Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/quite/humla-spongycastle.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/core/src/main/java/org/bouncycastle/crypto/tls/TlsDHEKeyExchange.java
diff options
context:
space:
mode:
authorPeter Dettman <peter.dettman@bouncycastle.org>2013-09-07 14:59:13 +0400
committerPeter Dettman <peter.dettman@bouncycastle.org>2013-09-07 14:59:13 +0400
commitbe3d25591ffd0c6e2066e943c1b39aaec9cd6f20 (patch)
tree4b8ea7eabb414dc283e23e3171331fda03fa18ba /core/src/main/java/org/bouncycastle/crypto/tls/TlsDHEKeyExchange.java
parente95297ba62e1c77e876c6f774f34444d75d97304 (diff)
Update server key exchange verifyers for TLS 1.2
Diffstat (limited to 'core/src/main/java/org/bouncycastle/crypto/tls/TlsDHEKeyExchange.java')
-rw-r--r--core/src/main/java/org/bouncycastle/crypto/tls/TlsDHEKeyExchange.java14
1 files changed, 8 insertions, 6 deletions
diff --git a/core/src/main/java/org/bouncycastle/crypto/tls/TlsDHEKeyExchange.java b/core/src/main/java/org/bouncycastle/crypto/tls/TlsDHEKeyExchange.java
index 97e84765..a979be71 100644
--- a/core/src/main/java/org/bouncycastle/crypto/tls/TlsDHEKeyExchange.java
+++ b/core/src/main/java/org/bouncycastle/crypto/tls/TlsDHEKeyExchange.java
@@ -7,8 +7,8 @@ import java.util.Vector;
import org.bouncycastle.crypto.Digest;
import org.bouncycastle.crypto.Signer;
-import org.bouncycastle.crypto.io.SignerInputStream;
import org.bouncycastle.crypto.params.DHParameters;
+import org.bouncycastle.util.io.TeeInputStream;
public class TlsDHEKeyExchange
extends TlsDHKeyExchange
@@ -73,13 +73,15 @@ public class TlsDHEKeyExchange
{
SecurityParameters securityParameters = context.getSecurityParameters();
- Signer signer = initVerifyer(tlsSigner, securityParameters);
- InputStream sigIn = new SignerInputStream(input, signer);
+ SignerInputBuffer buf = new SignerInputBuffer();
+ InputStream teeIn = new TeeInputStream(input, buf);
- ServerDHParams params = ServerDHParams.parse(sigIn);
+ ServerDHParams params = ServerDHParams.parse(teeIn);
DigitallySigned signed_params = DigitallySigned.parse(context, input);
+ Signer signer = initVerifyer(tlsSigner, signed_params.getAlgorithm(), securityParameters);
+ buf.updateSigner(signer);
if (!signer.verifySignature(signed_params.getSignature()))
{
throw new TlsFatalAlert(AlertDescription.decrypt_error);
@@ -88,9 +90,9 @@ public class TlsDHEKeyExchange
this.dhAgreeServerPublicKey = TlsDHUtils.validateDHPublicKey(params.getPublicKey());
}
- protected Signer initVerifyer(TlsSigner tlsSigner, SecurityParameters securityParameters)
+ protected Signer initVerifyer(TlsSigner tlsSigner, SignatureAndHashAlgorithm algorithm, SecurityParameters securityParameters)
{
- Signer signer = tlsSigner.createVerifyer(this.serverPublicKey);
+ Signer signer = tlsSigner.createVerifyer(algorithm, this.serverPublicKey);
signer.update(securityParameters.clientRandom, 0, securityParameters.clientRandom.length);
signer.update(securityParameters.serverRandom, 0, securityParameters.serverRandom.length);
return signer;
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-07 13:15:02 +0300