diff options
Diffstat (limited to 'crypto/src/tls/SessionParameters.cs')
-rw-r--r-- | crypto/src/tls/SessionParameters.cs | 195 |
1 files changed, 195 insertions, 0 deletions
diff --git a/crypto/src/tls/SessionParameters.cs b/crypto/src/tls/SessionParameters.cs new file mode 100644 index 000000000..9a62e351c --- /dev/null +++ b/crypto/src/tls/SessionParameters.cs @@ -0,0 +1,195 @@ +using System; +using System.Collections; +using System.IO; + +using Org.BouncyCastle.Tls.Crypto; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Tls +{ + public sealed class SessionParameters + { + public sealed class Builder + { + private int m_cipherSuite = -1; + private Certificate m_localCertificate = null; + private TlsSecret m_masterSecret = null; + private ProtocolVersion m_negotiatedVersion; + private Certificate m_peerCertificate = null; + private byte[] m_pskIdentity = null; + private byte[] m_srpIdentity = null; + private byte[] m_encodedServerExtensions = null; + private bool m_extendedMasterSecret = false; + + public Builder() + { + } + + public SessionParameters Build() + { + Validate(m_cipherSuite >= 0, "cipherSuite"); + Validate(m_masterSecret != null, "masterSecret"); + return new SessionParameters(m_cipherSuite, m_localCertificate, m_masterSecret, m_negotiatedVersion, + m_peerCertificate, m_pskIdentity, m_srpIdentity, m_encodedServerExtensions, m_extendedMasterSecret); + } + + public Builder SetCipherSuite(int cipherSuite) + { + this.m_cipherSuite = cipherSuite; + return this; + } + + public Builder SetExtendedMasterSecret(bool extendedMasterSecret) + { + this.m_extendedMasterSecret = extendedMasterSecret; + return this; + } + + public Builder SetLocalCertificate(Certificate localCertificate) + { + this.m_localCertificate = localCertificate; + return this; + } + + public Builder SetMasterSecret(TlsSecret masterSecret) + { + this.m_masterSecret = masterSecret; + return this; + } + + public Builder SetNegotiatedVersion(ProtocolVersion negotiatedVersion) + { + this.m_negotiatedVersion = negotiatedVersion; + return this; + } + + public Builder SetPeerCertificate(Certificate peerCertificate) + { + this.m_peerCertificate = peerCertificate; + return this; + } + + public Builder SetPskIdentity(byte[] pskIdentity) + { + this.m_pskIdentity = pskIdentity; + return this; + } + + public Builder SetSrpIdentity(byte[] srpIdentity) + { + this.m_srpIdentity = srpIdentity; + return this; + } + + /// <exception cref="IOException"/> + public Builder SetServerExtensions(IDictionary serverExtensions) + { + if (serverExtensions == null || serverExtensions.Count < 1) + { + this.m_encodedServerExtensions = null; + } + else + { + MemoryStream buf = new MemoryStream(); + TlsProtocol.WriteExtensions(buf, serverExtensions); + this.m_encodedServerExtensions = buf.ToArray(); + } + return this; + } + + private void Validate(bool condition, string parameter) + { + if (!condition) + throw new InvalidOperationException("Required session parameter '" + parameter + "' not configured"); + } + } + + private readonly int m_cipherSuite; + private readonly Certificate m_localCertificate; + private readonly TlsSecret m_masterSecret; + private readonly ProtocolVersion m_negotiatedVersion; + private readonly Certificate m_peerCertificate; + private readonly byte[] m_pskIdentity; + private readonly byte[] m_srpIdentity; + private readonly byte[] m_encodedServerExtensions; + private readonly bool m_extendedMasterSecret; + + private SessionParameters(int cipherSuite, Certificate localCertificate, TlsSecret masterSecret, + ProtocolVersion negotiatedVersion, Certificate peerCertificate, byte[] pskIdentity, byte[] srpIdentity, + byte[] encodedServerExtensions, bool extendedMasterSecret) + { + this.m_cipherSuite = cipherSuite; + this.m_localCertificate = localCertificate; + this.m_masterSecret = masterSecret; + this.m_negotiatedVersion = negotiatedVersion; + this.m_peerCertificate = peerCertificate; + this.m_pskIdentity = Arrays.Clone(pskIdentity); + this.m_srpIdentity = Arrays.Clone(srpIdentity); + this.m_encodedServerExtensions = encodedServerExtensions; + this.m_extendedMasterSecret = extendedMasterSecret; + } + + public int CipherSuite + { + get { return m_cipherSuite; } + } + + public void Clear() + { + if (m_masterSecret != null) + { + m_masterSecret.Destroy(); + } + } + + public SessionParameters Copy() + { + return new SessionParameters(m_cipherSuite, m_localCertificate, m_masterSecret, m_negotiatedVersion, + m_peerCertificate, m_pskIdentity, m_srpIdentity, m_encodedServerExtensions, m_extendedMasterSecret); + } + + public bool IsExtendedMasterSecret + { + get { return m_extendedMasterSecret; } + } + + public Certificate LocalCertificate + { + get { return m_localCertificate; } + } + + public TlsSecret MasterSecret + { + get { return m_masterSecret; } + } + + public ProtocolVersion NegotiatedVersion + { + get { return m_negotiatedVersion; } + } + + public Certificate PeerCertificate + { + get { return m_peerCertificate; } + } + + public byte[] PskIdentity + { + get { return m_pskIdentity; } + } + + /// <exception cref="IOException"/> + public IDictionary ReadServerExtensions() + { + if (m_encodedServerExtensions == null) + return null; + + return TlsProtocol.ReadExtensions(new MemoryStream(m_encodedServerExtensions, false)); + } + + public byte[] SrpIdentity + { + get { return m_srpIdentity; } + } + } +} |