diff options
Diffstat (limited to 'libraries/spongycastle/core/src/main/java/org/spongycastle/crypto/tls/SRPTlsClient.java')
-rw-r--r-- | libraries/spongycastle/core/src/main/java/org/spongycastle/crypto/tls/SRPTlsClient.java | 121 |
1 files changed, 0 insertions, 121 deletions
diff --git a/libraries/spongycastle/core/src/main/java/org/spongycastle/crypto/tls/SRPTlsClient.java b/libraries/spongycastle/core/src/main/java/org/spongycastle/crypto/tls/SRPTlsClient.java deleted file mode 100644 index 65aa6ceec..000000000 --- a/libraries/spongycastle/core/src/main/java/org/spongycastle/crypto/tls/SRPTlsClient.java +++ /dev/null @@ -1,121 +0,0 @@ -package org.spongycastle.crypto.tls; - -import java.io.IOException; -import java.util.Hashtable; - -import org.spongycastle.util.Arrays; - -public abstract class SRPTlsClient - extends AbstractTlsClient -{ - /** - * @deprecated use TlsSRPUtils.EXT_SRP instead - */ - public static final Integer EXT_SRP = TlsSRPUtils.EXT_SRP; - - protected byte[] identity; - protected byte[] password; - - public SRPTlsClient(byte[] identity, byte[] password) - { - super(); - this.identity = Arrays.clone(identity); - this.password = Arrays.clone(password); - } - - public SRPTlsClient(TlsCipherFactory cipherFactory, byte[] identity, byte[] password) - { - super(cipherFactory); - this.identity = Arrays.clone(identity); - this.password = Arrays.clone(password); - } - - public int[] getCipherSuites() - { - return new int[] { CipherSuite.TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA }; - } - - public Hashtable getClientExtensions() - throws IOException - { - Hashtable clientExtensions = TlsExtensionsUtils.ensureExtensionsInitialised(super.getClientExtensions()); - TlsSRPUtils.addSRPExtension(clientExtensions, this.identity); - return clientExtensions; - } - - public void processServerExtensions(Hashtable serverExtensions) - throws IOException - { - if (!TlsUtils.hasExpectedEmptyExtensionData(serverExtensions, TlsSRPUtils.EXT_SRP, AlertDescription.illegal_parameter)) - { - // No explicit guidance in RFC 5054 here; we allow an optional empty extension from server - } - } - - public TlsKeyExchange getKeyExchange() - throws IOException - { - - switch (selectedCipherSuite) - { - case CipherSuite.TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA: - case CipherSuite.TLS_SRP_SHA_WITH_AES_128_CBC_SHA: - case CipherSuite.TLS_SRP_SHA_WITH_AES_256_CBC_SHA: - return createSRPKeyExchange(KeyExchangeAlgorithm.SRP); - - case CipherSuite.TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA: - case CipherSuite.TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA: - case CipherSuite.TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA: - return createSRPKeyExchange(KeyExchangeAlgorithm.SRP_RSA); - - case CipherSuite.TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA: - case CipherSuite.TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA: - case CipherSuite.TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA: - return createSRPKeyExchange(KeyExchangeAlgorithm.SRP_DSS); - - default: - /* - * Note: internal error here; the TlsProtocol implementation verifies that the - * server-selected cipher suite was in the list of client-offered cipher suites, so if - * we now can't produce an implementation, we shouldn't have offered it! - */ - throw new TlsFatalAlert(AlertDescription.internal_error); - } - } - - public TlsCipher getCipher() - throws IOException - { - - switch (selectedCipherSuite) - { - case CipherSuite.TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA: - case CipherSuite.TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA: - case CipherSuite.TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA: - return cipherFactory.createCipher(context, EncryptionAlgorithm._3DES_EDE_CBC, MACAlgorithm.hmac_sha1); - - case CipherSuite.TLS_SRP_SHA_WITH_AES_128_CBC_SHA: - case CipherSuite.TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA: - case CipherSuite.TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA: - return cipherFactory.createCipher(context, EncryptionAlgorithm.AES_128_CBC, MACAlgorithm.hmac_sha1); - - case CipherSuite.TLS_SRP_SHA_WITH_AES_256_CBC_SHA: - case CipherSuite.TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA: - case CipherSuite.TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA: - return cipherFactory.createCipher(context, EncryptionAlgorithm.AES_256_CBC, MACAlgorithm.hmac_sha1); - - default: - /* - * Note: internal error here; the TlsProtocol implementation verifies that the - * server-selected cipher suite was in the list of client-offered cipher suites, so if - * we now can't produce an implementation, we shouldn't have offered it! - */ - throw new TlsFatalAlert(AlertDescription.internal_error); - } - } - - protected TlsKeyExchange createSRPKeyExchange(int keyExchange) - { - return new TlsSRPKeyExchange(keyExchange, supportedSignatureAlgorithms, identity, password); - } -} |