diff options
Diffstat (limited to 'crypto/src/tls/AbstractTlsClient.cs')
| -rw-r--r-- | crypto/src/tls/AbstractTlsClient.cs | 74 |
1 files changed, 38 insertions, 36 deletions
diff --git a/crypto/src/tls/AbstractTlsClient.cs b/crypto/src/tls/AbstractTlsClient.cs index d5e1925a8..cf4e1d565 100644 --- a/crypto/src/tls/AbstractTlsClient.cs +++ b/crypto/src/tls/AbstractTlsClient.cs @@ -1,7 +1,8 @@ using System; -using System.Collections; +using System.Collections.Generic; using System.IO; +using Org.BouncyCastle.Asn1.X509; using Org.BouncyCastle.Tls.Crypto; using Org.BouncyCastle.Utilities; @@ -15,9 +16,9 @@ namespace Org.BouncyCastle.Tls protected ProtocolVersion[] m_protocolVersions; protected int[] m_cipherSuites; - protected IList m_supportedGroups; - protected IList m_supportedSignatureAlgorithms; - protected IList m_supportedSignatureAlgorithmsCert; + protected IList<int> m_supportedGroups; + protected IList<SignatureAndHashAlgorithm> m_supportedSignatureAlgorithms; + protected IList<SignatureAndHashAlgorithm> m_supportedSignatureAlgorithmsCert; protected AbstractTlsClient(TlsCrypto crypto) : base(crypto) @@ -52,14 +53,14 @@ namespace Org.BouncyCastle.Tls } } - protected virtual IList GetNamedGroupRoles() + protected virtual IList<int> GetNamedGroupRoles() { - IList namedGroupRoles = TlsUtilities.GetNamedGroupRoles(GetCipherSuites()); - IList sigAlgs = m_supportedSignatureAlgorithms, sigAlgsCert = m_supportedSignatureAlgorithmsCert; + var namedGroupRoles = TlsUtilities.GetNamedGroupRoles(GetCipherSuites()); + var sigAlgs = m_supportedSignatureAlgorithms; + var sigAlgsCert = m_supportedSignatureAlgorithmsCert; - if ((null == sigAlgs || TlsUtilities.ContainsAnySignatureAlgorithm(sigAlgs, SignatureAlgorithm.ecdsa)) - || (null != sigAlgsCert - && TlsUtilities.ContainsAnySignatureAlgorithm(sigAlgsCert, SignatureAlgorithm.ecdsa))) + if ((null == sigAlgs || TlsUtilities.ContainsAnySignatureAlgorithm(sigAlgs, SignatureAlgorithm.ecdsa)) || + (null != sigAlgsCert && TlsUtilities.ContainsAnySignatureAlgorithm(sigAlgsCert, SignatureAlgorithm.ecdsa))) { TlsUtilities.AddToSet(namedGroupRoles, NamedGroupRole.ecdsa); } @@ -68,7 +69,8 @@ namespace Org.BouncyCastle.Tls } /// <exception cref="IOException"/> - protected virtual void CheckForUnexpectedServerExtension(IDictionary serverExtensions, int extensionType) + protected virtual void CheckForUnexpectedServerExtension(IDictionary<int, byte[]> serverExtensions, + int extensionType) { byte[] extensionData = TlsUtilities.GetExtensionData(serverExtensions, extensionType); if (extensionData != null && !AllowUnexpectedServerExtension(extensionType, extensionData)) @@ -97,12 +99,12 @@ namespace Org.BouncyCastle.Tls return new DefaultTlsSrpConfigVerifier(); } - protected virtual IList GetCertificateAuthorities() + protected virtual IList<X509Name> GetCertificateAuthorities() { return null; } - protected virtual IList GetProtocolNames() + protected virtual IList<ProtocolName> GetProtocolNames() { return null; } @@ -113,12 +115,12 @@ namespace Org.BouncyCastle.Tls } /// <returns>an <see cref="IList"/> of <see cref="CertificateStatusRequestItemV2"/> (or null).</returns> - protected virtual IList GetMultiCertStatusRequest() + protected virtual IList<CertificateStatusRequestItemV2> GetMultiCertStatusRequest() { return null; } - protected virtual IList GetSniServerNames() + protected virtual IList<ServerName> GetSniServerNames() { return null; } @@ -130,10 +132,10 @@ namespace Org.BouncyCastle.Tls /// algorithms.</param> /// <returns>an <see cref="IList"/> of <see cref="Int32"/>. See <see cref="NamedGroup"/> for group constants. /// </returns> - protected virtual IList GetSupportedGroups(IList namedGroupRoles) + protected virtual IList<int> GetSupportedGroups(IList<int> namedGroupRoles) { TlsCrypto crypto = Crypto; - IList supportedGroups = Platform.CreateArrayList(); + var supportedGroups = new List<int>(); if (namedGroupRoles.Contains(NamedGroupRole.ecdh)) { @@ -157,17 +159,17 @@ namespace Org.BouncyCastle.Tls return supportedGroups; } - protected virtual IList GetSupportedSignatureAlgorithms() + protected virtual IList<SignatureAndHashAlgorithm> GetSupportedSignatureAlgorithms() { return TlsUtilities.GetDefaultSupportedSignatureAlgorithms(m_context); } - protected virtual IList GetSupportedSignatureAlgorithmsCert() + protected virtual IList<SignatureAndHashAlgorithm> GetSupportedSignatureAlgorithmsCert() { return null; } - protected virtual IList GetTrustedCAIndication() + protected virtual IList<TrustedAuthority> GetTrustedCAIndication() { return null; } @@ -205,7 +207,7 @@ namespace Org.BouncyCastle.Tls return null; } - public virtual IList GetExternalPsks() + public virtual IList<TlsPskExternal> GetExternalPsks() { return null; } @@ -221,9 +223,9 @@ namespace Org.BouncyCastle.Tls } /// <exception cref="IOException"/> - public virtual IDictionary GetClientExtensions() + public virtual IDictionary<int, byte[]> GetClientExtensions() { - IDictionary clientExtensions = Platform.CreateHashtable(); + var clientExtensions = new Dictionary<int, byte[]>(); bool offeringTlsV13Plus = false; bool offeringPreTlsV13 = false; @@ -242,13 +244,13 @@ namespace Org.BouncyCastle.Tls } } - IList protocolNames = GetProtocolNames(); + var protocolNames = GetProtocolNames(); if (protocolNames != null) { TlsExtensionsUtilities.AddAlpnExtensionClient(clientExtensions, protocolNames); } - IList sniServerNames = GetSniServerNames(); + var sniServerNames = GetSniServerNames(); if (sniServerNames != null) { TlsExtensionsUtilities.AddServerNameExtensionClient(clientExtensions, sniServerNames); @@ -262,7 +264,7 @@ namespace Org.BouncyCastle.Tls if (offeringTlsV13Plus) { - IList certificateAuthorities = GetCertificateAuthorities(); + var certificateAuthorities = GetCertificateAuthorities(); if (certificateAuthorities != null) { TlsExtensionsUtilities.AddCertificateAuthoritiesExtension(clientExtensions, certificateAuthorities); @@ -274,13 +276,13 @@ namespace Org.BouncyCastle.Tls // TODO Shouldn't add if no offered cipher suite uses a block cipher? TlsExtensionsUtilities.AddEncryptThenMacExtension(clientExtensions); - IList statusRequestV2 = GetMultiCertStatusRequest(); + var statusRequestV2 = GetMultiCertStatusRequest(); if (statusRequestV2 != null) { TlsExtensionsUtilities.AddStatusRequestV2Extension(clientExtensions, statusRequestV2); } - IList trustedCAKeys = GetTrustedCAIndication(); + var trustedCAKeys = GetTrustedCAIndication(); if (trustedCAKeys != null) { TlsExtensionsUtilities.AddTrustedCAKeysExtensionClient(clientExtensions, trustedCAKeys); @@ -295,7 +297,7 @@ namespace Org.BouncyCastle.Tls */ if (TlsUtilities.IsSignatureAlgorithmsExtensionAllowed(clientVersion)) { - IList supportedSigAlgs = GetSupportedSignatureAlgorithms(); + var supportedSigAlgs = GetSupportedSignatureAlgorithms(); if (null != supportedSigAlgs && supportedSigAlgs.Count > 0) { this.m_supportedSignatureAlgorithms = supportedSigAlgs; @@ -303,7 +305,7 @@ namespace Org.BouncyCastle.Tls TlsExtensionsUtilities.AddSignatureAlgorithmsExtension(clientExtensions, supportedSigAlgs); } - IList supportedSigAlgsCert = GetSupportedSignatureAlgorithmsCert(); + var supportedSigAlgsCert = GetSupportedSignatureAlgorithmsCert(); if (null != supportedSigAlgsCert && supportedSigAlgsCert.Count > 0) { this.m_supportedSignatureAlgorithmsCert = supportedSigAlgsCert; @@ -312,9 +314,9 @@ namespace Org.BouncyCastle.Tls } } - IList namedGroupRoles = GetNamedGroupRoles(); + var namedGroupRoles = GetNamedGroupRoles(); - IList supportedGroups = GetSupportedGroups(namedGroupRoles); + var supportedGroups = GetSupportedGroups(namedGroupRoles); if (supportedGroups != null && supportedGroups.Count > 0) { this.m_supportedGroups = supportedGroups; @@ -335,7 +337,7 @@ namespace Org.BouncyCastle.Tls return clientExtensions; } - public virtual IList GetEarlyKeyShareGroups() + public virtual IList<int> GetEarlyKeyShareGroups() { /* * RFC 8446 4.2.8. Each KeyShareEntry value MUST correspond to a group offered in the @@ -379,7 +381,7 @@ namespace Org.BouncyCastle.Tls } /// <exception cref="IOException"/> - public virtual void ProcessServerExtensions(IDictionary serverExtensions) + public virtual void ProcessServerExtensions(IDictionary<int, byte[]> serverExtensions) { if (null == serverExtensions) return; @@ -423,7 +425,7 @@ namespace Org.BouncyCastle.Tls } /// <exception cref="IOException"/> - public virtual void ProcessServerSupplementalData(IList serverSupplementalData) + public virtual void ProcessServerSupplementalData(IList<SupplementalDataEntry> serverSupplementalData) { if (serverSupplementalData != null) throw new TlsFatalAlert(AlertDescription.unexpected_message); @@ -432,7 +434,7 @@ namespace Org.BouncyCastle.Tls public abstract TlsAuthentication GetAuthentication(); /// <exception cref="IOException"/> - public virtual IList GetClientSupplementalData() + public virtual IList<SupplementalDataEntry> GetClientSupplementalData() { return null; } |