From 216d64aab6a4522d35361d9bccae4a079e9bde83 Mon Sep 17 00:00:00 2001 From: bartland Date: Fri, 10 Apr 2015 16:48:26 +1000 Subject: Support (low-level) for non-default PRFs for PKCS5v2 --- crypto/src/asn1/pkcs/PBKDF2Params.cs | 72 +++++++++++++++++++++++++++++------- 1 file changed, 59 insertions(+), 13 deletions(-) diff --git a/crypto/src/asn1/pkcs/PBKDF2Params.cs b/crypto/src/asn1/pkcs/PBKDF2Params.cs index 1351b94cf..f629848d8 100644 --- a/crypto/src/asn1/pkcs/PBKDF2Params.cs +++ b/crypto/src/asn1/pkcs/PBKDF2Params.cs @@ -1,5 +1,5 @@ using System; - +using Org.BouncyCastle.Asn1.X509; using Org.BouncyCastle.Math; namespace Org.BouncyCastle.Asn1.Pkcs @@ -7,9 +7,11 @@ namespace Org.BouncyCastle.Asn1.Pkcs public class Pbkdf2Params : Asn1Encodable { + private static AlgorithmIdentifier algid_hmacWithSHA1 = new AlgorithmIdentifier(PkcsObjectIdentifiers.IdHmacWithSha1, DerNull.Instance); private readonly Asn1OctetString octStr; private readonly DerInteger iterationCount; private readonly DerInteger keyLength; + private readonly AlgorithmIdentifier prf; public static Pbkdf2Params GetInstance( object obj) @@ -26,16 +28,27 @@ namespace Org.BouncyCastle.Asn1.Pkcs public Pbkdf2Params( Asn1Sequence seq) { - if (seq.Count < 2 || seq.Count > 3) + if (seq.Count < 2 || seq.Count > 4) throw new ArgumentException("Wrong number of elements in sequence", "seq"); octStr = (Asn1OctetString)seq[0]; iterationCount = (DerInteger)seq[1]; - if (seq.Count > 2) + Asn1Encodable kl = null, d = null; + if (seq.Count > 3) { - keyLength = (DerInteger)seq[2]; - } + kl = seq[2]; + d = seq[3]; + } + else if (seq.Count > 2) + { + if (seq[2] is DerInteger) + kl = seq[2]; + else + d = seq[2]; + } + if (kl != null) keyLength = (DerInteger)kl; + if (d != null) prf = AlgorithmIdentifier.GetInstance(d); } public Pbkdf2Params( @@ -55,10 +68,29 @@ namespace Org.BouncyCastle.Asn1.Pkcs this.keyLength = new DerInteger(keyLength); } - public byte[] GetSalt() - { - return octStr.GetOctets(); - } + public Pbkdf2Params( + byte[] salt, + int iterationCount, + int keyLength, + AlgorithmIdentifier prf) + : this(salt, iterationCount, keyLength) + { + this.prf = prf; + } + + public Pbkdf2Params( + byte[] salt, + int iterationCount, + AlgorithmIdentifier prf) + : this(salt, iterationCount) + { + this.prf = prf; + } + + public byte[] GetSalt() + { + return octStr.GetOctets(); + } public BigInteger IterationCount { @@ -70,15 +102,29 @@ namespace Org.BouncyCastle.Asn1.Pkcs get { return keyLength == null ? null : keyLength.Value; } } - public override Asn1Object ToAsn1Object() - { - Asn1EncodableVector v = new Asn1EncodableVector( - octStr, iterationCount); + public bool IsDefaultPrf() + { + return prf == null || prf.Equals(algid_hmacWithSHA1); + } + + public AlgorithmIdentifier Prf + { + get { return prf ?? algid_hmacWithSHA1; } + } + + public override Asn1Object ToAsn1Object() + { + Asn1EncodableVector v = new Asn1EncodableVector( + octStr, iterationCount); if (keyLength != null) { v.Add(keyLength); } + if (!IsDefaultPrf()) + { + v.Add(prf); + } return new DerSequence(v); } -- cgit 1.5.1 From 2bfabaab3a220f93bcea8e3d0212cd995a7776f6 Mon Sep 17 00:00:00 2001 From: Peter Dettman Date: Sat, 11 Apr 2015 17:30:14 +0700 Subject: Remove overly strict check on ECC extensions --- crypto/src/crypto/tls/AbstractTlsServer.cs | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/crypto/src/crypto/tls/AbstractTlsServer.cs b/crypto/src/crypto/tls/AbstractTlsServer.cs index c3e250fd8..9f549cfd1 100644 --- a/crypto/src/crypto/tls/AbstractTlsServer.cs +++ b/crypto/src/crypto/tls/AbstractTlsServer.cs @@ -165,9 +165,13 @@ namespace Org.BouncyCastle.Crypto.Tls /* * RFC 4429 4. The client MUST NOT include these extensions in the ClientHello message if it * does not propose any ECC cipher suites. + * + * NOTE: This was overly strict as there may be ECC cipher suites that we don't recognize. + * Also, draft-ietf-tls-negotiated-ff-dhe will be overloading the 'elliptic_curves' + * extension to explicitly allow FFDHE (i.e. non-ECC) groups. */ - if (!this.mEccCipherSuitesOffered && (this.mNamedCurves != null || this.mClientECPointFormats != null)) - throw new TlsFatalAlert(AlertDescription.illegal_parameter); + //if (!this.mEccCipherSuitesOffered && (this.mNamedCurves != null || this.mClientECPointFormats != null)) + // throw new TlsFatalAlert(AlertDescription.illegal_parameter); } public virtual ProtocolVersion GetServerVersion() -- cgit 1.5.1 From 216ccd1126d4f924bc65ac6c7dfa8faa4a8a793f Mon Sep 17 00:00:00 2001 From: Peter Dettman Date: Sat, 18 Apr 2015 21:22:01 +0700 Subject: Port recent Java updates --- crypto/crypto.csproj | 20 ++++++ crypto/src/bcpg/ECDHPublicBCPGKey.cs | 102 ++++++++++++++++++++++++++++++ crypto/src/bcpg/ECDsaPublicBCPGKey.cs | 34 ++++++++++ crypto/src/bcpg/ECPublicBCPGKey.cs | 97 ++++++++++++++++++++++++++++ crypto/src/bcpg/ECSecretBCPGKey.cs | 56 ++++++++++++++++ crypto/src/bcpg/PublicKeyPacket.cs | 6 ++ crypto/src/bcpg/SignaturePacket.cs | 5 ++ crypto/src/crypto/modes/CcmBlockCipher.cs | 11 ++-- crypto/src/openpgp/PgpPublicKey.cs | 5 ++ 9 files changed, 331 insertions(+), 5 deletions(-) create mode 100644 crypto/src/bcpg/ECDHPublicBCPGKey.cs create mode 100644 crypto/src/bcpg/ECDsaPublicBCPGKey.cs create mode 100644 crypto/src/bcpg/ECPublicBCPGKey.cs create mode 100644 crypto/src/bcpg/ECSecretBCPGKey.cs diff --git a/crypto/crypto.csproj b/crypto/crypto.csproj index cb00f9912..0a0e2c1da 100644 --- a/crypto/crypto.csproj +++ b/crypto/crypto.csproj @@ -2323,6 +2323,26 @@ SubType = "Code" BuildAction = "Compile" /> + + + + Base class for an ECDH Public Key. + public class ECDHPublicBcpgKey + : ECPublicBcpgKey + { + private byte reserved; + private byte hashFunctionId; + private byte symAlgorithmId; + + /// The stream to read the packet from. + public ECDHPublicBcpgKey( + BcpgInputStream bcpgIn) + : base(bcpgIn) + { + int length = bcpgIn.ReadByte(); + byte[] kdfParameters = new byte[length]; + if (kdfParameters.Length != 3) + throw new InvalidOperationException("kdf parameters size of 3 expected."); + + bcpgIn.ReadFully(kdfParameters); + + reserved = kdfParameters[0]; + hashFunctionId = kdfParameters[1]; + symAlgorithmId = kdfParameters[2]; + + VerifyHashAlgorithm(); + VerifySymmetricKeyAlgorithm(); + } + + public ECDHPublicBcpgKey( + DerObjectIdentifier oid, + ECPoint point, + int hashAlgorithm, + int symmetricKeyAlgorithm) + : base(oid, point) + { + reserved = 1; + hashFunctionId = (byte)hashAlgorithm; + symAlgorithmId = (byte)symmetricKeyAlgorithm; + + VerifyHashAlgorithm(); + VerifySymmetricKeyAlgorithm(); + } + + public virtual byte Reserved + { + get { return reserved; } + } + + public virtual byte HashAlgorithm + { + get { return hashFunctionId; } + } + + public virtual byte SymmetricKeyAlgorithm + { + get { return symAlgorithmId; } + } + + public override void Encode( + BcpgOutputStream bcpgOut) + { + base.Encode(bcpgOut); + bcpgOut.WriteByte(0x3); + bcpgOut.WriteByte(reserved); + bcpgOut.WriteByte(hashFunctionId); + bcpgOut.WriteByte(symAlgorithmId); + } + + private void VerifyHashAlgorithm() + { + switch ((HashAlgorithmTag)hashFunctionId) + { + case HashAlgorithmTag.Sha256: + case HashAlgorithmTag.Sha384: + case HashAlgorithmTag.Sha512: + break; + default: + throw new InvalidOperationException("Hash algorithm must be SHA-256 or stronger."); + } + } + + private void VerifySymmetricKeyAlgorithm() + { + switch ((SymmetricKeyAlgorithmTag)symAlgorithmId) + { + case SymmetricKeyAlgorithmTag.Aes128: + case SymmetricKeyAlgorithmTag.Aes192: + case SymmetricKeyAlgorithmTag.Aes256: + break; + default: + throw new InvalidOperationException("Symmetric key algorithm must be AES-128 or stronger."); + } + } + } +} diff --git a/crypto/src/bcpg/ECDsaPublicBCPGKey.cs b/crypto/src/bcpg/ECDsaPublicBCPGKey.cs new file mode 100644 index 000000000..5f0c8ac55 --- /dev/null +++ b/crypto/src/bcpg/ECDsaPublicBCPGKey.cs @@ -0,0 +1,34 @@ +using System; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Math.EC; + +namespace Org.BouncyCastle.Bcpg +{ + /// Base class for an ECDSA Public Key. + public class ECDsaPublicBcpgKey + : ECPublicBcpgKey + { + /// The stream to read the packet from. + protected internal ECDsaPublicBcpgKey( + BcpgInputStream bcpgIn) + : base(bcpgIn) + { + } + + public ECDsaPublicBcpgKey( + DerObjectIdentifier oid, + ECPoint point) + : base(oid, point) + { + } + + public ECDsaPublicBcpgKey( + DerObjectIdentifier oid, + BigInteger encodedPoint) + : base(oid, encodedPoint) + { + } + } +} diff --git a/crypto/src/bcpg/ECPublicBCPGKey.cs b/crypto/src/bcpg/ECPublicBCPGKey.cs new file mode 100644 index 000000000..f328f9dc3 --- /dev/null +++ b/crypto/src/bcpg/ECPublicBCPGKey.cs @@ -0,0 +1,97 @@ +using System; +using System.IO; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Math.EC; + +namespace Org.BouncyCastle.Bcpg +{ + /// Base class for an EC Public Key. + public abstract class ECPublicBcpgKey + : BcpgObject, IBcpgKey + { + internal DerObjectIdentifier oid; + internal BigInteger point; + + /// The stream to read the packet from. + protected ECPublicBcpgKey( + BcpgInputStream bcpgIn) + { + this.oid = DerObjectIdentifier.GetInstance(Asn1Object.FromByteArray(ReadBytesOfEncodedLength(bcpgIn))); + this.point = new MPInteger(bcpgIn).Value; + } + + protected ECPublicBcpgKey( + DerObjectIdentifier oid, + ECPoint point) + { + this.point = new BigInteger(1, point.GetEncoded()); + this.oid = oid; + } + + protected ECPublicBcpgKey( + DerObjectIdentifier oid, + BigInteger encodedPoint) + { + this.point = encodedPoint; + this.oid = oid; + } + + /// The format, as a string, always "PGP". + public string Format + { + get { return "PGP"; } + } + + /// Return the standard PGP encoding of the key. + public override byte[] GetEncoded() + { + try + { + return base.GetEncoded(); + } + catch (IOException) + { + return null; + } + } + + public override void Encode( + BcpgOutputStream bcpgOut) + { + byte[] oid = this.oid.GetEncoded(); + bcpgOut.Write(oid, 1, oid.Length - 1); + + MPInteger point = new MPInteger(this.point); + bcpgOut.WriteObject(point); + } + + public virtual BigInteger EncodedPoint + { + get { return point; } + } + + public virtual DerObjectIdentifier CurveOid + { + get { return oid; } + } + + protected static byte[] ReadBytesOfEncodedLength( + BcpgInputStream bcpgIn) + { + int length = bcpgIn.ReadByte(); + if (length == 0 || length == 0xFF) + { + throw new IOException("future extensions not yet implemented."); + } + + byte[] buffer = new byte[length + 2]; + bcpgIn.ReadFully(buffer, 2, buffer.Length - 2); + buffer[0] = (byte)0x06; + buffer[1] = (byte)length; + + return buffer; + } + } +} diff --git a/crypto/src/bcpg/ECSecretBCPGKey.cs b/crypto/src/bcpg/ECSecretBCPGKey.cs new file mode 100644 index 000000000..22e0a3473 --- /dev/null +++ b/crypto/src/bcpg/ECSecretBCPGKey.cs @@ -0,0 +1,56 @@ +using System; + +using Org.BouncyCastle.Asn1; +using Org.BouncyCastle.Math; + +namespace Org.BouncyCastle.Bcpg +{ + /// Base class for an EC Secret Key. + public class ECSecretBcpgKey + : BcpgObject, IBcpgKey + { + internal MPInteger x; + + public ECSecretBcpgKey( + BcpgInputStream bcpgIn) + { + this.x = new MPInteger(bcpgIn); + } + + public ECSecretBcpgKey( + BigInteger x) + { + this.x = new MPInteger(x); + } + + /// The format, as a string, always "PGP". + public string Format + { + get { return "PGP"; } + } + + /// Return the standard PGP encoding of the key. + public override byte[] GetEncoded() + { + try + { + return base.GetEncoded(); + } + catch (Exception) + { + return null; + } + } + + public override void Encode( + BcpgOutputStream bcpgOut) + { + bcpgOut.WriteObject(x); + } + + public virtual BigInteger X + { + get { return x.Value; } + } + } +} diff --git a/crypto/src/bcpg/PublicKeyPacket.cs b/crypto/src/bcpg/PublicKeyPacket.cs index a45aeb469..cea5c8ed2 100644 --- a/crypto/src/bcpg/PublicKeyPacket.cs +++ b/crypto/src/bcpg/PublicKeyPacket.cs @@ -44,6 +44,12 @@ namespace Org.BouncyCastle.Bcpg case PublicKeyAlgorithmTag.ElGamalGeneral: key = new ElGamalPublicBcpgKey(bcpgIn); break; + case PublicKeyAlgorithmTag.EC: + key = new ECDHPublicBcpgKey(bcpgIn); + break; + case PublicKeyAlgorithmTag.ECDsa: + key = new ECDsaPublicBcpgKey(bcpgIn); + break; default: throw new IOException("unknown PGP public key algorithm encountered"); } diff --git a/crypto/src/bcpg/SignaturePacket.cs b/crypto/src/bcpg/SignaturePacket.cs index 605ce84c4..5b91c15a3 100644 --- a/crypto/src/bcpg/SignaturePacket.cs +++ b/crypto/src/bcpg/SignaturePacket.cs @@ -146,6 +146,11 @@ namespace Org.BouncyCastle.Bcpg MPInteger y = new MPInteger(bcpgIn); signature = new MPInteger[]{ p, g, y }; break; + case PublicKeyAlgorithmTag.ECDsa: + MPInteger ecR = new MPInteger(bcpgIn); + MPInteger ecS = new MPInteger(bcpgIn); + signature = new MPInteger[]{ ecR, ecS }; + break; default: if (keyAlgorithm >= PublicKeyAlgorithmTag.Experimental_1 && keyAlgorithm <= PublicKeyAlgorithmTag.Experimental_11) { diff --git a/crypto/src/crypto/modes/CcmBlockCipher.cs b/crypto/src/crypto/modes/CcmBlockCipher.cs index e0b1e6b54..19e273d7c 100644 --- a/crypto/src/crypto/modes/CcmBlockCipher.cs +++ b/crypto/src/crypto/modes/CcmBlockCipher.cs @@ -268,9 +268,10 @@ namespace Org.BouncyCastle.Crypto.Modes outputLen = inLen + macSize; Check.OutputLength(output, outOff, outputLen, "Output buffer too short."); - calculateMac(input, inOff, inLen, macBlock); + CalculateMac(input, inOff, inLen, macBlock); - ctrCipher.ProcessBlock(macBlock, 0, macBlock, 0); // S0 + byte[] encMac = new byte[BlockSize]; + ctrCipher.ProcessBlock(macBlock, 0, encMac, 0); // S0 while (inIndex < (inOff + inLen - BlockSize)) // S1... { @@ -287,7 +288,7 @@ namespace Org.BouncyCastle.Crypto.Modes Array.Copy(block, 0, output, outIndex, inLen + inOff - inIndex); - Array.Copy(macBlock, 0, output, outOff + inLen, macSize); + Array.Copy(encMac, 0, output, outOff + inLen, macSize); } else { @@ -323,7 +324,7 @@ namespace Org.BouncyCastle.Crypto.Modes byte[] calculatedMacBlock = new byte[BlockSize]; - calculateMac(output, outOff, outputLen, calculatedMacBlock); + CalculateMac(output, outOff, outputLen, calculatedMacBlock); if (!Arrays.ConstantTimeAreEqual(macBlock, calculatedMacBlock)) throw new InvalidCipherTextException("mac check in CCM failed"); @@ -332,7 +333,7 @@ namespace Org.BouncyCastle.Crypto.Modes return outputLen; } - private int calculateMac(byte[] data, int dataOff, int dataLen, byte[] macBlock) + private int CalculateMac(byte[] data, int dataOff, int dataLen, byte[] macBlock) { IMac cMac = new CbcBlockCipherMac(cipher, macSize * 8); diff --git a/crypto/src/openpgp/PgpPublicKey.cs b/crypto/src/openpgp/PgpPublicKey.cs index 249b94ea6..5bde2c8fe 100644 --- a/crypto/src/openpgp/PgpPublicKey.cs +++ b/crypto/src/openpgp/PgpPublicKey.cs @@ -2,6 +2,7 @@ using System; using System.Collections; using System.IO; +using Org.BouncyCastle.Asn1.X9; using Org.BouncyCastle.Crypto; using Org.BouncyCastle.Crypto.IO; using Org.BouncyCastle.Crypto.Parameters; @@ -104,6 +105,10 @@ namespace Org.BouncyCastle.Bcpg.OpenPgp { this.keyStrength = ((ElGamalPublicBcpgKey)key).P.BitLength; } + else if (key is ECPublicBcpgKey) + { + this.keyStrength = ECNamedCurveTable.GetByOid(((ECPublicBcpgKey)key).CurveOid).Curve.FieldSize; + } } } -- cgit 1.5.1 From 15eae9d56401d349be35dd2565ee72364d92cc38 Mon Sep 17 00:00:00 2001 From: Peter Dettman Date: Mon, 25 May 2015 16:29:31 +0700 Subject: Change default DH group chosen by TLS server to 2048 bits TLS client will not accept < 1024 bits DH group by default --- crypto/src/crypto/tls/DefaultTlsServer.cs | 2 +- crypto/src/crypto/tls/PskTlsServer.cs | 2 +- crypto/src/crypto/tls/TlsDHKeyExchange.cs | 22 ++++++++++++++++++++-- crypto/src/crypto/tls/TlsDHUtilities.cs | 24 +++++++++++++----------- crypto/src/crypto/tls/TlsDheKeyExchange.cs | 2 +- 5 files changed, 36 insertions(+), 16 deletions(-) diff --git a/crypto/src/crypto/tls/DefaultTlsServer.cs b/crypto/src/crypto/tls/DefaultTlsServer.cs index b12c43e1c..77cd5f1cc 100644 --- a/crypto/src/crypto/tls/DefaultTlsServer.cs +++ b/crypto/src/crypto/tls/DefaultTlsServer.cs @@ -42,7 +42,7 @@ namespace Org.BouncyCastle.Crypto.Tls protected virtual DHParameters GetDHParameters() { - return DHStandardGroups.rfc5114_1024_160; + return DHStandardGroups.rfc5114_2048_256; } protected override int[] GetCipherSuites() diff --git a/crypto/src/crypto/tls/PskTlsServer.cs b/crypto/src/crypto/tls/PskTlsServer.cs index 27d2b8119..85f3055fb 100644 --- a/crypto/src/crypto/tls/PskTlsServer.cs +++ b/crypto/src/crypto/tls/PskTlsServer.cs @@ -28,7 +28,7 @@ namespace Org.BouncyCastle.Crypto.Tls protected virtual DHParameters GetDHParameters() { - return DHStandardGroups.rfc5114_1024_160; + return DHStandardGroups.rfc5114_2048_256; } protected override int[] GetCipherSuites() diff --git a/crypto/src/crypto/tls/TlsDHKeyExchange.cs b/crypto/src/crypto/tls/TlsDHKeyExchange.cs index 211249fcc..93ef1fa4a 100644 --- a/crypto/src/crypto/tls/TlsDHKeyExchange.cs +++ b/crypto/src/crypto/tls/TlsDHKeyExchange.cs @@ -81,6 +81,7 @@ namespace Org.BouncyCastle.Crypto.Tls try { this.mDHAgreePublicKey = TlsDHUtilities.ValidateDHPublicKey((DHPublicKeyParameters)this.mServerPublicKey); + this.mDHParameters = ValidateDHParameters(mDHAgreePublicKey.Parameters); } catch (InvalidCastException e) { @@ -171,8 +172,12 @@ namespace Org.BouncyCastle.Crypto.Tls public override void ProcessClientCertificate(Certificate clientCertificate) { - // TODO Extract the public key - // TODO If the certificate is 'fixed', take the public key as dhAgreeClientPublicKey + // TODO Extract the public key and validate + + /* + * TODO If the certificate is 'fixed', take the public key as dhAgreePublicKey and check + * that the parameters match the server's (see 'areCompatibleParameters'). + */ } public override void ProcessClientKeyExchange(Stream input) @@ -202,5 +207,18 @@ namespace Org.BouncyCastle.Crypto.Tls throw new TlsFatalAlert(AlertDescription.internal_error); } + + protected virtual int MinimumPrimeBits + { + get { return 1024; } + } + + protected virtual DHParameters ValidateDHParameters(DHParameters parameters) + { + if (parameters.P.BitLength < MinimumPrimeBits) + throw new TlsFatalAlert(AlertDescription.insufficient_security); + + return TlsDHUtilities.ValidateDHParameters(parameters); + } } } diff --git a/crypto/src/crypto/tls/TlsDHUtilities.cs b/crypto/src/crypto/tls/TlsDHUtilities.cs index b29f75e30..727587135 100644 --- a/crypto/src/crypto/tls/TlsDHUtilities.cs +++ b/crypto/src/crypto/tls/TlsDHUtilities.cs @@ -435,26 +435,28 @@ namespace Org.BouncyCastle.Crypto.Tls return (DHPrivateKeyParameters)kp.Private; } - - public static DHPublicKeyParameters ValidateDHPublicKey(DHPublicKeyParameters key) + + public static DHParameters ValidateDHParameters(DHParameters parameters) { - BigInteger Y = key.Y; - DHParameters parameters = key.Parameters; BigInteger p = parameters.P; BigInteger g = parameters.G; if (!p.IsProbablePrime(2)) - { throw new TlsFatalAlert(AlertDescription.illegal_parameter); - } if (g.CompareTo(Two) < 0 || g.CompareTo(p.Subtract(Two)) > 0) - { throw new TlsFatalAlert(AlertDescription.illegal_parameter); - } - if (Y.CompareTo(Two) < 0 || Y.CompareTo(p.Subtract(Two)) > 0) - { + + + return parameters; + } + + public static DHPublicKeyParameters ValidateDHPublicKey(DHPublicKeyParameters key) + { + DHParameters parameters = ValidateDHParameters(key.Parameters); + + BigInteger Y = key.Y; + if (Y.CompareTo(Two) < 0 || Y.CompareTo(parameters.P.Subtract(Two)) > 0) throw new TlsFatalAlert(AlertDescription.illegal_parameter); - } // TODO See RFC 2631 for more discussion of Diffie-Hellman validation diff --git a/crypto/src/crypto/tls/TlsDheKeyExchange.cs b/crypto/src/crypto/tls/TlsDheKeyExchange.cs index 419d4e442..9831e8cd7 100644 --- a/crypto/src/crypto/tls/TlsDheKeyExchange.cs +++ b/crypto/src/crypto/tls/TlsDheKeyExchange.cs @@ -79,7 +79,7 @@ namespace Org.BouncyCastle.Crypto.Tls throw new TlsFatalAlert(AlertDescription.decrypt_error); this.mDHAgreePublicKey = TlsDHUtilities.ValidateDHPublicKey(dhParams.PublicKey); - this.mDHParameters = mDHAgreePublicKey.Parameters; + this.mDHParameters = ValidateDHParameters(mDHAgreePublicKey.Parameters); } protected virtual ISigner InitVerifyer(TlsSigner tlsSigner, SignatureAndHashAlgorithm algorithm, -- cgit 1.5.1 From 208363f896b38a36563750bddedd3b9b51418335 Mon Sep 17 00:00:00 2001 From: Peter Dettman Date: Wed, 27 May 2015 12:45:42 +0700 Subject: Code cleanup --- crypto/src/asn1/pkcs/PBKDF2Params.cs | 128 +++++++++++++++++++---------------- 1 file changed, 69 insertions(+), 59 deletions(-) diff --git a/crypto/src/asn1/pkcs/PBKDF2Params.cs b/crypto/src/asn1/pkcs/PBKDF2Params.cs index f629848d8..5d1e9854f 100644 --- a/crypto/src/asn1/pkcs/PBKDF2Params.cs +++ b/crypto/src/asn1/pkcs/PBKDF2Params.cs @@ -4,60 +4,70 @@ using Org.BouncyCastle.Math; namespace Org.BouncyCastle.Asn1.Pkcs { - public class Pbkdf2Params - : Asn1Encodable - { + public class Pbkdf2Params + : Asn1Encodable + { private static AlgorithmIdentifier algid_hmacWithSHA1 = new AlgorithmIdentifier(PkcsObjectIdentifiers.IdHmacWithSha1, DerNull.Instance); - private readonly Asn1OctetString octStr; - private readonly DerInteger iterationCount; - private readonly DerInteger keyLength; + + private readonly Asn1OctetString octStr; + private readonly DerInteger iterationCount, keyLength; private readonly AlgorithmIdentifier prf; - public static Pbkdf2Params GetInstance( - object obj) - { - if (obj == null || obj is Pbkdf2Params) - return (Pbkdf2Params)obj; + public static Pbkdf2Params GetInstance( + object obj) + { + if (obj == null || obj is Pbkdf2Params) + return (Pbkdf2Params)obj; - if (obj is Asn1Sequence) - return new Pbkdf2Params((Asn1Sequence)obj); + if (obj is Asn1Sequence) + return new Pbkdf2Params((Asn1Sequence)obj); - throw new ArgumentException("Unknown object in factory: " + obj.GetType().FullName, "obj"); - } + throw new ArgumentException("Unknown object in factory: " + obj.GetType().FullName, "obj"); + } - public Pbkdf2Params( - Asn1Sequence seq) - { + public Pbkdf2Params( + Asn1Sequence seq) + { if (seq.Count < 2 || seq.Count > 4) - throw new ArgumentException("Wrong number of elements in sequence", "seq"); + throw new ArgumentException("Wrong number of elements in sequence", "seq"); - octStr = (Asn1OctetString)seq[0]; - iterationCount = (DerInteger)seq[1]; + this.octStr = (Asn1OctetString)seq[0]; + this.iterationCount = (DerInteger)seq[1]; Asn1Encodable kl = null, d = null; - if (seq.Count > 3) - { + if (seq.Count > 3) + { kl = seq[2]; d = seq[3]; } else if (seq.Count > 2) { if (seq[2] is DerInteger) + { kl = seq[2]; - else + } + else + { d = seq[2]; + } + } + if (kl != null) + { + keyLength = (DerInteger)kl; + } + if (d != null) + { + prf = AlgorithmIdentifier.GetInstance(d); } - if (kl != null) keyLength = (DerInteger)kl; - if (d != null) prf = AlgorithmIdentifier.GetInstance(d); - } - - public Pbkdf2Params( - byte[] salt, - int iterationCount) - { - this.octStr = new DerOctetString(salt); - this.iterationCount = new DerInteger(iterationCount); - } + } + + public Pbkdf2Params( + byte[] salt, + int iterationCount) + { + this.octStr = new DerOctetString(salt); + this.iterationCount = new DerInteger(iterationCount); + } public Pbkdf2Params( byte[] salt, @@ -68,15 +78,15 @@ namespace Org.BouncyCastle.Asn1.Pkcs this.keyLength = new DerInteger(keyLength); } - public Pbkdf2Params( - byte[] salt, - int iterationCount, + public Pbkdf2Params( + byte[] salt, + int iterationCount, int keyLength, AlgorithmIdentifier prf) : this(salt, iterationCount, keyLength) { this.prf = prf; - } + } public Pbkdf2Params( byte[] salt, @@ -92,24 +102,24 @@ namespace Org.BouncyCastle.Asn1.Pkcs return octStr.GetOctets(); } - public BigInteger IterationCount - { - get { return iterationCount.Value; } - } + public BigInteger IterationCount + { + get { return iterationCount.Value; } + } - public BigInteger KeyLength - { - get { return keyLength == null ? null : keyLength.Value; } - } + public BigInteger KeyLength + { + get { return keyLength == null ? null : keyLength.Value; } + } - public bool IsDefaultPrf() + public bool IsDefaultPrf { - return prf == null || prf.Equals(algid_hmacWithSHA1); - } + get { return prf == null || prf.Equals(algid_hmacWithSHA1); } + } public AlgorithmIdentifier Prf { - get { return prf ?? algid_hmacWithSHA1; } + get { return prf != null ? prf : algid_hmacWithSHA1; } } public override Asn1Object ToAsn1Object() @@ -117,16 +127,16 @@ namespace Org.BouncyCastle.Asn1.Pkcs Asn1EncodableVector v = new Asn1EncodableVector( octStr, iterationCount); - if (keyLength != null) - { - v.Add(keyLength); - } - if (!IsDefaultPrf()) + if (keyLength != null) + { + v.Add(keyLength); + } + if (!IsDefaultPrf) { v.Add(prf); } - return new DerSequence(v); - } - } + return new DerSequence(v); + } + } } -- cgit 1.5.1