diff options
28 files changed, 1100 insertions, 821 deletions
diff --git a/crypto/src/crypto/tls/CipherSuite.cs b/crypto/src/crypto/tls/CipherSuite.cs index 6e1f7a545..2c5077780 100644 --- a/crypto/src/crypto/tls/CipherSuite.cs +++ b/crypto/src/crypto/tls/CipherSuite.cs @@ -1,136 +1,298 @@ namespace Org.BouncyCastle.Crypto.Tls { - /// <summary> - /// RFC 2246 A.5 - /// </summary> - public enum CipherSuite : int - { - TLS_NULL_WITH_NULL_NULL = 0x0000, - TLS_RSA_WITH_NULL_MD5 = 0x0001, - TLS_RSA_WITH_NULL_SHA = 0x0002, - TLS_RSA_EXPORT_WITH_RC4_40_MD5 = 0x0003, - TLS_RSA_WITH_RC4_128_MD5 = 0x0004, - TLS_RSA_WITH_RC4_128_SHA = 0x0005, - TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 = 0x0006, - TLS_RSA_WITH_IDEA_CBC_SHA = 0x0007, - TLS_RSA_EXPORT_WITH_DES40_CBC_SHA = 0x0008, - TLS_RSA_WITH_DES_CBC_SHA = 0x0009, - TLS_RSA_WITH_3DES_EDE_CBC_SHA = 0x000A, - TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA = 0x000B, - TLS_DH_DSS_WITH_DES_CBC_SHA = 0x000C, - TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA = 0x000D, - TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA = 0x000E, - TLS_DH_RSA_WITH_DES_CBC_SHA = 0x000F, - TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA = 0x0010, - TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA = 0x0011, - TLS_DHE_DSS_WITH_DES_CBC_SHA = 0x0012, - TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA = 0x0013, - TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA = 0x0014, - TLS_DHE_RSA_WITH_DES_CBC_SHA = 0x0015, - TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA = 0x0016, - TLS_DH_anon_EXPORT_WITH_RC4_40_MD5 = 0x0017, - TLS_DH_anon_WITH_RC4_128_MD5 = 0x0018, - TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA = 0x0019, - TLS_DH_anon_WITH_DES_CBC_SHA = 0x001A, - TLS_DH_anon_WITH_3DES_EDE_CBC_SHA = 0x001B, - - /* - * RFC 3268 - */ - TLS_RSA_WITH_AES_128_CBC_SHA = 0x002F, - TLS_DH_DSS_WITH_AES_128_CBC_SHA = 0x0030, - TLS_DH_RSA_WITH_AES_128_CBC_SHA = 0x0031, - TLS_DHE_DSS_WITH_AES_128_CBC_SHA = 0x0032, - TLS_DHE_RSA_WITH_AES_128_CBC_SHA = 0x0033, - TLS_DH_anon_WITH_AES_128_CBC_SHA = 0x0034, - TLS_RSA_WITH_AES_256_CBC_SHA = 0x0035, - TLS_DH_DSS_WITH_AES_256_CBC_SHA = 0x0036, - TLS_DH_RSA_WITH_AES_256_CBC_SHA = 0x0037, - TLS_DHE_DSS_WITH_AES_256_CBC_SHA = 0x0038, - TLS_DHE_RSA_WITH_AES_256_CBC_SHA = 0x0039, - TLS_DH_anon_WITH_AES_256_CBC_SHA = 0x003A, - - /* - * RFC 4279 - */ - TLS_PSK_WITH_RC4_128_SHA = 0x008A, - TLS_PSK_WITH_3DES_EDE_CBC_SHA = 0x008B, - TLS_PSK_WITH_AES_128_CBC_SHA = 0x008C, - TLS_PSK_WITH_AES_256_CBC_SHA = 0x008D, - TLS_DHE_PSK_WITH_RC4_128_SHA = 0x008E, - TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA = 0x008F, - TLS_DHE_PSK_WITH_AES_128_CBC_SHA = 0x0090, - TLS_DHE_PSK_WITH_AES_256_CBC_SHA = 0x0091, - TLS_RSA_PSK_WITH_RC4_128_SHA = 0x0092, - TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA = 0x0093, - TLS_RSA_PSK_WITH_AES_128_CBC_SHA = 0x0094, - TLS_RSA_PSK_WITH_AES_256_CBC_SHA = 0x0095, - - /* - * RFC 4492 - */ - TLS_ECDH_ECDSA_WITH_NULL_SHA = 0xC001, - TLS_ECDH_ECDSA_WITH_RC4_128_SHA = 0xC002, - TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA = 0xC003, - TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA = 0xC004, - TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA = 0xC005, - TLS_ECDHE_ECDSA_WITH_NULL_SHA = 0xC006, - TLS_ECDHE_ECDSA_WITH_RC4_128_SHA = 0xC007, - TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA = 0xC008, - TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA = 0xC009, - TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA = 0xC00A, - TLS_ECDH_RSA_WITH_NULL_SHA = 0xC00B, - TLS_ECDH_RSA_WITH_RC4_128_SHA = 0xC00C, - TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA = 0xC00D, - TLS_ECDH_RSA_WITH_AES_128_CBC_SHA = 0xC00E, - TLS_ECDH_RSA_WITH_AES_256_CBC_SHA = 0xC00F, - TLS_ECDHE_RSA_WITH_NULL_SHA = 0xC010, - TLS_ECDHE_RSA_WITH_RC4_128_SHA = 0xC011, - TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA = 0xC012, - TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA = 0xC013, - TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA = 0xC014, - TLS_ECDH_anon_WITH_NULL_SHA = 0xC015, - TLS_ECDH_anon_WITH_RC4_128_SHA = 0xC016, - TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA = 0xC017, - TLS_ECDH_anon_WITH_AES_128_CBC_SHA = 0xC018, - TLS_ECDH_anon_WITH_AES_256_CBC_SHA = 0xC019, - - /* - * RFC 5054 - */ - TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA = 0xC01A, - TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA = 0xC01B, - TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA = 0xC01C, - TLS_SRP_SHA_WITH_AES_128_CBC_SHA = 0xC01D, - TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA = 0xC01E, - TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA = 0xC01F, - TLS_SRP_SHA_WITH_AES_256_CBC_SHA = 0xC020, - TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA = 0xC021, - TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA = 0xC022, - - /* - * RFC 5289 - */ - TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 = 0xC023, - TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 = 0xC024, - TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 = 0xC025, - TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 = 0xC026, - TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 = 0xC027, - TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 = 0xC028, - TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 = 0xC029, - TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 = 0xC02A, - TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 = 0xC02B, - TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 = 0xC02C, - TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 = 0xC02D, - TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 = 0xC02E, - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 = 0xC02F, - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 = 0xC030, - TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 = 0xC031, - TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 = 0xC032, - - /* - * RFC 5746 - */ - TLS_EMPTY_RENEGOTIATION_INFO_SCSV = 0x00FF, - } + /// <summary> + /// RFC 2246 A.5 + /// </summary> + public abstract class CipherSuite + { + public const int TLS_NULL_WITH_NULL_NULL = 0x0000; + public const int TLS_RSA_WITH_NULL_MD5 = 0x0001; + public const int TLS_RSA_WITH_NULL_SHA = 0x0002; + public const int TLS_RSA_EXPORT_WITH_RC4_40_MD5 = 0x0003; + public const int TLS_RSA_WITH_RC4_128_MD5 = 0x0004; + public const int TLS_RSA_WITH_RC4_128_SHA = 0x0005; + public const int TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 = 0x0006; + public const int TLS_RSA_WITH_IDEA_CBC_SHA = 0x0007; + public const int TLS_RSA_EXPORT_WITH_DES40_CBC_SHA = 0x0008; + public const int TLS_RSA_WITH_DES_CBC_SHA = 0x0009; + public const int TLS_RSA_WITH_3DES_EDE_CBC_SHA = 0x000A; + public const int TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA = 0x000B; + public const int TLS_DH_DSS_WITH_DES_CBC_SHA = 0x000C; + public const int TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA = 0x000D; + public const int TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA = 0x000E; + public const int TLS_DH_RSA_WITH_DES_CBC_SHA = 0x000F; + public const int TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA = 0x0010; + public const int TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA = 0x0011; + public const int TLS_DHE_DSS_WITH_DES_CBC_SHA = 0x0012; + public const int TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA = 0x0013; + public const int TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA = 0x0014; + public const int TLS_DHE_RSA_WITH_DES_CBC_SHA = 0x0015; + public const int TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA = 0x0016; + public const int TLS_DH_anon_EXPORT_WITH_RC4_40_MD5 = 0x0017; + public const int TLS_DH_anon_WITH_RC4_128_MD5 = 0x0018; + public const int TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA = 0x0019; + public const int TLS_DH_anon_WITH_DES_CBC_SHA = 0x001A; + public const int TLS_DH_anon_WITH_3DES_EDE_CBC_SHA = 0x001B; + + /* + * Note: The cipher suite values { 0x00, 0x1C } and { 0x00, 0x1D } are reserved to avoid + * collision with Fortezza-based cipher suites in SSL 3. + */ + + /* + * RFC 3268 + */ + public const int TLS_RSA_WITH_AES_128_CBC_SHA = 0x002F; + public const int TLS_DH_DSS_WITH_AES_128_CBC_SHA = 0x0030; + public const int TLS_DH_RSA_WITH_AES_128_CBC_SHA = 0x0031; + public const int TLS_DHE_DSS_WITH_AES_128_CBC_SHA = 0x0032; + public const int TLS_DHE_RSA_WITH_AES_128_CBC_SHA = 0x0033; + public const int TLS_DH_anon_WITH_AES_128_CBC_SHA = 0x0034; + public const int TLS_RSA_WITH_AES_256_CBC_SHA = 0x0035; + public const int TLS_DH_DSS_WITH_AES_256_CBC_SHA = 0x0036; + public const int TLS_DH_RSA_WITH_AES_256_CBC_SHA = 0x0037; + public const int TLS_DHE_DSS_WITH_AES_256_CBC_SHA = 0x0038; + public const int TLS_DHE_RSA_WITH_AES_256_CBC_SHA = 0x0039; + public const int TLS_DH_anon_WITH_AES_256_CBC_SHA = 0x003A; + + /* + * RFC 4132 + */ + public const int TLS_RSA_WITH_CAMELLIA_128_CBC_SHA = 0x0041; + public const int TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA = 0x0042; + public const int TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA = 0x0043; + public const int TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA = 0x0044; + public const int TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA = 0x0045; + public const int TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA = 0x0046; + public const int TLS_RSA_WITH_CAMELLIA_256_CBC_SHA = 0x0084; + public const int TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA = 0x0085; + public const int TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA = 0x0086; + public const int TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA = 0x0087; + public const int TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA = 0x0088; + public const int TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA = 0x0089; + + /* + * RFC 4162 + */ + public const int TLS_RSA_WITH_SEED_CBC_SHA = 0x0096; + public const int TLS_DH_DSS_WITH_SEED_CBC_SHA = 0x0097; + public const int TLS_DH_RSA_WITH_SEED_CBC_SHA = 0x0098; + public const int TLS_DHE_DSS_WITH_SEED_CBC_SHA = 0x0099; + public const int TLS_DHE_RSA_WITH_SEED_CBC_SHA = 0x009A; + public const int TLS_DH_anon_WITH_SEED_CBC_SHA = 0x009B; + + /* + * RFC 4279 + */ + public const int TLS_PSK_WITH_RC4_128_SHA = 0x008A; + public const int TLS_PSK_WITH_3DES_EDE_CBC_SHA = 0x008B; + public const int TLS_PSK_WITH_AES_128_CBC_SHA = 0x008C; + public const int TLS_PSK_WITH_AES_256_CBC_SHA = 0x008D; + public const int TLS_DHE_PSK_WITH_RC4_128_SHA = 0x008E; + public const int TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA = 0x008F; + public const int TLS_DHE_PSK_WITH_AES_128_CBC_SHA = 0x0090; + public const int TLS_DHE_PSK_WITH_AES_256_CBC_SHA = 0x0091; + public const int TLS_RSA_PSK_WITH_RC4_128_SHA = 0x0092; + public const int TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA = 0x0093; + public const int TLS_RSA_PSK_WITH_AES_128_CBC_SHA = 0x0094; + public const int TLS_RSA_PSK_WITH_AES_256_CBC_SHA = 0x0095; + + /* + * RFC 4492 + */ + public const int TLS_ECDH_ECDSA_WITH_NULL_SHA = 0xC001; + public const int TLS_ECDH_ECDSA_WITH_RC4_128_SHA = 0xC002; + public const int TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA = 0xC003; + public const int TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA = 0xC004; + public const int TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA = 0xC005; + public const int TLS_ECDHE_ECDSA_WITH_NULL_SHA = 0xC006; + public const int TLS_ECDHE_ECDSA_WITH_RC4_128_SHA = 0xC007; + public const int TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA = 0xC008; + public const int TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA = 0xC009; + public const int TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA = 0xC00A; + public const int TLS_ECDH_RSA_WITH_NULL_SHA = 0xC00B; + public const int TLS_ECDH_RSA_WITH_RC4_128_SHA = 0xC00C; + public const int TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA = 0xC00D; + public const int TLS_ECDH_RSA_WITH_AES_128_CBC_SHA = 0xC00E; + public const int TLS_ECDH_RSA_WITH_AES_256_CBC_SHA = 0xC00F; + public const int TLS_ECDHE_RSA_WITH_NULL_SHA = 0xC010; + public const int TLS_ECDHE_RSA_WITH_RC4_128_SHA = 0xC011; + public const int TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA = 0xC012; + public const int TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA = 0xC013; + public const int TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA = 0xC014; + public const int TLS_ECDH_anon_WITH_NULL_SHA = 0xC015; + public const int TLS_ECDH_anon_WITH_RC4_128_SHA = 0xC016; + public const int TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA = 0xC017; + public const int TLS_ECDH_anon_WITH_AES_128_CBC_SHA = 0xC018; + public const int TLS_ECDH_anon_WITH_AES_256_CBC_SHA = 0xC019; + + /* + * RFC 4785 + */ + public const int TLS_PSK_WITH_NULL_SHA = 0x002C; + public const int TLS_DHE_PSK_WITH_NULL_SHA = 0x002D; + public const int TLS_RSA_PSK_WITH_NULL_SHA = 0x002E; + + /* + * RFC 5054 + */ + public const int TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA = 0xC01A; + public const int TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA = 0xC01B; + public const int TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA = 0xC01C; + public const int TLS_SRP_SHA_WITH_AES_128_CBC_SHA = 0xC01D; + public const int TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA = 0xC01E; + public const int TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA = 0xC01F; + public const int TLS_SRP_SHA_WITH_AES_256_CBC_SHA = 0xC020; + public const int TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA = 0xC021; + public const int TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA = 0xC022; + + /* + * RFC 5246 + */ + public const int TLS_RSA_WITH_NULL_SHA256 = 0x003B; + public const int TLS_RSA_WITH_AES_128_CBC_SHA256 = 0x003C; + public const int TLS_RSA_WITH_AES_256_CBC_SHA256 = 0x003D; + public const int TLS_DH_DSS_WITH_AES_128_CBC_SHA256 = 0x003E; + public const int TLS_DH_RSA_WITH_AES_128_CBC_SHA256 = 0x003F; + public const int TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 = 0x0040; + public const int TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 = 0x0067; + public const int TLS_DH_DSS_WITH_AES_256_CBC_SHA256 = 0x0068; + public const int TLS_DH_RSA_WITH_AES_256_CBC_SHA256 = 0x0069; + public const int TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 = 0x006A; + public const int TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 = 0x006B; + public const int TLS_DH_anon_WITH_AES_128_CBC_SHA256 = 0x006C; + public const int TLS_DH_anon_WITH_AES_256_CBC_SHA256 = 0x006D; + + /* + * RFC 5288 + */ + public const int TLS_RSA_WITH_AES_128_GCM_SHA256 = 0x009C; + public const int TLS_RSA_WITH_AES_256_GCM_SHA384 = 0x009D; + public const int TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 = 0x009E; + public const int TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 = 0x009F; + public const int TLS_DH_RSA_WITH_AES_128_GCM_SHA256 = 0x00A0; + public const int TLS_DH_RSA_WITH_AES_256_GCM_SHA384 = 0x00A1; + public const int TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 = 0x00A2; + public const int TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 = 0x00A3; + public const int TLS_DH_DSS_WITH_AES_128_GCM_SHA256 = 0x00A4; + public const int TLS_DH_DSS_WITH_AES_256_GCM_SHA384 = 0x00A5; + public const int TLS_DH_anon_WITH_AES_128_GCM_SHA256 = 0x00A6; + public const int TLS_DH_anon_WITH_AES_256_GCM_SHA384 = 0x00A7; + + /* + * RFC 5289 + */ + public const int TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 = 0xC023; + public const int TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 = 0xC024; + public const int TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 = 0xC025; + public const int TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 = 0xC026; + public const int TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 = 0xC027; + public const int TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 = 0xC028; + public const int TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 = 0xC029; + public const int TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 = 0xC02A; + public const int TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 = 0xC02B; + public const int TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 = 0xC02C; + public const int TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 = 0xC02D; + public const int TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 = 0xC02E; + public const int TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 = 0xC02F; + public const int TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 = 0xC030; + public const int TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 = 0xC031; + public const int TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 = 0xC032; + + /* + * RFC 5487 + */ + public const int TLS_PSK_WITH_AES_128_GCM_SHA256 = 0x00A8; + public const int TLS_PSK_WITH_AES_256_GCM_SHA384 = 0x00A9; + public const int TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 = 0x00AA; + public const int TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 = 0x00AB; + public const int TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 = 0x00AC; + public const int TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 = 0x00AD; + public const int TLS_PSK_WITH_AES_128_CBC_SHA256 = 0x00AE; + public const int TLS_PSK_WITH_AES_256_CBC_SHA384 = 0x00AF; + public const int TLS_PSK_WITH_NULL_SHA256 = 0x00B0; + public const int TLS_PSK_WITH_NULL_SHA384 = 0x00B1; + public const int TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 = 0x00B2; + public const int TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 = 0x00B3; + public const int TLS_DHE_PSK_WITH_NULL_SHA256 = 0x00B4; + public const int TLS_DHE_PSK_WITH_NULL_SHA384 = 0x00B5; + public const int TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 = 0x00B6; + public const int TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 = 0x00B7; + public const int TLS_RSA_PSK_WITH_NULL_SHA256 = 0x00B8; + public const int TLS_RSA_PSK_WITH_NULL_SHA384 = 0x00B9; + + /* + * RFC 5489 + */ + public const int TLS_ECDHE_PSK_WITH_RC4_128_SHA = 0xC033; + public const int TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA = 0xC034; + public const int TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA = 0xC035; + public const int TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA = 0xC036; + public const int TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 = 0xC037; + public const int TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 = 0xC038; + public const int TLS_ECDHE_PSK_WITH_NULL_SHA = 0xC039; + public const int TLS_ECDHE_PSK_WITH_NULL_SHA256 = 0xC03A; + public const int TLS_ECDHE_PSK_WITH_NULL_SHA384 = 0xC03B; + + /* + * RFC 5746 + */ + public const int TLS_EMPTY_RENEGOTIATION_INFO_SCSV = 0x00FF; + + /* + * RFC 6655 + */ + public const int TLS_RSA_WITH_AES_128_CCM = 0xC09C; + public const int TLS_RSA_WITH_AES_256_CCM = 0xC09D; + public const int TLS_DHE_RSA_WITH_AES_128_CCM = 0xC09E; + public const int TLS_DHE_RSA_WITH_AES_256_CCM = 0xC09F; + public const int TLS_RSA_WITH_AES_128_CCM_8 = 0xC0A0; + public const int TLS_RSA_WITH_AES_256_CCM_8 = 0xC0A1; + public const int TLS_DHE_RSA_WITH_AES_128_CCM_8 = 0xC0A2; + public const int TLS_DHE_RSA_WITH_AES_256_CCM_8 = 0xC0A3; + public const int TLS_PSK_WITH_AES_128_CCM = 0xC0A4; + public const int TLS_PSK_WITH_AES_256_CCM = 0xC0A5; + public const int TLS_DHE_PSK_WITH_AES_128_CCM = 0xC0A6; + public const int TLS_DHE_PSK_WITH_AES_256_CCM = 0xC0A7; + public const int TLS_PSK_WITH_AES_128_CCM_8 = 0xC0A8; + public const int TLS_PSK_WITH_AES_256_CCM_8 = 0xC0A9; + public const int TLS_PSK_DHE_WITH_AES_128_CCM_8 = 0xC0AA; + public const int TLS_PSK_DHE_WITH_AES_256_CCM_8 = 0xC0AB; + + /* + * TBD[draft-josefsson-salsa20-tls-02] + */ + const int TLS_RSA_WITH_ESTREAM_SALSA20_SHA1 = 0xFF00; + const int TLS_RSA_WITH_SALSA20_SHA1 = 0xFF01; + const int TLS_DHE_RSA_WITH_ESTREAM_SALSA20_SHA1 = 0xFF02; + const int TLS_DHE_RSA_WITH_SALSA20_SHA1 = 0xFF03; + const int TLS_ECDHE_RSA_WITH_ESTREAM_SALSA20_SHA1 = 0xFF04; + const int TLS_ECDHE_RSA_WITH_SALSA20_SHA1 = 0xFF05; + const int TLS_ECDHE_ECDSA_WITH_ESTREAM_SALSA20_SHA1 = 0xFF06; + const int TLS_ECDHE_ECDSA_WITH_SALSA20_SHA1 = 0xFF07; + const int TLS_PSK_WITH_ESTREAM_SALSA20_SHA1 = 0xFF08; + const int TLS_PSK_WITH_SALSA20_SHA1 = 0xFF09; + const int TLS_DHE_PSK_WITH_ESTREAM_SALSA20_SHA1 = 0xFF0A; + const int TLS_DHE_PSK_WITH_SALSA20_SHA1 = 0xFF0B; + const int TLS_RSA_PSK_WITH_ESTREAM_SALSA20_SHA1 = 0xFF0C; + const int TLS_RSA_PSK_WITH_SALSA20_SHA1 = 0xFF0D; + const int TLS_ECDHE_PSK_WITH_ESTREAM_SALSA20_SHA1 = 0xFF0E; + const int TLS_ECDHE_PSK_WITH_SALSA20_SHA1 = 0xFF0F; + const int TLS_RSA_WITH_ESTREAM_SALSA20_UMAC96 = 0xFF10; + const int TLS_RSA_WITH_SALSA20_UMAC96 = 0xFF11; + const int TLS_DHE_RSA_WITH_ESTREAM_SALSA20_UMAC96 = 0xFF12; + const int TLS_DHE_RSA_WITH_SALSA20_UMAC96 = 0xFF13; + const int TLS_ECDHE_RSA_WITH_ESTREAM_SALSA20_UMAC96 = 0xFF14; + const int TLS_ECDHE_RSA_WITH_SALSA20_UMAC96 = 0xFF15; + const int TLS_ECDHE_ECDSA_WITH_ESTREAM_SALSA20_UMAC96 = 0xFF16; + const int TLS_ECDHE_ECDSA_WITH_SALSA20_UMAC96 = 0xFF17; + const int TLS_PSK_WITH_ESTREAM_SALSA20_UMAC96 = 0xFF18; + const int TLS_PSK_WITH_SALSA20_UMAC96 = 0xFF19; + const int TLS_DHE_PSK_WITH_ESTREAM_SALSA20_UMAC96 = 0xFF1A; + const int TLS_DHE_PSK_WITH_SALSA20_UMAC96 = 0xFF1B; + const int TLS_RSA_PSK_WITH_ESTREAM_SALSA20_UMAC96 = 0xFF1C; + const int TLS_RSA_PSK_WITH_SALSA20_UMAC96 = 0xFF1D; + const int TLS_ECDHE_PSK_WITH_ESTREAM_SALSA20_UMAC96 = 0xFF1E; + const int TLS_ECDHE_PSK_WITH_SALSA20_UMAC96 = 0xFF1F; + } } diff --git a/crypto/src/crypto/tls/ContentType.cs b/crypto/src/crypto/tls/ContentType.cs index a664e3a38..d6ab43857 100644 --- a/crypto/src/crypto/tls/ContentType.cs +++ b/crypto/src/crypto/tls/ContentType.cs @@ -1,13 +1,14 @@ namespace Org.BouncyCastle.Crypto.Tls { - /// <summary> - /// RFC 2246 6.2.1 - /// </summary> - public enum ContentType : byte - { - change_cipher_spec = 20, - alert = 21, - handshake = 22, - application_data = 23, - } + /** + * RFC 2246 6.2.1 + */ + public abstract class ContentType + { + public const byte change_cipher_spec = 20; + public const byte alert = 21; + public const byte handshake = 22; + public const byte application_data = 23; + public const byte heartbeat = 24; + } } diff --git a/crypto/src/crypto/tls/DefaultTlsCipherFactory.cs b/crypto/src/crypto/tls/DefaultTlsCipherFactory.cs index 75ae311e1..9b6e2c14c 100644 --- a/crypto/src/crypto/tls/DefaultTlsCipherFactory.cs +++ b/crypto/src/crypto/tls/DefaultTlsCipherFactory.cs @@ -7,26 +7,26 @@ using Org.BouncyCastle.Crypto.Modes; namespace Org.BouncyCastle.Crypto.Tls { - public class DefaultTlsCipherFactory - : TlsCipherFactory - { - public virtual TlsCipher CreateCipher(TlsClientContext context, - EncryptionAlgorithm encryptionAlgorithm, DigestAlgorithm digestAlgorithm) - { - switch (encryptionAlgorithm) - { - case EncryptionAlgorithm.cls_3DES_EDE_CBC: - return CreateDesEdeCipher(context, 24, digestAlgorithm); - case EncryptionAlgorithm.AES_128_CBC: - return CreateAesCipher(context, 16, digestAlgorithm); - case EncryptionAlgorithm.AES_256_CBC: - return CreateAesCipher(context, 32, digestAlgorithm); + public class DefaultTlsCipherFactory + : TlsCipherFactory + { + public virtual TlsCipher CreateCipher(TlsClientContext context, + int encryptionAlgorithm, DigestAlgorithm digestAlgorithm) + { + switch (encryptionAlgorithm) + { + case EncryptionAlgorithm.cls_3DES_EDE_CBC: + return CreateDesEdeCipher(context, 24, digestAlgorithm); + case EncryptionAlgorithm.AES_128_CBC: + return CreateAesCipher(context, 16, digestAlgorithm); + case EncryptionAlgorithm.AES_256_CBC: + return CreateAesCipher(context, 32, digestAlgorithm); case EncryptionAlgorithm.RC4_128: return CreateRC4Cipher(context, 16, digestAlgorithm); - default: - throw new TlsFatalAlert(AlertDescription.internal_error); - } - } + default: + throw new TlsFatalAlert(AlertDescription.internal_error); + } + } /// <exception cref="IOException"></exception> protected virtual TlsCipher CreateRC4Cipher(TlsClientContext context, int cipherKeySize, DigestAlgorithm digestAlgorithm) @@ -34,53 +34,53 @@ namespace Org.BouncyCastle.Crypto.Tls return new TlsStreamCipher(context, CreateRC4StreamCipher(), CreateRC4StreamCipher(), CreateDigest(digestAlgorithm), CreateDigest(digestAlgorithm), cipherKeySize); } - /// <exception cref="IOException"></exception> - protected virtual TlsCipher CreateAesCipher(TlsClientContext context, int cipherKeySize, - DigestAlgorithm digestAlgorithm) - { - return new TlsBlockCipher(context, CreateAesBlockCipher(), CreateAesBlockCipher(), - CreateDigest(digestAlgorithm), CreateDigest(digestAlgorithm), cipherKeySize); - } + /// <exception cref="IOException"></exception> + protected virtual TlsCipher CreateAesCipher(TlsClientContext context, int cipherKeySize, + DigestAlgorithm digestAlgorithm) + { + return new TlsBlockCipher(context, CreateAesBlockCipher(), CreateAesBlockCipher(), + CreateDigest(digestAlgorithm), CreateDigest(digestAlgorithm), cipherKeySize); + } - /// <exception cref="IOException"></exception> - protected virtual TlsCipher CreateDesEdeCipher(TlsClientContext context, int cipherKeySize, - DigestAlgorithm digestAlgorithm) - { - return new TlsBlockCipher(context, CreateDesEdeBlockCipher(), CreateDesEdeBlockCipher(), - CreateDigest(digestAlgorithm), CreateDigest(digestAlgorithm), cipherKeySize); - } + /// <exception cref="IOException"></exception> + protected virtual TlsCipher CreateDesEdeCipher(TlsClientContext context, int cipherKeySize, + DigestAlgorithm digestAlgorithm) + { + return new TlsBlockCipher(context, CreateDesEdeBlockCipher(), CreateDesEdeBlockCipher(), + CreateDigest(digestAlgorithm), CreateDigest(digestAlgorithm), cipherKeySize); + } protected virtual IStreamCipher CreateRC4StreamCipher() { return new RC4Engine(); } - protected virtual IBlockCipher CreateAesBlockCipher() - { - return new CbcBlockCipher(new AesFastEngine()); - } + protected virtual IBlockCipher CreateAesBlockCipher() + { + return new CbcBlockCipher(new AesFastEngine()); + } - protected virtual IBlockCipher CreateDesEdeBlockCipher() - { - return new CbcBlockCipher(new DesEdeEngine()); - } + protected virtual IBlockCipher CreateDesEdeBlockCipher() + { + return new CbcBlockCipher(new DesEdeEngine()); + } - /// <exception cref="IOException"></exception> - protected virtual IDigest CreateDigest(DigestAlgorithm digestAlgorithm) - { - switch (digestAlgorithm) - { - case DigestAlgorithm.MD5: - return new MD5Digest(); - case DigestAlgorithm.SHA: - return new Sha1Digest(); - case DigestAlgorithm.SHA256: - return new Sha256Digest(); - case DigestAlgorithm.SHA384: - return new Sha384Digest(); - default: - throw new TlsFatalAlert(AlertDescription.internal_error); - } - } - } + /// <exception cref="IOException"></exception> + protected virtual IDigest CreateDigest(DigestAlgorithm digestAlgorithm) + { + switch (digestAlgorithm) + { + case DigestAlgorithm.MD5: + return new MD5Digest(); + case DigestAlgorithm.SHA: + return new Sha1Digest(); + case DigestAlgorithm.SHA256: + return new Sha256Digest(); + case DigestAlgorithm.SHA384: + return new Sha384Digest(); + default: + throw new TlsFatalAlert(AlertDescription.internal_error); + } + } + } } diff --git a/crypto/src/crypto/tls/DefaultTlsClient.cs b/crypto/src/crypto/tls/DefaultTlsClient.cs index 2e850e350..a5fbe8235 100644 --- a/crypto/src/crypto/tls/DefaultTlsClient.cs +++ b/crypto/src/crypto/tls/DefaultTlsClient.cs @@ -19,7 +19,7 @@ namespace Org.BouncyCastle.Crypto.Tls protected TlsClientContext context; protected byte selectedCompressionMethod; - protected CipherSuite selectedCipherSuite; + protected int selectedCipherSuite; public DefaultTlsClient() : this(new DefaultTlsCipherFactory()) @@ -36,9 +36,9 @@ namespace Org.BouncyCastle.Crypto.Tls this.context = context; } - public virtual CipherSuite[] GetCipherSuites() + public virtual int[] GetCipherSuites() { - return new CipherSuite[] { + return new int[] { CipherSuite.TLS_DHE_RSA_WITH_AES_256_CBC_SHA, CipherSuite.TLS_DHE_DSS_WITH_AES_256_CBC_SHA, CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA, @@ -72,7 +72,7 @@ namespace Org.BouncyCastle.Crypto.Tls // Currently ignored } - public virtual void NotifySelectedCipherSuite(CipherSuite selectedCipherSuite) + public virtual void NotifySelectedCipherSuite(int selectedCipherSuite) { this.selectedCipherSuite = selectedCipherSuite; } @@ -244,22 +244,22 @@ namespace Org.BouncyCastle.Crypto.Tls } } - protected virtual TlsKeyExchange CreateDHKeyExchange(KeyExchangeAlgorithm keyExchange) + protected virtual TlsKeyExchange CreateDHKeyExchange(int keyExchange) { return new TlsDHKeyExchange(context, keyExchange); } - protected virtual TlsKeyExchange CreateDheKeyExchange(KeyExchangeAlgorithm keyExchange) + protected virtual TlsKeyExchange CreateDheKeyExchange(int keyExchange) { return new TlsDheKeyExchange(context, keyExchange); } - protected virtual TlsKeyExchange CreateECDHKeyExchange(KeyExchangeAlgorithm keyExchange) + protected virtual TlsKeyExchange CreateECDHKeyExchange(int keyExchange) { return new TlsECDHKeyExchange(context, keyExchange); } - protected virtual TlsKeyExchange CreateECDheKeyExchange(KeyExchangeAlgorithm keyExchange) + protected virtual TlsKeyExchange CreateECDheKeyExchange(int keyExchange) { return new TlsECDheKeyExchange(context, keyExchange); } diff --git a/crypto/src/crypto/tls/ECCurveType.cs b/crypto/src/crypto/tls/ECCurveType.cs index 15d5d7b42..1b352e9c4 100644 --- a/crypto/src/crypto/tls/ECCurveType.cs +++ b/crypto/src/crypto/tls/ECCurveType.cs @@ -1,29 +1,29 @@ namespace Org.BouncyCastle.Crypto.Tls { - /// <summary> - /// RFC 4492 5.4 - /// </summary> - public enum ECCurveType : byte - { - /** - * Indicates the elliptic curve domain parameters are conveyed verbosely, and the - * underlying finite field is a prime field. - */ - explicit_prime = 1, + /// <summary> + /// RFC 4492 5.4 + /// </summary> + public abstract class ECCurveType + { + /** + * Indicates the elliptic curve domain parameters are conveyed verbosely, and the + * underlying finite field is a prime field. + */ + public const byte explicit_prime = 1; - /** - * Indicates the elliptic curve domain parameters are conveyed verbosely, and the - * underlying finite field is a characteristic-2 field. - */ - explicit_char2 = 2, + /** + * Indicates the elliptic curve domain parameters are conveyed verbosely, and the + * underlying finite field is a characteristic-2 field. + */ + public const byte explicit_char2 = 2; - /** - * Indicates that a named curve is used. This option SHOULD be used when applicable. - */ - named_curve = 3, + /** + * Indicates that a named curve is used. This option SHOULD be used when applicable. + */ + public const byte named_curve = 3; - /* - * Values 248 through 255 are reserved for private use. - */ - } + /* + * Values 248 through 255 are reserved for private use. + */ + } } diff --git a/crypto/src/crypto/tls/ECPointFormat.cs b/crypto/src/crypto/tls/ECPointFormat.cs index 4e0dd0067..21b0fdd97 100644 --- a/crypto/src/crypto/tls/ECPointFormat.cs +++ b/crypto/src/crypto/tls/ECPointFormat.cs @@ -1,16 +1,16 @@ namespace Org.BouncyCastle.Crypto.Tls { - /// <summary> - /// RFC 4492 5.1.2 - /// </summary> - public enum ECPointFormat : byte - { - uncompressed = 0, - ansiX962_compressed_prime = 1, - ansiX962_compressed_char2 = 2, + /// <summary> + /// RFC 4492 5.1.2 + /// </summary> + public abstract class ECPointFormat + { + public const byte uncompressed = 0; + public const byte ansiX962_compressed_prime = 1; + public const byte ansiX962_compressed_char2 = 2; - /* - * reserved (248..255) - */ - } + /* + * reserved (248..255) + */ + } } diff --git a/crypto/src/crypto/tls/EncryptionAlgorithm.cs b/crypto/src/crypto/tls/EncryptionAlgorithm.cs index 79d3b63b5..69aee8abc 100644 --- a/crypto/src/crypto/tls/EncryptionAlgorithm.cs +++ b/crypto/src/crypto/tls/EncryptionAlgorithm.cs @@ -2,31 +2,58 @@ using System; namespace Org.BouncyCastle.Crypto.Tls { - public enum EncryptionAlgorithm - { - /* - * Note that the values here are implementation-specific and arbitrary. - * It is recommended not to depend on the particular values (e.g. serialization). - */ - NULL, - RC4_40, - RC4_128, - RC2_CBC_40, - IDEA_CBC, - DES40_CBC, - DES_CBC, - cls_3DES_EDE_CBC, + /** + * RFC 2246 + * <p/> + * Note that the values here are implementation-specific and arbitrary. It is recommended not to + * depend on the particular values (e.g. serialization). + */ + public abstract class EncryptionAlgorithm + { + public const int NULL = 0; + public const int RC4_40 = 1; + public const int RC4_128 = 2; + public const int RC2_CBC_40 = 3; + public const int IDEA_CBC = 4; + public const int DES40_CBC = 5; + public const int DES_CBC = 6; + public const int cls_3DES_EDE_CBC = 7; - /* - * RFC 3268 - */ - AES_128_CBC, - AES_256_CBC, + /* + * RFC 3268 + */ + public const int AES_128_CBC = 8; + public const int AES_256_CBC = 9; - /* - * RFC 5289 - */ - AES_128_GCM, - AES_256_GCM, - } + /* + * RFC 5289 + */ + public const int AES_128_GCM = 10; + public const int AES_256_GCM = 11; + + /* + * RFC 4132 + */ + public const int CAMELLIA_128_CBC = 12; + public const int CAMELLIA_256_CBC = 13; + + /* + * RFC 4162 + */ + public const int SEED_CBC = 14; + + /* + * RFC 6655 + */ + public const int AES_128_CCM = 15; + public const int AES_128_CCM_8 = 16; + public const int AES_256_CCM = 17; + public const int AES_256_CCM_8 = 18; + + /* + * TBD[draft-josefsson-salsa20-tls-02] + */ + const int ESTREAM_SALSA20 = 100; + const int SALSA20 = 101; + } } diff --git a/crypto/src/crypto/tls/ExtensionType.cs b/crypto/src/crypto/tls/ExtensionType.cs index f00e34e3f..0e6a45b5e 100644 --- a/crypto/src/crypto/tls/ExtensionType.cs +++ b/crypto/src/crypto/tls/ExtensionType.cs @@ -1,31 +1,56 @@ namespace Org.BouncyCastle.Crypto.Tls { - /// <summary> - /// RFC 4366 2.3 - /// </summary> - public enum ExtensionType : int - { - server_name = 0, - max_fragment_length = 1, - client_certificate_url = 2, - trusted_ca_keys = 3, - truncated_hmac = 4, - status_request = 5, - - /* - * RFC 4492 - */ - elliptic_curves = 10, - ec_point_formats = 11, - - /* - * RFC 5054 2.8.1 - */ - srp = 12, - - /* - * RFC 5746 6 - */ - renegotiation_info = 0xff01, - } + public abstract class ExtensionType + { + /* + * RFC 2546 2.3. + */ + public const int server_name = 0; + public const int max_fragment_length = 1; + public const int client_certificate_url = 2; + public const int trusted_ca_keys = 3; + public const int truncated_hmac = 4; + public const int status_request = 5; + + /* + * RFC 4681 + */ + public const int user_mapping = 6; + + /* + * RFC 4492 5.1. + */ + public const int elliptic_curves = 10; + public const int ec_point_formats = 11; + + /* + * RFC 5054 2.8.1. + */ + public const int srp = 12; + + /* + * RFC 5077 7. + */ + public const int session_ticket = 35; + + /* + * RFC 5246 7.4.1.4. + */ + public const int signature_algorithms = 13; + + /* + * RFC 5764 9. + */ + public const int use_srtp = 14; + + /* + * RFC 6520 6. + */ + public const int heartbeat = 15; + + /* + * RFC 5746 3.2. + */ + public const int renegotiation_info = 0xff01; + } } diff --git a/crypto/src/crypto/tls/HandshakeType.cs b/crypto/src/crypto/tls/HandshakeType.cs index deedb1f84..e63042ac3 100644 --- a/crypto/src/crypto/tls/HandshakeType.cs +++ b/crypto/src/crypto/tls/HandshakeType.cs @@ -1,19 +1,40 @@ namespace Org.BouncyCastle.Crypto.Tls { - /// <summary> - /// RFC 2246 7.4 - /// </summary> - public enum HandshakeType : byte - { - hello_request = 0, - client_hello = 1, - server_hello = 2, - certificate = 11, - server_key_exchange = 12, - certificate_request = 13, - server_hello_done = 14, - certificate_verify = 15, - client_key_exchange = 16, - finished = 20, - } + public abstract class HandshakeType + { + /* + * RFC 2246 7.4 + */ + public const byte hello_request = 0; + public const byte client_hello = 1; + public const byte server_hello = 2; + public const byte certificate = 11; + public const byte server_key_exchange = 12; + public const byte certificate_request = 13; + public const byte server_hello_done = 14; + public const byte certificate_verify = 15; + public const byte client_key_exchange = 16; + public const byte finished = 20; + + /* + * RFC 3546 2.4 + */ + public const byte certificate_url = 21; + public const byte certificate_status = 22; + + /* + * (DTLS) RFC 4347 4.3.2 + */ + public const byte hello_verify_request = 3; + + /* + * RFC 4680 + */ + public const byte supplemental_data = 23; + + /* + * RFC 5077 + */ + public const byte session_ticket = 4; + } } diff --git a/crypto/src/crypto/tls/KeyExchangeAlgorithm.cs b/crypto/src/crypto/tls/KeyExchangeAlgorithm.cs index 3fdbeb2a6..3f5088d9b 100644 --- a/crypto/src/crypto/tls/KeyExchangeAlgorithm.cs +++ b/crypto/src/crypto/tls/KeyExchangeAlgorithm.cs @@ -2,35 +2,54 @@ using System; namespace Org.BouncyCastle.Crypto.Tls { - public enum KeyExchangeAlgorithm - { - /* - * Note that the values here are implementation-specific and arbitrary. - * It is recommended not to depend on the particular values (e.g. serialization). - */ - NULL, - RSA, - RSA_EXPORT, - DHE_DSS, - DHE_DSS_EXPORT, - DHE_RSA, - DHE_RSA_EXPORT, - DH_DSS, - DH_DSS_EXPORT, - DH_RSA, - DH_RSA_EXPORT, - DH_anon, - DH_anon_export, - PSK, - DHE_PSK, - RSA_PSK, - ECDH_ECDSA, - ECDHE_ECDSA, - ECDH_RSA, - ECDHE_RSA, - ECDH_anon, - SRP, - SRP_DSS, - SRP_RSA, - } + /** + * RFC 2246 + * <p/> + * Note that the values here are implementation-specific and arbitrary. It is recommended not to + * depend on the particular values (e.g. serialization). + */ + public abstract class KeyExchangeAlgorithm + { + public const int NULL = 0; + public const int RSA = 1; + public const int RSA_EXPORT = 2; + public const int DHE_DSS = 3; + public const int DHE_DSS_EXPORT = 4; + public const int DHE_RSA = 5; + public const int DHE_RSA_EXPORT = 6; + public const int DH_DSS = 7; + public const int DH_DSS_EXPORT = 8; + public const int DH_RSA = 9; + public const int DH_RSA_EXPORT = 10; + public const int DH_anon = 11; + public const int DH_anon_EXPORT = 12; + + /* + * RFC 4279 + */ + public const int PSK = 13; + public const int DHE_PSK = 14; + public const int RSA_PSK = 15; + + /* + * RFC 4429 + */ + public const int ECDH_ECDSA = 16; + public const int ECDHE_ECDSA = 17; + public const int ECDH_RSA = 18; + public const int ECDHE_RSA = 19; + public const int ECDH_anon = 20; + + /* + * RFC 5054 + */ + public const int SRP = 21; + public const int SRP_DSS = 22; + public const int SRP_RSA = 23; + + /* + * RFC 5489 + */ + public const int ECDHE_PSK = 24; + } } diff --git a/crypto/src/crypto/tls/NamedCurve.cs b/crypto/src/crypto/tls/NamedCurve.cs index c8ee189aa..8ef395069 100644 --- a/crypto/src/crypto/tls/NamedCurve.cs +++ b/crypto/src/crypto/tls/NamedCurve.cs @@ -6,67 +6,91 @@ using Org.BouncyCastle.Crypto.Parameters; namespace Org.BouncyCastle.Crypto.Tls { - /// <summary> - /// RFC 4492 5.1.1 - /// The named curves defined here are those specified in SEC 2 [13]. Note that many of - /// these curves are also recommended in ANSI X9.62 [7] and FIPS 186-2 [11]. Values 0xFE00 - /// through 0xFEFF are reserved for private use. Values 0xFF01 and 0xFF02 indicate that the - /// client supports arbitrary prime and characteristic-2 curves, respectively (the curve - /// parameters must be encoded explicitly in ECParameters). - /// </summary> - public enum NamedCurve : int - { - sect163k1 = 1, - sect163r1 = 2, - sect163r2 = 3, - sect193r1 = 4, - sect193r2 = 5, - sect233k1 = 6, - sect233r1 = 7, - sect239k1 = 8, - sect283k1 = 9, - sect283r1 = 10, - sect409k1 = 11, - sect409r1 = 12, - sect571k1 = 13, - sect571r1 = 14, - secp160k1 = 15, - secp160r1 = 16, - secp160r2 = 17, - secp192k1 = 18, - secp192r1 = 19, - secp224k1 = 20, - secp224r1 = 21, - secp256k1 = 22, - secp256r1 = 23, - secp384r1 = 24, - secp521r1 = 25, + /// <summary> + /// RFC 4492 5.1.1 + /// The named curves defined here are those specified in SEC 2 [13]. Note that many of + /// these curves are also recommended in ANSI X9.62 [7] and FIPS 186-2 [11]. Values 0xFE00 + /// through 0xFEFF are reserved for private use. Values 0xFF01 and 0xFF02 indicate that the + /// client supports arbitrary prime and characteristic-2 curves, respectively (the curve + /// parameters must be encoded explicitly in ECParameters). + /// </summary> + public abstract class NamedCurve + { + public const int sect163k1 = 1; + public const int sect163r1 = 2; + public const int sect163r2 = 3; + public const int sect193r1 = 4; + public const int sect193r2 = 5; + public const int sect233k1 = 6; + public const int sect233r1 = 7; + public const int sect239k1 = 8; + public const int sect283k1 = 9; + public const int sect283r1 = 10; + public const int sect409k1 = 11; + public const int sect409r1 = 12; + public const int sect571k1 = 13; + public const int sect571r1 = 14; + public const int secp160k1 = 15; + public const int secp160r1 = 16; + public const int secp160r2 = 17; + public const int secp192k1 = 18; + public const int secp192r1 = 19; + public const int secp224k1 = 20; + public const int secp224r1 = 21; + public const int secp256k1 = 22; + public const int secp256r1 = 23; + public const int secp384r1 = 24; + public const int secp521r1 = 25; + + /* + * RFC 7027 + */ + public const int brainpoolP256r1 = 26; + public const int brainpoolP384r1 = 27; + public const int brainpoolP512r1 = 28; - /* - * reserved (0xFE00..0xFEFF) - */ + /* + * reserved (0xFE00..0xFEFF) + */ - arbitrary_explicit_prime_curves = 0xFF01, - arbitrary_explicit_char2_curves = 0xFF02, - } + public const int arbitrary_explicit_prime_curves = 0xFF01; + public const int arbitrary_explicit_char2_curves = 0xFF02; - internal class NamedCurveHelper - { - internal static ECDomainParameters GetECParameters(NamedCurve namedCurve) - { - if (!Enum.IsDefined(typeof(NamedCurve), namedCurve)) + public static bool IsValid(int namedCurve) + { + return namedCurve >= sect163k1 && namedCurve <= brainpoolP512r1; + } + + public static bool RefersToASpecificNamedCurve(int namedCurve) + { + switch (namedCurve) + { + case arbitrary_explicit_prime_curves: + case arbitrary_explicit_char2_curves: + return false; + default: + return true; + } + } + } + + internal class NamedCurveHelper + { + internal static ECDomainParameters GetECParameters(int namedCurve) + { + if (!NamedCurve.IsValid(namedCurve)) return null; string curveName = namedCurve.ToString(); // Lazily created the first time a particular curve is accessed - X9ECParameters ecP = SecNamedCurves.GetByName(curveName); + X9ECParameters ecP = SecNamedCurves.GetByName(curveName); if (ecP == null) return null; - // It's a bit inefficient to do this conversion every time - return new ECDomainParameters(ecP.Curve, ecP.G, ecP.N, ecP.H, ecP.GetSeed()); - } - } + // It's a bit inefficient to do this conversion every time + return new ECDomainParameters(ecP.Curve, ecP.G, ecP.N, ecP.H, ecP.GetSeed()); + } + } } diff --git a/crypto/src/crypto/tls/PskTlsClient.cs b/crypto/src/crypto/tls/PskTlsClient.cs index cb42c31d8..6011daada 100644 --- a/crypto/src/crypto/tls/PskTlsClient.cs +++ b/crypto/src/crypto/tls/PskTlsClient.cs @@ -12,7 +12,7 @@ namespace Org.BouncyCastle.Crypto.Tls protected TlsClientContext context; protected byte selectedCompressionMethod; - protected CipherSuite selectedCipherSuite; + protected int selectedCipherSuite; public PskTlsClient(TlsPskIdentity pskIdentity) : this(new DefaultTlsCipherFactory(), pskIdentity) @@ -30,9 +30,9 @@ namespace Org.BouncyCastle.Crypto.Tls this.context = context; } - public virtual CipherSuite[] GetCipherSuites() + public virtual int[] GetCipherSuites() { - return new CipherSuite[] { + return new int[] { CipherSuite.TLS_DHE_PSK_WITH_AES_256_CBC_SHA, CipherSuite.TLS_DHE_PSK_WITH_AES_128_CBC_SHA, CipherSuite.TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA, @@ -63,7 +63,7 @@ namespace Org.BouncyCastle.Crypto.Tls // Currently ignored } - public virtual void NotifySelectedCipherSuite(CipherSuite selectedCipherSuite) + public virtual void NotifySelectedCipherSuite(int selectedCipherSuite) { this.selectedCipherSuite = selectedCipherSuite; } @@ -183,7 +183,7 @@ namespace Org.BouncyCastle.Crypto.Tls } } - protected virtual TlsKeyExchange CreatePskKeyExchange(KeyExchangeAlgorithm keyExchange) + protected virtual TlsKeyExchange CreatePskKeyExchange(int keyExchange) { return new TlsPskKeyExchange(context, keyExchange, pskIdentity); } diff --git a/crypto/src/crypto/tls/RecordStream.cs b/crypto/src/crypto/tls/RecordStream.cs index 4a5cdc1c9..ce8882cbe 100644 --- a/crypto/src/crypto/tls/RecordStream.cs +++ b/crypto/src/crypto/tls/RecordStream.cs @@ -45,21 +45,21 @@ namespace Org.BouncyCastle.Crypto.Tls public void ReadData() { - ContentType type = (ContentType)TlsUtilities.ReadUint8(inStr); + byte contentType = TlsUtilities.ReadUint8(inStr); TlsUtilities.CheckVersion(inStr); int size = TlsUtilities.ReadUint16(inStr); - byte[] buf = DecodeAndVerify(type, inStr, size); - handler.ProcessData(type, buf, 0, buf.Length); + byte[] buf = DecodeAndVerify(contentType, inStr, size); + handler.ProcessData(contentType, buf, 0, buf.Length); } internal byte[] DecodeAndVerify( - ContentType type, + byte contentType, Stream inStr, int len) { byte[] buf = new byte[len]; TlsUtilities.ReadFully(buf, inStr); - byte[] decoded = readCipher.DecodeCiphertext(type, buf, 0, buf.Length); + byte[] decoded = readCipher.DecodeCiphertext(contentType, buf, 0, buf.Length); Stream cOut = readCompression.Decompress(buffer); @@ -76,10 +76,10 @@ namespace Org.BouncyCastle.Crypto.Tls } internal void WriteMessage( - ContentType type, - byte[] message, - int offset, - int len) + byte type, + byte[] message, + int offset, + int len) { if (type == ContentType.handshake) { diff --git a/crypto/src/crypto/tls/SrpTlsClient.cs b/crypto/src/crypto/tls/SrpTlsClient.cs index f487e9b21..f9c8ccc74 100644 --- a/crypto/src/crypto/tls/SrpTlsClient.cs +++ b/crypto/src/crypto/tls/SrpTlsClient.cs @@ -16,7 +16,7 @@ namespace Org.BouncyCastle.Crypto.Tls protected TlsClientContext context; protected byte selectedCompressionMethod; - protected CipherSuite selectedCipherSuite; + protected int selectedCipherSuite; public SrpTlsClient(byte[] identity, byte[] password) : this(new DefaultTlsCipherFactory(), identity, password) @@ -35,9 +35,9 @@ namespace Org.BouncyCastle.Crypto.Tls this.context = context; } - public virtual CipherSuite[] GetCipherSuites() + public virtual int[] GetCipherSuites() { - return new CipherSuite[] { + return new int[] { CipherSuite.TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA, CipherSuite.TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA, CipherSuite.TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA, @@ -71,7 +71,7 @@ namespace Org.BouncyCastle.Crypto.Tls // Currently ignored } - public virtual void NotifySelectedCipherSuite(CipherSuite selectedCipherSuite) + public virtual void NotifySelectedCipherSuite(int selectedCipherSuite) { this.selectedCipherSuite = selectedCipherSuite; } @@ -180,7 +180,7 @@ namespace Org.BouncyCastle.Crypto.Tls } } - protected virtual TlsKeyExchange CreateSrpKeyExchange(KeyExchangeAlgorithm keyExchange) + protected virtual TlsKeyExchange CreateSrpKeyExchange(int keyExchange) { return new TlsSrpKeyExchange(context, keyExchange, identity, password); } diff --git a/crypto/src/crypto/tls/TlsBlockCipher.cs b/crypto/src/crypto/tls/TlsBlockCipher.cs index d77f118f4..cfbceb25e 100644 --- a/crypto/src/crypto/tls/TlsBlockCipher.cs +++ b/crypto/src/crypto/tls/TlsBlockCipher.cs @@ -9,13 +9,13 @@ using Org.BouncyCastle.Utilities; namespace Org.BouncyCastle.Crypto.Tls { - /// <summary> - /// A generic TLS 1.0 block cipher. This can be used for AES or 3DES for example. - /// </summary> - public class TlsBlockCipher + /// <summary> + /// A generic TLS 1.0 block cipher. This can be used for AES or 3DES for example. + /// </summary> + public class TlsBlockCipher : TlsCipher - { - protected TlsClientContext context; + { + protected TlsClientContext context; protected byte[] randomData; protected IBlockCipher encryptCipher; @@ -25,86 +25,86 @@ namespace Org.BouncyCastle.Crypto.Tls protected TlsMac rMac; public virtual TlsMac WriteMac - { + { get { return wMac; } - } + } - public virtual TlsMac ReadMac - { + public virtual TlsMac ReadMac + { get { return rMac; } - } + } - public TlsBlockCipher(TlsClientContext context, IBlockCipher encryptCipher, - IBlockCipher decryptCipher, IDigest writeDigest, IDigest readDigest, int cipherKeySize) - { - this.context = context; + public TlsBlockCipher(TlsClientContext context, IBlockCipher encryptCipher, + IBlockCipher decryptCipher, IDigest writeDigest, IDigest readDigest, int cipherKeySize) + { + this.context = context; this.randomData = new byte[256]; context.SecureRandom.NextBytes(randomData); this.encryptCipher = encryptCipher; - this.decryptCipher = decryptCipher; + this.decryptCipher = decryptCipher; - int prfSize = (2 * cipherKeySize) + writeDigest.GetDigestSize() - + readDigest.GetDigestSize() + encryptCipher.GetBlockSize() - + decryptCipher.GetBlockSize(); + int prfSize = (2 * cipherKeySize) + writeDigest.GetDigestSize() + + readDigest.GetDigestSize() + encryptCipher.GetBlockSize() + + decryptCipher.GetBlockSize(); - SecurityParameters securityParameters = context.SecurityParameters; + SecurityParameters securityParameters = context.SecurityParameters; - byte[] keyBlock = TlsUtilities.PRF(securityParameters.masterSecret, "key expansion", - TlsUtilities.Concat(securityParameters.serverRandom, securityParameters.clientRandom), - prfSize); + byte[] keyBlock = TlsUtilities.PRF(securityParameters.masterSecret, "key expansion", + TlsUtilities.Concat(securityParameters.serverRandom, securityParameters.clientRandom), + prfSize); - int offset = 0; + int offset = 0; - // Init MACs - wMac = CreateTlsMac(writeDigest, keyBlock, ref offset); + // Init MACs + wMac = CreateTlsMac(writeDigest, keyBlock, ref offset); rMac = CreateTlsMac(readDigest, keyBlock, ref offset); - // Build keys - KeyParameter encryptKey = CreateKeyParameter(keyBlock, ref offset, cipherKeySize); - KeyParameter decryptKey = CreateKeyParameter(keyBlock, ref offset, cipherKeySize); + // Build keys + KeyParameter encryptKey = CreateKeyParameter(keyBlock, ref offset, cipherKeySize); + KeyParameter decryptKey = CreateKeyParameter(keyBlock, ref offset, cipherKeySize); - // Add IVs - ParametersWithIV encryptParams = CreateParametersWithIV(encryptKey, - keyBlock, ref offset, encryptCipher.GetBlockSize()); - ParametersWithIV decryptParams = CreateParametersWithIV(decryptKey, - keyBlock, ref offset, decryptCipher.GetBlockSize()); + // Add IVs + ParametersWithIV encryptParams = CreateParametersWithIV(encryptKey, + keyBlock, ref offset, encryptCipher.GetBlockSize()); + ParametersWithIV decryptParams = CreateParametersWithIV(decryptKey, + keyBlock, ref offset, decryptCipher.GetBlockSize()); - if (offset != prfSize) - throw new TlsFatalAlert(AlertDescription.internal_error); + if (offset != prfSize) + throw new TlsFatalAlert(AlertDescription.internal_error); - // Init Ciphers - encryptCipher.Init(true, encryptParams); - decryptCipher.Init(false, decryptParams); - } + // Init Ciphers + encryptCipher.Init(true, encryptParams); + decryptCipher.Init(false, decryptParams); + } protected virtual TlsMac CreateTlsMac(IDigest digest, byte[] buf, ref int off) - { - int len = digest.GetDigestSize(); - TlsMac mac = new TlsMac(digest, buf, off, len); - off += len; - return mac; - } + { + int len = digest.GetDigestSize(); + TlsMac mac = new TlsMac(digest, buf, off, len); + off += len; + return mac; + } protected virtual KeyParameter CreateKeyParameter(byte[] buf, ref int off, int len) - { - KeyParameter key = new KeyParameter(buf, off, len); - off += len; - return key; - } + { + KeyParameter key = new KeyParameter(buf, off, len); + off += len; + return key; + } protected virtual ParametersWithIV CreateParametersWithIV(KeyParameter key, - byte[] buf, ref int off, int len) - { - ParametersWithIV ivParams = new ParametersWithIV(key, buf, off, len); - off += len; - return ivParams; - } - - public virtual byte[] EncodePlaintext(ContentType type, byte[] plaintext, int offset, int len) - { - int blocksize = encryptCipher.GetBlockSize(); + byte[] buf, ref int off, int len) + { + ParametersWithIV ivParams = new ParametersWithIV(key, buf, off, len); + off += len; + return ivParams; + } + + public virtual byte[] EncodePlaintext(byte type, byte[] plaintext, int offset, int len) + { + int blocksize = encryptCipher.GetBlockSize(); int padding_length = blocksize - 1 - ((len + wMac.Size) % blocksize); //bool isTls = context.ServerVersion.FullVersion >= ProtocolVersion.TLSv10.FullVersion; @@ -119,24 +119,24 @@ namespace Org.BouncyCastle.Crypto.Tls } int totalsize = len + wMac.Size + padding_length + 1; - byte[] outbuf = new byte[totalsize]; - Array.Copy(plaintext, offset, outbuf, 0, len); + byte[] outbuf = new byte[totalsize]; + Array.Copy(plaintext, offset, outbuf, 0, len); byte[] mac = wMac.CalculateMac(type, plaintext, offset, len); - Array.Copy(mac, 0, outbuf, len, mac.Length); - int paddoffset = len + mac.Length; + Array.Copy(mac, 0, outbuf, len, mac.Length); + int paddoffset = len + mac.Length; for (int i = 0; i <= padding_length; i++) - { + { outbuf[i + paddoffset] = (byte)padding_length; - } - for (int i = 0; i < totalsize; i += blocksize) - { - encryptCipher.ProcessBlock(outbuf, i, outbuf, i); - } - return outbuf; - } - - public virtual byte[] DecodeCiphertext(ContentType type, byte[] ciphertext, int offset, int len) - { + } + for (int i = 0; i < totalsize; i += blocksize) + { + encryptCipher.ProcessBlock(outbuf, i, outbuf, i); + } + return outbuf; + } + + public virtual byte[] DecodeCiphertext(byte type, byte[] ciphertext, int offset, int len) + { int blockSize = decryptCipher.GetBlockSize(); int macSize = rMac.Size; @@ -173,7 +173,7 @@ namespace Org.BouncyCastle.Crypto.Tls throw new TlsFatalAlert(AlertDescription.bad_record_mac); return Arrays.Copy(ciphertext, offset, macInputLen); - } + } protected virtual int CheckPaddingConstantTime(byte[] buf, int off, int len, int blockSize, int macSize) { @@ -224,28 +224,28 @@ namespace Org.BouncyCastle.Crypto.Tls } protected virtual int ChooseExtraPadBlocks(SecureRandom r, int max) - { + { // return r.NextInt(max + 1); - uint x = (uint)r.NextInt(); - int n = LowestBitSet(x); - return System.Math.Min(n, max); - } + uint x = (uint)r.NextInt(); + int n = LowestBitSet(x); + return System.Math.Min(n, max); + } private int LowestBitSet(uint x) - { - if (x == 0) - { - return 32; - } - - int n = 0; - while ((x & 1) == 0) - { - ++n; - x >>= 1; - } - return n; - } - } + { + if (x == 0) + { + return 32; + } + + int n = 0; + while ((x & 1) == 0) + { + ++n; + x >>= 1; + } + return n; + } + } } diff --git a/crypto/src/crypto/tls/TlsCipher.cs b/crypto/src/crypto/tls/TlsCipher.cs index 22c769d82..a58f4943f 100644 --- a/crypto/src/crypto/tls/TlsCipher.cs +++ b/crypto/src/crypto/tls/TlsCipher.cs @@ -3,12 +3,12 @@ using System.IO; namespace Org.BouncyCastle.Crypto.Tls { - public interface TlsCipher - { - /// <exception cref="IOException"></exception> - byte[] EncodePlaintext(ContentType type, byte[] plaintext, int offset, int len); + public interface TlsCipher + { + /// <exception cref="IOException"></exception> + byte[] EncodePlaintext(byte type, byte[] plaintext, int offset, int len); - /// <exception cref="IOException"></exception> - byte[] DecodeCiphertext(ContentType type, byte[] ciphertext, int offset, int len); - } + /// <exception cref="IOException"></exception> + byte[] DecodeCiphertext(byte type, byte[] ciphertext, int offset, int len); + } } diff --git a/crypto/src/crypto/tls/TlsCipherFactory.cs b/crypto/src/crypto/tls/TlsCipherFactory.cs index 0756603f4..bd65f8b4b 100644 --- a/crypto/src/crypto/tls/TlsCipherFactory.cs +++ b/crypto/src/crypto/tls/TlsCipherFactory.cs @@ -3,10 +3,10 @@ using System.IO; namespace Org.BouncyCastle.Crypto.Tls { - public interface TlsCipherFactory - { - /// <exception cref="IOException"></exception> - TlsCipher CreateCipher(TlsClientContext context, EncryptionAlgorithm encryptionAlgorithm, - DigestAlgorithm digestAlgorithm); - } + public interface TlsCipherFactory + { + /// <exception cref="IOException"></exception> + TlsCipher CreateCipher(TlsClientContext context, int encryptionAlgorithm, + DigestAlgorithm digestAlgorithm); + } } diff --git a/crypto/src/crypto/tls/TlsClient.cs b/crypto/src/crypto/tls/TlsClient.cs index d32ac1547..9e7937c94 100644 --- a/crypto/src/crypto/tls/TlsClient.cs +++ b/crypto/src/crypto/tls/TlsClient.cs @@ -4,60 +4,60 @@ using System.IO; namespace Org.BouncyCastle.Crypto.Tls { - public interface TlsClient - { - /// <summary> - /// Called at the start of a new TLS session, before any other methods. - /// </summary> - /// <param name="context"> - /// A <see cref="TlsProtocolHandler"/> - /// </param> - void Init(TlsClientContext context); + public interface TlsClient + { + /// <summary> + /// Called at the start of a new TLS session, before any other methods. + /// </summary> + /// <param name="context"> + /// A <see cref="TlsProtocolHandler"/> + /// </param> + void Init(TlsClientContext context); - /// <summary> - /// Get the list of cipher suites that this client supports. - /// </summary> - /// <returns> - /// An array of <see cref="CipherSuite"/>, each specifying a supported cipher suite. - /// </returns> - CipherSuite[] GetCipherSuites(); + /// <summary> + /// Get the list of cipher suites that this client supports. + /// </summary> + /// <returns> + /// An array of <see cref="CipherSuite"/> values, each specifying a supported cipher suite. + /// </returns> + int[] GetCipherSuites(); /// <summary> /// Get the list of compression methods that this client supports. /// </summary> /// <returns> - /// An array of <see cref="CompressionMethod"/>, each specifying a supported compression method. + /// An array of <see cref="CompressionMethod"/> values, each specifying a supported compression method. /// </returns> byte[] GetCompressionMethods(); /// <summary> - /// Get the (optional) table of client extensions to be included in (extended) client hello. - /// </summary> - /// <returns> - /// A <see cref="IDictionary"/> (<see cref="ExtensionType"/> -> byte[]). May be null. - /// </returns> - /// <exception cref="IOException"></exception> - IDictionary GetClientExtensions(); + /// Get the (optional) table of client extensions to be included in (extended) client hello. + /// </summary> + /// <returns> + /// A <see cref="IDictionary"/> (Int32 -> byte[]). May be null. + /// </returns> + /// <exception cref="IOException"></exception> + IDictionary GetClientExtensions(); - /// <summary> - /// Reports the session ID once it has been determined. - /// </summary> - /// <param name="sessionID"> - /// A <see cref="System.Byte"/> - /// </param> - void NotifySessionID(byte[] sessionID); + /// <summary> + /// Reports the session ID once it has been determined. + /// </summary> + /// <param name="sessionID"> + /// A <see cref="System.Byte"/> + /// </param> + void NotifySessionID(byte[] sessionID); - /// <summary> - /// Report the cipher suite that was selected by the server. - /// </summary> - /// <remarks> - /// The protocol handler validates this value against the offered cipher suites - /// <seealso cref="GetCipherSuites"/> - /// </remarks> - /// <param name="selectedCipherSuite"> - /// A <see cref="CipherSuite"/> - /// </param> - void NotifySelectedCipherSuite(CipherSuite selectedCipherSuite); + /// <summary> + /// Report the cipher suite that was selected by the server. + /// </summary> + /// <remarks> + /// The protocol handler validates this value against the offered cipher suites + /// <seealso cref="GetCipherSuites"/> + /// </remarks> + /// <param name="selectedCipherSuite"> + /// A <see cref="CipherSuite"/> + /// </param> + void NotifySelectedCipherSuite(int selectedCipherSuite); /// <summary> /// Report the compression method that was selected by the server. @@ -71,59 +71,59 @@ namespace Org.BouncyCastle.Crypto.Tls /// </param> void NotifySelectedCompressionMethod(byte selectedCompressionMethod); - /// <summary> - /// Report whether the server supports secure renegotiation - /// </summary> - /// <remarks> - /// The protocol handler automatically processes the relevant extensions - /// </remarks> - /// <param name="secureRenegotiation"> - /// A <see cref="System.Boolean"/>, true if the server supports secure renegotiation - /// </param> - /// <exception cref="IOException"></exception> - void NotifySecureRenegotiation(bool secureRenegotiation); + /// <summary> + /// Report whether the server supports secure renegotiation + /// </summary> + /// <remarks> + /// The protocol handler automatically processes the relevant extensions + /// </remarks> + /// <param name="secureRenegotiation"> + /// A <see cref="System.Boolean"/>, true if the server supports secure renegotiation + /// </param> + /// <exception cref="IOException"></exception> + void NotifySecureRenegotiation(bool secureRenegotiation); - /// <summary> - /// Report the extensions from an extended server hello. - /// </summary> - /// <remarks> - /// Will only be called if we returned a non-null result from <see cref="GetClientExtensions"/>. - /// </remarks> - /// <param name="serverExtensions"> - /// A <see cref="IDictionary"/> (<see cref="ExtensionType"/> -> byte[]) - /// </param> - void ProcessServerExtensions(IDictionary serverExtensions); + /// <summary> + /// Report the extensions from an extended server hello. + /// </summary> + /// <remarks> + /// Will only be called if we returned a non-null result from <see cref="GetClientExtensions"/>. + /// </remarks> + /// <param name="serverExtensions"> + /// A <see cref="IDictionary"/> (Int32 -> byte[]) + /// </param> + void ProcessServerExtensions(IDictionary serverExtensions); - /// <summary> - /// Return an implementation of <see cref="TlsKeyExchange"/> to negotiate the key exchange - /// part of the protocol. - /// </summary> - /// <returns> - /// A <see cref="TlsKeyExchange"/> - /// </returns> - /// <exception cref="IOException"/> - TlsKeyExchange GetKeyExchange(); + /// <summary> + /// Return an implementation of <see cref="TlsKeyExchange"/> to negotiate the key exchange + /// part of the protocol. + /// </summary> + /// <returns> + /// A <see cref="TlsKeyExchange"/> + /// </returns> + /// <exception cref="IOException"/> + TlsKeyExchange GetKeyExchange(); - /// <summary> - /// Return an implementation of <see cref="TlsAuthentication"/> to handle authentication - /// part of the protocol. - /// </summary> - /// <exception cref="IOException"/> - TlsAuthentication GetAuthentication(); + /// <summary> + /// Return an implementation of <see cref="TlsAuthentication"/> to handle authentication + /// part of the protocol. + /// </summary> + /// <exception cref="IOException"/> + TlsAuthentication GetAuthentication(); - /// <summary> - /// Return an implementation of <see cref="TlsCompression"/> to handle record compression. - /// </summary> - /// <exception cref="IOException"/> - TlsCompression GetCompression(); + /// <summary> + /// Return an implementation of <see cref="TlsCompression"/> to handle record compression. + /// </summary> + /// <exception cref="IOException"/> + TlsCompression GetCompression(); - /// <summary> - /// Return an implementation of <see cref="TlsCipher"/> to use for encryption/decryption. - /// </summary> - /// <returns> - /// A <see cref="TlsCipher"/> - /// </returns> - /// <exception cref="IOException"/> - TlsCipher GetCipher(); - } + /// <summary> + /// Return an implementation of <see cref="TlsCipher"/> to use for encryption/decryption. + /// </summary> + /// <returns> + /// A <see cref="TlsCipher"/> + /// </returns> + /// <exception cref="IOException"/> + TlsCipher GetCipher(); + } } diff --git a/crypto/src/crypto/tls/TlsDHKeyExchange.cs b/crypto/src/crypto/tls/TlsDHKeyExchange.cs index 465d8c0b2..26d76fd3d 100644 --- a/crypto/src/crypto/tls/TlsDHKeyExchange.cs +++ b/crypto/src/crypto/tls/TlsDHKeyExchange.cs @@ -16,7 +16,7 @@ namespace Org.BouncyCastle.Crypto.Tls : TlsKeyExchange { protected TlsClientContext context; - protected KeyExchangeAlgorithm keyExchange; + protected int keyExchange; protected TlsSigner tlsSigner; protected AsymmetricKeyParameter serverPublicKey = null; @@ -24,7 +24,7 @@ namespace Org.BouncyCastle.Crypto.Tls protected TlsAgreementCredentials agreementCredentials; protected DHPrivateKeyParameters dhAgreeClientPrivateKey = null; - internal TlsDHKeyExchange(TlsClientContext context, KeyExchangeAlgorithm keyExchange) + internal TlsDHKeyExchange(TlsClientContext context, int keyExchange) { switch (keyExchange) { diff --git a/crypto/src/crypto/tls/TlsDheKeyExchange.cs b/crypto/src/crypto/tls/TlsDheKeyExchange.cs index 725cc1bf3..ee6d6eb44 100644 --- a/crypto/src/crypto/tls/TlsDheKeyExchange.cs +++ b/crypto/src/crypto/tls/TlsDheKeyExchange.cs @@ -7,50 +7,50 @@ using Org.BouncyCastle.Math; namespace Org.BouncyCastle.Crypto.Tls { - internal class TlsDheKeyExchange - : TlsDHKeyExchange - { - internal TlsDheKeyExchange(TlsClientContext context, KeyExchangeAlgorithm keyExchange) - : base(context, keyExchange) - { - } - - public override void SkipServerKeyExchange() - { - throw new TlsFatalAlert(AlertDescription.unexpected_message); - } - - public override void ProcessServerKeyExchange(Stream input) - { - SecurityParameters securityParameters = context.SecurityParameters; - - ISigner signer = InitSigner(tlsSigner, securityParameters); - Stream sigIn = new SignerStream(input, signer, null); - - byte[] pBytes = TlsUtilities.ReadOpaque16(sigIn); - byte[] gBytes = TlsUtilities.ReadOpaque16(sigIn); - byte[] YsBytes = TlsUtilities.ReadOpaque16(sigIn); - - byte[] sigByte = TlsUtilities.ReadOpaque16(input); - if (!signer.VerifySignature(sigByte)) - { + internal class TlsDheKeyExchange + : TlsDHKeyExchange + { + internal TlsDheKeyExchange(TlsClientContext context, int keyExchange) + : base(context, keyExchange) + { + } + + public override void SkipServerKeyExchange() + { + throw new TlsFatalAlert(AlertDescription.unexpected_message); + } + + public override void ProcessServerKeyExchange(Stream input) + { + SecurityParameters securityParameters = context.SecurityParameters; + + ISigner signer = InitSigner(tlsSigner, securityParameters); + Stream sigIn = new SignerStream(input, signer, null); + + byte[] pBytes = TlsUtilities.ReadOpaque16(sigIn); + byte[] gBytes = TlsUtilities.ReadOpaque16(sigIn); + byte[] YsBytes = TlsUtilities.ReadOpaque16(sigIn); + + byte[] sigByte = TlsUtilities.ReadOpaque16(input); + if (!signer.VerifySignature(sigByte)) + { throw new TlsFatalAlert(AlertDescription.decrypt_error); - } - - BigInteger p = new BigInteger(1, pBytes); - BigInteger g = new BigInteger(1, gBytes); - BigInteger Ys = new BigInteger(1, YsBytes); - - this.dhAgreeServerPublicKey = ValidateDHPublicKey( - new DHPublicKeyParameters(Ys, new DHParameters(p, g))); - } - - protected virtual ISigner InitSigner(TlsSigner tlsSigner, SecurityParameters securityParameters) - { - ISigner signer = tlsSigner.CreateVerifyer(this.serverPublicKey); - signer.BlockUpdate(securityParameters.clientRandom, 0, securityParameters.clientRandom.Length); - signer.BlockUpdate(securityParameters.serverRandom, 0, securityParameters.serverRandom.Length); - return signer; - } - } + } + + BigInteger p = new BigInteger(1, pBytes); + BigInteger g = new BigInteger(1, gBytes); + BigInteger Ys = new BigInteger(1, YsBytes); + + this.dhAgreeServerPublicKey = ValidateDHPublicKey( + new DHPublicKeyParameters(Ys, new DHParameters(p, g))); + } + + protected virtual ISigner InitSigner(TlsSigner tlsSigner, SecurityParameters securityParameters) + { + ISigner signer = tlsSigner.CreateVerifyer(this.serverPublicKey); + signer.BlockUpdate(securityParameters.clientRandom, 0, securityParameters.clientRandom.Length); + signer.BlockUpdate(securityParameters.serverRandom, 0, securityParameters.serverRandom.Length); + return signer; + } + } } diff --git a/crypto/src/crypto/tls/TlsECDHKeyExchange.cs b/crypto/src/crypto/tls/TlsECDHKeyExchange.cs index 4c5576fca..65d07a10c 100644 --- a/crypto/src/crypto/tls/TlsECDHKeyExchange.cs +++ b/crypto/src/crypto/tls/TlsECDHKeyExchange.cs @@ -19,7 +19,7 @@ namespace Org.BouncyCastle.Crypto.Tls : TlsKeyExchange { protected TlsClientContext context; - protected KeyExchangeAlgorithm keyExchange; + protected int keyExchange; protected TlsSigner tlsSigner; protected AsymmetricKeyParameter serverPublicKey; @@ -27,7 +27,7 @@ namespace Org.BouncyCastle.Crypto.Tls protected TlsAgreementCredentials agreementCredentials; protected ECPrivateKeyParameters ecAgreeClientPrivateKey = null; - internal TlsECDHKeyExchange(TlsClientContext context, KeyExchangeAlgorithm keyExchange) + internal TlsECDHKeyExchange(TlsClientContext context, int keyExchange) { switch (keyExchange) { diff --git a/crypto/src/crypto/tls/TlsECDheKeyExchange.cs b/crypto/src/crypto/tls/TlsECDheKeyExchange.cs index 2dd284f12..a671ebfbe 100644 --- a/crypto/src/crypto/tls/TlsECDheKeyExchange.cs +++ b/crypto/src/crypto/tls/TlsECDheKeyExchange.cs @@ -13,7 +13,7 @@ namespace Org.BouncyCastle.Crypto.Tls */ internal class TlsECDheKeyExchange : TlsECDHKeyExchange { - internal TlsECDheKeyExchange(TlsClientContext context, KeyExchangeAlgorithm keyExchange) + internal TlsECDheKeyExchange(TlsClientContext context, int keyExchange) : base(context, keyExchange) { } @@ -30,13 +30,13 @@ namespace Org.BouncyCastle.Crypto.Tls ISigner signer = InitSigner(tlsSigner, securityParameters); Stream sigIn = new SignerStream(input, signer, null); - ECCurveType curveType = (ECCurveType)TlsUtilities.ReadUint8(sigIn); + byte curveType = TlsUtilities.ReadUint8(sigIn); ECDomainParameters curve_params; // Currently, we only support named curves if (curveType == ECCurveType.named_curve) { - NamedCurve namedCurve = (NamedCurve)TlsUtilities.ReadUint16(sigIn); + int namedCurve = TlsUtilities.ReadUint16(sigIn); // TODO Check namedCurve is one we offered? diff --git a/crypto/src/crypto/tls/TlsMac.cs b/crypto/src/crypto/tls/TlsMac.cs index 862c887ad..e4313617e 100644 --- a/crypto/src/crypto/tls/TlsMac.cs +++ b/crypto/src/crypto/tls/TlsMac.cs @@ -9,103 +9,103 @@ using Org.BouncyCastle.Utilities; namespace Org.BouncyCastle.Crypto.Tls { - /// <remarks> - /// A generic TLS MAC implementation, which can be used with any kind of - /// IDigest to act as an HMAC. - /// </remarks> - public class TlsMac - { - protected long seqNo; - protected byte[] secret; - protected HMac mac; - - /** - * Generate a new instance of an TlsMac. - * - * @param digest The digest to use. - * @param key_block A byte-array where the key for this mac is located. - * @param offset The number of bytes to skip, before the key starts in the buffer. - * @param len The length of the key. - */ - public TlsMac( - IDigest digest, - byte[] key_block, - int offset, - int len) - { - this.seqNo = 0; - - KeyParameter param = new KeyParameter(key_block, offset, len); - - this.secret = Arrays.Clone(param.GetKey()); - - this.mac = new HMac(digest); - this.mac.Init(param); - } - - /** - * @return the MAC write secret - */ - public virtual byte[] GetMacSecret() - { - return this.secret; - } - - /** - * @return the current write sequence number - */ - public virtual long SequenceNumber - { - get { return this.seqNo; } - } - - /** - * Increment the current write sequence number - */ - public virtual void IncSequenceNumber() - { - this.seqNo++; - } - - /** - * @return The Keysize of the mac. - */ - public virtual int Size - { - get { return mac.GetMacSize(); } - } - - /** - * Calculate the mac for some given data. - * <p/> - * TlsMac will keep track of the sequence number internally. - * - * @param type The message type of the message. - * @param message A byte-buffer containing the message. - * @param offset The number of bytes to skip, before the message starts. - * @param len The length of the message. - * @return A new byte-buffer containing the mac value. - */ - public virtual byte[] CalculateMac(ContentType type, byte[] message, int offset, int len) - { + /// <remarks> + /// A generic TLS MAC implementation, which can be used with any kind of + /// IDigest to act as an HMAC. + /// </remarks> + public class TlsMac + { + protected long seqNo; + protected byte[] secret; + protected HMac mac; + + /** + * Generate a new instance of an TlsMac. + * + * @param digest The digest to use. + * @param key_block A byte-array where the key for this mac is located. + * @param offset The number of bytes to skip, before the key starts in the buffer. + * @param len The length of the key. + */ + public TlsMac( + IDigest digest, + byte[] key_block, + int offset, + int len) + { + this.seqNo = 0; + + KeyParameter param = new KeyParameter(key_block, offset, len); + + this.secret = Arrays.Clone(param.GetKey()); + + this.mac = new HMac(digest); + this.mac.Init(param); + } + + /** + * @return the MAC write secret + */ + public virtual byte[] GetMacSecret() + { + return this.secret; + } + + /** + * @return the current write sequence number + */ + public virtual long SequenceNumber + { + get { return this.seqNo; } + } + + /** + * Increment the current write sequence number + */ + public virtual void IncSequenceNumber() + { + this.seqNo++; + } + + /** + * @return The Keysize of the mac. + */ + public virtual int Size + { + get { return mac.GetMacSize(); } + } + + /** + * Calculate the mac for some given data. + * <p/> + * TlsMac will keep track of the sequence number internally. + * + * @param type The message type of the message. + * @param message A byte-buffer containing the message. + * @param offset The number of bytes to skip, before the message starts. + * @param len The length of the message. + * @return A new byte-buffer containing the mac value. + */ + public virtual byte[] CalculateMac(byte type, byte[] message, int offset, int len) + { //bool isTls = context.ServerVersion.FullVersion >= ProtocolVersion.TLSv10.FullVersion; bool isTls = true; byte[] macHeader = new byte[isTls ? 13 : 11]; - TlsUtilities.WriteUint64(seqNo++, macHeader, 0); - TlsUtilities.WriteUint8((byte)type, macHeader, 8); + TlsUtilities.WriteUint64(seqNo++, macHeader, 0); + TlsUtilities.WriteUint8(type, macHeader, 8); if (isTls) { TlsUtilities.WriteVersion(macHeader, 9); } - TlsUtilities.WriteUint16(len, macHeader, 11); + TlsUtilities.WriteUint16(len, macHeader, 11); mac.BlockUpdate(macHeader, 0, macHeader.Length); - mac.BlockUpdate(message, offset, len); - return MacUtilities.DoFinal(mac); - } + mac.BlockUpdate(message, offset, len); + return MacUtilities.DoFinal(mac); + } - public virtual byte[] CalculateMacConstantTime(ContentType type, byte[] message, int offset, int len, + public virtual byte[] CalculateMacConstantTime(byte type, byte[] message, int offset, int len, int fullLength, byte[] dummyData) { // Actual MAC only calculated on 'len' bytes @@ -138,5 +138,5 @@ namespace Org.BouncyCastle.Crypto.Tls return result; } - } + } } diff --git a/crypto/src/crypto/tls/TlsNullCipher.cs b/crypto/src/crypto/tls/TlsNullCipher.cs index b76f76d9c..3e2bfa847 100644 --- a/crypto/src/crypto/tls/TlsNullCipher.cs +++ b/crypto/src/crypto/tls/TlsNullCipher.cs @@ -2,27 +2,27 @@ using System; namespace Org.BouncyCastle.Crypto.Tls { - /// <summary> - /// A NULL cipher suite, for use during handshake. - /// </summary> - public class TlsNullCipher - : TlsCipher - { - public virtual byte[] EncodePlaintext(ContentType type, byte[] plaintext, int offset, int len) - { - return CopyData(plaintext, offset, len); - } + /// <summary> + /// A NULL cipher suite, for use during handshake. + /// </summary> + public class TlsNullCipher + : TlsCipher + { + public virtual byte[] EncodePlaintext(byte type, byte[] plaintext, int offset, int len) + { + return CopyData(plaintext, offset, len); + } - public virtual byte[] DecodeCiphertext(ContentType type, byte[] ciphertext, int offset, int len) - { - return CopyData(ciphertext, offset, len); - } + public virtual byte[] DecodeCiphertext(byte type, byte[] ciphertext, int offset, int len) + { + return CopyData(ciphertext, offset, len); + } - protected virtual byte[] CopyData(byte[] text, int offset, int len) - { - byte[] result = new byte[len]; - Array.Copy(text, offset, result, 0, len); - return result; - } - } + protected virtual byte[] CopyData(byte[] text, int offset, int len) + { + byte[] result = new byte[len]; + Array.Copy(text, offset, result, 0, len); + return result; + } + } } diff --git a/crypto/src/crypto/tls/TlsProtocolHandler.cs b/crypto/src/crypto/tls/TlsProtocolHandler.cs index 5ba42ef66..c538229dc 100644 --- a/crypto/src/crypto/tls/TlsProtocolHandler.cs +++ b/crypto/src/crypto/tls/TlsProtocolHandler.cs @@ -67,7 +67,7 @@ namespace Org.BouncyCastle.Crypto.Tls private TlsClientContextImpl tlsClientContext = null; private TlsClient tlsClient = null; - private CipherSuite[] offeredCipherSuites = null; + private int[] offeredCipherSuites = null; private byte[] offeredCompressionMethods = null; private TlsKeyExchange keyExchange = null; private TlsAuthentication authentication = null; @@ -120,15 +120,15 @@ namespace Org.BouncyCastle.Crypto.Tls } internal void ProcessData( - ContentType protocol, - byte[] buf, - int offset, - int len) + byte contentType, + byte[] buf, + int offset, + int len) { /* * Have a look at the protocol type, and add it to the correct queue. */ - switch (protocol) + switch (contentType) { case ContentType.change_cipher_spec: ProcessChangeCipherSpec(buf, offset, len); @@ -175,7 +175,7 @@ namespace Org.BouncyCastle.Crypto.Tls byte[] beginning = new byte[4]; handshakeQueue.Read(beginning, 0, 4, 0); MemoryStream bis = new MemoryStream(beginning, false); - HandshakeType type = (HandshakeType)TlsUtilities.ReadUint8(bis); + byte handshakeType = TlsUtilities.ReadUint8(bis); int len = TlsUtilities.ReadUint24(bis); /* @@ -195,7 +195,7 @@ namespace Org.BouncyCastle.Crypto.Tls * including, this finished message. [..] Note: [Also,] Hello Request * messages are omitted from handshake hashes. */ - switch (type) + switch (handshakeType) { case HandshakeType.hello_request: case HandshakeType.finished: @@ -209,7 +209,7 @@ namespace Org.BouncyCastle.Crypto.Tls /* * Now, parse the message. */ - ProcessHandshakeMessage(type, buf); + ProcessHandshakeMessage(handshakeType, buf); read = true; } } @@ -217,14 +217,14 @@ namespace Org.BouncyCastle.Crypto.Tls while (read); } - private void ProcessHandshakeMessage(HandshakeType type, byte[] buf) + private void ProcessHandshakeMessage(byte handshakeType, byte[] buf) { MemoryStream inStr = new MemoryStream(buf, false); /* * Check the type. */ - switch (type) + switch (handshakeType) { case HandshakeType.certificate: { @@ -322,7 +322,7 @@ namespace Org.BouncyCastle.Crypto.Tls * Find out which CipherSuite the server has chosen and check that * it was one of the offered ones. */ - CipherSuite selectedCipherSuite = (CipherSuite)TlsUtilities.ReadUint16(inStr); + int selectedCipherSuite = TlsUtilities.ReadUint16(inStr); if (!ArrayContains(offeredCipherSuites, selectedCipherSuite) || selectedCipherSuite == CipherSuite.TLS_EMPTY_RENEGOTIATION_INFO_SCSV) { @@ -362,7 +362,7 @@ namespace Org.BouncyCastle.Crypto.Tls * containing no extensions. */ - // ExtensionType -> byte[] + // Int32 -> byte[] IDictionary serverExtensions = Platform.CreateHashtable(); if (inStr.Position < inStr.Length) @@ -373,7 +373,7 @@ namespace Org.BouncyCastle.Crypto.Tls MemoryStream ext = new MemoryStream(extBytes, false); while (ext.Position < ext.Length) { - ExtensionType extType = (ExtensionType)TlsUtilities.ReadUint16(ext); + int extType = TlsUtilities.ReadUint16(ext); byte[] extValue = TlsUtilities.ReadOpaque16(ext); // Note: RFC 5746 makes a special case for EXT_RenegotiationInfo @@ -835,7 +835,7 @@ namespace Org.BouncyCastle.Crypto.Tls this.offeredCipherSuites = this.tlsClient.GetCipherSuites(); - // ExtensionType -> byte[] + // Int32 -> byte[] this.clientExtensions = this.tlsClient.GetClientExtensions(); // Cipher Suites (and SCSV) @@ -888,7 +888,7 @@ namespace Org.BouncyCastle.Crypto.Tls { MemoryStream ext = new MemoryStream(); - foreach (ExtensionType extType in clientExtensions.Keys) + foreach (int extType in clientExtensions.Keys) { WriteExtension(ext, extType, (byte[])clientExtensions[extType]); } @@ -989,7 +989,7 @@ namespace Org.BouncyCastle.Crypto.Tls } } - private void SafeWriteMessage(ContentType type, byte[] buf, int offset, int len) + private void SafeWriteMessage(byte type, byte[] buf, int offset, int len) { try { @@ -1186,7 +1186,7 @@ namespace Org.BouncyCastle.Crypto.Tls get { return closed; } } - private static bool ArrayContains(CipherSuite[] a, CipherSuite n) + private static bool ArrayContains(byte[] a, byte n) { for (int i = 0; i < a.Length; ++i) { @@ -1196,7 +1196,7 @@ namespace Org.BouncyCastle.Crypto.Tls return false; } - private static bool ArrayContains(byte[] a, byte n) + private static bool ArrayContains(int[] a, int n) { for (int i = 0; i < a.Length; ++i) { @@ -1213,9 +1213,9 @@ namespace Org.BouncyCastle.Crypto.Tls return buf.ToArray(); } - private static void WriteExtension(Stream output, ExtensionType extType, byte[] extValue) + private static void WriteExtension(Stream output, int extType, byte[] extValue) { - TlsUtilities.WriteUint16((int)extType, output); + TlsUtilities.WriteUint16(extType, output); TlsUtilities.WriteOpaque16(extValue, output); } } diff --git a/crypto/src/crypto/tls/TlsPskKeyExchange.cs b/crypto/src/crypto/tls/TlsPskKeyExchange.cs index b1f14e156..9961fc9d1 100644 --- a/crypto/src/crypto/tls/TlsPskKeyExchange.cs +++ b/crypto/src/crypto/tls/TlsPskKeyExchange.cs @@ -12,7 +12,7 @@ namespace Org.BouncyCastle.Crypto.Tls : TlsKeyExchange { protected TlsClientContext context; - protected KeyExchangeAlgorithm keyExchange; + protected int keyExchange; protected TlsPskIdentity pskIdentity; protected byte[] psk_identity_hint = null; @@ -24,7 +24,7 @@ namespace Org.BouncyCastle.Crypto.Tls protected RsaKeyParameters rsaServerPublicKey = null; protected byte[] premasterSecret; - internal TlsPskKeyExchange(TlsClientContext context, KeyExchangeAlgorithm keyExchange, + internal TlsPskKeyExchange(TlsClientContext context, int keyExchange, TlsPskIdentity pskIdentity) { switch (keyExchange) diff --git a/crypto/src/crypto/tls/TlsSrpKeyExchange.cs b/crypto/src/crypto/tls/TlsSrpKeyExchange.cs index 8040f8e6c..950be87ba 100644 --- a/crypto/src/crypto/tls/TlsSrpKeyExchange.cs +++ b/crypto/src/crypto/tls/TlsSrpKeyExchange.cs @@ -22,7 +22,7 @@ namespace Org.BouncyCastle.Crypto.Tls : TlsKeyExchange { protected TlsClientContext context; - protected KeyExchangeAlgorithm keyExchange; + protected int keyExchange; protected TlsSigner tlsSigner; protected byte[] identity; protected byte[] password; @@ -33,7 +33,7 @@ namespace Org.BouncyCastle.Crypto.Tls protected BigInteger B = null; protected Srp6Client srpClient = new Srp6Client(); - internal TlsSrpKeyExchange(TlsClientContext context, KeyExchangeAlgorithm keyExchange, + internal TlsSrpKeyExchange(TlsClientContext context, int keyExchange, byte[] identity, byte[] password) { switch (keyExchange) diff --git a/crypto/src/crypto/tls/TlsStreamCipher.cs b/crypto/src/crypto/tls/TlsStreamCipher.cs index 65d6054ff..35f794d96 100644 --- a/crypto/src/crypto/tls/TlsStreamCipher.cs +++ b/crypto/src/crypto/tls/TlsStreamCipher.cs @@ -18,40 +18,40 @@ namespace Org.BouncyCastle.Crypto.Tls protected TlsMac readMac; public TlsStreamCipher(TlsClientContext context, IStreamCipher encryptCipher, - IStreamCipher decryptCipher, IDigest writeDigest, IDigest readDigest, int cipherKeySize) - { - this.context = context; - this.encryptCipher = encryptCipher; - this.decryptCipher = decryptCipher; + IStreamCipher decryptCipher, IDigest writeDigest, IDigest readDigest, int cipherKeySize) + { + this.context = context; + this.encryptCipher = encryptCipher; + this.decryptCipher = decryptCipher; int prfSize = (2 * cipherKeySize) + writeDigest.GetDigestSize() + readDigest.GetDigestSize(); - SecurityParameters securityParameters = context.SecurityParameters; + SecurityParameters securityParameters = context.SecurityParameters; - byte[] keyBlock = TlsUtilities.PRF(securityParameters.masterSecret, "key expansion", - TlsUtilities.Concat(securityParameters.serverRandom, securityParameters.clientRandom), - prfSize); + byte[] keyBlock = TlsUtilities.PRF(securityParameters.masterSecret, "key expansion", + TlsUtilities.Concat(securityParameters.serverRandom, securityParameters.clientRandom), + prfSize); - int offset = 0; + int offset = 0; - // Init MACs - writeMac = CreateTlsMac(writeDigest, keyBlock, ref offset); - readMac = CreateTlsMac(readDigest, keyBlock, ref offset); + // Init MACs + writeMac = CreateTlsMac(writeDigest, keyBlock, ref offset); + readMac = CreateTlsMac(readDigest, keyBlock, ref offset); - // Build keys - KeyParameter encryptKey = CreateKeyParameter(keyBlock, ref offset, cipherKeySize); - KeyParameter decryptKey = CreateKeyParameter(keyBlock, ref offset, cipherKeySize); + // Build keys + KeyParameter encryptKey = CreateKeyParameter(keyBlock, ref offset, cipherKeySize); + KeyParameter decryptKey = CreateKeyParameter(keyBlock, ref offset, cipherKeySize); - if (offset != prfSize) + if (offset != prfSize) throw new TlsFatalAlert(AlertDescription.internal_error); // Init Ciphers encryptCipher.Init(true, encryptKey); decryptCipher.Init(false, decryptKey); - } + } - public byte[] EncodePlaintext(ContentType type, byte[] plaintext, int offset, int len) + public byte[] EncodePlaintext(byte type, byte[] plaintext, int offset, int len) { byte[] mac = writeMac.CalculateMac(type, plaintext, offset, len); int size = len + mac.Length; @@ -64,7 +64,7 @@ namespace Org.BouncyCastle.Crypto.Tls return outbuf; } - public byte[] DecodeCiphertext(ContentType type, byte[] ciphertext, int offset, int len) + public byte[] DecodeCiphertext(byte type, byte[] ciphertext, int offset, int len) { byte[] deciphered = new byte[len]; decryptCipher.ProcessBytes(ciphertext, offset, len, deciphered, 0); |