Home Explore Help
Register Sign In
wartheking
/
DataStudy
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Branch: master
Branches Tags
DataStudy
/
Assets
/
Plugins
/
Best HTTP
/
Source
/
SecureProtocol
/
tls
/
TlsDHUtilities.cs

TlsDHUtilities.cs 6.0 KB
Permalink History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163 
  1. #if !BESTHTTP_DISABLE_ALTERNATE_SSL && (!UNITY_WEBGL || UNITY_EDITOR)
    2. 

  2. #pragma warning disable
    3. 

  3. using System;
    4. 

  4. using System.IO;
    5. 

  5. 

  6. using BestHTTP.SecureProtocol.Org.BouncyCastle.Math;
    7. 

  7. using BestHTTP.SecureProtocol.Org.BouncyCastle.Tls.Crypto;
    8. 

  8. using BestHTTP.SecureProtocol.Org.BouncyCastle.Utilities;
    9. 

  9. 

  10. namespace BestHTTP.SecureProtocol.Org.BouncyCastle.Tls
    11. 

  11. {
    12. 

  12.     public abstract class TlsDHUtilities
    13. 

  13.     {
    14. 

  14.         public static TlsDHConfig CreateNamedDHConfig(TlsContext context, int namedGroup)
    15. 

  15.         {
    16. 

  16.             if (namedGroup < 0 || NamedGroup.GetFiniteFieldBits(namedGroup) < 1)
    17. 

  17.                 return null;
    18. 

  18. 

  19.             bool padded = TlsUtilities.IsTlsV13(context);
    20. 

  20.             return new TlsDHConfig(namedGroup, padded);
    21. 

  21.         }
    22. 

  22. 

  23.         public static DHGroup GetDHGroup(TlsDHConfig dhConfig)
    24. 

  24.         {
    25. 

  25.             int namedGroup = dhConfig.NamedGroup;
    26. 

  26.             if (namedGroup >= 0)
    27. 

  27.                 return GetNamedDHGroup(namedGroup);
    28. 

  28. 

  29.             return dhConfig.ExplicitGroup;
    30. 

  30.         }
    31. 

  31. 

  32.         public static DHGroup GetNamedDHGroup(int namedGroup)
    33. 

  33.         {
    34. 

  34.             switch (namedGroup)
    35. 

  35.             {
    36. 

  36.             case NamedGroup.ffdhe2048:
    37. 

  37.                 return DHStandardGroups.rfc7919_ffdhe2048;
    38. 

  38.             case NamedGroup.ffdhe3072:
    39. 

  39.                 return DHStandardGroups.rfc7919_ffdhe3072;
    40. 

  40.             case NamedGroup.ffdhe4096:
    41. 

  41.                 return DHStandardGroups.rfc7919_ffdhe4096;
    42. 

  42.             case NamedGroup.ffdhe6144:
    43. 

  43.                 return DHStandardGroups.rfc7919_ffdhe6144;
    44. 

  44.             case NamedGroup.ffdhe8192:
    45. 

  45.                 return DHStandardGroups.rfc7919_ffdhe8192;
    46. 

  46.             default:
    47. 

  47.                 return null;
    48. 

  48.             }
    49. 

  49.         }
    50. 

  50. 

  51.         public static int GetMinimumFiniteFieldBits(int cipherSuite)
    52. 

  52.         {
    53. 

  53.             /*
    54. 

  54.              * NOTE: An equivalent mechanism was added to support a minimum bit-size requirement for ECC
    55. 

  55.              * mooted in early drafts of RFC 8442. This requirement was removed in later drafts, so that
    56. 

  56.              * mechanism is currently somewhat trivial, and this similarly so.
    57. 

  57.              */
    58. 

  58.             return IsDHCipherSuite(cipherSuite) ? 1 : 0;
    59. 

  59.         }
    60. 

  60. 

  61.         public static bool IsDHCipherSuite(int cipherSuite)
    62. 

  62.         {
    63. 

  63.             switch (TlsUtilities.GetKeyExchangeAlgorithm(cipherSuite))
    64. 

  64.             {
    65. 

  65.             case KeyExchangeAlgorithm.DH_anon:
    66. 

  66.             case KeyExchangeAlgorithm.DH_DSS:
    67. 

  67.             case KeyExchangeAlgorithm.DH_RSA:
    68. 

  68.             case KeyExchangeAlgorithm.DHE_DSS:
    69. 

  69.             case KeyExchangeAlgorithm.DHE_PSK:
    70. 

  70.             case KeyExchangeAlgorithm.DHE_RSA:
    71. 

  71.                 return true;
    72. 

  72. 

  73.             default:
    74. 

  74.                 return false;
    75. 

  75.             }
    76. 

  76.         }
    77. 

  77. 

  78.         public static int GetNamedGroupForDHParameters(BigInteger p, BigInteger g)
    79. 

  79.         {
    80. 

  80.             int[] namedGroups = new int[]{ NamedGroup.ffdhe2048, NamedGroup.ffdhe3072, NamedGroup.ffdhe4096,
    81. 

  81.                 NamedGroup.ffdhe6144, NamedGroup.ffdhe8192 };
    82. 

  82. 

  83.             for (int i = 0; i < namedGroups.Length; ++i)
    84. 

  84.             {
    85. 

  85.                 int namedGroup = namedGroups[i];
    86. 

  86.                 DHGroup dhGroup = GetNamedDHGroup(namedGroup);
    87. 

  87.                 if (dhGroup != null && dhGroup.P.Equals(p) && dhGroup.G.Equals(g))
    88. 

  88.                     return namedGroup;
    89. 

  89.             }
    90. 

  90. 

  91.             return -1;
    92. 

  92.         }
    93. 

  93. 

  94.         public static DHGroup GetStandardGroupForDHParameters(BigInteger p, BigInteger g)
    95. 

  95.         {
    96. 

  96.             DHGroup[] standardGroups = new DHGroup[] { DHStandardGroups.rfc7919_ffdhe2048,
    97. 

  97.                 DHStandardGroups.rfc7919_ffdhe3072, DHStandardGroups.rfc7919_ffdhe4096, DHStandardGroups.rfc7919_ffdhe6144,
    98. 

  98.                 DHStandardGroups.rfc7919_ffdhe8192, DHStandardGroups.rfc3526_1536, DHStandardGroups.rfc3526_2048,
    99. 

  99.                 DHStandardGroups.rfc3526_3072, DHStandardGroups.rfc3526_4096, DHStandardGroups.rfc3526_6144,
    100. 

  100.                 DHStandardGroups.rfc3526_8192, DHStandardGroups.rfc5996_768, DHStandardGroups.rfc5996_1024 };
    101. 

  101. 

  102.             for (int i = 0; i < standardGroups.Length; ++i)
    103. 

  103.             {
    104. 

  104.                 DHGroup dhGroup = standardGroups[i];
    105. 

  105.                 if (dhGroup != null && dhGroup.P.Equals(p) && dhGroup.G.Equals(g))
    106. 

  106.                     return dhGroup;
    107. 

  107.             }
    108. 

  108. 

  109.             return null;
    110. 

  110.         }
    111. 

  111. 

  112.         /// <exception cref="IOException"/>
    113. 

  113.         public static TlsDHConfig ReceiveDHConfig(TlsContext context, TlsDHGroupVerifier dhGroupVerifier,
    114. 

  114.             Stream input)
    115. 

  115.         {
    116. 

  116.             BigInteger p = ReadDHParameter(input);
    117. 

  117.             BigInteger g = ReadDHParameter(input);
    118. 

  118. 

  119.             int namedGroup = GetNamedGroupForDHParameters(p, g);
    120. 

  120.             if (namedGroup< 0)
    121. 

  121.             {
    122. 

  122.                 DHGroup dhGroup = GetStandardGroupForDHParameters(p, g);
    123. 

  123.                 if (null == dhGroup)
    124. 

  124.                 {
    125. 

  125.                     dhGroup = new DHGroup(p, null, g, 0);
    126. 

  126.                 }
    127. 

  127. 

  128.                 if (!dhGroupVerifier.Accept(dhGroup))
    129. 

  129.                     throw new TlsFatalAlert(AlertDescription.insufficient_security);
    130. 

  130. 

  131.                 return new TlsDHConfig(dhGroup);
    132. 

  132.             }
    133. 

  133. 

  134.             int[] clientSupportedGroups = context.SecurityParameters.ClientSupportedGroups;
    135. 

  135.             if (null == clientSupportedGroups || Arrays.Contains(clientSupportedGroups, namedGroup))
    136. 

  136.                 return new TlsDHConfig(namedGroup, false);
    137. 

  137. 

  138.             throw new TlsFatalAlert(AlertDescription.illegal_parameter);
    139. 

  139.         }
    140. 

  140. 

  141.         /// <exception cref="IOException"/>
    142. 

  142.         public static BigInteger ReadDHParameter(Stream input)
    143. 

  143.         {
    144. 

  144.             return new BigInteger(1, TlsUtilities.ReadOpaque16(input, 1));
    145. 

  145.         }
    146. 

  146. 

  147.         /// <exception cref="IOException"/>
    148. 

  148.         public static void WriteDHConfig(TlsDHConfig dhConfig, Stream output)
    149. 

  149.         {
    150. 

  150.             DHGroup group = GetDHGroup(dhConfig);
    151. 

  151.             WriteDHParameter(group.P, output);
    152. 

  152.             WriteDHParameter(group.G, output);
    153. 

  153.         }
    154. 

  154. 

  155.         /// <exception cref="IOException"/>
    156. 

  156.         public static void WriteDHParameter(BigInteger x, Stream output)
    157. 

  157.         {
    158. 

  158.             TlsUtilities.WriteOpaque16(BigIntegers.AsUnsignedByteArray(x), output);
    159. 

  159.         }
    160. 

  160.     }
    161. 

  161. }
    162. 

  162. #pragma warning restore
    163. 

  163. #endif
    164.