diff options
| -rw-r--r-- | crypto/src/tls/TlsDheKeyExchange.cs | 4 | ||||
| -rw-r--r-- | crypto/src/tls/TlsECDheKeyExchange.cs | 4 | ||||
| -rw-r--r-- | crypto/src/tls/TlsSrpKeyExchange.cs | 5 | ||||
| -rw-r--r-- | crypto/src/tls/TlsUtilities.cs | 64 |
4 files changed, 57 insertions, 20 deletions
diff --git a/crypto/src/tls/TlsDheKeyExchange.cs b/crypto/src/tls/TlsDheKeyExchange.cs index dd41b1260..74b919c9d 100644 --- a/crypto/src/tls/TlsDheKeyExchange.cs +++ b/crypto/src/tls/TlsDheKeyExchange.cs @@ -77,7 +77,7 @@ namespace Org.BouncyCastle.Tls TlsUtilities.WriteOpaque16(y, digestBuffer); - TlsUtilities.GenerateServerKeyExchangeSignature(m_context, m_serverCredentials, digestBuffer); + TlsUtilities.GenerateServerKeyExchangeSignature(m_context, m_serverCredentials, null, digestBuffer); return digestBuffer.ToArray(); } @@ -91,7 +91,7 @@ namespace Org.BouncyCastle.Tls byte[] y = TlsUtilities.ReadOpaque16(teeIn, 1); - TlsUtilities.VerifyServerKeyExchangeSignature(m_context, input, m_serverCertificate, digestBuffer); + TlsUtilities.VerifyServerKeyExchangeSignature(m_context, input, m_serverCertificate, null, digestBuffer); this.m_agreement = m_context.Crypto.CreateDHDomain(m_dhConfig).CreateDH(); diff --git a/crypto/src/tls/TlsECDheKeyExchange.cs b/crypto/src/tls/TlsECDheKeyExchange.cs index ab83036d9..10737750f 100644 --- a/crypto/src/tls/TlsECDheKeyExchange.cs +++ b/crypto/src/tls/TlsECDheKeyExchange.cs @@ -69,7 +69,7 @@ namespace Org.BouncyCastle.Tls GenerateEphemeral(digestBuffer); - TlsUtilities.GenerateServerKeyExchangeSignature(m_context, m_serverCredentials, digestBuffer); + TlsUtilities.GenerateServerKeyExchangeSignature(m_context, m_serverCredentials, null, digestBuffer); return digestBuffer.ToArray(); } @@ -83,7 +83,7 @@ namespace Org.BouncyCastle.Tls byte[] point = TlsUtilities.ReadOpaque8(teeIn, 1); - TlsUtilities.VerifyServerKeyExchangeSignature(m_context, input, m_serverCertificate, digestBuffer); + TlsUtilities.VerifyServerKeyExchangeSignature(m_context, input, m_serverCertificate, null, digestBuffer); this.m_agreement = m_context.Crypto.CreateECDomain(m_ecConfig).CreateECDH(); diff --git a/crypto/src/tls/TlsSrpKeyExchange.cs b/crypto/src/tls/TlsSrpKeyExchange.cs index 835523e36..b4b35ae47 100644 --- a/crypto/src/tls/TlsSrpKeyExchange.cs +++ b/crypto/src/tls/TlsSrpKeyExchange.cs @@ -94,7 +94,7 @@ namespace Org.BouncyCastle.Tls if (m_serverCredentials != null) { - TlsUtilities.GenerateServerKeyExchangeSignature(m_context, m_serverCredentials, digestBuffer); + TlsUtilities.GenerateServerKeyExchangeSignature(m_context, m_serverCredentials, null, digestBuffer); } return digestBuffer.ToArray(); @@ -115,7 +115,8 @@ namespace Org.BouncyCastle.Tls if (digestBuffer != null) { - TlsUtilities.VerifyServerKeyExchangeSignature(m_context, input, m_serverCertificate, digestBuffer); + TlsUtilities.VerifyServerKeyExchangeSignature(m_context, input, m_serverCertificate, null, + digestBuffer); } TlsSrpConfig config = new TlsSrpConfig(); diff --git a/crypto/src/tls/TlsUtilities.cs b/crypto/src/tls/TlsUtilities.cs index e7555ba9f..98d834b6d 100644 --- a/crypto/src/tls/TlsUtilities.cs +++ b/crypto/src/tls/TlsUtilities.cs @@ -594,7 +594,20 @@ namespace Org.BouncyCastle.Tls public static byte[] EncodeOpaque16(byte[] buf) { - return Arrays.Concatenate(EncodeUint16(buf.Length), buf); + CheckUint16(buf.Length); + byte[] r = new byte[2 + buf.Length]; + WriteUint16(buf.Length, r, 0); + Array.Copy(buf, 0, r, 2, buf.Length); + return r; + } + + public static byte[] EncodeOpaque24(byte[] buf) + { + CheckUint24(buf.Length); + byte[] r = new byte[3 + buf.Length]; + WriteUint24(buf.Length, r, 0); + Array.Copy(buf, 0, r, 3, buf.Length); + return r; } public static byte[] EncodeUint8(short u8) @@ -630,6 +643,15 @@ namespace Org.BouncyCastle.Tls return result; } + public static byte[] EncodeUint24(int u24) + { + CheckUint24(u24); + + byte[] encoding = new byte[3]; + WriteUint24(u24, encoding, 0); + return encoding; + } + public static byte[] EncodeUint32(long u32) { CheckUint32(u32); @@ -1953,7 +1975,7 @@ namespace Org.BouncyCastle.Tls } internal static byte[] CalculateSignatureHash(TlsContext context, SignatureAndHashAlgorithm algorithm, - DigestInputBuffer buf) + byte[] extraSignatureInput, DigestInputBuffer buf) { TlsCrypto crypto = context.Crypto; @@ -1962,21 +1984,35 @@ namespace Org.BouncyCastle.Tls : CreateHash(crypto, algorithm.Hash); SecurityParameters sp = context.SecurityParameters; - byte[] cr = sp.ClientRandom, sr = sp.ServerRandom; - h.Update(cr, 0, cr.Length); - h.Update(sr, 0, sr.Length); + // NOTE: The implicit copy here is intended (and important) + byte[] randoms = Arrays.Concatenate(sp.ClientRandom, sp.ServerRandom); + h.Update(randoms, 0, randoms.Length); + + if (null != extraSignatureInput) + { + h.Update(extraSignatureInput, 0, extraSignatureInput.Length); + } + buf.UpdateDigest(h); return h.CalculateHash(); } - internal static void SendSignatureInput(TlsContext context, DigestInputBuffer buf, Stream output) + internal static void SendSignatureInput(TlsContext context, byte[] extraSignatureInput, DigestInputBuffer buf, + Stream output) { - SecurityParameters securityParameters = context.SecurityParameters; + SecurityParameters sp = context.SecurityParameters; // NOTE: The implicit copy here is intended (and important) - byte[] randoms = Arrays.Concatenate(securityParameters.ClientRandom, securityParameters.ServerRandom); + byte[] randoms = Arrays.Concatenate(sp.ClientRandom, sp.ServerRandom); output.Write(randoms, 0, randoms.Length); + + if (null != extraSignatureInput) + { + output.Write(extraSignatureInput, 0, extraSignatureInput.Length); + } + buf.CopyTo(output); + Platform.Dispose(output); } @@ -2261,7 +2297,7 @@ namespace Org.BouncyCastle.Tls /// <exception cref="IOException"/> internal static void GenerateServerKeyExchangeSignature(TlsContext context, TlsCredentialedSigner credentials, - DigestInputBuffer digestBuffer) + byte[] extraSignatureInput, DigestInputBuffer digestBuffer) { /* * RFC 5246 4.7. digitally-signed element needs SignatureAndHashAlgorithm from TLS 1.2 @@ -2272,12 +2308,12 @@ namespace Org.BouncyCastle.Tls byte[] signature; if (streamSigner != null) { - SendSignatureInput(context, digestBuffer, streamSigner.GetOutputStream()); + SendSignatureInput(context, extraSignatureInput, digestBuffer, streamSigner.GetOutputStream()); signature = streamSigner.GetSignature(); } else { - byte[] hash = CalculateSignatureHash(context, algorithm, digestBuffer); + byte[] hash = CalculateSignatureHash(context, algorithm, extraSignatureInput, digestBuffer); signature = credentials.GenerateRawSignature(hash); } @@ -2288,7 +2324,7 @@ namespace Org.BouncyCastle.Tls /// <exception cref="IOException"/> internal static void VerifyServerKeyExchangeSignature(TlsContext context, Stream signatureInput, - TlsCertificate serverCertificate, DigestInputBuffer digestBuffer) + TlsCertificate serverCertificate, byte[] extraSignatureInput, DigestInputBuffer digestBuffer) { DigitallySigned digitallySigned = DigitallySigned.Parse(context, signatureInput); @@ -2318,12 +2354,12 @@ namespace Org.BouncyCastle.Tls bool verified; if (streamVerifier != null) { - SendSignatureInput(context, digestBuffer, streamVerifier.GetOutputStream()); + SendSignatureInput(context, null, digestBuffer, streamVerifier.GetOutputStream()); verified = streamVerifier.IsVerified(); } else { - byte[] hash = CalculateSignatureHash(context, sigAndHashAlg, digestBuffer); + byte[] hash = CalculateSignatureHash(context, sigAndHashAlg, null, digestBuffer); verified = verifier.VerifyRawSignature(digitallySigned, hash); } |