, buf);
+ CertificateVerify certificateVerify = CertificateVerify.Parse(m_tlsServerContext, buf);
AssertEmpty(buf);
- TlsUtilities.Verify13CertificateVerifyClient(m_tlsServerContext, m_certificateRequest, certificateVerify,
- m_handshakeHash);
+ TlsUtilities.Verify13CertificateVerifyClient(m_tlsServerContext, m_handshakeHash, certificateVerify);
}
/// <exception cref="IOException"/>
diff --git a/crypto/src/tls/TlsUtilities.cs b/crypto/src/tls/TlsUtilities.cs
index 13155d26e..0bee76c0a 100644
--- a/crypto/src/tls/TlsUtilities.cs
+++ b/crypto/src/tls/TlsUtilities.cs
@@ -2282,62 +2282,54 @@ namespace Org.BouncyCastle.Tls
}
}
+ /// <exception cref="IOException"/>
internal static void Verify13CertificateVerifyClient(TlsServerContext serverContext,
- CertificateRequest certificateRequest, DigitallySigned certificateVerify, TlsHandshakeHash handshakeHash)
+ TlsHandshakeHash handshakeHash, CertificateVerify certificateVerify)
{
SecurityParameters securityParameters = serverContext.SecurityParameters;
- Certificate clientCertificate = securityParameters.PeerCertificate;
- TlsCertificate verifyingCert = clientCertificate.GetCertificateAt(0);
-
- SignatureAndHashAlgorithm sigAndHashAlg = certificateVerify.Algorithm;
- VerifySupportedSignatureAlgorithm(securityParameters.ServerSigAlgs, sigAndHashAlg);
-
- int signatureScheme = SignatureScheme.From(sigAndHashAlg);
- // Verify the CertificateVerify message contains a correct signature.
- bool verified;
- try
- {
- TlsVerifier verifier = verifyingCert.CreateVerifier(signatureScheme);
+ IList supportedAlgorithms = securityParameters.ServerSigAlgs;
+ TlsCertificate certificate = securityParameters.PeerCertificate.GetCertificateAt(0);
- verified = Verify13CertificateVerify(serverContext.Crypto, certificateVerify, verifier,
- "TLS 1.3, client CertificateVerify", handshakeHash);
- }
- catch (TlsFatalAlert e)
- {
- throw e;
- }
- catch (Exception e)
- {
- throw new TlsFatalAlert(AlertDescription.decrypt_error, e);
- }
-
- if (!verified)
- {
- throw new TlsFatalAlert(AlertDescription.decrypt_error);
- }
+ Verify13CertificateVerify(supportedAlgorithms, "TLS 1.3, client CertificateVerify", handshakeHash,
+ certificate, certificateVerify);
}
+ /// <exception cref="IOException"/>
internal static void Verify13CertificateVerifyServer(TlsClientContext clientContext,
- DigitallySigned certificateVerify, TlsHandshakeHash handshakeHash)
+ TlsHandshakeHash handshakeHash, CertificateVerify certificateVerify)
{
SecurityParameters securityParameters = clientContext.SecurityParameters;
- Certificate serverCertificate = securityParameters.PeerCertificate;
- TlsCertificate verifyingCert = serverCertificate.GetCertificateAt(0);
- SignatureAndHashAlgorithm sigAndHashAlg = certificateVerify.Algorithm;
- VerifySupportedSignatureAlgorithm(securityParameters.ClientSigAlgs, sigAndHashAlg);
+ IList supportedAlgorithms = securityParameters.ClientSigAlgs;
+ TlsCertificate certificate = securityParameters.PeerCertificate.GetCertificateAt(0);
- int signatureScheme = SignatureScheme.From(sigAndHashAlg);
+ Verify13CertificateVerify(supportedAlgorithms, "TLS 1.3, server CertificateVerify", handshakeHash,
+ certificate, certificateVerify);
+ }
+ /// <exception cref="IOException"/>
+ private static void Verify13CertificateVerify(IList supportedAlgorithms, string contextString,
+ TlsHandshakeHash handshakeHash, TlsCertificate certificate, CertificateVerify certificateVerify)
+ {
// Verify the CertificateVerify message contains a correct signature.
bool verified;
try
{
- TlsVerifier verifier = verifyingCert.CreateVerifier(signatureScheme);
+ int signatureScheme = certificateVerify.Algorithm;
+
+ SignatureAndHashAlgorithm algorithm = SignatureScheme.GetSignatureAndHashAlgorithm(signatureScheme);
+ VerifySupportedSignatureAlgorithm(supportedAlgorithms, algorithm);
+
+ Tls13Verifier verifier = certificate.CreateVerifier(signatureScheme);
+
+ byte[] header = GetCertificateVerifyHeader(contextString);
+ byte[] prfHash = GetCurrentPrfHash(handshakeHash);
- verified = Verify13CertificateVerify(clientContext.Crypto, certificateVerify, verifier,
- "TLS 1.3, server CertificateVerify", handshakeHash);
+ Stream output = verifier.Stream;
+ output.Write(header, 0, header.Length);
+ output.Write(prfHash, 0, prfHash.Length);
+ verified = verifier.VerifySignature(certificateVerify.Signature);
}
catch (TlsFatalAlert e)
{
@@ -2354,32 +2346,6 @@ namespace Org.BouncyCastle.Tls
}
}
- private static bool Verify13CertificateVerify(TlsCrypto crypto, DigitallySigned certificateVerify,
- TlsVerifier verifier, string contextString, TlsHandshakeHash handshakeHash)
- {
- TlsStreamVerifier streamVerifier = verifier.GetStreamVerifier(certificateVerify);
-
- byte[] header = GetCertificateVerifyHeader(contextString);
- byte[] prfHash = GetCurrentPrfHash(handshakeHash);
-
- if (null != streamVerifier)
- {
- Stream output = streamVerifier.Stream;
- output.Write(header, 0, header.Length);
- output.Write(prfHash, 0, prfHash.Length);
- return streamVerifier.IsVerified();
- }
-
- int signatureScheme = SignatureScheme.From(certificateVerify.Algorithm);
- int cryptoHashAlgorithm = SignatureScheme.GetCryptoHashAlgorithm(signatureScheme);
-
- TlsHash tlsHash = crypto.CreateHash(cryptoHashAlgorithm);
- tlsHash.Update(header, 0, header.Length);
- tlsHash.Update(prfHash, 0, prfHash.Length);
- byte[] hash = tlsHash.CalculateHash();
- return verifier.VerifyRawSignature(certificateVerify, hash);
- }
-
private static byte[] GetCertificateVerifyHeader(string contextString)
{
int count = contextString.Length;
diff --git a/crypto/src/tls/crypto/Tls13Verifier.cs b/crypto/src/tls/crypto/Tls13Verifier.cs
new file mode 100644
index 000000000..143ea7394
--- /dev/null
+++ b/crypto/src/tls/crypto/Tls13Verifier.cs
@@ -0,0 +1,14 @@
+using System;
+using System.IO;
+
+namespace Org.BouncyCastle.Tls.Crypto
+{
+ public interface Tls13Verifier
+ {
+ /// <exception cref="IOException"/>
+ Stream Stream { get; }
+
+ /// <exception cref="IOException"/>
+ bool VerifySignature(byte[] signature);
+ }
+}
diff --git a/crypto/src/tls/crypto/TlsCertificate.cs b/crypto/src/tls/crypto/TlsCertificate.cs
index fe507a662..6b3e3220a 100644
--- a/crypto/src/tls/crypto/TlsCertificate.cs
+++ b/crypto/src/tls/crypto/TlsCertificate.cs
@@ -21,7 +21,7 @@ namespace Org.BouncyCastle.Tls.Crypto
/// <param name="signatureScheme"><see cref="SignatureScheme"/></param>
/// <exception cref="IOException"/>
- TlsVerifier CreateVerifier(int signatureScheme);
+ Tls13Verifier CreateVerifier(int signatureScheme);
/// <exception cref="IOException"/>
byte[] GetEncoded();
diff --git a/crypto/src/tls/crypto/TlsCryptoUtilities.cs b/crypto/src/tls/crypto/TlsCryptoUtilities.cs
index 757eda1be..4ce48f738 100644
--- a/crypto/src/tls/crypto/TlsCryptoUtilities.cs
+++ b/crypto/src/tls/crypto/TlsCryptoUtilities.cs
@@ -1,6 +1,11 @@
using System;
using System.IO;
+using Org.BouncyCastle.Asn1;
+using Org.BouncyCastle.Asn1.Nist;
+using Org.BouncyCastle.Asn1.Pkcs;
+using Org.BouncyCastle.Asn1.X509;
+
namespace Org.BouncyCastle.Tls.Crypto
{
public abstract class TlsCryptoUtilities
@@ -108,6 +113,30 @@ namespace Org.BouncyCastle.Tls.Crypto
}
}
+ public static DerObjectIdentifier GetOidForHash(int cryptoHashAlgorithm)
+ {
+ switch (cryptoHashAlgorithm)
+ {
+ case CryptoHashAlgorithm.md5:
+ return PkcsObjectIdentifiers.MD5;
+ case CryptoHashAlgorithm.sha1:
+ return X509ObjectIdentifiers.IdSha1;
+ case CryptoHashAlgorithm.sha224:
+ return NistObjectIdentifiers.IdSha224;
+ case CryptoHashAlgorithm.sha256:
+ return NistObjectIdentifiers.IdSha256;
+ case CryptoHashAlgorithm.sha384:
+ return NistObjectIdentifiers.IdSha384;
+ case CryptoHashAlgorithm.sha512:
+ return NistObjectIdentifiers.IdSha512;
+ // TODO[RFC 8998]
+ //case CryptoHashAlgorithm.sm3:
+ // return GMObjectIdentifiers.sm3;
+ default:
+ throw new ArgumentException();
+ }
+ }
+
public static int GetSignature(short signatureAlgorithm)
{
switch (signatureAlgorithm)
diff --git a/crypto/src/tls/crypto/impl/LegacyTls13Verifier.cs b/crypto/src/tls/crypto/impl/LegacyTls13Verifier.cs
new file mode 100644
index 000000000..294a14da4
--- /dev/null
+++ b/crypto/src/tls/crypto/impl/LegacyTls13Verifier.cs
@@ -0,0 +1,60 @@
+using System;
+using System.IO;
+
+namespace Org.BouncyCastle.Tls.Crypto.Impl
+{
+ public sealed class LegacyTls13Verifier
+ : TlsVerifier
+ {
+ private readonly int m_signatureScheme;
+ private readonly Tls13Verifier m_tls13Verifier;
+
+ public LegacyTls13Verifier(int signatureScheme, Tls13Verifier tls13Verifier)
+ {
+ if (!TlsUtilities.IsValidUint16(signatureScheme))
+ throw new ArgumentException("signatureScheme");
+ if (tls13Verifier == null)
+ throw new ArgumentNullException("tls13Verifier");
+
+ this.m_signatureScheme = signatureScheme;
+ this.m_tls13Verifier = tls13Verifier;
+ }
+
+ public TlsStreamVerifier GetStreamVerifier(DigitallySigned digitallySigned)
+ {
+ SignatureAndHashAlgorithm algorithm = digitallySigned.Algorithm;
+ if (algorithm == null || SignatureScheme.From(algorithm) != m_signatureScheme)
+ throw new InvalidOperationException("Invalid algorithm: " + algorithm);
+
+ return new TlsStreamVerifierImpl(m_tls13Verifier, digitallySigned.Signature);
+ }
+
+ public bool VerifyRawSignature(DigitallySigned digitallySigned, byte[] hash)
+ {
+ throw new NotSupportedException();
+ }
+
+ private class TlsStreamVerifierImpl
+ : TlsStreamVerifier
+ {
+ private readonly Tls13Verifier m_tls13Verifier;
+ private readonly byte[] m_signature;
+
+ internal TlsStreamVerifierImpl(Tls13Verifier tls13Verifier, byte[] signature)
+ {
+ this.m_tls13Verifier = tls13Verifier;
+ this.m_signature = signature;
+ }
+
+ public Stream Stream
+ {
+ get { return m_tls13Verifier.Stream; }
+ }
+
+ public bool IsVerified()
+ {
+ return m_tls13Verifier.VerifySignature(m_signature);
+ }
+ }
+ }
+}
diff --git a/crypto/src/tls/crypto/impl/bc/BcTls13Verifier.cs b/crypto/src/tls/crypto/impl/bc/BcTls13Verifier.cs
new file mode 100644
index 000000000..ba4d0ccf8
--- /dev/null
+++ b/crypto/src/tls/crypto/impl/bc/BcTls13Verifier.cs
@@ -0,0 +1,32 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.IO;
+
+namespace Org.BouncyCastle.Tls.Crypto.Impl.BC
+{
+ internal sealed class BcTls13Verifier
+ : Tls13Verifier
+ {
+ private readonly SignerSink m_output;
+
+ internal BcTls13Verifier(ISigner verifier)
+ {
+ if (verifier == null)
+ throw new ArgumentNullException("verifier");
+
+ this.m_output = new SignerSink(verifier);
+ }
+
+ public Stream Stream
+ {
+ get { return m_output; }
+ }
+
+ public bool VerifySignature(byte[] signature)
+ {
+ return m_output.Signer.VerifySignature(signature);
+ }
+ }
+}
diff --git a/crypto/src/tls/crypto/impl/bc/BcTlsCertificate.cs b/crypto/src/tls/crypto/impl/bc/BcTlsCertificate.cs
index 469785dc2..7e946ce23 100644
--- a/crypto/src/tls/crypto/impl/bc/BcTlsCertificate.cs
+++ b/crypto/src/tls/crypto/impl/bc/BcTlsCertificate.cs
@@ -4,7 +4,9 @@ using System.IO;
using Org.BouncyCastle.Asn1;
using Org.BouncyCastle.Asn1.X509;
using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.Engines;
using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Crypto.Signers;
using Org.BouncyCastle.Math;
using Org.BouncyCastle.Security;
using Org.BouncyCastle.Utilities;
@@ -87,38 +89,56 @@ namespace Org.BouncyCastle.Tls.Crypto.Impl.BC
{
switch (signatureAlgorithm)
{
- case SignatureAlgorithm.rsa_pss_rsae_sha256:
- case SignatureAlgorithm.rsa_pss_rsae_sha384:
- case SignatureAlgorithm.rsa_pss_rsae_sha512:
case SignatureAlgorithm.ed25519:
case SignatureAlgorithm.ed448:
- case SignatureAlgorithm.rsa_pss_pss_sha256:
- case SignatureAlgorithm.rsa_pss_pss_sha384:
- case SignatureAlgorithm.rsa_pss_pss_sha512:
- return CreateVerifier(SignatureScheme.From(HashAlgorithm.Intrinsic, signatureAlgorithm));
+ {
+ int signatureScheme = SignatureScheme.From(HashAlgorithm.Intrinsic, signatureAlgorithm);
+ Tls13Verifier tls13Verifier = CreateVerifier(signatureScheme);
+ return new LegacyTls13Verifier(signatureScheme, tls13Verifier);
+ }
}
ValidateKeyUsage(KeyUsage.DigitalSignature);
switch (signatureAlgorithm)
{
- case SignatureAlgorithm.rsa:
- ValidateRsa_Pkcs1();
- return new BcTlsRsaVerifier(m_crypto, GetPubKeyRsa());
-
case SignatureAlgorithm.dsa:
return new BcTlsDsaVerifier(m_crypto, GetPubKeyDss());
case SignatureAlgorithm.ecdsa:
return new BcTlsECDsaVerifier(m_crypto, GetPubKeyEC());
+ case SignatureAlgorithm.rsa:
+ {
+ ValidateRsa_Pkcs1();
+ return new BcTlsRsaVerifier(m_crypto, GetPubKeyRsa());
+ }
+
+ case SignatureAlgorithm.rsa_pss_pss_sha256:
+ case SignatureAlgorithm.rsa_pss_pss_sha384:
+ case SignatureAlgorithm.rsa_pss_pss_sha512:
+ {
+ ValidateRsa_Pss_Pss(signatureAlgorithm);
+ int signatureScheme = SignatureScheme.From(HashAlgorithm.Intrinsic, signatureAlgorithm);
+ return new BcTlsRsaPssVerifier(m_crypto, GetPubKeyRsa(), signatureScheme);
+ }
+
+ case SignatureAlgorithm.rsa_pss_rsae_sha256:
+ case SignatureAlgorithm.rsa_pss_rsae_sha384:
+ case SignatureAlgorithm.rsa_pss_rsae_sha512:
+ {
+ ValidateRsa_Pss_Rsae();
+ int signatureScheme = SignatureScheme.From(HashAlgorithm.Intrinsic, signatureAlgorithm);
+ return new BcTlsRsaPssVerifier(m_crypto, GetPubKeyRsa(), signatureScheme);
+ }
+
default:
throw new TlsFatalAlert(AlertDescription.certificate_unknown);
}
}
/// <exception cref="IOException"/>
- public virtual TlsVerifier CreateVerifier(int signatureScheme)
+ public virtual Tls13Verifier CreateVerifier(int signatureScheme)
{
ValidateKeyUsage(KeyUsage.DigitalSignature);
@@ -131,13 +151,31 @@ namespace Org.BouncyCastle.Tls.Crypto.Impl.BC
case SignatureScheme.ecdsa_secp384r1_sha384:
case SignatureScheme.ecdsa_secp521r1_sha512:
case SignatureScheme.ecdsa_sha1:
- return new BcTlsECDsa13Verifier(m_crypto, GetPubKeyEC(), signatureScheme);
+ {
+ int cryptoHashAlgorithm = SignatureScheme.GetCryptoHashAlgorithm(signatureScheme);
+ IDigest digest = m_crypto.CreateDigest(cryptoHashAlgorithm);
+
+ ISigner verifier = new DsaDigestSigner(new ECDsaSigner(), digest);
+ verifier.Init(false, GetPubKeyEC());
+
+ return new BcTls13Verifier(verifier);
+ }
case SignatureScheme.ed25519:
- return new BcTlsEd25519Verifier(m_crypto, GetPubKeyEd25519());
+ {
+ Ed25519Signer verifier = new Ed25519Signer();
+ verifier.Init(false, GetPubKeyEd25519());
+
+ return new BcTls13Verifier(verifier);
+ }
case SignatureScheme.ed448:
- return new BcTlsEd448Verifier(m_crypto, GetPubKeyEd448());
+ {
+ Ed448Signer verifier = new Ed448Signer(TlsUtilities.EmptyBytes);
+ verifier.Init(false, GetPubKeyEd448());
+
+ return new BcTls13Verifier(verifier);
+ }
case SignatureScheme.rsa_pkcs1_sha1:
case SignatureScheme.rsa_pkcs1_sha256:
@@ -145,7 +183,15 @@ namespace Org.BouncyCastle.Tls.Crypto.Impl.BC
case SignatureScheme.rsa_pkcs1_sha512:
{
ValidateRsa_Pkcs1();
- return new BcTlsRsaVerifier(m_crypto, GetPubKeyRsa());
+
+ int cryptoHashAlgorithm = SignatureScheme.GetCryptoHashAlgorithm(signatureScheme);
+ IDigest digest = m_crypto.CreateDigest(cryptoHashAlgorithm);
+
+ RsaDigestSigner verifier = new RsaDigestSigner(digest,
+ TlsCryptoUtilities.GetOidForHash(cryptoHashAlgorithm));
+ verifier.Init(false, GetPubKeyRsa());
+
+ return new BcTls13Verifier(verifier);
}
case SignatureScheme.rsa_pss_pss_sha256:
@@ -153,7 +199,14 @@ namespace Org.BouncyCastle.Tls.Crypto.Impl.BC
case SignatureScheme.rsa_pss_pss_sha512:
{
ValidateRsa_Pss_Pss(SignatureScheme.GetSignatureAlgorithm(signatureScheme));
- return new BcTlsRsaPssVerifier(m_crypto, GetPubKeyRsa(), signatureScheme);
+
+ int cryptoHashAlgorithm = SignatureScheme.GetCryptoHashAlgorithm(signatureScheme);
+ IDigest digest = m_crypto.CreateDigest(cryptoHashAlgorithm);
+
+ PssSigner verifier = new PssSigner(new RsaEngine(), digest, digest.GetDigestSize());
+ verifier.Init(false, GetPubKeyRsa());
+
+ return new BcTls13Verifier(verifier);
}
case SignatureScheme.rsa_pss_rsae_sha256:
@@ -161,12 +214,27 @@ namespace Org.BouncyCastle.Tls.Crypto.Impl.BC
case SignatureScheme.rsa_pss_rsae_sha512:
{
ValidateRsa_Pss_Rsae();
- return new BcTlsRsaPssVerifier(m_crypto, GetPubKeyRsa(), signatureScheme);
+
+ int cryptoHashAlgorithm = SignatureScheme.GetCryptoHashAlgorithm(signatureScheme);
+ IDigest digest = m_crypto.CreateDigest(cryptoHashAlgorithm);
+
+ PssSigner verifier = new PssSigner(new RsaEngine(), digest, digest.GetDigestSize());
+ verifier.Init(false, GetPubKeyRsa());
+
+ return new BcTls13Verifier(verifier);
}
// TODO[RFC 8998]
//case SignatureScheme.sm2sig_sm3:
- // return new BcTlsSM2Verifier(m_crypto, GetPubKeyEC(), Strings.ToByteArray("TLSv1.3+GM+Cipher+Suite"));
+ //{
+ // ParametersWithID parametersWithID = new ParametersWithID(GetPubKeyEC(),
+ // Strings.ToByteArray("TLSv1.3+GM+Cipher+Suite"));
+
+ // SM2Signer verifier = new SM2Signer();
+ // verifier.Init(false, parametersWithID);
+
+ // return new BcTls13Verifier(verifier);
+ //}
default:
throw new TlsFatalAlert(AlertDescription.certificate_unknown);
diff --git a/crypto/src/tls/crypto/impl/bc/BcTlsECDsa13Verifier.cs b/crypto/src/tls/crypto/impl/bc/BcTlsECDsa13Verifier.cs
deleted file mode 100644
index 159b17c0b..000000000
--- a/crypto/src/tls/crypto/impl/bc/BcTlsECDsa13Verifier.cs
+++ /dev/null
@@ -1,40 +0,0 @@
-using System;
-
-using Org.BouncyCastle.Crypto;
-using Org.BouncyCastle.Crypto.Digests;
-using Org.BouncyCastle.Crypto.Parameters;
-using Org.BouncyCastle.Crypto.Signers;
-
-namespace Org.BouncyCastle.Tls.Crypto.Impl.BC
-{
- /// <summary>Implementation class for verification of ECDSA signatures in TLS 1.3+ using the BC light-weight API.
- /// </summary>
- public class BcTlsECDsa13Verifier
- : BcTlsVerifier
- {
- private readonly int m_signatureScheme;
-
- public BcTlsECDsa13Verifier(BcTlsCrypto crypto, ECPublicKeyParameters publicKey, int signatureScheme)
- : base(crypto, publicKey)
- {
- if (!SignatureScheme.IsECDsa(signatureScheme))
- throw new ArgumentException("signatureScheme");
-
- this.m_signatureScheme = signatureScheme;
- }
-
- public override bool VerifyRawSignature(DigitallySigned digitallySigned, byte[] hash)
- {
- SignatureAndHashAlgorithm algorithm = digitallySigned.Algorithm;
- if (algorithm == null || SignatureScheme.From(algorithm) != m_signatureScheme)
- throw new InvalidOperationException("Invalid algorithm: " + algorithm);
-
- IDsa dsa = new ECDsaSigner();
-
- ISigner signer = new DsaDigestSigner(dsa, new NullDigest());
- signer.Init(false, m_publicKey);
- signer.BlockUpdate(hash, 0, hash.Length);
- return signer.VerifySignature(digitallySigned.Signature);
- }
- }
-}
diff --git a/crypto/src/tls/crypto/impl/bc/BcTlsEd25519Verifier.cs b/crypto/src/tls/crypto/impl/bc/BcTlsEd25519Verifier.cs
deleted file mode 100644
index a787bb92a..000000000
--- a/crypto/src/tls/crypto/impl/bc/BcTlsEd25519Verifier.cs
+++ /dev/null
@@ -1,28 +0,0 @@
-using System;
-
-using Org.BouncyCastle.Crypto.Parameters;
-using Org.BouncyCastle.Crypto.Signers;
-
-namespace Org.BouncyCastle.Tls.Crypto.Impl.BC
-{
- public class BcTlsEd25519Verifier
- : BcTlsVerifier
- {
- public BcTlsEd25519Verifier(BcTlsCrypto crypto, Ed25519PublicKeyParameters publicKey)
- : base(crypto, publicKey)
- {
- }
-
- public override TlsStreamVerifier GetStreamVerifier(DigitallySigned digitallySigned)
- {
- SignatureAndHashAlgorithm algorithm = digitallySigned.Algorithm;
- if (algorithm == null || SignatureScheme.From(algorithm) != SignatureScheme.ed25519)
- throw new InvalidOperationException("Invalid algorithm: " + algorithm);
-
- Ed25519Signer verifier = new Ed25519Signer();
- verifier.Init(false, m_publicKey);
-
- return new BcTlsStreamVerifier(verifier, digitallySigned.Signature);
- }
- }
-}
diff --git a/crypto/src/tls/crypto/impl/bc/BcTlsEd448Verifier.cs b/crypto/src/tls/crypto/impl/bc/BcTlsEd448Verifier.cs
deleted file mode 100644
index 7940d0757..000000000
--- a/crypto/src/tls/crypto/impl/bc/BcTlsEd448Verifier.cs
+++ /dev/null
@@ -1,28 +0,0 @@
-using System;
-
-using Org.BouncyCastle.Crypto.Parameters;
-using Org.BouncyCastle.Crypto.Signers;
-
-namespace Org.BouncyCastle.Tls.Crypto.Impl.BC
-{
- public class BcTlsEd448Verifier
- : BcTlsVerifier
- {
- public BcTlsEd448Verifier(BcTlsCrypto crypto, Ed448PublicKeyParameters publicKey)
- : base(crypto, publicKey)
- {
- }
-
- public override TlsStreamVerifier GetStreamVerifier(DigitallySigned digitallySigned)
- {
- SignatureAndHashAlgorithm algorithm = digitallySigned.Algorithm;
- if (algorithm == null || SignatureScheme.From(algorithm) != SignatureScheme.ed448)
- throw new InvalidOperationException("Invalid algorithm: " + algorithm);
-
- Ed448Signer verifier = new Ed448Signer(TlsUtilities.EmptyBytes);
- verifier.Init(false, m_publicKey);
-
- return new BcTlsStreamVerifier(verifier, digitallySigned.Signature);
- }
- }
-}
|
