diff options
author | Peter Dettman <peter.dettman@bouncycastle.org> | 2013-06-24 15:27:33 +0400 |
---|---|---|
committer | Peter Dettman <peter.dettman@bouncycastle.org> | 2013-06-24 15:27:33 +0400 |
commit | 15c31a82f587249d85c6f11244226ec3ed653117 (patch) | |
tree | 770dd6be95359c87012362d7454ab5f8d3251288 /core/src/main/java/org/bouncycastle/crypto/tls/DefaultTlsClient.java | |
parent | 99eb2cca7abd761a673d235083c3be8fb4738c35 (diff) |
Make EC extension data available for ECDHE_PSK
Diffstat (limited to 'core/src/main/java/org/bouncycastle/crypto/tls/DefaultTlsClient.java')
-rw-r--r-- | core/src/main/java/org/bouncycastle/crypto/tls/DefaultTlsClient.java | 60 |
1 files changed, 0 insertions, 60 deletions
diff --git a/core/src/main/java/org/bouncycastle/crypto/tls/DefaultTlsClient.java b/core/src/main/java/org/bouncycastle/crypto/tls/DefaultTlsClient.java index 73e8b598..39eecb65 100644 --- a/core/src/main/java/org/bouncycastle/crypto/tls/DefaultTlsClient.java +++ b/core/src/main/java/org/bouncycastle/crypto/tls/DefaultTlsClient.java @@ -1,14 +1,10 @@ package org.bouncycastle.crypto.tls; import java.io.IOException; -import java.util.Hashtable; public abstract class DefaultTlsClient extends AbstractTlsClient { - protected int[] namedCurves; - protected short[] clientECPointFormats, serverECPointFormats; - public DefaultTlsClient() { super(); @@ -28,62 +24,6 @@ public abstract class DefaultTlsClient CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA, CipherSuite.TLS_RSA_WITH_3DES_EDE_CBC_SHA,}; } - public Hashtable getClientExtensions() - throws IOException - { - Hashtable clientExtensions = super.getClientExtensions(); - - if (TlsECCUtils.containsECCCipherSuites(getCipherSuites())) - { - /* - * RFC 4492 5.1. A client that proposes ECC cipher suites in its ClientHello message - * appends these extensions (along with any others), enumerating the curves it supports - * and the point formats it can parse. Clients SHOULD send both the Supported Elliptic - * Curves Extension and the Supported Point Formats Extension. - */ - /* - * TODO Could just add all the curves since we support them all, but users may not want - * to use unnecessarily large fields. Need configuration options. - */ - this.namedCurves = new int[]{NamedCurve.secp256r1, NamedCurve.sect233r1, NamedCurve.secp224r1, - NamedCurve.sect193r1, NamedCurve.secp192r1, NamedCurve.arbitrary_explicit_char2_curves, - NamedCurve.arbitrary_explicit_prime_curves}; - this.clientECPointFormats = new short[]{ECPointFormat.ansiX962_compressed_char2, - ECPointFormat.ansiX962_compressed_prime, ECPointFormat.uncompressed}; - - if (clientExtensions == null) - { - clientExtensions = new Hashtable(); - } - - TlsECCUtils.addSupportedEllipticCurvesExtension(clientExtensions, namedCurves); - TlsECCUtils.addSupportedPointFormatsExtension(clientExtensions, clientECPointFormats); - } - - return clientExtensions; - } - - public void processServerExtensions(Hashtable serverExtensions) - throws IOException - { - super.processServerExtensions(serverExtensions); - - if (serverExtensions != null) - { - int[] namedCurves = TlsECCUtils.getSupportedEllipticCurvesExtension(serverExtensions); - if (namedCurves != null) - { - throw new TlsFatalAlert(AlertDescription.illegal_parameter); - } - - this.serverECPointFormats = TlsECCUtils.getSupportedPointFormatsExtension(serverExtensions); - if (this.serverECPointFormats != null && !TlsECCUtils.isECCCipherSuite(this.selectedCipherSuite)) - { - throw new TlsFatalAlert(AlertDescription.illegal_parameter); - } - } - } - public TlsKeyExchange getKeyExchange() throws IOException { |