diff --git a/crypto/src/tls/TlsDheKeyExchange.cs b/crypto/src/tls/TlsDheKeyExchange.cs
index dd41b1260..74b919c9d 100644
--- a/crypto/src/tls/TlsDheKeyExchange.cs
+++ b/crypto/src/tls/TlsDheKeyExchange.cs
@@ -77,7 +77,7 @@ namespace Org.BouncyCastle.Tls
TlsUtilities.WriteOpaque16(y, digestBuffer);
- TlsUtilities.GenerateServerKeyExchangeSignature(m_context, m_serverCredentials, digestBuffer);
+ TlsUtilities.GenerateServerKeyExchangeSignature(m_context, m_serverCredentials, null, digestBuffer);
return digestBuffer.ToArray();
}
@@ -91,7 +91,7 @@ namespace Org.BouncyCastle.Tls
byte[] y = TlsUtilities.ReadOpaque16(teeIn, 1);
- TlsUtilities.VerifyServerKeyExchangeSignature(m_context, input, m_serverCertificate, digestBuffer);
+ TlsUtilities.VerifyServerKeyExchangeSignature(m_context, input, m_serverCertificate, null, digestBuffer);
this.m_agreement = m_context.Crypto.CreateDHDomain(m_dhConfig).CreateDH();
diff --git a/crypto/src/tls/TlsECDheKeyExchange.cs b/crypto/src/tls/TlsECDheKeyExchange.cs
index ab83036d9..10737750f 100644
--- a/crypto/src/tls/TlsECDheKeyExchange.cs
+++ b/crypto/src/tls/TlsECDheKeyExchange.cs
@@ -69,7 +69,7 @@ namespace Org.BouncyCastle.Tls
GenerateEphemeral(digestBuffer);
- TlsUtilities.GenerateServerKeyExchangeSignature(m_context, m_serverCredentials, digestBuffer);
+ TlsUtilities.GenerateServerKeyExchangeSignature(m_context, m_serverCredentials, null, digestBuffer);
return digestBuffer.ToArray();
}
@@ -83,7 +83,7 @@ namespace Org.BouncyCastle.Tls
byte[] point = TlsUtilities.ReadOpaque8(teeIn, 1);
- TlsUtilities.VerifyServerKeyExchangeSignature(m_context, input, m_serverCertificate, digestBuffer);
+ TlsUtilities.VerifyServerKeyExchangeSignature(m_context, input, m_serverCertificate, null, digestBuffer);
this.m_agreement = m_context.Crypto.CreateECDomain(m_ecConfig).CreateECDH();
diff --git a/crypto/src/tls/TlsSrpKeyExchange.cs b/crypto/src/tls/TlsSrpKeyExchange.cs
index 835523e36..b4b35ae47 100644
--- a/crypto/src/tls/TlsSrpKeyExchange.cs
+++ b/crypto/src/tls/TlsSrpKeyExchange.cs
@@ -94,7 +94,7 @@ namespace Org.BouncyCastle.Tls
if (m_serverCredentials != null)
{
- TlsUtilities.GenerateServerKeyExchangeSignature(m_context, m_serverCredentials, digestBuffer);
+ TlsUtilities.GenerateServerKeyExchangeSignature(m_context, m_serverCredentials, null, digestBuffer);
}
return digestBuffer.ToArray();
@@ -115,7 +115,8 @@ namespace Org.BouncyCastle.Tls
if (digestBuffer != null)
{
- TlsUtilities.VerifyServerKeyExchangeSignature(m_context, input, m_serverCertificate, digestBuffer);
+ TlsUtilities.VerifyServerKeyExchangeSignature(m_context, input, m_serverCertificate, null,
+ digestBuffer);
}
TlsSrpConfig config = new TlsSrpConfig();
diff --git a/crypto/src/tls/TlsUtilities.cs b/crypto/src/tls/TlsUtilities.cs
index e7555ba9f..98d834b6d 100644
--- a/crypto/src/tls/TlsUtilities.cs
+++ b/crypto/src/tls/TlsUtilities.cs
@@ -594,7 +594,20 @@ namespace Org.BouncyCastle.Tls
public static byte[] EncodeOpaque16(byte[] buf)
{
- return Arrays.Concatenate(EncodeUint16(buf.Length), buf);
+ CheckUint16(buf.Length);
+ byte[] r = new byte[2 + buf.Length];
+ WriteUint16(buf.Length, r, 0);
+ Array.Copy(buf, 0, r, 2, buf.Length);
+ return r;
+ }
+
+ public static byte[] EncodeOpaque24(byte[] buf)
+ {
+ CheckUint24(buf.Length);
+ byte[] r = new byte[3 + buf.Length];
+ WriteUint24(buf.Length, r, 0);
+ Array.Copy(buf, 0, r, 3, buf.Length);
+ return r;
}
public static byte[] EncodeUint8(short u8)
@@ -630,6 +643,15 @@ namespace Org.BouncyCastle.Tls
return result;
}
+ public static byte[] EncodeUint24(int u24)
+ {
+ CheckUint24(u24);
+
+ byte[] encoding = new byte[3];
+ WriteUint24(u24, encoding, 0);
+ return encoding;
+ }
+
public static byte[] EncodeUint32(long u32)
{
CheckUint32(u32);
@@ -1953,7 +1975,7 @@ namespace Org.BouncyCastle.Tls
}
internal static byte[] CalculateSignatureHash(TlsContext context, SignatureAndHashAlgorithm algorithm,
- DigestInputBuffer buf)
+ byte[] extraSignatureInput, DigestInputBuffer buf)
{
TlsCrypto crypto = context.Crypto;
@@ -1962,21 +1984,35 @@ namespace Org.BouncyCastle.Tls
: CreateHash(crypto, algorithm.Hash);
SecurityParameters sp = context.SecurityParameters;
- byte[] cr = sp.ClientRandom, sr = sp.ServerRandom;
- h.Update(cr, 0, cr.Length);
- h.Update(sr, 0, sr.Length);
+ // NOTE: The implicit copy here is intended (and important)
+ byte[] randoms = Arrays.Concatenate(sp.ClientRandom, sp.ServerRandom);
+ h.Update(randoms, 0, randoms.Length);
+
+ if (null != extraSignatureInput)
+ {
+ h.Update(extraSignatureInput, 0, extraSignatureInput.Length);
+ }
+
buf.UpdateDigest(h);
return h.CalculateHash();
}
- internal static void SendSignatureInput(TlsContext context, DigestInputBuffer buf, Stream output)
+ internal static void SendSignatureInput(TlsContext context, byte[] extraSignatureInput, DigestInputBuffer buf,
+ Stream output)
{
- SecurityParameters securityParameters = context.SecurityParameters;
+ SecurityParameters sp = context.SecurityParameters;
// NOTE: The implicit copy here is intended (and important)
- byte[] randoms = Arrays.Concatenate(securityParameters.ClientRandom, securityParameters.ServerRandom);
+ byte[] randoms = Arrays.Concatenate(sp.ClientRandom, sp.ServerRandom);
output.Write(randoms, 0, randoms.Length);
+
+ if (null != extraSignatureInput)
+ {
+ output.Write(extraSignatureInput, 0, extraSignatureInput.Length);
+ }
+
buf.CopyTo(output);
+
Platform.Dispose(output);
}
@@ -2261,7 +2297,7 @@ namespace Org.BouncyCastle.Tls
/// <exception cref="IOException"/>
internal static void GenerateServerKeyExchangeSignature(TlsContext context, TlsCredentialedSigner credentials,
- DigestInputBuffer digestBuffer)
+ byte[] extraSignatureInput, DigestInputBuffer digestBuffer)
{
/*
* RFC 5246 4.7. digitally-signed element needs SignatureAndHashAlgorithm from TLS 1.2
@@ -2272,12 +2308,12 @@ namespace Org.BouncyCastle.Tls
byte[] signature;
if (streamSigner != null)
{
- SendSignatureInput(context, digestBuffer, streamSigner.GetOutputStream());
+ SendSignatureInput(context, extraSignatureInput, digestBuffer, streamSigner.GetOutputStream());
signature = streamSigner.GetSignature();
}
else
{
- byte[] hash = CalculateSignatureHash(context, algorithm, digestBuffer);
+ byte[] hash = CalculateSignatureHash(context, algorithm, extraSignatureInput, digestBuffer);
signature = credentials.GenerateRawSignature(hash);
}
@@ -2288,7 +2324,7 @@ namespace Org.BouncyCastle.Tls
/// <exception cref="IOException"/>
internal static void VerifyServerKeyExchangeSignature(TlsContext context, Stream signatureInput,
- TlsCertificate serverCertificate, DigestInputBuffer digestBuffer)
+ TlsCertificate serverCertificate, byte[] extraSignatureInput, DigestInputBuffer digestBuffer)
{
DigitallySigned digitallySigned = DigitallySigned.Parse(context, signatureInput);
@@ -2318,12 +2354,12 @@ namespace Org.BouncyCastle.Tls
bool verified;
if (streamVerifier != null)
{
- SendSignatureInput(context, digestBuffer, streamVerifier.GetOutputStream());
+ SendSignatureInput(context, null, digestBuffer, streamVerifier.GetOutputStream());
verified = streamVerifier.IsVerified();
}
else
{
- byte[] hash = CalculateSignatureHash(context, sigAndHashAlg, digestBuffer);
+ byte[] hash = CalculateSignatureHash(context, sigAndHashAlg, null, digestBuffer);
verified = verifier.VerifyRawSignature(digitallySigned, hash);
}
|
