Home Explore Help
Register Sign In
wartheking
/
DataStudy
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Branch: master
Branches Tags
DataStudy
/
Assets
/
Plugins
/
Best HTTP
/
Source
/
SecureProtocol
/
tls
/
TlsECDheKeyExchange.cs

TlsECDheKeyExchange.cs 4.7 KB
Permalink History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145 
  1. #if !BESTHTTP_DISABLE_ALTERNATE_SSL && (!UNITY_WEBGL || UNITY_EDITOR)
    2. 

  2. #pragma warning disable
    3. 

  3. using System;
    4. 

  4. using System.IO;
    5. 

  5. 

  6. using BestHTTP.SecureProtocol.Org.BouncyCastle.Tls.Crypto;
    7. 

  7. using BestHTTP.SecureProtocol.Org.BouncyCastle.Utilities.IO;
    8. 

  8. 

  9. namespace BestHTTP.SecureProtocol.Org.BouncyCastle.Tls
    10. 

  10. {
    11. 

  11.     /// <summary>(D)TLS ECDHE key exchange (see RFC 4492).</summary>
    12. 

  12.     public class TlsECDheKeyExchange
    13. 

  13.         : AbstractTlsKeyExchange
    14. 

  14.     {
    15. 

  15.         private static int CheckKeyExchange(int keyExchange)
    16. 

  16.         {
    17. 

  17.             switch (keyExchange)
    18. 

  18.             {
    19. 

  19.             case KeyExchangeAlgorithm.ECDHE_ECDSA:
    20. 

  20.             case KeyExchangeAlgorithm.ECDHE_RSA:
    21. 

  21.                 return keyExchange;
    22. 

  22.             default:
    23. 

  23.                 throw new ArgumentException("unsupported key exchange algorithm", "keyExchange");
    24. 

  24.             }
    25. 

  25.         }
    26. 

  26. 

  27.         protected TlsECConfig m_ecConfig;
    28. 

  28. 

  29.         protected TlsCredentialedSigner m_serverCredentials = null;
    30. 

  30.         protected TlsCertificate m_serverCertificate = null;
    31. 

  31.         protected TlsAgreement m_agreement;
    32. 

  32. 

  33.         public TlsECDheKeyExchange(int keyExchange)
    34. 

  34.             : this(keyExchange, null)
    35. 

  35.         {
    36. 

  36.         }
    37. 

  37. 

  38.         public TlsECDheKeyExchange(int keyExchange, TlsECConfig ecConfig)
    39. 

  39.             : base(CheckKeyExchange(keyExchange))
    40. 

  40.         {
    41. 

  41.             this.m_ecConfig = ecConfig;
    42. 

  42.         }
    43. 

  43. 

  44.         public override void SkipServerCredentials()
    45. 

  45.         {
    46. 

  46.             throw new TlsFatalAlert(AlertDescription.internal_error);
    47. 

  47.         }
    48. 

  48. 

  49.         public override void ProcessServerCredentials(TlsCredentials serverCredentials)
    50. 

  50.         {
    51. 

  51.             this.m_serverCredentials = TlsUtilities.RequireSignerCredentials(serverCredentials);
    52. 

  52.         }
    53. 

  53. 

  54.         public override void ProcessServerCertificate(Certificate serverCertificate)
    55. 

  55.         {
    56. 

  56.             this.m_serverCertificate = serverCertificate.GetCertificateAt(0);
    57. 

  57.         }
    58. 

  58. 

  59.         public override bool RequiresServerKeyExchange
    60. 

  60.         {
    61. 

  61.             get { return true; }
    62. 

  62.         }
    63. 

  63. 

  64.         public override byte[] GenerateServerKeyExchange()
    65. 

  65.         {
    66. 

  66.             DigestInputBuffer digestBuffer = new DigestInputBuffer();
    67. 

  67. 

  68.             TlsEccUtilities.WriteECConfig(m_ecConfig, digestBuffer);
    69. 

  69. 

  70.             this.m_agreement = m_context.Crypto.CreateECDomain(m_ecConfig).CreateECDH();
    71. 

  71. 

  72.             GenerateEphemeral(digestBuffer);
    73. 

  73. 

  74.             TlsUtilities.GenerateServerKeyExchangeSignature(m_context, m_serverCredentials, null, digestBuffer);
    75. 

  75. 

  76.             return digestBuffer.ToArray();
    77. 

  77.         }
    78. 

  78. 

  79.         public override void ProcessServerKeyExchange(Stream input)
    80. 

  80.         {
    81. 

  81.             DigestInputBuffer digestBuffer = new DigestInputBuffer();
    82. 

  82.             Stream teeIn = new TeeInputStream(input, digestBuffer);
    83. 

  83. 

  84.             this.m_ecConfig = TlsEccUtilities.ReceiveECDHConfig(m_context, teeIn);
    85. 

  85. 

  86.             byte[] point = TlsUtilities.ReadOpaque8(teeIn, 1);
    87. 

  87. 

  88.             TlsUtilities.VerifyServerKeyExchangeSignature(m_context, input, m_serverCertificate, null, digestBuffer);
    89. 

  89. 

  90.             this.m_agreement = m_context.Crypto.CreateECDomain(m_ecConfig).CreateECDH();
    91. 

  91. 

  92.             ProcessEphemeral(point);
    93. 

  93.         }
    94. 

  94. 

  95.         public override short[] GetClientCertificateTypes()
    96. 

  96.         {
    97. 

  97.             /*
    98. 

  98.              * RFC 4492 3. [...] The ECDSA_fixed_ECDH and RSA_fixed_ECDH mechanisms are usable with
    99. 

  99.              * ECDH_ECDSA and ECDH_RSA. Their use with ECDHE_ECDSA and ECDHE_RSA is prohibited because
    100. 

  100.              * the use of a long-term ECDH client key would jeopardize the forward secrecy property of
    101. 

  101.              * these algorithms.
    102. 

  102.              */
    103. 

  103.             return new short[]{ ClientCertificateType.dss_sign, ClientCertificateType.ecdsa_sign,
    104. 

  104.                 ClientCertificateType.rsa_sign };
    105. 

  105.         }
    106. 

  106. 

  107.         public override void ProcessClientCredentials(TlsCredentials clientCredentials)
    108. 

  108.         {
    109. 

  109.             TlsUtilities.RequireSignerCredentials(clientCredentials);
    110. 

  110.         }
    111. 

  111. 

  112.         public override void GenerateClientKeyExchange(Stream output)
    113. 

  113.         {
    114. 

  114.             GenerateEphemeral(output);
    115. 

  115.         }
    116. 

  116. 

  117.         public override void ProcessClientKeyExchange(Stream input)
    118. 

  118.         {
    119. 

  119.             byte[] point = TlsUtilities.ReadOpaque8(input, 1);
    120. 

  120. 

  121.             ProcessEphemeral(point);
    122. 

  122.         }
    123. 

  123. 

  124.         public override TlsSecret GeneratePreMasterSecret()
    125. 

  125.         {
    126. 

  126.             return m_agreement.CalculateSecret();
    127. 

  127.         }
    128. 

  128. 

  129.         protected virtual void GenerateEphemeral(Stream output)
    130. 

  130.         {
    131. 

  131.             byte[] point = m_agreement.GenerateEphemeral();
    132. 

  132. 

  133.             TlsUtilities.WriteOpaque8(point, output);
    134. 

  134.         }
    135. 

  135. 

  136.         protected virtual void ProcessEphemeral(byte[] point)
    137. 

  137.         {
    138. 

  138.             TlsEccUtilities.CheckPointEncoding(m_ecConfig.NamedGroup, point);
    139. 

  139. 

  140.             this.m_agreement.ReceivePeerValue(point);
    141. 

  141.         }
    142. 

  142.     }
    143. 

  143. }
    144. 

  144. #pragma warning restore
    145. 

  145. #endif
    146.