diff options
author | Peter Dettman <peter.dettman@bouncycastle.org> | 2013-09-07 14:59:13 +0400 |
---|---|---|
committer | Peter Dettman <peter.dettman@bouncycastle.org> | 2013-09-07 14:59:13 +0400 |
commit | be3d25591ffd0c6e2066e943c1b39aaec9cd6f20 (patch) | |
tree | 4b8ea7eabb414dc283e23e3171331fda03fa18ba /core/src/main/java/org/bouncycastle/crypto/tls/TlsDHEKeyExchange.java | |
parent | e95297ba62e1c77e876c6f774f34444d75d97304 (diff) |
Update server key exchange verifyers for TLS 1.2
Diffstat (limited to 'core/src/main/java/org/bouncycastle/crypto/tls/TlsDHEKeyExchange.java')
-rw-r--r-- | core/src/main/java/org/bouncycastle/crypto/tls/TlsDHEKeyExchange.java | 14 |
1 files changed, 8 insertions, 6 deletions
diff --git a/core/src/main/java/org/bouncycastle/crypto/tls/TlsDHEKeyExchange.java b/core/src/main/java/org/bouncycastle/crypto/tls/TlsDHEKeyExchange.java index 97e84765..a979be71 100644 --- a/core/src/main/java/org/bouncycastle/crypto/tls/TlsDHEKeyExchange.java +++ b/core/src/main/java/org/bouncycastle/crypto/tls/TlsDHEKeyExchange.java @@ -7,8 +7,8 @@ import java.util.Vector; import org.bouncycastle.crypto.Digest; import org.bouncycastle.crypto.Signer; -import org.bouncycastle.crypto.io.SignerInputStream; import org.bouncycastle.crypto.params.DHParameters; +import org.bouncycastle.util.io.TeeInputStream; public class TlsDHEKeyExchange extends TlsDHKeyExchange @@ -73,13 +73,15 @@ public class TlsDHEKeyExchange { SecurityParameters securityParameters = context.getSecurityParameters(); - Signer signer = initVerifyer(tlsSigner, securityParameters); - InputStream sigIn = new SignerInputStream(input, signer); + SignerInputBuffer buf = new SignerInputBuffer(); + InputStream teeIn = new TeeInputStream(input, buf); - ServerDHParams params = ServerDHParams.parse(sigIn); + ServerDHParams params = ServerDHParams.parse(teeIn); DigitallySigned signed_params = DigitallySigned.parse(context, input); + Signer signer = initVerifyer(tlsSigner, signed_params.getAlgorithm(), securityParameters); + buf.updateSigner(signer); if (!signer.verifySignature(signed_params.getSignature())) { throw new TlsFatalAlert(AlertDescription.decrypt_error); @@ -88,9 +90,9 @@ public class TlsDHEKeyExchange this.dhAgreeServerPublicKey = TlsDHUtils.validateDHPublicKey(params.getPublicKey()); } - protected Signer initVerifyer(TlsSigner tlsSigner, SecurityParameters securityParameters) + protected Signer initVerifyer(TlsSigner tlsSigner, SignatureAndHashAlgorithm algorithm, SecurityParameters securityParameters) { - Signer signer = tlsSigner.createVerifyer(this.serverPublicKey); + Signer signer = tlsSigner.createVerifyer(algorithm, this.serverPublicKey); signer.update(securityParameters.clientRandom, 0, securityParameters.clientRandom.length); signer.update(securityParameters.serverRandom, 0, securityParameters.serverRandom.length); return signer; |