You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
199 lines
6.5 KiB
199 lines
6.5 KiB
#if !BESTHTTP_DISABLE_ALTERNATE_SSL && (!UNITY_WEBGL || UNITY_EDITOR) |
|
#pragma warning disable |
|
using System; |
|
using System.Collections; |
|
using System.IO; |
|
|
|
using BestHTTP.SecureProtocol.Org.BouncyCastle.Tls.Crypto; |
|
using BestHTTP.SecureProtocol.Org.BouncyCastle.Utilities; |
|
|
|
namespace BestHTTP.SecureProtocol.Org.BouncyCastle.Tls |
|
{ |
|
public sealed class SessionParameters |
|
{ |
|
public sealed class Builder |
|
{ |
|
private int m_cipherSuite = -1; |
|
private Certificate m_localCertificate = null; |
|
private TlsSecret m_masterSecret = null; |
|
private ProtocolVersion m_negotiatedVersion; |
|
private Certificate m_peerCertificate = null; |
|
private byte[] m_pskIdentity = null; |
|
private byte[] m_srpIdentity = null; |
|
private byte[] m_encodedServerExtensions = null; |
|
private bool m_extendedMasterSecret = false; |
|
|
|
public Builder() |
|
{ |
|
} |
|
|
|
public SessionParameters Build() |
|
{ |
|
Validate(m_cipherSuite >= 0, "cipherSuite"); |
|
Validate(m_masterSecret != null, "masterSecret"); |
|
return new SessionParameters(m_cipherSuite, m_localCertificate, m_masterSecret, m_negotiatedVersion, |
|
m_peerCertificate, m_pskIdentity, m_srpIdentity, m_encodedServerExtensions, m_extendedMasterSecret); |
|
} |
|
|
|
public Builder SetCipherSuite(int cipherSuite) |
|
{ |
|
this.m_cipherSuite = cipherSuite; |
|
return this; |
|
} |
|
|
|
public Builder SetExtendedMasterSecret(bool extendedMasterSecret) |
|
{ |
|
this.m_extendedMasterSecret = extendedMasterSecret; |
|
return this; |
|
} |
|
|
|
public Builder SetLocalCertificate(Certificate localCertificate) |
|
{ |
|
this.m_localCertificate = localCertificate; |
|
return this; |
|
} |
|
|
|
public Builder SetMasterSecret(TlsSecret masterSecret) |
|
{ |
|
this.m_masterSecret = masterSecret; |
|
return this; |
|
} |
|
|
|
public Builder SetNegotiatedVersion(ProtocolVersion negotiatedVersion) |
|
{ |
|
this.m_negotiatedVersion = negotiatedVersion; |
|
return this; |
|
} |
|
|
|
public Builder SetPeerCertificate(Certificate peerCertificate) |
|
{ |
|
this.m_peerCertificate = peerCertificate; |
|
return this; |
|
} |
|
|
|
public Builder SetPskIdentity(byte[] pskIdentity) |
|
{ |
|
this.m_pskIdentity = pskIdentity; |
|
return this; |
|
} |
|
|
|
public Builder SetSrpIdentity(byte[] srpIdentity) |
|
{ |
|
this.m_srpIdentity = srpIdentity; |
|
return this; |
|
} |
|
|
|
/// <exception cref="IOException"/> |
|
public Builder SetServerExtensions(IDictionary serverExtensions) |
|
{ |
|
if (serverExtensions == null || serverExtensions.Count < 1) |
|
{ |
|
this.m_encodedServerExtensions = null; |
|
} |
|
else |
|
{ |
|
MemoryStream buf = new MemoryStream(); |
|
TlsProtocol.WriteExtensions(buf, serverExtensions); |
|
this.m_encodedServerExtensions = buf.ToArray(); |
|
} |
|
return this; |
|
} |
|
|
|
private void Validate(bool condition, string parameter) |
|
{ |
|
if (!condition) |
|
throw new InvalidOperationException("Required session parameter '" + parameter + "' not configured"); |
|
} |
|
} |
|
|
|
private readonly int m_cipherSuite; |
|
private readonly Certificate m_localCertificate; |
|
private readonly TlsSecret m_masterSecret; |
|
private readonly ProtocolVersion m_negotiatedVersion; |
|
private readonly Certificate m_peerCertificate; |
|
private readonly byte[] m_pskIdentity; |
|
private readonly byte[] m_srpIdentity; |
|
private readonly byte[] m_encodedServerExtensions; |
|
private readonly bool m_extendedMasterSecret; |
|
|
|
private SessionParameters(int cipherSuite, Certificate localCertificate, TlsSecret masterSecret, |
|
ProtocolVersion negotiatedVersion, Certificate peerCertificate, byte[] pskIdentity, byte[] srpIdentity, |
|
byte[] encodedServerExtensions, bool extendedMasterSecret) |
|
{ |
|
this.m_cipherSuite = cipherSuite; |
|
this.m_localCertificate = localCertificate; |
|
this.m_masterSecret = masterSecret; |
|
this.m_negotiatedVersion = negotiatedVersion; |
|
this.m_peerCertificate = peerCertificate; |
|
this.m_pskIdentity = Arrays.Clone(pskIdentity); |
|
this.m_srpIdentity = Arrays.Clone(srpIdentity); |
|
this.m_encodedServerExtensions = encodedServerExtensions; |
|
this.m_extendedMasterSecret = extendedMasterSecret; |
|
} |
|
|
|
public int CipherSuite |
|
{ |
|
get { return m_cipherSuite; } |
|
} |
|
|
|
public void Clear() |
|
{ |
|
if (m_masterSecret != null) |
|
{ |
|
m_masterSecret.Destroy(); |
|
} |
|
} |
|
|
|
public SessionParameters Copy() |
|
{ |
|
return new SessionParameters(m_cipherSuite, m_localCertificate, m_masterSecret, m_negotiatedVersion, |
|
m_peerCertificate, m_pskIdentity, m_srpIdentity, m_encodedServerExtensions, m_extendedMasterSecret); |
|
} |
|
|
|
public bool IsExtendedMasterSecret |
|
{ |
|
get { return m_extendedMasterSecret; } |
|
} |
|
|
|
public Certificate LocalCertificate |
|
{ |
|
get { return m_localCertificate; } |
|
} |
|
|
|
public TlsSecret MasterSecret |
|
{ |
|
get { return m_masterSecret; } |
|
} |
|
|
|
public ProtocolVersion NegotiatedVersion |
|
{ |
|
get { return m_negotiatedVersion; } |
|
} |
|
|
|
public Certificate PeerCertificate |
|
{ |
|
get { return m_peerCertificate; } |
|
} |
|
|
|
public byte[] PskIdentity |
|
{ |
|
get { return m_pskIdentity; } |
|
} |
|
|
|
/// <exception cref="IOException"/> |
|
public IDictionary ReadServerExtensions() |
|
{ |
|
if (m_encodedServerExtensions == null) |
|
return null; |
|
|
|
return TlsProtocol.ReadExtensions(new MemoryStream(m_encodedServerExtensions, false)); |
|
} |
|
|
|
public byte[] SrpIdentity |
|
{ |
|
get { return m_srpIdentity; } |
|
} |
|
} |
|
} |
|
#pragma warning restore |
|
#endif
|
|
|