diff options
Diffstat (limited to 'Crypto/src/crypto/tls/TlsRsaUtilities.cs')
| -rw-r--r-- | Crypto/src/crypto/tls/TlsRsaUtilities.cs | 42 |
1 files changed, 42 insertions, 0 deletions
diff --git a/Crypto/src/crypto/tls/TlsRsaUtilities.cs b/Crypto/src/crypto/tls/TlsRsaUtilities.cs new file mode 100644 index 000000000..4450ba452 --- /dev/null +++ b/Crypto/src/crypto/tls/TlsRsaUtilities.cs @@ -0,0 +1,42 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Crypto.Encodings; +using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Crypto.Engines; +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public abstract class TlsRsaUtilities + { + public static byte[] GenerateEncryptedPreMasterSecret(SecureRandom random, + RsaKeyParameters rsaServerPublicKey, Stream output) + { + /* + * Choose a PremasterSecret and send it encrypted to the server + */ + byte[] premasterSecret = new byte[48]; + random.NextBytes(premasterSecret); + TlsUtilities.WriteVersion(premasterSecret, 0); + + Pkcs1Encoding encoding = new Pkcs1Encoding(new RsaBlindedEngine()); + encoding.Init(true, new ParametersWithRandom(rsaServerPublicKey, random)); + + try + { + byte[] keData = encoding.ProcessBlock(premasterSecret, 0, premasterSecret.Length); + TlsUtilities.WriteOpaque16(keData, output); + } + catch (InvalidCipherTextException) + { + /* + * This should never happen, only during decryption. + */ + throw new TlsFatalAlert(AlertDescription.internal_error); + } + + return premasterSecret; + } + } +} |