diff --git a/crypto/src/crypto/tls/BulkCipherAlgorithm.cs b/crypto/src/crypto/tls/BulkCipherAlgorithm.cs
new file mode 100644
index 000000000..07ff8dc07
--- /dev/null
+++ b/crypto/src/crypto/tls/BulkCipherAlgorithm.cs
@@ -0,0 +1,25 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+ /// <summary>RFC 2246</summary>
+ /// <remarks>
+ /// Note that the values here are implementation-specific and arbitrary. It is recommended not to
+ /// depend on the particular values (e.g. serialization).
+ /// </remarks>
+ public abstract class BulkCipherAlgorithm
+ {
+ public const int cls_null = 0;
+ public const int rc4 = 1;
+ public const int rc2 = 2;
+ public const int des = 3;
+ public const int cls_3des = 4;
+ public const int des40 = 5;
+
+ /*
+ * RFC 4346
+ */
+ public const int aes = 6;
+ public const int idea = 7;
+ }
+}
diff --git a/crypto/src/crypto/tls/CertChainType.cs b/crypto/src/crypto/tls/CertChainType.cs
new file mode 100644
index 000000000..b526a79a7
--- /dev/null
+++ b/crypto/src/crypto/tls/CertChainType.cs
@@ -0,0 +1,18 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+ /*
+ * RFC 3546 3.3.
+ */
+ public abstract class CertChainType
+ {
+ public const short individual_certs = 0;
+ public const short pkipath = 1;
+
+ public static bool IsValid(short certChainType)
+ {
+ return certChainType >= individual_certs && certChainType <= pkipath;
+ }
+ }
+}
diff --git a/crypto/src/crypto/tls/CertificateStatusType.cs b/crypto/src/crypto/tls/CertificateStatusType.cs
new file mode 100644
index 000000000..222d31635
--- /dev/null
+++ b/crypto/src/crypto/tls/CertificateStatusType.cs
@@ -0,0 +1,12 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+ public abstract class CertificateStatusType
+ {
+ /*
+ * RFC 3546 3.6
+ */
+ public const short ocsp = 1;
+ }
+}
diff --git a/crypto/src/crypto/tls/ChangeCipherSpec.cs b/crypto/src/crypto/tls/ChangeCipherSpec.cs
new file mode 100644
index 000000000..2ef4c3b34
--- /dev/null
+++ b/crypto/src/crypto/tls/ChangeCipherSpec.cs
@@ -0,0 +1,9 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+ public abstract class ChangeCipherSpec
+ {
+ public const short change_cipher_spec = 1;
+ }
+}
diff --git a/crypto/src/crypto/tls/CipherType.cs b/crypto/src/crypto/tls/CipherType.cs
new file mode 100644
index 000000000..b2ad7d8e1
--- /dev/null
+++ b/crypto/src/crypto/tls/CipherType.cs
@@ -0,0 +1,20 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+ /// <summary>RFC 2246</summary>
+ /// <remarks>
+ /// Note that the values here are implementation-specific and arbitrary. It is recommended not to
+ /// depend on the particular values (e.g. serialization).
+ /// </remarks>
+ public abstract class CipherType
+ {
+ public const int stream = 0;
+ public const int block = 1;
+
+ /*
+ * RFC 5246
+ */
+ public const int aead = 2;
+ }
+}
diff --git a/crypto/src/crypto/tls/ClientAuthenticationType.cs b/crypto/src/crypto/tls/ClientAuthenticationType.cs
new file mode 100644
index 000000000..51e6e5005
--- /dev/null
+++ b/crypto/src/crypto/tls/ClientAuthenticationType.cs
@@ -0,0 +1,14 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+ public abstract class ClientAuthenticationType
+ {
+ /*
+ * RFC 5077 4
+ */
+ public const short anonymous = 0;
+ public const short certificate_based = 1;
+ public const short psk = 2;
+ }
+}
diff --git a/crypto/src/crypto/tls/ConnectionEnd.cs b/crypto/src/crypto/tls/ConnectionEnd.cs
new file mode 100644
index 000000000..afc9460f2
--- /dev/null
+++ b/crypto/src/crypto/tls/ConnectionEnd.cs
@@ -0,0 +1,15 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+ /// <summary>RFC 2246</summary>
+ /// <remarks>
+ /// Note that the values here are implementation-specific and arbitrary. It is recommended not to
+ /// depend on the particular values (e.g. serialization).
+ /// </remarks>
+ public abstract class ConnectionEnd
+ {
+ public const int server = 0;
+ public const int client = 1;
+ }
+}
diff --git a/crypto/src/crypto/tls/DigestAlgorithm.cs b/crypto/src/crypto/tls/DigestAlgorithm.cs
index cede6b7f8..745bea448 100644
--- a/crypto/src/crypto/tls/DigestAlgorithm.cs
+++ b/crypto/src/crypto/tls/DigestAlgorithm.cs
@@ -2,20 +2,23 @@ using System;
namespace Org.BouncyCastle.Crypto.Tls
{
- public enum DigestAlgorithm
- {
- /*
- * Note that the values here are implementation-specific and arbitrary.
- * It is recommended not to depend on the particular values (e.g. serialization).
- */
- NULL,
- MD5,
- SHA,
+ /// <summary>RFC 2246</summary>
+ /// <remarks>
+ /// Note that the values here are implementation-specific and arbitrary. It is recommended not to
+ /// depend on the particular values (e.g. serialization).
+ /// </remarks>
+ [Obsolete("Use MacAlgorithm constants instead")]
+ public enum DigestAlgorithm
+ {
+ NULL,
+ MD5,
+ SHA,
- /*
- * RFC 5289
- */
- SHA256,
- SHA384,
- }
+ /*
+ * RFC 5246
+ */
+ SHA256,
+ SHA384,
+ SHA512,
+ }
}
diff --git a/crypto/src/crypto/tls/DigestInputBuffer.cs b/crypto/src/crypto/tls/DigestInputBuffer.cs
new file mode 100644
index 000000000..547bcab54
--- /dev/null
+++ b/crypto/src/crypto/tls/DigestInputBuffer.cs
@@ -0,0 +1,39 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.IO;
+using Org.BouncyCastle.Utilities.IO;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+ internal class DigestInputBuffer
+ : MemoryStream
+ {
+ internal void UpdateDigest(IDigest d)
+ {
+ WriteTo(new DigStream(d));
+ }
+
+ private class DigStream
+ : BaseOutputStream
+ {
+ private readonly IDigest d;
+
+ internal DigStream(IDigest d)
+ {
+ this.d = d;
+ }
+
+ public override void WriteByte(byte b)
+ {
+ d.Update(b);
+ }
+
+ public override void Write(byte[] buf, int off, int len)
+ {
+ d.BlockUpdate(buf, off, len);
+ }
+ }
+ }
+}
diff --git a/crypto/src/crypto/tls/ECBasisType.cs b/crypto/src/crypto/tls/ECBasisType.cs
new file mode 100644
index 000000000..b7c9c6bd7
--- /dev/null
+++ b/crypto/src/crypto/tls/ECBasisType.cs
@@ -0,0 +1,16 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+ /// <summary>RFC 4492 5.4. (Errata ID: 2389)</summary>
+ public abstract class ECBasisType
+ {
+ public const short ec_basis_trinomial = 1;
+ public const short ec_basis_pentanomial = 2;
+
+ public static bool IsValid(short ecBasisType)
+ {
+ return ecBasisType >= ec_basis_trinomial && ecBasisType <= ec_basis_pentanomial;
+ }
+ }
+}
diff --git a/crypto/src/crypto/tls/EncryptionAlgorithm.cs b/crypto/src/crypto/tls/EncryptionAlgorithm.cs
index 69aee8abc..dbeaa3356 100644
--- a/crypto/src/crypto/tls/EncryptionAlgorithm.cs
+++ b/crypto/src/crypto/tls/EncryptionAlgorithm.cs
@@ -2,12 +2,11 @@ using System;
namespace Org.BouncyCastle.Crypto.Tls
{
- /**
- * RFC 2246
- * <p/>
- * Note that the values here are implementation-specific and arbitrary. It is recommended not to
- * depend on the particular values (e.g. serialization).
- */
+ /// <summary>RFC 2246</summary>
+ /// <remarks>
+ /// Note that the values here are implementation-specific and arbitrary. It is recommended not to
+ /// depend on the particular values (e.g. serialization).
+ /// </remarks>
public abstract class EncryptionAlgorithm
{
public const int NULL = 0;
diff --git a/crypto/src/crypto/tls/ExporterLabel.cs b/crypto/src/crypto/tls/ExporterLabel.cs
index e26f15dc7..c186d410b 100644
--- a/crypto/src/crypto/tls/ExporterLabel.cs
+++ b/crypto/src/crypto/tls/ExporterLabel.cs
@@ -2,10 +2,8 @@
namespace Org.BouncyCastle.Crypto.Tls
{
- /**
- * RFC 5705
- */
- public class ExporterLabel
+ /// <summary>RFC 5705</summary>
+ public abstract class ExporterLabel
{
/*
* BC-specific
diff --git a/crypto/src/crypto/tls/ExtensionType.cs b/crypto/src/crypto/tls/ExtensionType.cs
index 0e6a45b5e..4e265c358 100644
--- a/crypto/src/crypto/tls/ExtensionType.cs
+++ b/crypto/src/crypto/tls/ExtensionType.cs
@@ -29,11 +29,6 @@ namespace Org.BouncyCastle.Crypto.Tls
public const int srp = 12;
/*
- * RFC 5077 7.
- */
- public const int session_ticket = 35;
-
- /*
* RFC 5246 7.4.1.4.
*/
public const int signature_algorithms = 13;
@@ -49,6 +44,18 @@ namespace Org.BouncyCastle.Crypto.Tls
public const int heartbeat = 15;
/*
+ * RFC 5077 7.
+ */
+ public const int session_ticket = 35;
+
+ /*
+ * draft-gutmann-tls-encrypt-then-mac-05
+ *
+ * NOTE: This value has not yet been reserved by the IETF
+ */
+ public static readonly int encrypt_then_mac = 66;
+
+ /*
* RFC 5746 3.2.
*/
public const int renegotiation_info = 0xff01;
diff --git a/crypto/src/crypto/tls/HashAlgorithm.cs b/crypto/src/crypto/tls/HashAlgorithm.cs
index 41818ca2c..ac6def26f 100644
--- a/crypto/src/crypto/tls/HashAlgorithm.cs
+++ b/crypto/src/crypto/tls/HashAlgorithm.cs
@@ -2,9 +2,7 @@
namespace Org.BouncyCastle.Crypto.Tls
{
- /**
- * RFC 5246 7.4.1.4.1
- */
+ /// <summary>RFC 5246 7.4.1.4.1</summary>
public abstract class HashAlgorithm
{
public const byte none = 0;
diff --git a/crypto/src/crypto/tls/HeartbeatMessageType.cs b/crypto/src/crypto/tls/HeartbeatMessageType.cs
new file mode 100644
index 000000000..9e3ad213c
--- /dev/null
+++ b/crypto/src/crypto/tls/HeartbeatMessageType.cs
@@ -0,0 +1,18 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+ /*
+ * RFC 6520 3.
+ */
+ public abstract class HeartbeatMessageType
+ {
+ public const short heartbeat_request = 1;
+ public const short heartbeat_response = 2;
+
+ public static bool IsValid(short heartbeatMessageType)
+ {
+ return heartbeatMessageType >= heartbeat_request && heartbeatMessageType <= heartbeat_response;
+ }
+ }
+}
diff --git a/crypto/src/crypto/tls/HeartbeatMode.cs b/crypto/src/crypto/tls/HeartbeatMode.cs
new file mode 100644
index 000000000..0968f6e10
--- /dev/null
+++ b/crypto/src/crypto/tls/HeartbeatMode.cs
@@ -0,0 +1,18 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+ /*
+ * RFC 6520
+ */
+ public abstract class HeartbeatMode
+ {
+ public const short peer_allowed_to_send = 1;
+ public const short peer_not_allowed_to_send = 2;
+
+ public static bool IsValid(short heartbeatMode)
+ {
+ return heartbeatMode >= peer_allowed_to_send && heartbeatMode <= peer_not_allowed_to_send;
+ }
+ }
+}
diff --git a/crypto/src/crypto/tls/KeyExchangeAlgorithm.cs b/crypto/src/crypto/tls/KeyExchangeAlgorithm.cs
index 3f5088d9b..9b1b3ba5e 100644
--- a/crypto/src/crypto/tls/KeyExchangeAlgorithm.cs
+++ b/crypto/src/crypto/tls/KeyExchangeAlgorithm.cs
@@ -2,12 +2,11 @@ using System;
namespace Org.BouncyCastle.Crypto.Tls
{
- /**
- * RFC 2246
- * <p/>
- * Note that the values here are implementation-specific and arbitrary. It is recommended not to
- * depend on the particular values (e.g. serialization).
- */
+ /// <summary>RFC 2246</summary>
+ /// <remarks>
+ /// Note that the values here are implementation-specific and arbitrary. It is recommended not to
+ /// depend on the particular values (e.g. serialization).
+ /// </remarks>
public abstract class KeyExchangeAlgorithm
{
public const int NULL = 0;
diff --git a/crypto/src/crypto/tls/MacAlgorithm.cs b/crypto/src/crypto/tls/MacAlgorithm.cs
new file mode 100644
index 000000000..e4aa88de6
--- /dev/null
+++ b/crypto/src/crypto/tls/MacAlgorithm.cs
@@ -0,0 +1,25 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+ /// <summary>RFC 2246</summary>
+ /// <remarks>
+ /// Note that the values here are implementation-specific and arbitrary. It is recommended not to
+ /// depend on the particular values (e.g. serialization).
+ /// </remarks>
+ public abstract class MacAlgorithm
+ {
+ public const int cls_null = 0;
+ public const int md5 = 1;
+ public const int sha = 2;
+
+ /*
+ * RFC 5246
+ */
+ public const int hmac_md5 = md5;
+ public const int hmac_sha1 = sha;
+ public const int hmac_sha256 = 3;
+ public const int hmac_sha384 = 4;
+ public const int hmac_sha512 = 5;
+ }
+}
diff --git a/crypto/src/crypto/tls/MaxFragmentLength.cs b/crypto/src/crypto/tls/MaxFragmentLength.cs
new file mode 100644
index 000000000..adb6d129c
--- /dev/null
+++ b/crypto/src/crypto/tls/MaxFragmentLength.cs
@@ -0,0 +1,20 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+ public abstract class MaxFragmentLength
+ {
+ /*
+ * RFC 3546 3.2.
+ */
+ public const short pow2_9 = 1;
+ public const short pow2_10 = 2;
+ public const short pow2_11 = 3;
+ public const short pow2_12 = 4;
+
+ public static bool IsValid(short maxFragmentLength)
+ {
+ return maxFragmentLength >= pow2_9 && maxFragmentLength <= pow2_12;
+ }
+ }
+}
diff --git a/crypto/src/crypto/tls/NameType.cs b/crypto/src/crypto/tls/NameType.cs
new file mode 100644
index 000000000..ffcb639d0
--- /dev/null
+++ b/crypto/src/crypto/tls/NameType.cs
@@ -0,0 +1,12 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+ public abstract class NameType
+ {
+ /*
+ * RFC 3546 3.1.
+ */
+ public const short host_name = 0;
+ }
+}
diff --git a/crypto/src/crypto/tls/PrfAlgorithm.cs b/crypto/src/crypto/tls/PrfAlgorithm.cs
index 976113495..871241bd2 100644
--- a/crypto/src/crypto/tls/PrfAlgorithm.cs
+++ b/crypto/src/crypto/tls/PrfAlgorithm.cs
@@ -2,12 +2,11 @@
namespace Org.BouncyCastle.Crypto.Tls
{
- /**
- * RFC 5246
- * <p/>
- * Note that the values here are implementation-specific and arbitrary. It is recommended not to
- * depend on the particular values (e.g. serialization).
- */
+ /// <summary>RFC 5246</summary>
+ /// <remarks>
+ /// Note that the values here are implementation-specific and arbitrary. It is recommended not to
+ /// depend on the particular values (e.g. serialization).
+ /// </remarks>
public abstract class PrfAlgorithm
{
/*
diff --git a/crypto/src/crypto/tls/SignerInputBuffer.cs b/crypto/src/crypto/tls/SignerInputBuffer.cs
new file mode 100644
index 000000000..ef2827c4d
--- /dev/null
+++ b/crypto/src/crypto/tls/SignerInputBuffer.cs
@@ -0,0 +1,39 @@
+using System;
+using System.IO;
+
+using Org.BouncyCastle.Crypto;
+using Org.BouncyCastle.Crypto.IO;
+using Org.BouncyCastle.Utilities.IO;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+ internal class SignerInputBuffer
+ : MemoryStream
+ {
+ internal void UpdateSigner(ISigner s)
+ {
+ WriteTo(new SigStream(s));
+ }
+
+ private class SigStream
+ : BaseOutputStream
+ {
+ private readonly ISigner s;
+
+ internal SigStream(ISigner s)
+ {
+ this.s = s;
+ }
+
+ public override void WriteByte(byte b)
+ {
+ s.Update(b);
+ }
+
+ public override void Write(byte[] buf, int off, int len)
+ {
+ s.BlockUpdate(buf, off, len);
+ }
+ }
+ }
+}
diff --git a/crypto/src/crypto/tls/SrtpProtectionProfile.cs b/crypto/src/crypto/tls/SrtpProtectionProfile.cs
new file mode 100644
index 000000000..1ce89f85e
--- /dev/null
+++ b/crypto/src/crypto/tls/SrtpProtectionProfile.cs
@@ -0,0 +1,15 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+ public abstract class SrtpProtectionProfile
+ {
+ /*
+ * RFC 5764 4.1.2.
+ */
+ public const int SRTP_AES128_CM_HMAC_SHA1_80 = 0x0001;
+ public const int SRTP_AES128_CM_HMAC_SHA1_32 = 0x0002;
+ public const int SRTP_NULL_HMAC_SHA1_80 = 0x0005;
+ public const int SRTP_NULL_HMAC_SHA1_32 = 0x0006;
+ }
+}
diff --git a/crypto/src/crypto/tls/SupplementalDataType.cs b/crypto/src/crypto/tls/SupplementalDataType.cs
new file mode 100644
index 000000000..79511c50a
--- /dev/null
+++ b/crypto/src/crypto/tls/SupplementalDataType.cs
@@ -0,0 +1,13 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+ /// <summary>RFC 4680</summary>
+ public abstract class SupplementalDataType
+ {
+ /*
+ * RFC 4681
+ */
+ public const int user_mapping_data = 0;
+ }
+}
diff --git a/crypto/src/crypto/tls/UserMappingType.cs b/crypto/src/crypto/tls/UserMappingType.cs
new file mode 100644
index 000000000..6e6d40a58
--- /dev/null
+++ b/crypto/src/crypto/tls/UserMappingType.cs
@@ -0,0 +1,13 @@
+using System;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+ /// <remarks>RFC 4681</remarks>
+ public abstract class UserMappingType
+ {
+ /*
+ * RFC 4681
+ */
+ public const short upn_domain_hint = 64;
+ }
+}
|
