diff options
Diffstat (limited to 'crypto')
26 files changed, 479 insertions, 45 deletions
diff --git a/crypto/crypto.csproj b/crypto/crypto.csproj index 267b8e010..5a9d37797 100644 --- a/crypto/crypto.csproj +++ b/crypto/crypto.csproj @@ -4269,26 +4269,56 @@ BuildAction = "Compile" /> <File + RelPath = "src\crypto\tls\BulkCipherAlgorithm.cs" + SubType = "Code" + BuildAction = "Compile" + /> + <File RelPath = "src\crypto\tls\ByteQueue.cs" SubType = "Code" BuildAction = "Compile" /> <File + RelPath = "src\crypto\tls\CertChainType.cs" + SubType = "Code" + BuildAction = "Compile" + /> + <File RelPath = "src\crypto\tls\Certificate.cs" SubType = "Code" BuildAction = "Compile" /> <File + RelPath = "src\crypto\tls\CertificateStatusType.cs" + SubType = "Code" + BuildAction = "Compile" + /> + <File RelPath = "src\crypto\tls\CertificateRequest.cs" SubType = "Code" BuildAction = "Compile" /> <File + RelPath = "src\crypto\tls\ChangeCipherSpec.cs" + SubType = "Code" + BuildAction = "Compile" + /> + <File RelPath = "src\crypto\tls\CipherSuite.cs" SubType = "Code" BuildAction = "Compile" /> <File + RelPath = "src\crypto\tls\CipherType.cs" + SubType = "Code" + BuildAction = "Compile" + /> + <File + RelPath = "src\crypto\tls\ClientAuthenticationType.cs" + SubType = "Code" + BuildAction = "Compile" + /> + <File RelPath = "src\crypto\tls\ClientCertificateType.cs" SubType = "Code" BuildAction = "Compile" @@ -4304,6 +4334,11 @@ BuildAction = "Compile" /> <File + RelPath = "src\crypto\tls\ConnectionEnd.cs" + SubType = "Code" + BuildAction = "Compile" + /> + <File RelPath = "src\crypto\tls\ContentType.cs" SubType = "Code" BuildAction = "Compile" @@ -4334,6 +4369,16 @@ BuildAction = "Compile" /> <File + RelPath = "src\crypto\tls\DigestInputBuffer.cs" + SubType = "Code" + BuildAction = "Compile" + /> + <File + RelPath = "src\crypto\tls\ECBasisType.cs" + SubType = "Code" + BuildAction = "Compile" + /> + <File RelPath = "src\crypto\tls\ECCurveType.cs" SubType = "Code" BuildAction = "Compile" @@ -4369,6 +4414,16 @@ BuildAction = "Compile" /> <File + RelPath = "src\crypto\tls\HeartbeatMessageType.cs" + SubType = "Code" + BuildAction = "Compile" + /> + <File + RelPath = "src\crypto\tls\HeartbeatMode.cs" + SubType = "Code" + BuildAction = "Compile" + /> + <File RelPath = "src\crypto\tls\ICertificateVerifyer.cs" SubType = "Code" BuildAction = "Compile" @@ -4389,11 +4444,26 @@ BuildAction = "Compile" /> <File + RelPath = "src\crypto\tls\MacAlgorithm.cs" + SubType = "Code" + BuildAction = "Compile" + /> + <File + RelPath = "src\crypto\tls\MaxFragmentLength.cs" + SubType = "Code" + BuildAction = "Compile" + /> + <File RelPath = "src\crypto\tls\NamedCurve.cs" SubType = "Code" BuildAction = "Compile" /> <File + RelPath = "src\crypto\tls\NameType.cs" + SubType = "Code" + BuildAction = "Compile" + /> + <File RelPath = "src\crypto\tls\PrfAlgorithm.cs" SubType = "Code" BuildAction = "Compile" @@ -4429,16 +4499,31 @@ BuildAction = "Compile" /> <File + RelPath = "src\crypto\tls\SignerInputBuffer.cs" + SubType = "Code" + BuildAction = "Compile" + /> + <File RelPath = "src\crypto\tls\SrpTlsClient.cs" SubType = "Code" BuildAction = "Compile" /> <File + RelPath = "src\crypto\tls\SrtpProtectionProfile.cs" + SubType = "Code" + BuildAction = "Compile" + /> + <File RelPath = "src\crypto\tls\Ssl3Mac.cs" SubType = "Code" BuildAction = "Compile" /> <File + RelPath = "src\crypto\tls\SupplementalDataType.cs" + SubType = "Code" + BuildAction = "Compile" + /> + <File RelPath = "src\crypto\tls\TlsAgreementCredentials.cs" SubType = "Code" BuildAction = "Compile" @@ -4624,6 +4709,11 @@ BuildAction = "Compile" /> <File + RelPath = "src\crypto\tls\UserMappingType.cs" + SubType = "Code" + BuildAction = "Compile" + /> + <File RelPath = "src\crypto\util\Pack.cs" SubType = "Code" BuildAction = "Compile" diff --git a/crypto/src/crypto/tls/BulkCipherAlgorithm.cs b/crypto/src/crypto/tls/BulkCipherAlgorithm.cs new file mode 100644 index 000000000..07ff8dc07 --- /dev/null +++ b/crypto/src/crypto/tls/BulkCipherAlgorithm.cs @@ -0,0 +1,25 @@ +using System; + +namespace Org.BouncyCastle.Crypto.Tls +{ + /// <summary>RFC 2246</summary> + /// <remarks> + /// Note that the values here are implementation-specific and arbitrary. It is recommended not to + /// depend on the particular values (e.g. serialization). + /// </remarks> + public abstract class BulkCipherAlgorithm + { + public const int cls_null = 0; + public const int rc4 = 1; + public const int rc2 = 2; + public const int des = 3; + public const int cls_3des = 4; + public const int des40 = 5; + + /* + * RFC 4346 + */ + public const int aes = 6; + public const int idea = 7; + } +} diff --git a/crypto/src/crypto/tls/CertChainType.cs b/crypto/src/crypto/tls/CertChainType.cs new file mode 100644 index 000000000..b526a79a7 --- /dev/null +++ b/crypto/src/crypto/tls/CertChainType.cs @@ -0,0 +1,18 @@ +using System; + +namespace Org.BouncyCastle.Crypto.Tls +{ + /* + * RFC 3546 3.3. + */ + public abstract class CertChainType + { + public const short individual_certs = 0; + public const short pkipath = 1; + + public static bool IsValid(short certChainType) + { + return certChainType >= individual_certs && certChainType <= pkipath; + } + } +} diff --git a/crypto/src/crypto/tls/CertificateStatusType.cs b/crypto/src/crypto/tls/CertificateStatusType.cs new file mode 100644 index 000000000..222d31635 --- /dev/null +++ b/crypto/src/crypto/tls/CertificateStatusType.cs @@ -0,0 +1,12 @@ +using System; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public abstract class CertificateStatusType + { + /* + * RFC 3546 3.6 + */ + public const short ocsp = 1; + } +} diff --git a/crypto/src/crypto/tls/ChangeCipherSpec.cs b/crypto/src/crypto/tls/ChangeCipherSpec.cs new file mode 100644 index 000000000..2ef4c3b34 --- /dev/null +++ b/crypto/src/crypto/tls/ChangeCipherSpec.cs @@ -0,0 +1,9 @@ +using System; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public abstract class ChangeCipherSpec + { + public const short change_cipher_spec = 1; + } +} diff --git a/crypto/src/crypto/tls/CipherType.cs b/crypto/src/crypto/tls/CipherType.cs new file mode 100644 index 000000000..b2ad7d8e1 --- /dev/null +++ b/crypto/src/crypto/tls/CipherType.cs @@ -0,0 +1,20 @@ +using System; + +namespace Org.BouncyCastle.Crypto.Tls +{ + /// <summary>RFC 2246</summary> + /// <remarks> + /// Note that the values here are implementation-specific and arbitrary. It is recommended not to + /// depend on the particular values (e.g. serialization). + /// </remarks> + public abstract class CipherType + { + public const int stream = 0; + public const int block = 1; + + /* + * RFC 5246 + */ + public const int aead = 2; + } +} diff --git a/crypto/src/crypto/tls/ClientAuthenticationType.cs b/crypto/src/crypto/tls/ClientAuthenticationType.cs new file mode 100644 index 000000000..51e6e5005 --- /dev/null +++ b/crypto/src/crypto/tls/ClientAuthenticationType.cs @@ -0,0 +1,14 @@ +using System; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public abstract class ClientAuthenticationType + { + /* + * RFC 5077 4 + */ + public const short anonymous = 0; + public const short certificate_based = 1; + public const short psk = 2; + } +} diff --git a/crypto/src/crypto/tls/ConnectionEnd.cs b/crypto/src/crypto/tls/ConnectionEnd.cs new file mode 100644 index 000000000..afc9460f2 --- /dev/null +++ b/crypto/src/crypto/tls/ConnectionEnd.cs @@ -0,0 +1,15 @@ +using System; + +namespace Org.BouncyCastle.Crypto.Tls +{ + /// <summary>RFC 2246</summary> + /// <remarks> + /// Note that the values here are implementation-specific and arbitrary. It is recommended not to + /// depend on the particular values (e.g. serialization). + /// </remarks> + public abstract class ConnectionEnd + { + public const int server = 0; + public const int client = 1; + } +} diff --git a/crypto/src/crypto/tls/DigestAlgorithm.cs b/crypto/src/crypto/tls/DigestAlgorithm.cs index cede6b7f8..745bea448 100644 --- a/crypto/src/crypto/tls/DigestAlgorithm.cs +++ b/crypto/src/crypto/tls/DigestAlgorithm.cs @@ -2,20 +2,23 @@ using System; namespace Org.BouncyCastle.Crypto.Tls { - public enum DigestAlgorithm - { - /* - * Note that the values here are implementation-specific and arbitrary. - * It is recommended not to depend on the particular values (e.g. serialization). - */ - NULL, - MD5, - SHA, + /// <summary>RFC 2246</summary> + /// <remarks> + /// Note that the values here are implementation-specific and arbitrary. It is recommended not to + /// depend on the particular values (e.g. serialization). + /// </remarks> + [Obsolete("Use MacAlgorithm constants instead")] + public enum DigestAlgorithm + { + NULL, + MD5, + SHA, - /* - * RFC 5289 - */ - SHA256, - SHA384, - } + /* + * RFC 5246 + */ + SHA256, + SHA384, + SHA512, + } } diff --git a/crypto/src/crypto/tls/DigestInputBuffer.cs b/crypto/src/crypto/tls/DigestInputBuffer.cs new file mode 100644 index 000000000..547bcab54 --- /dev/null +++ b/crypto/src/crypto/tls/DigestInputBuffer.cs @@ -0,0 +1,39 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.IO; +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Crypto.Tls +{ + internal class DigestInputBuffer + : MemoryStream + { + internal void UpdateDigest(IDigest d) + { + WriteTo(new DigStream(d)); + } + + private class DigStream + : BaseOutputStream + { + private readonly IDigest d; + + internal DigStream(IDigest d) + { + this.d = d; + } + + public override void WriteByte(byte b) + { + d.Update(b); + } + + public override void Write(byte[] buf, int off, int len) + { + d.BlockUpdate(buf, off, len); + } + } + } +} diff --git a/crypto/src/crypto/tls/ECBasisType.cs b/crypto/src/crypto/tls/ECBasisType.cs new file mode 100644 index 000000000..b7c9c6bd7 --- /dev/null +++ b/crypto/src/crypto/tls/ECBasisType.cs @@ -0,0 +1,16 @@ +using System; + +namespace Org.BouncyCastle.Crypto.Tls +{ + /// <summary>RFC 4492 5.4. (Errata ID: 2389)</summary> + public abstract class ECBasisType + { + public const short ec_basis_trinomial = 1; + public const short ec_basis_pentanomial = 2; + + public static bool IsValid(short ecBasisType) + { + return ecBasisType >= ec_basis_trinomial && ecBasisType <= ec_basis_pentanomial; + } + } +} diff --git a/crypto/src/crypto/tls/EncryptionAlgorithm.cs b/crypto/src/crypto/tls/EncryptionAlgorithm.cs index 69aee8abc..dbeaa3356 100644 --- a/crypto/src/crypto/tls/EncryptionAlgorithm.cs +++ b/crypto/src/crypto/tls/EncryptionAlgorithm.cs @@ -2,12 +2,11 @@ using System; namespace Org.BouncyCastle.Crypto.Tls { - /** - * RFC 2246 - * <p/> - * Note that the values here are implementation-specific and arbitrary. It is recommended not to - * depend on the particular values (e.g. serialization). - */ + /// <summary>RFC 2246</summary> + /// <remarks> + /// Note that the values here are implementation-specific and arbitrary. It is recommended not to + /// depend on the particular values (e.g. serialization). + /// </remarks> public abstract class EncryptionAlgorithm { public const int NULL = 0; diff --git a/crypto/src/crypto/tls/ExporterLabel.cs b/crypto/src/crypto/tls/ExporterLabel.cs index e26f15dc7..c186d410b 100644 --- a/crypto/src/crypto/tls/ExporterLabel.cs +++ b/crypto/src/crypto/tls/ExporterLabel.cs @@ -2,10 +2,8 @@ namespace Org.BouncyCastle.Crypto.Tls { - /** - * RFC 5705 - */ - public class ExporterLabel + /// <summary>RFC 5705</summary> + public abstract class ExporterLabel { /* * BC-specific diff --git a/crypto/src/crypto/tls/ExtensionType.cs b/crypto/src/crypto/tls/ExtensionType.cs index 0e6a45b5e..4e265c358 100644 --- a/crypto/src/crypto/tls/ExtensionType.cs +++ b/crypto/src/crypto/tls/ExtensionType.cs @@ -29,11 +29,6 @@ namespace Org.BouncyCastle.Crypto.Tls public const int srp = 12; /* - * RFC 5077 7. - */ - public const int session_ticket = 35; - - /* * RFC 5246 7.4.1.4. */ public const int signature_algorithms = 13; @@ -49,6 +44,18 @@ namespace Org.BouncyCastle.Crypto.Tls public const int heartbeat = 15; /* + * RFC 5077 7. + */ + public const int session_ticket = 35; + + /* + * draft-gutmann-tls-encrypt-then-mac-05 + * + * NOTE: This value has not yet been reserved by the IETF + */ + public static readonly int encrypt_then_mac = 66; + + /* * RFC 5746 3.2. */ public const int renegotiation_info = 0xff01; diff --git a/crypto/src/crypto/tls/HashAlgorithm.cs b/crypto/src/crypto/tls/HashAlgorithm.cs index 41818ca2c..ac6def26f 100644 --- a/crypto/src/crypto/tls/HashAlgorithm.cs +++ b/crypto/src/crypto/tls/HashAlgorithm.cs @@ -2,9 +2,7 @@ namespace Org.BouncyCastle.Crypto.Tls { - /** - * RFC 5246 7.4.1.4.1 - */ + /// <summary>RFC 5246 7.4.1.4.1</summary> public abstract class HashAlgorithm { public const byte none = 0; diff --git a/crypto/src/crypto/tls/HeartbeatMessageType.cs b/crypto/src/crypto/tls/HeartbeatMessageType.cs new file mode 100644 index 000000000..9e3ad213c --- /dev/null +++ b/crypto/src/crypto/tls/HeartbeatMessageType.cs @@ -0,0 +1,18 @@ +using System; + +namespace Org.BouncyCastle.Crypto.Tls +{ + /* + * RFC 6520 3. + */ + public abstract class HeartbeatMessageType + { + public const short heartbeat_request = 1; + public const short heartbeat_response = 2; + + public static bool IsValid(short heartbeatMessageType) + { + return heartbeatMessageType >= heartbeat_request && heartbeatMessageType <= heartbeat_response; + } + } +} diff --git a/crypto/src/crypto/tls/HeartbeatMode.cs b/crypto/src/crypto/tls/HeartbeatMode.cs new file mode 100644 index 000000000..0968f6e10 --- /dev/null +++ b/crypto/src/crypto/tls/HeartbeatMode.cs @@ -0,0 +1,18 @@ +using System; + +namespace Org.BouncyCastle.Crypto.Tls +{ + /* + * RFC 6520 + */ + public abstract class HeartbeatMode + { + public const short peer_allowed_to_send = 1; + public const short peer_not_allowed_to_send = 2; + + public static bool IsValid(short heartbeatMode) + { + return heartbeatMode >= peer_allowed_to_send && heartbeatMode <= peer_not_allowed_to_send; + } + } +} diff --git a/crypto/src/crypto/tls/KeyExchangeAlgorithm.cs b/crypto/src/crypto/tls/KeyExchangeAlgorithm.cs index 3f5088d9b..9b1b3ba5e 100644 --- a/crypto/src/crypto/tls/KeyExchangeAlgorithm.cs +++ b/crypto/src/crypto/tls/KeyExchangeAlgorithm.cs @@ -2,12 +2,11 @@ using System; namespace Org.BouncyCastle.Crypto.Tls { - /** - * RFC 2246 - * <p/> - * Note that the values here are implementation-specific and arbitrary. It is recommended not to - * depend on the particular values (e.g. serialization). - */ + /// <summary>RFC 2246</summary> + /// <remarks> + /// Note that the values here are implementation-specific and arbitrary. It is recommended not to + /// depend on the particular values (e.g. serialization). + /// </remarks> public abstract class KeyExchangeAlgorithm { public const int NULL = 0; diff --git a/crypto/src/crypto/tls/MacAlgorithm.cs b/crypto/src/crypto/tls/MacAlgorithm.cs new file mode 100644 index 000000000..e4aa88de6 --- /dev/null +++ b/crypto/src/crypto/tls/MacAlgorithm.cs @@ -0,0 +1,25 @@ +using System; + +namespace Org.BouncyCastle.Crypto.Tls +{ + /// <summary>RFC 2246</summary> + /// <remarks> + /// Note that the values here are implementation-specific and arbitrary. It is recommended not to + /// depend on the particular values (e.g. serialization). + /// </remarks> + public abstract class MacAlgorithm + { + public const int cls_null = 0; + public const int md5 = 1; + public const int sha = 2; + + /* + * RFC 5246 + */ + public const int hmac_md5 = md5; + public const int hmac_sha1 = sha; + public const int hmac_sha256 = 3; + public const int hmac_sha384 = 4; + public const int hmac_sha512 = 5; + } +} diff --git a/crypto/src/crypto/tls/MaxFragmentLength.cs b/crypto/src/crypto/tls/MaxFragmentLength.cs new file mode 100644 index 000000000..adb6d129c --- /dev/null +++ b/crypto/src/crypto/tls/MaxFragmentLength.cs @@ -0,0 +1,20 @@ +using System; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public abstract class MaxFragmentLength + { + /* + * RFC 3546 3.2. + */ + public const short pow2_9 = 1; + public const short pow2_10 = 2; + public const short pow2_11 = 3; + public const short pow2_12 = 4; + + public static bool IsValid(short maxFragmentLength) + { + return maxFragmentLength >= pow2_9 && maxFragmentLength <= pow2_12; + } + } +} diff --git a/crypto/src/crypto/tls/NameType.cs b/crypto/src/crypto/tls/NameType.cs new file mode 100644 index 000000000..ffcb639d0 --- /dev/null +++ b/crypto/src/crypto/tls/NameType.cs @@ -0,0 +1,12 @@ +using System; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public abstract class NameType + { + /* + * RFC 3546 3.1. + */ + public const short host_name = 0; + } +} diff --git a/crypto/src/crypto/tls/PrfAlgorithm.cs b/crypto/src/crypto/tls/PrfAlgorithm.cs index 976113495..871241bd2 100644 --- a/crypto/src/crypto/tls/PrfAlgorithm.cs +++ b/crypto/src/crypto/tls/PrfAlgorithm.cs @@ -2,12 +2,11 @@ namespace Org.BouncyCastle.Crypto.Tls { - /** - * RFC 5246 - * <p/> - * Note that the values here are implementation-specific and arbitrary. It is recommended not to - * depend on the particular values (e.g. serialization). - */ + /// <summary>RFC 5246</summary> + /// <remarks> + /// Note that the values here are implementation-specific and arbitrary. It is recommended not to + /// depend on the particular values (e.g. serialization). + /// </remarks> public abstract class PrfAlgorithm { /* diff --git a/crypto/src/crypto/tls/SignerInputBuffer.cs b/crypto/src/crypto/tls/SignerInputBuffer.cs new file mode 100644 index 000000000..ef2827c4d --- /dev/null +++ b/crypto/src/crypto/tls/SignerInputBuffer.cs @@ -0,0 +1,39 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.IO; +using Org.BouncyCastle.Utilities.IO; + +namespace Org.BouncyCastle.Crypto.Tls +{ + internal class SignerInputBuffer + : MemoryStream + { + internal void UpdateSigner(ISigner s) + { + WriteTo(new SigStream(s)); + } + + private class SigStream + : BaseOutputStream + { + private readonly ISigner s; + + internal SigStream(ISigner s) + { + this.s = s; + } + + public override void WriteByte(byte b) + { + s.Update(b); + } + + public override void Write(byte[] buf, int off, int len) + { + s.BlockUpdate(buf, off, len); + } + } + } +} diff --git a/crypto/src/crypto/tls/SrtpProtectionProfile.cs b/crypto/src/crypto/tls/SrtpProtectionProfile.cs new file mode 100644 index 000000000..1ce89f85e --- /dev/null +++ b/crypto/src/crypto/tls/SrtpProtectionProfile.cs @@ -0,0 +1,15 @@ +using System; + +namespace Org.BouncyCastle.Crypto.Tls +{ + public abstract class SrtpProtectionProfile + { + /* + * RFC 5764 4.1.2. + */ + public const int SRTP_AES128_CM_HMAC_SHA1_80 = 0x0001; + public const int SRTP_AES128_CM_HMAC_SHA1_32 = 0x0002; + public const int SRTP_NULL_HMAC_SHA1_80 = 0x0005; + public const int SRTP_NULL_HMAC_SHA1_32 = 0x0006; + } +} diff --git a/crypto/src/crypto/tls/SupplementalDataType.cs b/crypto/src/crypto/tls/SupplementalDataType.cs new file mode 100644 index 000000000..79511c50a --- /dev/null +++ b/crypto/src/crypto/tls/SupplementalDataType.cs @@ -0,0 +1,13 @@ +using System; + +namespace Org.BouncyCastle.Crypto.Tls +{ + /// <summary>RFC 4680</summary> + public abstract class SupplementalDataType + { + /* + * RFC 4681 + */ + public const int user_mapping_data = 0; + } +} diff --git a/crypto/src/crypto/tls/UserMappingType.cs b/crypto/src/crypto/tls/UserMappingType.cs new file mode 100644 index 000000000..6e6d40a58 --- /dev/null +++ b/crypto/src/crypto/tls/UserMappingType.cs @@ -0,0 +1,13 @@ +using System; + +namespace Org.BouncyCastle.Crypto.Tls +{ + /// <remarks>RFC 4681</remarks> + public abstract class UserMappingType + { + /* + * RFC 4681 + */ + public const short upn_domain_hint = 64; + } +} |