صفحهٔ اصلی گشت‌و‌گذار راهنما
ثبت نام ورود
slambb
/
smart-bow-infrared
1
0
انشعاب 0
پرونده‌ها مشکلات 0 درخواست واکشی 0 ویکی
شاخه: master
شاخه‌ها تگ‌ها
smart-bow-infra...
/
Assets
/
ThirdAssets
/
Best HTTP (Pro)
/
BestHTTP
/
SecureProtocol
/
crypto
/
tls
/
TlsUtilities.cs

TlsUtilities.cs 110 KB
لینک دائمی تاريخچه خام

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697989910010110210310410510610710810911011111211311411511611711811912012112212312412512612712812913013113213313413513613713813914014114214314414514614714814915015115215315415515615715815916016116216316416516616716816917017117217317417517617717817918018118218318418518618718818919019119219319419519619719819920020120220320420520620720820921021121221321421521621721821922022122222322422522622722822923023123223323423523623723823924024124224324424524624724824925025125225325425525625725825926026126226326426526626726826927027127227327427527627727827928028128228328428528628728828929029129229329429529629729829930030130230330430530630730830931031131231331431531631731831932032132232332432532632732832933033133233333433533633733833934034134234334434534634734834935035135235335435535635735835936036136236336436536636736836937037137237337437537637737837938038138238338438538638738838939039139239339439539639739839940040140240340440540640740840941041141241341441541641741841942042142242342442542642742842943043143243343443543643743843944044144244344444544644744844945045145245345445545645745845946046146246346446546646746846947047147247347447547647747847948048148248348448548648748848949049149249349449549649749849950050150250350450550650750850951051151251351451551651751851952052152252352452552652752852953053153253353453553653753853954054154254354454554654754854955055155255355455555655755855956056156256356456556656756856957057157257357457557657757857958058158258358458558658758858959059159259359459559659759859960060160260360460560660760860961061161261361461561661761861962062162262362462562662762862963063163263363463563663763863964064164264364464564664764864965065165265365465565665765865966066166266366466566666766866967067167267367467567667767867968068168268368468568668768868969069169269369469569669769869970070170270370470570670770870971071171271371471571671771871972072172272372472572672772872973073173273373473573673773873974074174274374474574674774874975075175275375475575675775875976076176276376476576676776876977077177277377477577677777877978078178278378478578678778878979079179279379479579679779879980080180280380480580680780880981081181281381481581681781881982082182282382482582682782882983083183283383483583683783883984084184284384484584684784884985085185285385485585685785885986086186286386486586686786886987087187287387487587687787887988088188288388488588688788888989089189289389489589689789889990090190290390490590690790890991091191291391491591691791891992092192292392492592692792892993093193293393493593693793893994094194294394494594694794894995095195295395495595695795895996096196296396496596696796896997097197297397497597697797897998098198298398498598698798898999099199299399499599699799899910001001100210031004100510061007100810091010101110121013101410151016101710181019102010211022102310241025102610271028102910301031103210331034103510361037103810391040104110421043104410451046104710481049105010511052105310541055105610571058105910601061106210631064106510661067106810691070107110721073107410751076107710781079108010811082108310841085108610871088108910901091109210931094109510961097109810991100110111021103110411051106110711081109111011111112111311141115111611171118111911201121112211231124112511261127112811291130113111321133113411351136113711381139114011411142114311441145114611471148114911501151115211531154115511561157115811591160116111621163116411651166116711681169117011711172117311741175117611771178117911801181118211831184118511861187118811891190119111921193119411951196119711981199120012011202120312041205120612071208120912101211121212131214121512161217121812191220122112221223122412251226122712281229123012311232123312341235123612371238123912401241124212431244124512461247124812491250125112521253125412551256125712581259126012611262126312641265126612671268126912701271127212731274127512761277127812791280128112821283128412851286128712881289129012911292129312941295129612971298129913001301130213031304130513061307130813091310131113121313131413151316131713181319132013211322132313241325132613271328132913301331133213331334133513361337133813391340134113421343134413451346134713481349135013511352135313541355135613571358135913601361136213631364136513661367136813691370137113721373137413751376137713781379138013811382138313841385138613871388138913901391139213931394139513961397139813991400140114021403140414051406140714081409141014111412141314141415141614171418141914201421142214231424142514261427142814291430143114321433143414351436143714381439144014411442144314441445144614471448144914501451145214531454145514561457145814591460146114621463146414651466146714681469147014711472147314741475147614771478147914801481148214831484148514861487148814891490149114921493149414951496149714981499150015011502150315041505150615071508150915101511151215131514151515161517151815191520152115221523152415251526152715281529153015311532153315341535153615371538153915401541154215431544154515461547154815491550155115521553155415551556155715581559156015611562156315641565156615671568156915701571157215731574157515761577157815791580158115821583158415851586158715881589159015911592159315941595159615971598159916001601160216031604160516061607160816091610161116121613161416151616161716181619162016211622162316241625162616271628162916301631163216331634163516361637163816391640164116421643164416451646164716481649165016511652165316541655165616571658165916601661166216631664166516661667166816691670167116721673167416751676167716781679168016811682168316841685168616871688168916901691169216931694169516961697169816991700170117021703170417051706170717081709171017111712171317141715171617171718171917201721172217231724172517261727172817291730173117321733173417351736173717381739174017411742174317441745174617471748174917501751175217531754175517561757175817591760176117621763176417651766176717681769177017711772177317741775177617771778177917801781178217831784178517861787178817891790179117921793179417951796179717981799180018011802180318041805180618071808180918101811181218131814181518161817181818191820182118221823182418251826182718281829183018311832183318341835183618371838183918401841184218431844184518461847184818491850185118521853185418551856185718581859186018611862186318641865186618671868186918701871187218731874187518761877187818791880188118821883188418851886188718881889189018911892189318941895189618971898189919001901190219031904190519061907190819091910191119121913191419151916191719181919192019211922192319241925192619271928192919301931193219331934193519361937193819391940194119421943194419451946194719481949195019511952195319541955195619571958195919601961196219631964196519661967196819691970197119721973197419751976197719781979198019811982198319841985198619871988198919901991199219931994199519961997199819992000200120022003200420052006200720082009201020112012201320142015201620172018201920202021202220232024202520262027202820292030203120322033203420352036203720382039204020412042204320442045204620472048204920502051205220532054205520562057205820592060206120622063206420652066206720682069207020712072207320742075207620772078207920802081208220832084208520862087208820892090209120922093209420952096209720982099210021012102210321042105210621072108210921102111211221132114211521162117211821192120212121222123212421252126212721282129213021312132213321342135213621372138213921402141214221432144214521462147214821492150215121522153215421552156215721582159216021612162216321642165216621672168216921702171217221732174217521762177217821792180218121822183218421852186218721882189219021912192219321942195219621972198219922002201220222032204220522062207220822092210221122122213221422152216221722182219222022212222222322242225222622272228222922302231223222332234223522362237223822392240224122422243224422452246224722482249225022512252225322542255225622572258225922602261226222632264226522662267226822692270227122722273227422752276227722782279228022812282228322842285228622872288228922902291229222932294229522962297229822992300230123022303230423052306230723082309231023112312231323142315231623172318231923202321232223232324232523262327232823292330233123322333233423352336233723382339234023412342234323442345234623472348234923502351235223532354235523562357235823592360236123622363236423652366236723682369237023712372237323742375237623772378237923802381238223832384238523862387238823892390239123922393239423952396239723982399240024012402240324042405 
  1. #if !BESTHTTP_DISABLE_ALTERNATE_SSL && (!UNITY_WEBGL || UNITY_EDITOR)
    2. 

  2. #pragma warning disable
    3. 

  3. using System;
    4. 

  4. using System.Collections;
    5. 

  5. using System.IO;
    6. 

  6. using System.Text;
    7. 

  7. 

  8. using BestHTTP.SecureProtocol.Org.BouncyCastle.Asn1;
    9. 

  9. using BestHTTP.SecureProtocol.Org.BouncyCastle.Asn1.Nist;
    10. 

  10. using BestHTTP.SecureProtocol.Org.BouncyCastle.Asn1.Pkcs;
    11. 

  11. using BestHTTP.SecureProtocol.Org.BouncyCastle.Asn1.X509;
    12. 

  12. using BestHTTP.SecureProtocol.Org.BouncyCastle.Crypto.Digests;
    13. 

  13. using BestHTTP.SecureProtocol.Org.BouncyCastle.Crypto.Macs;
    14. 

  14. using BestHTTP.SecureProtocol.Org.BouncyCastle.Crypto.Parameters;
    15. 

  15. using BestHTTP.SecureProtocol.Org.BouncyCastle.Security;
    16. 

  16. using BestHTTP.SecureProtocol.Org.BouncyCastle.Utilities;
    17. 

  17. using BestHTTP.SecureProtocol.Org.BouncyCastle.Utilities.Date;
    18. 

  18. using BestHTTP.SecureProtocol.Org.BouncyCastle.Utilities.IO;
    19. 

  19. 

  20. namespace BestHTTP.SecureProtocol.Org.BouncyCastle.Crypto.Tls
    21. 

  21. {
    22. 

  22.     /// <remarks>Some helper functions for MicroTLS.</remarks>
    23. 

  23.     public abstract class TlsUtilities
    24. 

  24.     {
    25. 

  25.         public static readonly byte[] EmptyBytes = new byte[0];
    26. 

  26.         public static readonly short[] EmptyShorts = new short[0];
    27. 

  27.         public static readonly int[] EmptyInts = new int[0];
    28. 

  28.         public static readonly long[] EmptyLongs = new long[0];
    29. 

  29. 

  30.         public static void CheckUint8(int i)
    31. 

  31.         {
    32. 

  32.             if (!IsValidUint8(i))
    33. 

  33.                 throw new TlsFatalAlert(AlertDescription.internal_error);
    34. 

  34.         }
    35. 

  35. 

  36.         public static void CheckUint8(long i)
    37. 

  37.         {
    38. 

  38.             if (!IsValidUint8(i))
    39. 

  39.                 throw new TlsFatalAlert(AlertDescription.internal_error);
    40. 

  40.         }
    41. 

  41. 

  42.         public static void CheckUint16(int i)
    43. 

  43.         {
    44. 

  44.             if (!IsValidUint16(i))
    45. 

  45.                 throw new TlsFatalAlert(AlertDescription.internal_error);
    46. 

  46.         }
    47. 

  47. 

  48.         public static void CheckUint16(long i)
    49. 

  49.         {
    50. 

  50.             if (!IsValidUint16(i))
    51. 

  51.                 throw new TlsFatalAlert(AlertDescription.internal_error);
    52. 

  52.         }
    53. 

  53. 

  54.         public static void CheckUint24(int i)
    55. 

  55.         {
    56. 

  56.             if (!IsValidUint24(i))
    57. 

  57.                 throw new TlsFatalAlert(AlertDescription.internal_error);
    58. 

  58.         }
    59. 

  59. 

  60.         public static void CheckUint24(long i)
    61. 

  61.         {
    62. 

  62.             if (!IsValidUint24(i))
    63. 

  63.                 throw new TlsFatalAlert(AlertDescription.internal_error);
    64. 

  64.         }
    65. 

  65. 

  66.         public static void CheckUint32(long i)
    67. 

  67.         {
    68. 

  68.             if (!IsValidUint32(i))
    69. 

  69.                 throw new TlsFatalAlert(AlertDescription.internal_error);
    70. 

  70.         }
    71. 

  71. 

  72.         public static void CheckUint48(long i)
    73. 

  73.         {
    74. 

  74.             if (!IsValidUint48(i))
    75. 

  75.                 throw new TlsFatalAlert(AlertDescription.internal_error);
    76. 

  76.         }
    77. 

  77. 

  78.         public static void CheckUint64(long i)
    79. 

  79.         {
    80. 

  80.             if (!IsValidUint64(i))
    81. 

  81.                 throw new TlsFatalAlert(AlertDescription.internal_error);
    82. 

  82.         }
    83. 

  83. 

  84.         public static bool IsValidUint8(int i)
    85. 

  85.         {
    86. 

  86.             return (i & 0xFF) == i;
    87. 

  87.         }
    88. 

  88. 

  89.         public static bool IsValidUint8(long i)
    90. 

  90.         {
    91. 

  91.             return (i & 0xFFL) == i;
    92. 

  92.         }
    93. 

  93. 

  94.         public static bool IsValidUint16(int i)
    95. 

  95.         {
    96. 

  96.             return (i & 0xFFFF) == i;
    97. 

  97.         }
    98. 

  98. 

  99.         public static bool IsValidUint16(long i)
    100. 

  100.         {
    101. 

  101.             return (i & 0xFFFFL) == i;
    102. 

  102.         }
    103. 

  103. 

  104.         public static bool IsValidUint24(int i)
    105. 

  105.         {
    106. 

  106.             return (i & 0xFFFFFF) == i;
    107. 

  107.         }
    108. 

  108. 

  109.         public static bool IsValidUint24(long i)
    110. 

  110.         {
    111. 

  111.             return (i & 0xFFFFFFL) == i;
    112. 

  112.         }
    113. 

  113. 

  114.         public static bool IsValidUint32(long i)
    115. 

  115.         {
    116. 

  116.             return (i & 0xFFFFFFFFL) == i;
    117. 

  117.         }
    118. 

  118. 

  119.         public static bool IsValidUint48(long i)
    120. 

  120.         {
    121. 

  121.             return (i & 0xFFFFFFFFFFFFL) == i;
    122. 

  122.         }
    123. 

  123. 

  124.         public static bool IsValidUint64(long i)
    125. 

  125.         {
    126. 

  126.             return true;
    127. 

  127.         }
    128. 

  128. 

  129.         public static bool IsSsl(TlsContext context)
    130. 

  130.         {
    131. 

  131.             return context.ServerVersion.IsSsl;
    132. 

  132.         }
    133. 

  133. 

  134.         public static bool IsTlsV11(ProtocolVersion version)
    135. 

  135.         {
    136. 

  136.             return ProtocolVersion.TLSv11.IsEqualOrEarlierVersionOf(version.GetEquivalentTLSVersion());
    137. 

  137.         }
    138. 

  138. 

  139.         public static bool IsTlsV11(TlsContext context)
    140. 

  140.         {
    141. 

  141.             return IsTlsV11(context.ServerVersion);
    142. 

  142.         }
    143. 

  143. 

  144.         public static bool IsTlsV12(ProtocolVersion version)
    145. 

  145.         {
    146. 

  146.             return ProtocolVersion.TLSv12.IsEqualOrEarlierVersionOf(version.GetEquivalentTLSVersion());
    147. 

  147.         }
    148. 

  148. 

  149.         public static bool IsTlsV12(TlsContext context)
    150. 

  150.         {
    151. 

  151.             return IsTlsV12(context.ServerVersion);
    152. 

  152.         }
    153. 

  153. 

  154.         public static void WriteUint8(byte i, Stream output)
    155. 

  155.         {
    156. 

  156.             output.WriteByte(i);
    157. 

  157.         }
    158. 

  158. 

  159.         public static void WriteUint8(byte i, byte[] buf, int offset)
    160. 

  160.         {
    161. 

  161.             buf[offset] = i;
    162. 

  162.         }
    163. 

  163. 

  164.         public static void WriteUint16(int i, Stream output)
    165. 

  165.         {
    166. 

  166.             output.WriteByte((byte)(i >> 8));
    167. 

  167.             output.WriteByte((byte)i);
    168. 

  168.         }
    169. 

  169. 

  170.         public static void WriteUint16(int i, byte[] buf, int offset)
    171. 

  171.         {
    172. 

  172.             buf[offset] = (byte)(i >> 8);
    173. 

  173.             buf[offset + 1] = (byte)i;
    174. 

  174.         }
    175. 

  175. 

  176.         public static void WriteUint24(int i, Stream output)
    177. 

  177.         {
    178. 

  178.             output.WriteByte((byte)(i >> 16));
    179. 

  179.             output.WriteByte((byte)(i >> 8));
    180. 

  180.             output.WriteByte((byte)i);
    181. 

  181.         }
    182. 

  182. 

  183.         public static void WriteUint24(int i, byte[] buf, int offset)
    184. 

  184.         {
    185. 

  185.             buf[offset] = (byte)(i >> 16);
    186. 

  186.             buf[offset + 1] = (byte)(i >> 8);
    187. 

  187.             buf[offset + 2] = (byte)i;
    188. 

  188.         }
    189. 

  189. 

  190.         public static void WriteUint32(long i, Stream output)
    191. 

  191.         {
    192. 

  192.             output.WriteByte((byte)(i >> 24));
    193. 

  193.             output.WriteByte((byte)(i >> 16));
    194. 

  194.             output.WriteByte((byte)(i >> 8));
    195. 

  195.             output.WriteByte((byte)i);
    196. 

  196.         }
    197. 

  197. 

  198.         public static void WriteUint32(long i, byte[] buf, int offset)
    199. 

  199.         {
    200. 

  200.             buf[offset] = (byte)(i >> 24);
    201. 

  201.             buf[offset + 1] = (byte)(i >> 16);
    202. 

  202.             buf[offset + 2] = (byte)(i >> 8);
    203. 

  203.             buf[offset + 3] = (byte)i;
    204. 

  204.         }
    205. 

  205. 

  206.         public static void WriteUint48(long i, Stream output)
    207. 

  207.         {
    208. 

  208.             output.WriteByte((byte)(i >> 40));
    209. 

  209.             output.WriteByte((byte)(i >> 32));
    210. 

  210.             output.WriteByte((byte)(i >> 24));
    211. 

  211.             output.WriteByte((byte)(i >> 16));
    212. 

  212.             output.WriteByte((byte)(i >> 8));
    213. 

  213.             output.WriteByte((byte)i);
    214. 

  214.         }
    215. 

  215. 

  216.         public static void WriteUint48(long i, byte[] buf, int offset)
    217. 

  217.         {
    218. 

  218.             buf[offset] = (byte)(i >> 40);
    219. 

  219.             buf[offset + 1] = (byte)(i >> 32);
    220. 

  220.             buf[offset + 2] = (byte)(i >> 24);
    221. 

  221.             buf[offset + 3] = (byte)(i >> 16);
    222. 

  222.             buf[offset + 4] = (byte)(i >> 8);
    223. 

  223.             buf[offset + 5] = (byte)i;
    224. 

  224.         }
    225. 

  225. 

  226.         public static void WriteUint64(long i, Stream output)
    227. 

  227.         {
    228. 

  228.             output.WriteByte((byte)(i >> 56));
    229. 

  229.             output.WriteByte((byte)(i >> 48));
    230. 

  230.             output.WriteByte((byte)(i >> 40));
    231. 

  231.             output.WriteByte((byte)(i >> 32));
    232. 

  232.             output.WriteByte((byte)(i >> 24));
    233. 

  233.             output.WriteByte((byte)(i >> 16));
    234. 

  234.             output.WriteByte((byte)(i >> 8));
    235. 

  235.             output.WriteByte((byte)i);
    236. 

  236.         }
    237. 

  237. 

  238.         public static void WriteUint64(long i, byte[] buf, int offset)
    239. 

  239.         {
    240. 

  240.             buf[offset] = (byte)(i >> 56);
    241. 

  241.             buf[offset + 1] = (byte)(i >> 48);
    242. 

  242.             buf[offset + 2] = (byte)(i >> 40);
    243. 

  243.             buf[offset + 3] = (byte)(i >> 32);
    244. 

  244.             buf[offset + 4] = (byte)(i >> 24);
    245. 

  245.             buf[offset + 5] = (byte)(i >> 16);
    246. 

  246.             buf[offset + 6] = (byte)(i >> 8);
    247. 

  247.             buf[offset + 7] = (byte)i;
    248. 

  248.         }
    249. 

  249. 

  250.         public static void WriteOpaque8(byte[] buf, Stream output)
    251. 

  251.         {
    252. 

  252.             WriteUint8((byte)buf.Length, output);
    253. 

  253.             output.Write(buf, 0, buf.Length);
    254. 

  254.         }
    255. 

  255. 

  256.         public static void WriteOpaque16(byte[] buf, Stream output)
    257. 

  257.         {
    258. 

  258.             WriteUint16(buf.Length, output);
    259. 

  259.             output.Write(buf, 0, buf.Length);
    260. 

  260.         }
    261. 

  261. 

  262.         public static void WriteOpaque24(byte[] buf, Stream output)
    263. 

  263.         {
    264. 

  264.             WriteUint24(buf.Length, output);
    265. 

  265.             output.Write(buf, 0, buf.Length);
    266. 

  266.         }
    267. 

  267. 

  268.         public static void WriteUint8Array(byte[] uints, Stream output)
    269. 

  269.         {
    270. 

  270.             output.Write(uints, 0, uints.Length);
    271. 

  271.         }
    272. 

  272. 

  273.         public static void WriteUint8Array(byte[] uints, byte[] buf, int offset)
    274. 

  274.         {
    275. 

  275.             for (int i = 0; i < uints.Length; ++i)
    276. 

  276.             {
    277. 

  277.                 WriteUint8(uints[i], buf, offset);
    278. 

  278.                 ++offset;
    279. 

  279.             }
    280. 

  280.         }
    281. 

  281. 

  282.         public static void WriteUint8ArrayWithUint8Length(byte[] uints, Stream output)
    283. 

  283.         {
    284. 

  284.             CheckUint8(uints.Length);
    285. 

  285.             WriteUint8((byte)uints.Length, output);
    286. 

  286.             WriteUint8Array(uints, output);
    287. 

  287.         }
    288. 

  288. 

  289.         public static void WriteUint8ArrayWithUint8Length(byte[] uints, byte[] buf, int offset)
    290. 

  290.         {
    291. 

  291.             CheckUint8(uints.Length);
    292. 

  292.             WriteUint8((byte)uints.Length, buf, offset);
    293. 

  293.             WriteUint8Array(uints, buf, offset + 1);
    294. 

  294.         }
    295. 

  295. 

  296.         public static void WriteUint16Array(int[] uints, Stream output)
    297. 

  297.         {
    298. 

  298.             for (int i = 0; i < uints.Length; ++i)
    299. 

  299.             {
    300. 

  300.                 WriteUint16(uints[i], output);
    301. 

  301.             }
    302. 

  302.         }
    303. 

  303. 

  304.         public static void WriteUint16Array(int[] uints, byte[] buf, int offset)
    305. 

  305.         {
    306. 

  306.             for (int i = 0; i < uints.Length; ++i)
    307. 

  307.             {
    308. 

  308.                 WriteUint16(uints[i], buf, offset);
    309. 

  309.                 offset += 2;
    310. 

  310.             }
    311. 

  311.         }
    312. 

  312. 

  313.         public static void WriteUint16ArrayWithUint16Length(int[] uints, Stream output)
    314. 

  314.         {
    315. 

  315.             int length = 2 * uints.Length;
    316. 

  316.             CheckUint16(length);
    317. 

  317.             WriteUint16(length, output);
    318. 

  318.             WriteUint16Array(uints, output);
    319. 

  319.         }
    320. 

  320. 

  321.         public static void WriteUint16ArrayWithUint16Length(int[] uints, byte[] buf, int offset)
    322. 

  322.         {
    323. 

  323.             int length = 2 * uints.Length;
    324. 

  324.             CheckUint16(length);
    325. 

  325.             WriteUint16(length, buf, offset);
    326. 

  326.             WriteUint16Array(uints, buf, offset + 2);
    327. 

  327.         }
    328. 

  328. 

  329.         public static byte DecodeUint8(byte[] buf)
    330. 

  330.         {
    331. 

  331.             if (buf == null)
    332. 

  332.                 throw new ArgumentNullException("buf");
    333. 

  333.             if (buf.Length != 1)
    334. 

  334.                 throw new TlsFatalAlert(AlertDescription.decode_error);
    335. 

  335.             return ReadUint8(buf, 0);
    336. 

  336.         }
    337. 

  337. 

  338.         public static byte[] DecodeUint8ArrayWithUint8Length(byte[] buf)
    339. 

  339.         {
    340. 

  340.             if (buf == null)
    341. 

  341.                 throw new ArgumentNullException("buf");
    342. 

  342. 

  343.             int count = ReadUint8(buf, 0);
    344. 

  344.             if (buf.Length != (count + 1))
    345. 

  345.                 throw new TlsFatalAlert(AlertDescription.decode_error);
    346. 

  346. 

  347.             byte[] uints = new byte[count];
    348. 

  348.             for (int i = 0; i < count; ++i)
    349. 

  349.             {
    350. 

  350.                 uints[i] = ReadUint8(buf, i + 1);
    351. 

  351.             }
    352. 

  352.             return uints;
    353. 

  353.         }
    354. 

  354. 

  355.         public static byte[] EncodeOpaque8(byte[] buf)
    356. 

  356.         {
    357. 

  357.             CheckUint8(buf.Length);
    358. 

  358.             return Arrays.Prepend(buf, (byte)buf.Length);
    359. 

  359.         }
    360. 

  360. 

  361.         public static byte[] EncodeUint8(byte val)
    362. 

  362.         {
    363. 

  363.             CheckUint8(val);
    364. 

  364. 

  365.             byte[] extensionData = new byte[1];
    366. 

  366.             WriteUint8(val, extensionData, 0);
    367. 

  367.             return extensionData;
    368. 

  368.         }
    369. 

  369. 

  370.         public static byte[] EncodeUint8ArrayWithUint8Length(byte[] uints)
    371. 

  371.         {
    372. 

  372.             byte[] result = new byte[1 + uints.Length];
    373. 

  373.             WriteUint8ArrayWithUint8Length(uints, result, 0);
    374. 

  374.             return result;
    375. 

  375.         }
    376. 

  376. 

  377.         public static byte[] EncodeUint16ArrayWithUint16Length(int[] uints)
    378. 

  378.         {
    379. 

  379.             int length = 2 * uints.Length;
    380. 

  380.             byte[] result = new byte[2 + length];
    381. 

  381.             WriteUint16ArrayWithUint16Length(uints, result, 0);
    382. 

  382.             return result;
    383. 

  383.         }
    384. 

  384. 

  385.         public static byte ReadUint8(Stream input)
    386. 

  386.         {
    387. 

  387.             int i = input.ReadByte();
    388. 

  388.             if (i < 0)
    389. 

  389.                 throw new EndOfStreamException();
    390. 

  390.             return (byte)i;
    391. 

  391.         }
    392. 

  392. 

  393.         public static byte ReadUint8(byte[] buf, int offset)
    394. 

  394.         {
    395. 

  395.             return buf[offset];
    396. 

  396.         }
    397. 

  397. 

  398.         public static int ReadUint16(Stream input)
    399. 

  399.         {
    400. 

  400.             int i1 = input.ReadByte();
    401. 

  401.             int i2 = input.ReadByte();
    402. 

  402.             if (i2 < 0)
    403. 

  403.                 throw new EndOfStreamException();
    404. 

  404.             return (i1 << 8) | i2;
    405. 

  405.         }
    406. 

  406. 

  407.         public static int ReadUint16(byte[] buf, int offset)
    408. 

  408.         {
    409. 

  409.             uint n = (uint)buf[offset] << 8;
    410. 

  410.             n |= (uint)buf[++offset];
    411. 

  411.             return (int)n;
    412. 

  412.         }
    413. 

  413. 

  414.         public static int ReadUint24(Stream input)
    415. 

  415.         {
    416. 

  416.             int i1 = input.ReadByte();
    417. 

  417.             int i2 = input.ReadByte();
    418. 

  418.             int i3 = input.ReadByte();
    419. 

  419.             if (i3 < 0)
    420. 

  420.                 throw new EndOfStreamException();
    421. 

  421.             return (i1 << 16) | (i2 << 8) | i3;
    422. 

  422.         }
    423. 

  423. 

  424.         public static int ReadUint24(byte[] buf, int offset)
    425. 

  425.         {
    426. 

  426.             uint n = (uint)buf[offset] << 16;
    427. 

  427.             n |= (uint)buf[++offset] << 8;
    428. 

  428.             n |= (uint)buf[++offset];
    429. 

  429.             return (int)n;
    430. 

  430.         }
    431. 

  431. 

  432.         public static long ReadUint32(Stream input)
    433. 

  433.         {
    434. 

  434.             int i1 = input.ReadByte();
    435. 

  435.             int i2 = input.ReadByte();
    436. 

  436.             int i3 = input.ReadByte();
    437. 

  437.             int i4 = input.ReadByte();
    438. 

  438.             if (i4 < 0)
    439. 

  439.                 throw new EndOfStreamException();
    440. 

  440.             return (long)(uint)((i1 << 24) | (i2 << 16) | (i3 << 8) | i4);
    441. 

  441.         }
    442. 

  442. 

  443.         public static long ReadUint32(byte[] buf, int offset)
    444. 

  444.         {
    445. 

  445.             uint n = (uint)buf[offset] << 24;
    446. 

  446.             n |= (uint)buf[++offset] << 16;
    447. 

  447.             n |= (uint)buf[++offset] << 8;
    448. 

  448.             n |= (uint)buf[++offset];
    449. 

  449.             return (long)n;
    450. 

  450.         }
    451. 

  451. 

  452.         public static long ReadUint48(Stream input)
    453. 

  453.         {
    454. 

  454.             int hi = ReadUint24(input);
    455. 

  455.             int lo = ReadUint24(input);
    456. 

  456.             return ((long)(hi & 0xffffffffL) << 24) | (long)(lo & 0xffffffffL);
    457. 

  457.         }
    458. 

  458. 

  459.         public static long ReadUint48(byte[] buf, int offset)
    460. 

  460.         {
    461. 

  461.             int hi = ReadUint24(buf, offset);
    462. 

  462.             int lo = ReadUint24(buf, offset + 3);
    463. 

  463.             return ((long)(hi & 0xffffffffL) << 24) | (long)(lo & 0xffffffffL);
    464. 

  464.         }
    465. 

  465. 

  466.         public static byte[] ReadAllOrNothing(int length, Stream input)
    467. 

  467.         {
    468. 

  468.             if (length < 1)
    469. 

  469.                 return EmptyBytes;
    470. 

  470.             byte[] buf = new byte[length];
    471. 

  471.             int read = Streams.ReadFully(input, buf);
    472. 

  472.             if (read == 0)
    473. 

  473.                 return null;
    474. 

  474.             if (read != length)
    475. 

  475.                 throw new EndOfStreamException();
    476. 

  476.             return buf;
    477. 

  477.         }
    478. 

  478. 

  479.         public static byte[] ReadFully(int length, Stream input)
    480. 

  480.         {
    481. 

  481.             if (length < 1)
    482. 

  482.                 return EmptyBytes;
    483. 

  483.             byte[] buf = new byte[length];
    484. 

  484.             if (length != Streams.ReadFully(input, buf))
    485. 

  485.                 throw new EndOfStreamException();
    486. 

  486.             return buf;
    487. 

  487.         }
    488. 

  488. 

  489.         public static void ReadFully(byte[] buf, Stream input)
    490. 

  490.         {
    491. 

  491.             if (Streams.ReadFully(input, buf, 0, buf.Length) < buf.Length)
    492. 

  492.                 throw new EndOfStreamException();
    493. 

  493.         }
    494. 

  494. 

  495.         public static byte[] ReadOpaque8(Stream input)
    496. 

  496.         {
    497. 

  497.             byte length = ReadUint8(input);
    498. 

  498.             byte[] bytes = new byte[length];
    499. 

  499.             ReadFully(bytes, input);
    500. 

  500.             return bytes;
    501. 

  501.         }
    502. 

  502. 

  503.         public static byte[] ReadOpaque16(Stream input)
    504. 

  504.         {
    505. 

  505.             int length = ReadUint16(input);
    506. 

  506.             byte[] bytes = new byte[length];
    507. 

  507.             ReadFully(bytes, input);
    508. 

  508.             return bytes;
    509. 

  509.         }
    510. 

  510. 

  511.         public static byte[] ReadOpaque24(Stream input)
    512. 

  512.         {
    513. 

  513.             int length = ReadUint24(input);
    514. 

  514.             return ReadFully(length, input);
    515. 

  515.         }
    516. 

  516. 

  517.         public static byte[] ReadUint8Array(int count, Stream input)
    518. 

  518.         {
    519. 

  519.             byte[] uints = new byte[count];
    520. 

  520.             for (int i = 0; i < count; ++i)
    521. 

  521.             {
    522. 

  522.                 uints[i] = ReadUint8(input);
    523. 

  523.             }
    524. 

  524.             return uints;
    525. 

  525.         }
    526. 

  526. 

  527.         public static int[] ReadUint16Array(int count, Stream input)
    528. 

  528.         {
    529. 

  529.             int[] uints = new int[count];
    530. 

  530.             for (int i = 0; i < count; ++i)
    531. 

  531.             {
    532. 

  532.                 uints[i] = ReadUint16(input);
    533. 

  533.             }
    534. 

  534.             return uints;
    535. 

  535.         }
    536. 

  536. 

  537.         public static ProtocolVersion ReadVersion(byte[] buf, int offset)
    538. 

  538.         {
    539. 

  539.             return ProtocolVersion.Get(buf[offset], buf[offset + 1]);
    540. 

  540.         }
    541. 

  541. 

  542.         public static ProtocolVersion ReadVersion(Stream input)
    543. 

  543.         {
    544. 

  544.             int i1 = input.ReadByte();
    545. 

  545.             int i2 = input.ReadByte();
    546. 

  546.             if (i2 < 0)
    547. 

  547.                 throw new EndOfStreamException();
    548. 

  548.             return ProtocolVersion.Get(i1, i2);
    549. 

  549.         }
    550. 

  550. 

  551.         public static int ReadVersionRaw(byte[] buf, int offset)
    552. 

  552.         {
    553. 

  553.             return (buf[offset] << 8) | buf[offset + 1];
    554. 

  554.         }
    555. 

  555. 

  556.         public static int ReadVersionRaw(Stream input)
    557. 

  557.         {
    558. 

  558.             int i1 = input.ReadByte();
    559. 

  559.             int i2 = input.ReadByte();
    560. 

  560.             if (i2 < 0)
    561. 

  561.                 throw new EndOfStreamException();
    562. 

  562.             return (i1 << 8) | i2;
    563. 

  563.         }
    564. 

  564. 

  565.         public static Asn1Object ReadAsn1Object(byte[] encoding)
    566. 

  566.         {
    567. 

  567.             MemoryStream input = new MemoryStream(encoding, false);
    568. 

  568.             Asn1InputStream asn1 = new Asn1InputStream(input, encoding.Length);
    569. 

  569.             Asn1Object result = asn1.ReadObject();
    570. 

  570.             if (null == result)
    571. 

  571.                 throw new TlsFatalAlert(AlertDescription.decode_error);
    572. 

  572.             if (input.Position != input.Length)
    573. 

  573.                 throw new TlsFatalAlert(AlertDescription.decode_error);
    574. 

  574.             return result;
    575. 

  575.         }
    576. 

  576. 

  577.         public static Asn1Object ReadDerObject(byte[] encoding)
    578. 

  578.         {
    579. 

  579.             /*
    580. 

  580.              * NOTE: The current ASN.1 parsing code can't enforce DER-only parsing, but since DER is
    581. 

  581.              * canonical, we can check it by re-encoding the result and comparing to the original.
    582. 

  582.              */
    583. 

  583.             Asn1Object result = ReadAsn1Object(encoding);
    584. 

  584.             byte[] check = result.GetEncoded(Asn1Encodable.Der);
    585. 

  585.             if (!Arrays.AreEqual(check, encoding))
    586. 

  586.                 throw new TlsFatalAlert(AlertDescription.decode_error);
    587. 

  587.             return result;
    588. 

  588.         }
    589. 

  589. 

  590.         public static void WriteGmtUnixTime(byte[] buf, int offset)
    591. 

  591.         {
    592. 

  592.             int t = (int)(DateTimeUtilities.CurrentUnixMs() / 1000L);
    593. 

  593.             buf[offset] = (byte)(t >> 24);
    594. 

  594.             buf[offset + 1] = (byte)(t >> 16);
    595. 

  595.             buf[offset + 2] = (byte)(t >> 8);
    596. 

  596.             buf[offset + 3] = (byte)t;
    597. 

  597.         }
    598. 

  598. 

  599.         public static void WriteVersion(ProtocolVersion version, Stream output)
    600. 

  600.         {
    601. 

  601.             output.WriteByte((byte)version.MajorVersion);
    602. 

  602.             output.WriteByte((byte)version.MinorVersion);
    603. 

  603.         }
    604. 

  604. 

  605.         public static void WriteVersion(ProtocolVersion version, byte[] buf, int offset)
    606. 

  606.         {
    607. 

  607.             buf[offset] = (byte)version.MajorVersion;
    608. 

  608.             buf[offset + 1] = (byte)version.MinorVersion;
    609. 

  609.         }
    610. 

  610. 

  611.         public static IList GetAllSignatureAlgorithms()
    612. 

  612.         {
    613. 

  613.             IList v = BestHTTP.SecureProtocol.Org.BouncyCastle.Utilities.Platform.CreateArrayList(4);
    614. 

  614.             v.Add(SignatureAlgorithm.anonymous);
    615. 

  615.             v.Add(SignatureAlgorithm.rsa);
    616. 

  616.             v.Add(SignatureAlgorithm.dsa);
    617. 

  617.             v.Add(SignatureAlgorithm.ecdsa);
    618. 

  618.             return v;
    619. 

  619.         }
    620. 

  620. 

  621.         public static IList GetDefaultDssSignatureAlgorithms()
    622. 

  622.         {
    623. 

  623.             return VectorOfOne(new SignatureAndHashAlgorithm(HashAlgorithm.sha1, SignatureAlgorithm.dsa));
    624. 

  624.         }
    625. 

  625. 

  626.         public static IList GetDefaultECDsaSignatureAlgorithms()
    627. 

  627.         {
    628. 

  628.             return VectorOfOne(new SignatureAndHashAlgorithm(HashAlgorithm.sha1, SignatureAlgorithm.ecdsa));
    629. 

  629.         }
    630. 

  630. 

  631.         public static IList GetDefaultRsaSignatureAlgorithms()
    632. 

  632.         {
    633. 

  633.             return VectorOfOne(new SignatureAndHashAlgorithm(HashAlgorithm.sha1, SignatureAlgorithm.rsa));
    634. 

  634.         }
    635. 

  635. 

  636.         public static byte[] GetExtensionData(IDictionary extensions, int extensionType)
    637. 

  637.         {
    638. 

  638.             return extensions == null ? null : (byte[])extensions[extensionType];
    639. 

  639.         }
    640. 

  640. 

  641.         public static IList GetDefaultSupportedSignatureAlgorithms()
    642. 

  642.         {
    643. 

  643.             byte[] hashAlgorithms = new byte[]{ HashAlgorithm.sha1, HashAlgorithm.sha224, HashAlgorithm.sha256,
    644. 

  644.                 HashAlgorithm.sha384, HashAlgorithm.sha512 };
    645. 

  645.             byte[] signatureAlgorithms = new byte[]{ SignatureAlgorithm.rsa, SignatureAlgorithm.dsa,
    646. 

  646.                 SignatureAlgorithm.ecdsa };
    647. 

  647. 

  648.             IList result = BestHTTP.SecureProtocol.Org.BouncyCastle.Utilities.Platform.CreateArrayList();
    649. 

  649.             for (int i = 0; i < signatureAlgorithms.Length; ++i)
    650. 

  650.             {
    651. 

  651.                 for (int j = 0; j < hashAlgorithms.Length; ++j)
    652. 

  652.                 {
    653. 

  653.                     result.Add(new SignatureAndHashAlgorithm(hashAlgorithms[j], signatureAlgorithms[i]));
    654. 

  654.                 }
    655. 

  655.             }
    656. 

  656.             return result;
    657. 

  657.         }
    658. 

  658. 

  659.         public static SignatureAndHashAlgorithm GetSignatureAndHashAlgorithm(TlsContext context,
    660. 

  660.             TlsSignerCredentials signerCredentials)
    661. 

  661.         {
    662. 

  662.             SignatureAndHashAlgorithm signatureAndHashAlgorithm = null;
    663. 

  663.             if (IsTlsV12(context))
    664. 

  664.             {
    665. 

  665.                 signatureAndHashAlgorithm = signerCredentials.SignatureAndHashAlgorithm;
    666. 

  666.                 if (signatureAndHashAlgorithm == null)
    667. 

  667.                     throw new TlsFatalAlert(AlertDescription.internal_error);
    668. 

  668.             }
    669. 

  669.             return signatureAndHashAlgorithm;
    670. 

  670.         }
    671. 

  671. 

  672.         public static bool HasExpectedEmptyExtensionData(IDictionary extensions, int extensionType,
    673. 

  673.             byte alertDescription)
    674. 

  674.         {
    675. 

  675.             byte[] extension_data = GetExtensionData(extensions, extensionType);
    676. 

  676.             if (extension_data == null)
    677. 

  677.                 return false;
    678. 

  678.             if (extension_data.Length != 0)
    679. 

  679.                 throw new TlsFatalAlert(alertDescription);
    680. 

  680.             return true;
    681. 

  681.         }
    682. 

  682. 

  683.         public static TlsSession ImportSession(byte[] sessionID, SessionParameters sessionParameters)
    684. 

  684.         {
    685. 

  685.             return new TlsSessionImpl(sessionID, sessionParameters);
    686. 

  686.         }
    687. 

  687. 

  688.         public static bool IsSignatureAlgorithmsExtensionAllowed(ProtocolVersion clientVersion)
    689. 

  689.         {
    690. 

  690.             return ProtocolVersion.TLSv12.IsEqualOrEarlierVersionOf(clientVersion.GetEquivalentTLSVersion());
    691. 

  691.         }
    692. 

  692. 

  693.         /**
    694. 

  694.          * Add a 'signature_algorithms' extension to existing extensions.
    695. 

  695.          *
    696. 

  696.          * @param extensions                   A {@link Hashtable} to add the extension to.
    697. 

  697.          * @param supportedSignatureAlgorithms {@link Vector} containing at least 1 {@link SignatureAndHashAlgorithm}.
    698. 

  698.          * @throws IOException
    699. 

  699.          */
    700. 

  700.         public static void AddSignatureAlgorithmsExtension(IDictionary extensions, IList supportedSignatureAlgorithms)
    701. 

  701.         {
    702. 

  702.             extensions[ExtensionType.signature_algorithms] = CreateSignatureAlgorithmsExtension(supportedSignatureAlgorithms);
    703. 

  703.         }
    704. 

  704. 

  705.         /**
    706. 

  706.          * Get a 'signature_algorithms' extension from extensions.
    707. 

  707.          *
    708. 

  708.          * @param extensions A {@link Hashtable} to get the extension from, if it is present.
    709. 

  709.          * @return A {@link Vector} containing at least 1 {@link SignatureAndHashAlgorithm}, or null.
    710. 

  710.          * @throws IOException
    711. 

  711.          */
    712. 

  712.         public static IList GetSignatureAlgorithmsExtension(IDictionary extensions)
    713. 

  713.         {
    714. 

  714.             byte[] extensionData = GetExtensionData(extensions, ExtensionType.signature_algorithms);
    715. 

  715.             return extensionData == null ? null : ReadSignatureAlgorithmsExtension(extensionData);
    716. 

  716.         }
    717. 

  717. 

  718.         /**
    719. 

  719.          * Create a 'signature_algorithms' extension value.
    720. 

  720.          *
    721. 

  721.          * @param supportedSignatureAlgorithms A {@link Vector} containing at least 1 {@link SignatureAndHashAlgorithm}.
    722. 

  722.          * @return A byte array suitable for use as an extension value.
    723. 

  723.          * @throws IOException
    724. 

  724.          */
    725. 

  725.         public static byte[] CreateSignatureAlgorithmsExtension(IList supportedSignatureAlgorithms)
    726. 

  726.         {
    727. 

  727.             MemoryStream buf = new MemoryStream();
    728. 

  728. 

  729.             // supported_signature_algorithms
    730. 

  730.             EncodeSupportedSignatureAlgorithms(supportedSignatureAlgorithms, false, buf);
    731. 

  731. 

  732.             return buf.ToArray();
    733. 

  733.         }
    734. 

  734. 

  735.         /**
    736. 

  736.          * Read 'signature_algorithms' extension data.
    737. 

  737.          *
    738. 

  738.          * @param extensionData The extension data.
    739. 

  739.          * @return A {@link Vector} containing at least 1 {@link SignatureAndHashAlgorithm}.
    740. 

  740.          * @throws IOException
    741. 

  741.          */
    742. 

  742.         public static IList ReadSignatureAlgorithmsExtension(byte[] extensionData)
    743. 

  743.         {
    744. 

  744.             if (extensionData == null)
    745. 

  745.                 throw new ArgumentNullException("extensionData");
    746. 

  746. 

  747.             MemoryStream buf = new MemoryStream(extensionData, false);
    748. 

  748. 

  749.             // supported_signature_algorithms
    750. 

  750.             IList supported_signature_algorithms = ParseSupportedSignatureAlgorithms(false, buf);
    751. 

  751. 

  752.             TlsProtocol.AssertEmpty(buf);
    753. 

  753. 

  754.             return supported_signature_algorithms;
    755. 

  755.         }
    756. 

  756. 

  757.         public static void EncodeSupportedSignatureAlgorithms(IList supportedSignatureAlgorithms, bool allowAnonymous,
    758. 

  758.             Stream output)
    759. 

  759.         {
    760. 

  760.             if (supportedSignatureAlgorithms == null)
    761. 

  761.                 throw new ArgumentNullException("supportedSignatureAlgorithms");
    762. 

  762.             if (supportedSignatureAlgorithms.Count < 1 || supportedSignatureAlgorithms.Count >= (1 << 15))
    763. 

  763.                 throw new ArgumentException("must have length from 1 to (2^15 - 1)", "supportedSignatureAlgorithms");
    764. 

  764. 

  765.             // supported_signature_algorithms
    766. 

  766.             int length = 2 * supportedSignatureAlgorithms.Count;
    767. 

  767.             CheckUint16(length);
    768. 

  768.             WriteUint16(length, output);
    769. 

  769. 

  770.             foreach (SignatureAndHashAlgorithm entry in supportedSignatureAlgorithms)
    771. 

  771.             {
    772. 

  772.                 if (!allowAnonymous && entry.Signature == SignatureAlgorithm.anonymous)
    773. 

  773.                 {
    774. 

  774.                     /*
    775. 

  775.                      * RFC 5246 7.4.1.4.1 The "anonymous" value is meaningless in this context but used
    776. 

  776.                      * in Section 7.4.3. It MUST NOT appear in this extension.
    777. 

  777.                      */
    778. 

  778.                     throw new ArgumentException(
    779. 

  779.                         "SignatureAlgorithm.anonymous MUST NOT appear in the signature_algorithms extension");
    780. 

  780.                 }
    781. 

  781.                 entry.Encode(output);
    782. 

  782.             }
    783. 

  783.         }
    784. 

  784. 

  785.         public static IList ParseSupportedSignatureAlgorithms(bool allowAnonymous, Stream input)
    786. 

  786.         {
    787. 

  787.             // supported_signature_algorithms
    788. 

  788.             int length = ReadUint16(input);
    789. 

  789.             if (length < 2 || (length & 1) != 0)
    790. 

  790.                 throw new TlsFatalAlert(AlertDescription.decode_error);
    791. 

  791.             int count = length / 2;
    792. 

  792.             IList supportedSignatureAlgorithms = BestHTTP.SecureProtocol.Org.BouncyCastle.Utilities.Platform.CreateArrayList(count);
    793. 

  793.             for (int i = 0; i < count; ++i)
    794. 

  794.             {
    795. 

  795.                 SignatureAndHashAlgorithm entry = SignatureAndHashAlgorithm.Parse(input);
    796. 

  796.                 if (!allowAnonymous && entry.Signature == SignatureAlgorithm.anonymous)
    797. 

  797.                 {
    798. 

  798.                     /*
    799. 

  799.                      * RFC 5246 7.4.1.4.1 The "anonymous" value is meaningless in this context but used
    800. 

  800.                      * in Section 7.4.3. It MUST NOT appear in this extension.
    801. 

  801.                      */
    802. 

  802.                     throw new TlsFatalAlert(AlertDescription.illegal_parameter);
    803. 

  803.                 }
    804. 

  804.                 supportedSignatureAlgorithms.Add(entry);
    805. 

  805.             }
    806. 

  806.             return supportedSignatureAlgorithms;
    807. 

  807.         }
    808. 

  808. 

  809.         public static void VerifySupportedSignatureAlgorithm(IList supportedSignatureAlgorithms, SignatureAndHashAlgorithm signatureAlgorithm)
    810. 

  810.         {
    811. 

  811.             if (supportedSignatureAlgorithms == null)
    812. 

  812.                 throw new ArgumentNullException("supportedSignatureAlgorithms");
    813. 

  813.             if (supportedSignatureAlgorithms.Count < 1 || supportedSignatureAlgorithms.Count >= (1 << 15))
    814. 

  814.                 throw new ArgumentException("must have length from 1 to (2^15 - 1)", "supportedSignatureAlgorithms");
    815. 

  815.             if (signatureAlgorithm == null)
    816. 

  816.                 throw new ArgumentNullException("signatureAlgorithm");
    817. 

  817. 

  818.             if (signatureAlgorithm.Signature != SignatureAlgorithm.anonymous)
    819. 

  819.             {
    820. 

  820.                 foreach (SignatureAndHashAlgorithm entry in supportedSignatureAlgorithms)
    821. 

  821.                 {
    822. 

  822.                     if (entry.Hash == signatureAlgorithm.Hash && entry.Signature == signatureAlgorithm.Signature)
    823. 

  823.                         return;
    824. 

  824.                 }
    825. 

  825.             }
    826. 

  826. 

  827.             throw new TlsFatalAlert(AlertDescription.illegal_parameter);
    828. 

  828.         }
    829. 

  829. 

  830.         public static byte[] PRF(TlsContext context, byte[] secret, string asciiLabel, byte[] seed, int size)
    831. 

  831.         {
    832. 

  832.             ProtocolVersion version = context.ServerVersion;
    833. 

  833. 

  834.             if (version.IsSsl)
    835. 

  835.                 throw new InvalidOperationException("No PRF available for SSLv3 session");
    836. 

  836. 

  837.             byte[] label = Strings.ToByteArray(asciiLabel);
    838. 

  838.             byte[] labelSeed = Concat(label, seed);
    839. 

  839. 

  840.             int prfAlgorithm = context.SecurityParameters.PrfAlgorithm;
    841. 

  841. 

  842.             if (prfAlgorithm == PrfAlgorithm.tls_prf_legacy)
    843. 

  843.                 return PRF_legacy(secret, label, labelSeed, size);
    844. 

  844. 

  845.             IDigest prfDigest = CreatePrfHash(prfAlgorithm);
    846. 

  846.             byte[] buf = new byte[size];
    847. 

  847.             HMacHash(prfDigest, secret, labelSeed, buf);
    848. 

  848.             return buf;
    849. 

  849.         }
    850. 

  850. 

  851.         public static byte[] PRF_legacy(byte[] secret, string asciiLabel, byte[] seed, int size)
    852. 

  852.         {
    853. 

  853.             byte[] label = Strings.ToByteArray(asciiLabel);
    854. 

  854.             byte[] labelSeed = Concat(label, seed);
    855. 

  855. 

  856.             return PRF_legacy(secret, label, labelSeed, size);
    857. 

  857.         }
    858. 

  858. 

  859.         internal static byte[] PRF_legacy(byte[] secret, byte[] label, byte[] labelSeed, int size)
    860. 

  860.         {
    861. 

  861.             int s_half = (secret.Length + 1) / 2;
    862. 

  862.             byte[] s1 = new byte[s_half];
    863. 

  863.             byte[] s2 = new byte[s_half];
    864. 

  864.             Array.Copy(secret, 0, s1, 0, s_half);
    865. 

  865.             Array.Copy(secret, secret.Length - s_half, s2, 0, s_half);
    866. 

  866. 

  867.             byte[] b1 = new byte[size];
    868. 

  868.             byte[] b2 = new byte[size];
    869. 

  869.             HMacHash(CreateHash(HashAlgorithm.md5), s1, labelSeed, b1);
    870. 

  870.             HMacHash(CreateHash(HashAlgorithm.sha1), s2, labelSeed, b2);
    871. 

  871.             for (int i = 0; i < size; i++)
    872. 

  872.             {
    873. 

  873.                 b1[i] ^= b2[i];
    874. 

  874.             }
    875. 

  875.             return b1;
    876. 

  876.         }
    877. 

  877. 

  878.         internal static byte[] Concat(byte[] a, byte[] b)
    879. 

  879.         {
    880. 

  880.             byte[] c = new byte[a.Length + b.Length];
    881. 

  881.             Array.Copy(a, 0, c, 0, a.Length);
    882. 

  882.             Array.Copy(b, 0, c, a.Length, b.Length);
    883. 

  883.             return c;
    884. 

  884.         }
    885. 

  885. 

  886.         internal static void HMacHash(IDigest digest, byte[] secret, byte[] seed, byte[] output)
    887. 

  887.         {
    888. 

  888.             HMac mac = new HMac(digest);
    889. 

  889.             mac.Init(new KeyParameter(secret));
    890. 

  890.             byte[] a = seed;
    891. 

  891.             int size = digest.GetDigestSize();
    892. 

  892.             int iterations = (output.Length + size - 1) / size;
    893. 

  893.             byte[] buf = new byte[mac.GetMacSize()];
    894. 

  894.             byte[] buf2 = new byte[mac.GetMacSize()];
    895. 

  895.             for (int i = 0; i < iterations; i++)
    896. 

  896.             {
    897. 

  897.                 mac.BlockUpdate(a, 0, a.Length);
    898. 

  898.                 mac.DoFinal(buf, 0);
    899. 

  899.                 a = buf;
    900. 

  900.                 mac.BlockUpdate(a, 0, a.Length);
    901. 

  901.                 mac.BlockUpdate(seed, 0, seed.Length);
    902. 

  902.                 mac.DoFinal(buf2, 0);
    903. 

  903.                 Array.Copy(buf2, 0, output, (size * i), System.Math.Min(size, output.Length - (size * i)));
    904. 

  904.             }
    905. 

  905.         }
    906. 

  906. 

  907.         internal static void ValidateKeyUsage(X509CertificateStructure c, int keyUsageBits)
    908. 

  908.         {
    909. 

  909.             X509Extensions exts = c.TbsCertificate.Extensions;
    910. 

  910.             if (exts != null)
    911. 

  911.             {
    912. 

  912.                 X509Extension ext = exts.GetExtension(X509Extensions.KeyUsage);
    913. 

  913.                 if (ext != null)
    914. 

  914.                 {
    915. 

  915.                     DerBitString ku = KeyUsage.GetInstance(ext);
    916. 

  916.                     int bits = ku.GetBytes()[0];
    917. 

  917.                     if ((bits & keyUsageBits) != keyUsageBits)
    918. 

  918.                         throw new TlsFatalAlert(AlertDescription.certificate_unknown);
    919. 

  919.                 }
    920. 

  920.             }
    921. 

  921.         }
    922. 

  922. 

  923.         internal static byte[] CalculateKeyBlock(TlsContext context, int size)
    924. 

  924.         {
    925. 

  925.             SecurityParameters securityParameters = context.SecurityParameters;
    926. 

  926.             byte[] master_secret = securityParameters.MasterSecret;
    927. 

  927.             byte[] seed = Concat(securityParameters.ServerRandom, securityParameters.ClientRandom);
    928. 

  928. 

  929.             if (IsSsl(context))
    930. 

  930.                 return CalculateKeyBlock_Ssl(master_secret, seed, size);
    931. 

  931. 

  932.             return PRF(context, master_secret, ExporterLabel.key_expansion, seed, size);
    933. 

  933.         }
    934. 

  934. 

  935.         internal static byte[] CalculateKeyBlock_Ssl(byte[] master_secret, byte[] random, int size)
    936. 

  936.         {
    937. 

  937.             IDigest md5 = CreateHash(HashAlgorithm.md5);
    938. 

  938.             IDigest sha1 = CreateHash(HashAlgorithm.sha1);
    939. 

  939.             int md5Size = md5.GetDigestSize();
    940. 

  940.             byte[] shatmp = new byte[sha1.GetDigestSize()];
    941. 

  941.             byte[] tmp = new byte[size + md5Size];
    942. 

  942. 

  943.             int i = 0, pos = 0;
    944. 

  944.             while (pos < size)
    945. 

  945.             {
    946. 

  946.                 byte[] ssl3Const = SSL3_CONST[i];
    947. 

  947. 

  948.                 sha1.BlockUpdate(ssl3Const, 0, ssl3Const.Length);
    949. 

  949.                 sha1.BlockUpdate(master_secret, 0, master_secret.Length);
    950. 

  950.                 sha1.BlockUpdate(random, 0, random.Length);
    951. 

  951.                 sha1.DoFinal(shatmp, 0);
    952. 

  952. 

  953.                 md5.BlockUpdate(master_secret, 0, master_secret.Length);
    954. 

  954.                 md5.BlockUpdate(shatmp, 0, shatmp.Length);
    955. 

  955.                 md5.DoFinal(tmp, pos);
    956. 

  956. 

  957.                 pos += md5Size;
    958. 

  958.                 ++i;
    959. 

  959.             }
    960. 

  960. 

  961.             return Arrays.CopyOfRange(tmp, 0, size);
    962. 

  962.         }
    963. 

  963. 

  964.         internal static byte[] CalculateMasterSecret(TlsContext context, byte[] pre_master_secret)
    965. 

  965.         {
    966. 

  966.             SecurityParameters securityParameters = context.SecurityParameters;
    967. 

  967. 

  968.             byte[] seed = securityParameters.IsExtendedMasterSecret
    969. 

  969.                 ?   securityParameters.SessionHash
    970. 

  970.                 :   Concat(securityParameters.ClientRandom, securityParameters.ServerRandom);
    971. 

  971. 

  972.             if (IsSsl(context))
    973. 

  973.                 return CalculateMasterSecret_Ssl(pre_master_secret, seed);
    974. 

  974. 

  975.             string asciiLabel = securityParameters.IsExtendedMasterSecret
    976. 

  976.                 ?   ExporterLabel.extended_master_secret
    977. 

  977.                 :   ExporterLabel.master_secret;
    978. 

  978. 

  979.             return PRF(context, pre_master_secret, asciiLabel, seed, 48);
    980. 

  980.         }
    981. 

  981. 

  982.         internal static byte[] CalculateMasterSecret_Ssl(byte[] pre_master_secret, byte[] random)
    983. 

  983.         {
    984. 

  984.             IDigest md5 = CreateHash(HashAlgorithm.md5);
    985. 

  985.             IDigest sha1 = CreateHash(HashAlgorithm.sha1);
    986. 

  986.             int md5Size = md5.GetDigestSize();
    987. 

  987.             byte[] shatmp = new byte[sha1.GetDigestSize()];
    988. 

  988. 

  989.             byte[] rval = new byte[md5Size * 3];
    990. 

  990.             int pos = 0;
    991. 

  991. 

  992.             for (int i = 0; i < 3; ++i)
    993. 

  993.             {
    994. 

  994.                 byte[] ssl3Const = SSL3_CONST[i];
    995. 

  995. 

  996.                 sha1.BlockUpdate(ssl3Const, 0, ssl3Const.Length);
    997. 

  997.                 sha1.BlockUpdate(pre_master_secret, 0, pre_master_secret.Length);
    998. 

  998.                 sha1.BlockUpdate(random, 0, random.Length);
    999. 

  999.                 sha1.DoFinal(shatmp, 0);
    1000. 

  1000. 

  1001.                 md5.BlockUpdate(pre_master_secret, 0, pre_master_secret.Length);
    1002. 

  1002.                 md5.BlockUpdate(shatmp, 0, shatmp.Length);
    1003. 

  1003.                 md5.DoFinal(rval, pos);
    1004. 

  1004. 

  1005.                 pos += md5Size;
    1006. 

  1006.             }
    1007. 

  1007. 

  1008.             return rval;
    1009. 

  1009.         }
    1010. 

  1010. 

  1011.         internal static byte[] CalculateVerifyData(TlsContext context, string asciiLabel, byte[] handshakeHash)
    1012. 

  1012.         {
    1013. 

  1013.             if (IsSsl(context))
    1014. 

  1014.                 return handshakeHash;
    1015. 

  1015. 

  1016.             SecurityParameters securityParameters = context.SecurityParameters;
    1017. 

  1017.             byte[] master_secret = securityParameters.MasterSecret;
    1018. 

  1018.             int verify_data_length = securityParameters.VerifyDataLength;
    1019. 

  1019. 

  1020.             return PRF(context, master_secret, asciiLabel, handshakeHash, verify_data_length);
    1021. 

  1021.         }
    1022. 

  1022. 

  1023.         public static IDigest CreateHash(byte hashAlgorithm)
    1024. 

  1024.         {
    1025. 

  1025.             switch (hashAlgorithm)
    1026. 

  1026.             {
    1027. 

  1027.             case HashAlgorithm.md5:
    1028. 

  1028.                 return new MD5Digest();
    1029. 

  1029.             case HashAlgorithm.sha1:
    1030. 

  1030.                 return new Sha1Digest();
    1031. 

  1031.             case HashAlgorithm.sha224:
    1032. 

  1032.                 return new Sha224Digest();
    1033. 

  1033.             case HashAlgorithm.sha256:
    1034. 

  1034.                 return new Sha256Digest();
    1035. 

  1035.             case HashAlgorithm.sha384:
    1036. 

  1036.                 return new Sha384Digest();
    1037. 

  1037.             case HashAlgorithm.sha512:
    1038. 

  1038.                 return new Sha512Digest();
    1039. 

  1039.             default:
    1040. 

  1040.                 throw new ArgumentException("unknown HashAlgorithm", "hashAlgorithm");
    1041. 

  1041.             }
    1042. 

  1042.         }
    1043. 

  1043. 

  1044.         public static IDigest CreateHash(SignatureAndHashAlgorithm signatureAndHashAlgorithm)
    1045. 

  1045.         {
    1046. 

  1046.             return signatureAndHashAlgorithm == null
    1047. 

  1047.                 ?   new CombinedHash()
    1048. 

  1048.                 :   CreateHash(signatureAndHashAlgorithm.Hash);
    1049. 

  1049.         }
    1050. 

  1050. 

  1051.         public static IDigest CloneHash(byte hashAlgorithm, IDigest hash)
    1052. 

  1052.         {
    1053. 

  1053.             switch (hashAlgorithm)
    1054. 

  1054.             {
    1055. 

  1055.             case HashAlgorithm.md5:
    1056. 

  1056.                 return new MD5Digest((MD5Digest)hash);
    1057. 

  1057.             case HashAlgorithm.sha1:
    1058. 

  1058.                 return new Sha1Digest((Sha1Digest)hash);
    1059. 

  1059.             case HashAlgorithm.sha224:
    1060. 

  1060.                 return new Sha224Digest((Sha224Digest)hash);
    1061. 

  1061.             case HashAlgorithm.sha256:
    1062. 

  1062.                 return new Sha256Digest((Sha256Digest)hash);
    1063. 

  1063.             case HashAlgorithm.sha384:
    1064. 

  1064.                 return new Sha384Digest((Sha384Digest)hash);
    1065. 

  1065.             case HashAlgorithm.sha512:
    1066. 

  1066.                 return new Sha512Digest((Sha512Digest)hash);
    1067. 

  1067.             default:
    1068. 

  1068.                 throw new ArgumentException("unknown HashAlgorithm", "hashAlgorithm");
    1069. 

  1069.             }
    1070. 

  1070.         }
    1071. 

  1071. 

  1072.         public static IDigest CreatePrfHash(int prfAlgorithm)
    1073. 

  1073.         {
    1074. 

  1074.             switch (prfAlgorithm)
    1075. 

  1075.             {
    1076. 

  1076.                 case PrfAlgorithm.tls_prf_legacy:
    1077. 

  1077.                     return new CombinedHash();
    1078. 

  1078.                 default:
    1079. 

  1079.                     return CreateHash(GetHashAlgorithmForPrfAlgorithm(prfAlgorithm));
    1080. 

  1080.             }
    1081. 

  1081.         }
    1082. 

  1082. 

  1083.         public static IDigest ClonePrfHash(int prfAlgorithm, IDigest hash)
    1084. 

  1084.         {
    1085. 

  1085.             switch (prfAlgorithm)
    1086. 

  1086.             {
    1087. 

  1087.                 case PrfAlgorithm.tls_prf_legacy:
    1088. 

  1088.                     return new CombinedHash((CombinedHash)hash);
    1089. 

  1089.                 default:
    1090. 

  1090.                     return CloneHash(GetHashAlgorithmForPrfAlgorithm(prfAlgorithm), hash);
    1091. 

  1091.             }
    1092. 

  1092.         }
    1093. 

  1093. 

  1094.         public static byte GetHashAlgorithmForPrfAlgorithm(int prfAlgorithm)
    1095. 

  1095.         {
    1096. 

  1096.             switch (prfAlgorithm)
    1097. 

  1097.             {
    1098. 

  1098.                 case PrfAlgorithm.tls_prf_legacy:
    1099. 

  1099.                     throw new ArgumentException("legacy PRF not a valid algorithm", "prfAlgorithm");
    1100. 

  1100.                 case PrfAlgorithm.tls_prf_sha256:
    1101. 

  1101.                     return HashAlgorithm.sha256;
    1102. 

  1102.                 case PrfAlgorithm.tls_prf_sha384:
    1103. 

  1103.                     return HashAlgorithm.sha384;
    1104. 

  1104.                 default:
    1105. 

  1105.                     throw new ArgumentException("unknown PrfAlgorithm", "prfAlgorithm");
    1106. 

  1106.             }
    1107. 

  1107.         }
    1108. 

  1108. 

  1109.         public static DerObjectIdentifier GetOidForHashAlgorithm(byte hashAlgorithm)
    1110. 

  1110.         {
    1111. 

  1111.             switch (hashAlgorithm)
    1112. 

  1112.             {
    1113. 

  1113.                 case HashAlgorithm.md5:
    1114. 

  1114.                     return PkcsObjectIdentifiers.MD5;
    1115. 

  1115.                 case HashAlgorithm.sha1:
    1116. 

  1116.                     return X509ObjectIdentifiers.IdSha1;
    1117. 

  1117.                 case HashAlgorithm.sha224:
    1118. 

  1118.                     return NistObjectIdentifiers.IdSha224;
    1119. 

  1119.                 case HashAlgorithm.sha256:
    1120. 

  1120.                     return NistObjectIdentifiers.IdSha256;
    1121. 

  1121.                 case HashAlgorithm.sha384:
    1122. 

  1122.                     return NistObjectIdentifiers.IdSha384;
    1123. 

  1123.                 case HashAlgorithm.sha512:
    1124. 

  1124.                     return NistObjectIdentifiers.IdSha512;
    1125. 

  1125.                 default:
    1126. 

  1126.                     throw new ArgumentException("unknown HashAlgorithm", "hashAlgorithm");
    1127. 

  1127.             }
    1128. 

  1128.         }
    1129. 

  1129. 

  1130.         internal static short GetClientCertificateType(Certificate clientCertificate, Certificate serverCertificate)
    1131. 

  1131.         {
    1132. 

  1132.             if (clientCertificate.IsEmpty)
    1133. 

  1133.                 return -1;
    1134. 

  1134. 

  1135.             X509CertificateStructure x509Cert = clientCertificate.GetCertificateAt(0);
    1136. 

  1136.             SubjectPublicKeyInfo keyInfo = x509Cert.SubjectPublicKeyInfo;
    1137. 

  1137.             try
    1138. 

  1138.             {
    1139. 

  1139.                 AsymmetricKeyParameter publicKey = PublicKeyFactory.CreateKey(keyInfo);
    1140. 

  1140.                 if (publicKey.IsPrivate)
    1141. 

  1141.                     throw new TlsFatalAlert(AlertDescription.internal_error);
    1142. 

  1142. 

  1143.                 /*
    1144. 

  1144.                  * TODO RFC 5246 7.4.6. The certificates MUST be signed using an acceptable hash/
    1145. 

  1145.                  * signature algorithm pair, as described in Section 7.4.4. Note that this relaxes the
    1146. 

  1146.                  * constraints on certificate-signing algorithms found in prior versions of TLS.
    1147. 

  1147.                  */
    1148. 

  1148. 

  1149.                 /*
    1150. 

  1150.                  * RFC 5246 7.4.6. Client Certificate
    1151. 

  1151.                  */
    1152. 

  1152. 

  1153.                 /*
    1154. 

  1154.                  * RSA public key; the certificate MUST allow the key to be used for signing with the
    1155. 

  1155.                  * signature scheme and hash algorithm that will be employed in the certificate verify
    1156. 

  1156.                  * message.
    1157. 

  1157.                  */
    1158. 

  1158.                 if (publicKey is RsaKeyParameters)
    1159. 

  1159.                 {
    1160. 

  1160.                     ValidateKeyUsage(x509Cert, KeyUsage.DigitalSignature);
    1161. 

  1161.                     return ClientCertificateType.rsa_sign;
    1162. 

  1162.                 }
    1163. 

  1163. 

  1164.                 /*
    1165. 

  1165.                  * DSA public key; the certificate MUST allow the key to be used for signing with the
    1166. 

  1166.                  * hash algorithm that will be employed in the certificate verify message.
    1167. 

  1167.                  */
    1168. 

  1168.                 if (publicKey is DsaPublicKeyParameters)
    1169. 

  1169.                 {
    1170. 

  1170.                     ValidateKeyUsage(x509Cert, KeyUsage.DigitalSignature);
    1171. 

  1171.                     return ClientCertificateType.dss_sign;
    1172. 

  1172.                 }
    1173. 

  1173. 

  1174.                 /*
    1175. 

  1175.                  * ECDSA-capable public key; the certificate MUST allow the key to be used for signing
    1176. 

  1176.                  * with the hash algorithm that will be employed in the certificate verify message; the
    1177. 

  1177.                  * public key MUST use a curve and point format supported by the server.
    1178. 

  1178.                  */
    1179. 

  1179.                 if (publicKey is ECPublicKeyParameters)
    1180. 

  1180.                 {
    1181. 

  1181.                     ValidateKeyUsage(x509Cert, KeyUsage.DigitalSignature);
    1182. 

  1182.                     // TODO Check the curve and point format
    1183. 

  1183.                     return ClientCertificateType.ecdsa_sign;
    1184. 

  1184.                 }
    1185. 

  1185. 

  1186.                 // TODO Add support for ClientCertificateType.*_fixed_*
    1187. 

  1187. 

  1188.                 throw new TlsFatalAlert(AlertDescription.unsupported_certificate);
    1189. 

  1189.             }
    1190. 

  1190.             catch (Exception e)
    1191. 

  1191.             {
    1192. 

  1192.                 throw new TlsFatalAlert(AlertDescription.unsupported_certificate, e);
    1193. 

  1193.             }
    1194. 

  1194.         }
    1195. 

  1195. 

  1196.         internal static void TrackHashAlgorithms(TlsHandshakeHash handshakeHash, IList supportedSignatureAlgorithms)
    1197. 

  1197.         {
    1198. 

  1198.             if (supportedSignatureAlgorithms != null)
    1199. 

  1199.             {
    1200. 

  1200.                 foreach (SignatureAndHashAlgorithm signatureAndHashAlgorithm in supportedSignatureAlgorithms)
    1201. 

  1201.                 {
    1202. 

  1202.                     byte hashAlgorithm = signatureAndHashAlgorithm.Hash;
    1203. 

  1203. 

  1204.                     if (HashAlgorithm.IsRecognized(hashAlgorithm))
    1205. 

  1205.                     {
    1206. 

  1206.                         handshakeHash.TrackHashAlgorithm(hashAlgorithm);
    1207. 

  1207.                     }
    1208. 

  1208.                     else //if (HashAlgorithm.IsPrivate(hashAlgorithm))
    1209. 

  1209.                     {
    1210. 

  1210.                         // TODO Support values in the "Reserved for Private Use" range
    1211. 

  1211.                     }
    1212. 

  1212.                 }
    1213. 

  1213.             }
    1214. 

  1214.         }
    1215. 

  1215. 

  1216.         public static bool HasSigningCapability(byte clientCertificateType)
    1217. 

  1217.         {
    1218. 

  1218.             switch (clientCertificateType)
    1219. 

  1219.             {
    1220. 

  1220.             case ClientCertificateType.dss_sign:
    1221. 

  1221.             case ClientCertificateType.ecdsa_sign:
    1222. 

  1222.             case ClientCertificateType.rsa_sign:
    1223. 

  1223.                 return true;
    1224. 

  1224.             default:
    1225. 

  1225.                 return false;
    1226. 

  1226.             }
    1227. 

  1227.         }
    1228. 

  1228. 

  1229.         public static TlsSigner CreateTlsSigner(byte clientCertificateType)
    1230. 

  1230.         {
    1231. 

  1231.             switch (clientCertificateType)
    1232. 

  1232.             {
    1233. 

  1233.             case ClientCertificateType.dss_sign:
    1234. 

  1234.                 return new TlsDssSigner();
    1235. 

  1235.             case ClientCertificateType.ecdsa_sign:
    1236. 

  1236.                 return new TlsECDsaSigner();
    1237. 

  1237.             case ClientCertificateType.rsa_sign:
    1238. 

  1238.                 return new TlsRsaSigner();
    1239. 

  1239.             default:
    1240. 

  1240.                 throw new ArgumentException("not a type with signing capability", "clientCertificateType");
    1241. 

  1241.             }
    1242. 

  1242.         }
    1243. 

  1243. 

  1244.         internal static readonly byte[] SSL_CLIENT = {0x43, 0x4C, 0x4E, 0x54};
    1245. 

  1245.         internal static readonly byte[] SSL_SERVER = {0x53, 0x52, 0x56, 0x52};
    1246. 

  1246. 

  1247.         // SSL3 magic mix constants ("A", "BB", "CCC", ...)
    1248. 

  1248.         internal static readonly byte[][] SSL3_CONST = GenSsl3Const();
    1249. 

  1249. 

  1250.         private static byte[][] GenSsl3Const()
    1251. 

  1251.         {
    1252. 

  1252.             int n = 10;
    1253. 

  1253.             byte[][] arr = new byte[n][];
    1254. 

  1254.             for (int i = 0; i < n; i++)
    1255. 

  1255.             {
    1256. 

  1256.                 byte[] b = new byte[i + 1];
    1257. 

  1257.                 Arrays.Fill(b, (byte)('A' + i));
    1258. 

  1258.                 arr[i] = b;
    1259. 

  1259.             }
    1260. 

  1260.             return arr;
    1261. 

  1261.         }
    1262. 

  1262. 

  1263.         private static IList VectorOfOne(object obj)
    1264. 

  1264.         {
    1265. 

  1265.             IList v = BestHTTP.SecureProtocol.Org.BouncyCastle.Utilities.Platform.CreateArrayList(1);
    1266. 

  1266.             v.Add(obj);
    1267. 

  1267.             return v;
    1268. 

  1268.         }
    1269. 

  1269. 

  1270.         public static int GetCipherType(int ciphersuite)
    1271. 

  1271.         {
    1272. 

  1272.             switch (GetEncryptionAlgorithm(ciphersuite))
    1273. 

  1273.             {
    1274. 

  1274.             case EncryptionAlgorithm.AES_128_CCM:
    1275. 

  1275.             case EncryptionAlgorithm.AES_128_CCM_8:
    1276. 

  1276.             case EncryptionAlgorithm.AES_128_GCM:
    1277. 

  1277.             case EncryptionAlgorithm.AES_128_OCB_TAGLEN96:
    1278. 

  1278.             case EncryptionAlgorithm.AES_256_CCM:
    1279. 

  1279.             case EncryptionAlgorithm.AES_256_CCM_8:
    1280. 

  1280.             case EncryptionAlgorithm.AES_256_GCM:
    1281. 

  1281.             case EncryptionAlgorithm.AES_256_OCB_TAGLEN96:
    1282. 

  1282.             case EncryptionAlgorithm.CAMELLIA_128_GCM:
    1283. 

  1283.             case EncryptionAlgorithm.CAMELLIA_256_GCM:
    1284. 

  1284.             case EncryptionAlgorithm.CHACHA20_POLY1305:
    1285. 

  1285.                 return CipherType.aead;
    1286. 

  1286. 

  1287.             case EncryptionAlgorithm.RC2_CBC_40:
    1288. 

  1288.             case EncryptionAlgorithm.IDEA_CBC:
    1289. 

  1289.             case EncryptionAlgorithm.DES40_CBC:
    1290. 

  1290.             case EncryptionAlgorithm.DES_CBC:
    1291. 

  1291.             case EncryptionAlgorithm.cls_3DES_EDE_CBC:
    1292. 

  1292.             case EncryptionAlgorithm.AES_128_CBC:
    1293. 

  1293.             case EncryptionAlgorithm.AES_256_CBC:
    1294. 

  1294.             case EncryptionAlgorithm.CAMELLIA_128_CBC:
    1295. 

  1295.             case EncryptionAlgorithm.CAMELLIA_256_CBC:
    1296. 

  1296.             case EncryptionAlgorithm.SEED_CBC:
    1297. 

  1297.                 return CipherType.block;
    1298. 

  1298. 

  1299.             case EncryptionAlgorithm.NULL:
    1300. 

  1300.             case EncryptionAlgorithm.RC4_40:
    1301. 

  1301.             case EncryptionAlgorithm.RC4_128:
    1302. 

  1302.                 return CipherType.stream;
    1303. 

  1303. 

  1304.             default:
    1305. 

  1305.                 throw new TlsFatalAlert(AlertDescription.internal_error);
    1306. 

  1306.             }
    1307. 

  1307.         }
    1308. 

  1308. 

  1309.         public static int GetEncryptionAlgorithm(int ciphersuite)
    1310. 

  1310.         {
    1311. 

  1311.             switch (ciphersuite)
    1312. 

  1312.             {
    1313. 

  1313.             case CipherSuite.TLS_DH_anon_WITH_3DES_EDE_CBC_SHA:
    1314. 

  1314.             case CipherSuite.TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA:
    1315. 

  1315.             case CipherSuite.TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA:
    1316. 

  1316.             case CipherSuite.TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA:
    1317. 

  1317.             case CipherSuite.TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA:
    1318. 

  1318.             case CipherSuite.TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA:
    1319. 

  1319.             case CipherSuite.TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA:
    1320. 

  1320.             case CipherSuite.TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA:
    1321. 

  1321.             case CipherSuite.TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA:
    1322. 

  1322.             case CipherSuite.TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA:
    1323. 

  1323.             case CipherSuite.TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA:
    1324. 

  1324.             case CipherSuite.TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA:
    1325. 

  1325.             case CipherSuite.TLS_PSK_WITH_3DES_EDE_CBC_SHA:
    1326. 

  1326.             case CipherSuite.TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA:
    1327. 

  1327.             case CipherSuite.TLS_RSA_WITH_3DES_EDE_CBC_SHA:
    1328. 

  1328.             case CipherSuite.TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA:
    1329. 

  1329.             case CipherSuite.TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA:
    1330. 

  1330.             case CipherSuite.TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA:
    1331. 

  1331.                 return EncryptionAlgorithm.cls_3DES_EDE_CBC;
    1332. 

  1332. 

  1333.             case CipherSuite.TLS_DH_anon_WITH_AES_128_CBC_SHA:
    1334. 

  1334.             case CipherSuite.TLS_DH_anon_WITH_AES_128_CBC_SHA256:
    1335. 

  1335.             case CipherSuite.TLS_DH_DSS_WITH_AES_128_CBC_SHA:
    1336. 

  1336.             case CipherSuite.TLS_DH_DSS_WITH_AES_128_CBC_SHA256:
    1337. 

  1337.             case CipherSuite.TLS_DH_RSA_WITH_AES_128_CBC_SHA:
    1338. 

  1338.             case CipherSuite.TLS_DH_RSA_WITH_AES_128_CBC_SHA256:
    1339. 

  1339.             case CipherSuite.TLS_DHE_DSS_WITH_AES_128_CBC_SHA:
    1340. 

  1340.             case CipherSuite.TLS_DHE_DSS_WITH_AES_128_CBC_SHA256:
    1341. 

  1341.             case CipherSuite.TLS_DHE_PSK_WITH_AES_128_CBC_SHA:
    1342. 

  1342.             case CipherSuite.TLS_DHE_PSK_WITH_AES_128_CBC_SHA256:
    1343. 

  1343.             case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA:
    1344. 

  1344.             case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA256:
    1345. 

  1345.             case CipherSuite.TLS_ECDH_anon_WITH_AES_128_CBC_SHA:
    1346. 

  1346.             case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA:
    1347. 

  1347.             case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256:
    1348. 

  1348.             case CipherSuite.TLS_ECDH_RSA_WITH_AES_128_CBC_SHA:
    1349. 

  1349.             case CipherSuite.TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256:
    1350. 

  1350.             case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA:
    1351. 

  1351.             case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256:
    1352. 

  1352.             case CipherSuite.TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA:
    1353. 

  1353.             case CipherSuite.TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256:
    1354. 

  1354.             case CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA:
    1355. 

  1355.             case CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256:
    1356. 

  1356.             case CipherSuite.TLS_PSK_WITH_AES_128_CBC_SHA:
    1357. 

  1357.             case CipherSuite.TLS_PSK_WITH_AES_128_CBC_SHA256:
    1358. 

  1358.             case CipherSuite.TLS_RSA_PSK_WITH_AES_128_CBC_SHA:
    1359. 

  1359.             case CipherSuite.TLS_RSA_PSK_WITH_AES_128_CBC_SHA256:
    1360. 

  1360.             case CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA:
    1361. 

  1361.             case CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA256:
    1362. 

  1362.             case CipherSuite.TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA:
    1363. 

  1363.             case CipherSuite.TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA:
    1364. 

  1364.             case CipherSuite.TLS_SRP_SHA_WITH_AES_128_CBC_SHA:
    1365. 

  1365.                 return EncryptionAlgorithm.AES_128_CBC;
    1366. 

  1366. 

  1367.             case CipherSuite.TLS_DHE_PSK_WITH_AES_128_CCM:
    1368. 

  1368.             case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CCM:
    1369. 

  1369.             case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CCM:
    1370. 

  1370.             case CipherSuite.TLS_PSK_WITH_AES_128_CCM:
    1371. 

  1371.             case CipherSuite.TLS_RSA_WITH_AES_128_CCM:
    1372. 

  1372.                 return EncryptionAlgorithm.AES_128_CCM;
    1373. 

  1373. 

  1374.             case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CCM_8:
    1375. 

  1375.             case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8:
    1376. 

  1376.             case CipherSuite.TLS_PSK_DHE_WITH_AES_128_CCM_8:
    1377. 

  1377.             case CipherSuite.TLS_PSK_WITH_AES_128_CCM_8:
    1378. 

  1378.             case CipherSuite.TLS_RSA_WITH_AES_128_CCM_8:
    1379. 

  1379.                 return EncryptionAlgorithm.AES_128_CCM_8;
    1380. 

  1380. 

  1381.             case CipherSuite.TLS_DH_anon_WITH_AES_128_GCM_SHA256:
    1382. 

  1382.             case CipherSuite.TLS_DH_DSS_WITH_AES_128_GCM_SHA256:
    1383. 

  1383.             case CipherSuite.TLS_DH_RSA_WITH_AES_128_GCM_SHA256:
    1384. 

  1384.             case CipherSuite.TLS_DHE_DSS_WITH_AES_128_GCM_SHA256:
    1385. 

  1385.             case CipherSuite.TLS_DHE_PSK_WITH_AES_128_GCM_SHA256:
    1386. 

  1386.             case CipherSuite.TLS_DHE_RSA_WITH_AES_128_GCM_SHA256:
    1387. 

  1387.             case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256:
    1388. 

  1388.             case CipherSuite.TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256:
    1389. 

  1389.             case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:
    1390. 

  1390.             case CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256:
    1391. 

  1391.             case CipherSuite.TLS_PSK_WITH_AES_128_GCM_SHA256:
    1392. 

  1392.             case CipherSuite.TLS_RSA_PSK_WITH_AES_128_GCM_SHA256:
    1393. 

  1393.             case CipherSuite.TLS_RSA_WITH_AES_128_GCM_SHA256:
    1394. 

  1394.                 return EncryptionAlgorithm.AES_128_GCM;
    1395. 

  1395. 

  1396.             case CipherSuite.DRAFT_TLS_DHE_PSK_WITH_AES_128_OCB:
    1397. 

  1397.             case CipherSuite.DRAFT_TLS_DHE_RSA_WITH_AES_128_OCB:
    1398. 

  1398.             case CipherSuite.DRAFT_TLS_ECDHE_ECDSA_WITH_AES_128_OCB:
    1399. 

  1399.             case CipherSuite.DRAFT_TLS_ECDHE_PSK_WITH_AES_128_OCB:
    1400. 

  1400.             case CipherSuite.DRAFT_TLS_ECDHE_RSA_WITH_AES_128_OCB:
    1401. 

  1401.             case CipherSuite.DRAFT_TLS_PSK_WITH_AES_128_OCB:
    1402. 

  1402.                 return EncryptionAlgorithm.AES_128_OCB_TAGLEN96;
    1403. 

  1403. 

  1404.             case CipherSuite.TLS_DH_anon_WITH_AES_256_CBC_SHA:
    1405. 

  1405.             case CipherSuite.TLS_DH_anon_WITH_AES_256_CBC_SHA256:
    1406. 

  1406.             case CipherSuite.TLS_DH_DSS_WITH_AES_256_CBC_SHA:
    1407. 

  1407.             case CipherSuite.TLS_DH_DSS_WITH_AES_256_CBC_SHA256:
    1408. 

  1408.             case CipherSuite.TLS_DH_RSA_WITH_AES_256_CBC_SHA:
    1409. 

  1409.             case CipherSuite.TLS_DH_RSA_WITH_AES_256_CBC_SHA256:
    1410. 

  1410.             case CipherSuite.TLS_DHE_DSS_WITH_AES_256_CBC_SHA:
    1411. 

  1411.             case CipherSuite.TLS_DHE_DSS_WITH_AES_256_CBC_SHA256:
    1412. 

  1412.             case CipherSuite.TLS_DHE_PSK_WITH_AES_256_CBC_SHA:
    1413. 

  1413.             case CipherSuite.TLS_DHE_PSK_WITH_AES_256_CBC_SHA384:
    1414. 

  1414.             case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CBC_SHA:
    1415. 

  1415.             case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CBC_SHA256:
    1416. 

  1416.             case CipherSuite.TLS_ECDH_anon_WITH_AES_256_CBC_SHA:
    1417. 

  1417.             case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA:
    1418. 

  1418.             case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384:
    1419. 

  1419.             case CipherSuite.TLS_ECDH_RSA_WITH_AES_256_CBC_SHA:
    1420. 

  1420.             case CipherSuite.TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384:
    1421. 

  1421.             case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA:
    1422. 

  1422.             case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384:
    1423. 

  1423.             case CipherSuite.TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA:
    1424. 

  1424.             case CipherSuite.TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384:
    1425. 

  1425.             case CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA:
    1426. 

  1426.             case CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384:
    1427. 

  1427.             case CipherSuite.TLS_PSK_WITH_AES_256_CBC_SHA:
    1428. 

  1428.             case CipherSuite.TLS_PSK_WITH_AES_256_CBC_SHA384:
    1429. 

  1429.             case CipherSuite.TLS_RSA_PSK_WITH_AES_256_CBC_SHA:
    1430. 

  1430.             case CipherSuite.TLS_RSA_PSK_WITH_AES_256_CBC_SHA384:
    1431. 

  1431.             case CipherSuite.TLS_RSA_WITH_AES_256_CBC_SHA:
    1432. 

  1432.             case CipherSuite.TLS_RSA_WITH_AES_256_CBC_SHA256:
    1433. 

  1433.             case CipherSuite.TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA:
    1434. 

  1434.             case CipherSuite.TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA:
    1435. 

  1435.             case CipherSuite.TLS_SRP_SHA_WITH_AES_256_CBC_SHA:
    1436. 

  1436.                 return EncryptionAlgorithm.AES_256_CBC;
    1437. 

  1437. 

  1438.             case CipherSuite.TLS_DHE_PSK_WITH_AES_256_CCM:
    1439. 

  1439.             case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CCM:
    1440. 

  1440.             case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CCM:
    1441. 

  1441.             case CipherSuite.TLS_PSK_WITH_AES_256_CCM:
    1442. 

  1442.             case CipherSuite.TLS_RSA_WITH_AES_256_CCM:
    1443. 

  1443.                 return EncryptionAlgorithm.AES_256_CCM;
    1444. 

  1444. 

  1445.             case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CCM_8:
    1446. 

  1446.             case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8:
    1447. 

  1447.             case CipherSuite.TLS_PSK_DHE_WITH_AES_256_CCM_8:
    1448. 

  1448.             case CipherSuite.TLS_PSK_WITH_AES_256_CCM_8:
    1449. 

  1449.             case CipherSuite.TLS_RSA_WITH_AES_256_CCM_8:
    1450. 

  1450.                 return EncryptionAlgorithm.AES_256_CCM_8;
    1451. 

  1451. 

  1452.             case CipherSuite.TLS_DH_anon_WITH_AES_256_GCM_SHA384:
    1453. 

  1453.             case CipherSuite.TLS_DH_DSS_WITH_AES_256_GCM_SHA384:
    1454. 

  1454.             case CipherSuite.TLS_DH_RSA_WITH_AES_256_GCM_SHA384:
    1455. 

  1455.             case CipherSuite.TLS_DHE_DSS_WITH_AES_256_GCM_SHA384:
    1456. 

  1456.             case CipherSuite.TLS_DHE_PSK_WITH_AES_256_GCM_SHA384:
    1457. 

  1457.             case CipherSuite.TLS_DHE_RSA_WITH_AES_256_GCM_SHA384:
    1458. 

  1458.             case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384:
    1459. 

  1459.             case CipherSuite.TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384:
    1460. 

  1460.             case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384:
    1461. 

  1461.             case CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384:
    1462. 

  1462.             case CipherSuite.TLS_PSK_WITH_AES_256_GCM_SHA384:
    1463. 

  1463.             case CipherSuite.TLS_RSA_PSK_WITH_AES_256_GCM_SHA384:
    1464. 

  1464.             case CipherSuite.TLS_RSA_WITH_AES_256_GCM_SHA384:
    1465. 

  1465.                 return EncryptionAlgorithm.AES_256_GCM;
    1466. 

  1466. 

  1467.             case CipherSuite.DRAFT_TLS_DHE_PSK_WITH_AES_256_OCB:
    1468. 

  1468.             case CipherSuite.DRAFT_TLS_DHE_RSA_WITH_AES_256_OCB:
    1469. 

  1469.             case CipherSuite.DRAFT_TLS_ECDHE_ECDSA_WITH_AES_256_OCB:
    1470. 

  1470.             case CipherSuite.DRAFT_TLS_ECDHE_PSK_WITH_AES_256_OCB:
    1471. 

  1471.             case CipherSuite.DRAFT_TLS_ECDHE_RSA_WITH_AES_256_OCB:
    1472. 

  1472.             case CipherSuite.DRAFT_TLS_PSK_WITH_AES_256_OCB:
    1473. 

  1473.                 return EncryptionAlgorithm.AES_256_OCB_TAGLEN96;
    1474. 

  1474. 

  1475.             case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA:
    1476. 

  1476.             case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256:
    1477. 

  1477.             case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA:
    1478. 

  1478.             case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256:
    1479. 

  1479.             case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA:
    1480. 

  1480.             case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256:
    1481. 

  1481.             case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA:
    1482. 

  1482.             case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256:
    1483. 

  1483.             case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256:
    1484. 

  1484.             case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA:
    1485. 

  1485.             case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256:
    1486. 

  1486.             case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256:
    1487. 

  1487.             case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256:
    1488. 

  1488.             case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256:
    1489. 

  1489.             case CipherSuite.TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256:
    1490. 

  1490.             case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256:
    1491. 

  1491.             case CipherSuite.TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256:
    1492. 

  1492.             case CipherSuite.TLS_RSA_WITH_CAMELLIA_128_CBC_SHA:
    1493. 

  1493.             case CipherSuite.TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256:
    1494. 

  1494.             case CipherSuite.TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256:
    1495. 

  1495.                 return EncryptionAlgorithm.CAMELLIA_128_CBC;
    1496. 

  1496. 

  1497.             case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256:
    1498. 

  1498.             case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256:
    1499. 

  1499.             case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256:
    1500. 

  1500.             case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256:
    1501. 

  1501.             case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256:
    1502. 

  1502.             case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256:
    1503. 

  1503.             case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256:
    1504. 

  1504.             case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256:
    1505. 

  1505.             case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256:
    1506. 

  1506.             case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256:
    1507. 

  1507.             case CipherSuite.TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256:
    1508. 

  1508.             case CipherSuite.TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256:
    1509. 

  1509.             case CipherSuite.TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256:
    1510. 

  1510.                 return EncryptionAlgorithm.CAMELLIA_128_GCM;
    1511. 

  1511. 

  1512.             case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA:
    1513. 

  1513.             case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256:
    1514. 

  1514.             case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA:
    1515. 

  1515.             case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256:
    1516. 

  1516.             case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA:
    1517. 

  1517.             case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256:
    1518. 

  1518.             case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA:
    1519. 

  1519.             case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256:
    1520. 

  1520.             case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384:
    1521. 

  1521.             case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA:
    1522. 

  1522.             case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256:
    1523. 

  1523.             case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384:
    1524. 

  1524.             case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384:
    1525. 

  1525.             case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384:
    1526. 

  1526.             case CipherSuite.TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384:
    1527. 

  1527.             case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384:
    1528. 

  1528.             case CipherSuite.TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384:
    1529. 

  1529.             case CipherSuite.TLS_RSA_WITH_CAMELLIA_256_CBC_SHA:
    1530. 

  1530.             case CipherSuite.TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256:
    1531. 

  1531.             case CipherSuite.TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384:
    1532. 

  1532.                 return EncryptionAlgorithm.CAMELLIA_256_CBC;
    1533. 

  1533. 

  1534.             case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384:
    1535. 

  1535.             case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384:
    1536. 

  1536.             case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384:
    1537. 

  1537.             case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384:
    1538. 

  1538.             case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384:
    1539. 

  1539.             case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384:
    1540. 

  1540.             case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384:
    1541. 

  1541.             case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384:
    1542. 

  1542.             case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384:
    1543. 

  1543.             case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384:
    1544. 

  1544.             case CipherSuite.TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384:
    1545. 

  1545.             case CipherSuite.TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384:
    1546. 

  1546.             case CipherSuite.TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384:
    1547. 

  1547.                 return EncryptionAlgorithm.CAMELLIA_256_GCM;
    1548. 

  1548. 

  1549.             case CipherSuite.DRAFT_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256:
    1550. 

  1550.             case CipherSuite.DRAFT_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256:
    1551. 

  1551.             case CipherSuite.DRAFT_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256:
    1552. 

  1552.             case CipherSuite.DRAFT_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256:
    1553. 

  1553.             case CipherSuite.DRAFT_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256:
    1554. 

  1554.             case CipherSuite.DRAFT_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256:
    1555. 

  1555.             case CipherSuite.DRAFT_TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256:
    1556. 

  1556.                 return EncryptionAlgorithm.CHACHA20_POLY1305;
    1557. 

  1557. 

  1558.             case CipherSuite.TLS_RSA_WITH_NULL_MD5:
    1559. 

  1559.                 return EncryptionAlgorithm.NULL;
    1560. 

  1560. 

  1561.             case CipherSuite.TLS_DHE_PSK_WITH_NULL_SHA:
    1562. 

  1562.             case CipherSuite.TLS_ECDH_anon_WITH_NULL_SHA:
    1563. 

  1563.             case CipherSuite.TLS_ECDH_ECDSA_WITH_NULL_SHA:
    1564. 

  1564.             case CipherSuite.TLS_ECDH_RSA_WITH_NULL_SHA:
    1565. 

  1565.             case CipherSuite.TLS_ECDHE_ECDSA_WITH_NULL_SHA:
    1566. 

  1566.             case CipherSuite.TLS_ECDHE_PSK_WITH_NULL_SHA:
    1567. 

  1567.             case CipherSuite.TLS_ECDHE_RSA_WITH_NULL_SHA:
    1568. 

  1568.             case CipherSuite.TLS_PSK_WITH_NULL_SHA:
    1569. 

  1569.             case CipherSuite.TLS_RSA_PSK_WITH_NULL_SHA:
    1570. 

  1570.             case CipherSuite.TLS_RSA_WITH_NULL_SHA:
    1571. 

  1571.                 return EncryptionAlgorithm.NULL;
    1572. 

  1572. 

  1573.             case CipherSuite.TLS_DHE_PSK_WITH_NULL_SHA256:
    1574. 

  1574.             case CipherSuite.TLS_ECDHE_PSK_WITH_NULL_SHA256:
    1575. 

  1575.             case CipherSuite.TLS_PSK_WITH_NULL_SHA256:
    1576. 

  1576.             case CipherSuite.TLS_RSA_PSK_WITH_NULL_SHA256:
    1577. 

  1577.             case CipherSuite.TLS_RSA_WITH_NULL_SHA256:
    1578. 

  1578.                 return EncryptionAlgorithm.NULL;
    1579. 

  1579. 

  1580.             case CipherSuite.TLS_DHE_PSK_WITH_NULL_SHA384:
    1581. 

  1581.             case CipherSuite.TLS_ECDHE_PSK_WITH_NULL_SHA384:
    1582. 

  1582.             case CipherSuite.TLS_PSK_WITH_NULL_SHA384:
    1583. 

  1583.             case CipherSuite.TLS_RSA_PSK_WITH_NULL_SHA384:
    1584. 

  1584.                 return EncryptionAlgorithm.NULL;
    1585. 

  1585. 

  1586.             case CipherSuite.TLS_DH_anon_WITH_RC4_128_MD5:
    1587. 

  1587.             case CipherSuite.TLS_RSA_WITH_RC4_128_MD5:
    1588. 

  1588.                 return EncryptionAlgorithm.RC4_128;
    1589. 

  1589. 

  1590.             case CipherSuite.TLS_DHE_PSK_WITH_RC4_128_SHA:
    1591. 

  1591.             case CipherSuite.TLS_ECDH_anon_WITH_RC4_128_SHA:
    1592. 

  1592.             case CipherSuite.TLS_ECDH_ECDSA_WITH_RC4_128_SHA:
    1593. 

  1593.             case CipherSuite.TLS_ECDH_RSA_WITH_RC4_128_SHA:
    1594. 

  1594.             case CipherSuite.TLS_ECDHE_ECDSA_WITH_RC4_128_SHA:
    1595. 

  1595.             case CipherSuite.TLS_ECDHE_PSK_WITH_RC4_128_SHA:
    1596. 

  1596.             case CipherSuite.TLS_ECDHE_RSA_WITH_RC4_128_SHA:
    1597. 

  1597.             case CipherSuite.TLS_PSK_WITH_RC4_128_SHA:
    1598. 

  1598.             case CipherSuite.TLS_RSA_WITH_RC4_128_SHA:
    1599. 

  1599.             case CipherSuite.TLS_RSA_PSK_WITH_RC4_128_SHA:
    1600. 

  1600.                 return EncryptionAlgorithm.RC4_128;
    1601. 

  1601. 

  1602.             case CipherSuite.TLS_DH_anon_WITH_SEED_CBC_SHA:
    1603. 

  1603.             case CipherSuite.TLS_DH_DSS_WITH_SEED_CBC_SHA:
    1604. 

  1604.             case CipherSuite.TLS_DH_RSA_WITH_SEED_CBC_SHA:
    1605. 

  1605.             case CipherSuite.TLS_DHE_DSS_WITH_SEED_CBC_SHA:
    1606. 

  1606.             case CipherSuite.TLS_DHE_RSA_WITH_SEED_CBC_SHA:
    1607. 

  1607.             case CipherSuite.TLS_RSA_WITH_SEED_CBC_SHA:
    1608. 

  1608.                 return EncryptionAlgorithm.SEED_CBC;
    1609. 

  1609. 

  1610.             default:
    1611. 

  1611.                 throw new TlsFatalAlert(AlertDescription.internal_error);
    1612. 

  1612.             }
    1613. 

  1613.         }
    1614. 

  1614. 

  1615.         public static int GetKeyExchangeAlgorithm(int ciphersuite)
    1616. 

  1616.         {
    1617. 

  1617.             switch (ciphersuite)
    1618. 

  1618.             {
    1619. 

  1619.             case CipherSuite.TLS_DH_anon_WITH_3DES_EDE_CBC_SHA:
    1620. 

  1620.             case CipherSuite.TLS_DH_anon_WITH_AES_128_CBC_SHA:
    1621. 

  1621.             case CipherSuite.TLS_DH_anon_WITH_AES_128_CBC_SHA256:
    1622. 

  1622.             case CipherSuite.TLS_DH_anon_WITH_AES_128_GCM_SHA256:
    1623. 

  1623.             case CipherSuite.TLS_DH_anon_WITH_AES_256_CBC_SHA:
    1624. 

  1624.             case CipherSuite.TLS_DH_anon_WITH_AES_256_CBC_SHA256:
    1625. 

  1625.             case CipherSuite.TLS_DH_anon_WITH_AES_256_GCM_SHA384:
    1626. 

  1626.             case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA:
    1627. 

  1627.             case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256:
    1628. 

  1628.             case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256:
    1629. 

  1629.             case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA:
    1630. 

  1630.             case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256:
    1631. 

  1631.             case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384:
    1632. 

  1632.             case CipherSuite.TLS_DH_anon_WITH_RC4_128_MD5:
    1633. 

  1633.             case CipherSuite.TLS_DH_anon_WITH_SEED_CBC_SHA:
    1634. 

  1634.                 return KeyExchangeAlgorithm.DH_anon;
    1635. 

  1635. 

  1636.             case CipherSuite.TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA:
    1637. 

  1637.             case CipherSuite.TLS_DH_DSS_WITH_AES_128_CBC_SHA:
    1638. 

  1638.             case CipherSuite.TLS_DH_DSS_WITH_AES_128_CBC_SHA256:
    1639. 

  1639.             case CipherSuite.TLS_DH_DSS_WITH_AES_128_GCM_SHA256:
    1640. 

  1640.             case CipherSuite.TLS_DH_DSS_WITH_AES_256_CBC_SHA:
    1641. 

  1641.             case CipherSuite.TLS_DH_DSS_WITH_AES_256_CBC_SHA256:
    1642. 

  1642.             case CipherSuite.TLS_DH_DSS_WITH_AES_256_GCM_SHA384:
    1643. 

  1643.             case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA:
    1644. 

  1644.             case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256:
    1645. 

  1645.             case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256:
    1646. 

  1646.             case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA:
    1647. 

  1647.             case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256:
    1648. 

  1648.             case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384:
    1649. 

  1649.             case CipherSuite.TLS_DH_DSS_WITH_SEED_CBC_SHA:
    1650. 

  1650.                 return KeyExchangeAlgorithm.DH_DSS;
    1651. 

  1651. 

  1652.             case CipherSuite.TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA:
    1653. 

  1653.             case CipherSuite.TLS_DH_RSA_WITH_AES_128_CBC_SHA:
    1654. 

  1654.             case CipherSuite.TLS_DH_RSA_WITH_AES_128_CBC_SHA256:
    1655. 

  1655.             case CipherSuite.TLS_DH_RSA_WITH_AES_128_GCM_SHA256:
    1656. 

  1656.             case CipherSuite.TLS_DH_RSA_WITH_AES_256_CBC_SHA:
    1657. 

  1657.             case CipherSuite.TLS_DH_RSA_WITH_AES_256_CBC_SHA256:
    1658. 

  1658.             case CipherSuite.TLS_DH_RSA_WITH_AES_256_GCM_SHA384:
    1659. 

  1659.             case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA:
    1660. 

  1660.             case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256:
    1661. 

  1661.             case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256:
    1662. 

  1662.             case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA:
    1663. 

  1663.             case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256:
    1664. 

  1664.             case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384:
    1665. 

  1665.             case CipherSuite.TLS_DH_RSA_WITH_SEED_CBC_SHA:
    1666. 

  1666.                 return KeyExchangeAlgorithm.DH_RSA;
    1667. 

  1667. 

  1668.             case CipherSuite.TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA:
    1669. 

  1669.             case CipherSuite.TLS_DHE_DSS_WITH_AES_128_CBC_SHA:
    1670. 

  1670.             case CipherSuite.TLS_DHE_DSS_WITH_AES_128_CBC_SHA256:
    1671. 

  1671.             case CipherSuite.TLS_DHE_DSS_WITH_AES_128_GCM_SHA256:
    1672. 

  1672.             case CipherSuite.TLS_DHE_DSS_WITH_AES_256_CBC_SHA:
    1673. 

  1673.             case CipherSuite.TLS_DHE_DSS_WITH_AES_256_CBC_SHA256:
    1674. 

  1674.             case CipherSuite.TLS_DHE_DSS_WITH_AES_256_GCM_SHA384:
    1675. 

  1675.             case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA:
    1676. 

  1676.             case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256:
    1677. 

  1677.             case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256:
    1678. 

  1678.             case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA:
    1679. 

  1679.             case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256:
    1680. 

  1680.             case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384:
    1681. 

  1681.             case CipherSuite.TLS_DHE_DSS_WITH_SEED_CBC_SHA:
    1682. 

  1682.                 return KeyExchangeAlgorithm.DHE_DSS;
    1683. 

  1683. 

  1684.             case CipherSuite.TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA:
    1685. 

  1685.             case CipherSuite.TLS_DHE_PSK_WITH_AES_128_CBC_SHA:
    1686. 

  1686.             case CipherSuite.TLS_DHE_PSK_WITH_AES_128_CBC_SHA256:
    1687. 

  1687.             case CipherSuite.TLS_DHE_PSK_WITH_AES_128_CCM:
    1688. 

  1688.             case CipherSuite.TLS_DHE_PSK_WITH_AES_128_GCM_SHA256:
    1689. 

  1689.             case CipherSuite.DRAFT_TLS_DHE_PSK_WITH_AES_128_OCB:
    1690. 

  1690.             case CipherSuite.TLS_DHE_PSK_WITH_AES_256_CBC_SHA:
    1691. 

  1691.             case CipherSuite.TLS_DHE_PSK_WITH_AES_256_CBC_SHA384:
    1692. 

  1692.             case CipherSuite.TLS_DHE_PSK_WITH_AES_256_CCM:
    1693. 

  1693.             case CipherSuite.TLS_DHE_PSK_WITH_AES_256_GCM_SHA384:
    1694. 

  1694.             case CipherSuite.DRAFT_TLS_DHE_PSK_WITH_AES_256_OCB:
    1695. 

  1695.             case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256:
    1696. 

  1696.             case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256:
    1697. 

  1697.             case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384:
    1698. 

  1698.             case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384:
    1699. 

  1699.             case CipherSuite.DRAFT_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256:
    1700. 

  1700.             case CipherSuite.TLS_DHE_PSK_WITH_NULL_SHA:
    1701. 

  1701.             case CipherSuite.TLS_DHE_PSK_WITH_NULL_SHA256:
    1702. 

  1702.             case CipherSuite.TLS_DHE_PSK_WITH_NULL_SHA384:
    1703. 

  1703.             case CipherSuite.TLS_DHE_PSK_WITH_RC4_128_SHA:
    1704. 

  1704.             case CipherSuite.TLS_PSK_DHE_WITH_AES_128_CCM_8:
    1705. 

  1705.             case CipherSuite.TLS_PSK_DHE_WITH_AES_256_CCM_8:
    1706. 

  1706.                 return KeyExchangeAlgorithm.DHE_PSK;
    1707. 

  1707. 

  1708.             case CipherSuite.TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA:
    1709. 

  1709.             case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA:
    1710. 

  1710.             case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA256:
    1711. 

  1711.             case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CCM:
    1712. 

  1712.             case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CCM_8:
    1713. 

  1713.             case CipherSuite.TLS_DHE_RSA_WITH_AES_128_GCM_SHA256:
    1714. 

  1714.             case CipherSuite.DRAFT_TLS_DHE_RSA_WITH_AES_128_OCB:
    1715. 

  1715.             case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CBC_SHA:
    1716. 

  1716.             case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CBC_SHA256:
    1717. 

  1717.             case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CCM:
    1718. 

  1718.             case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CCM_8:
    1719. 

  1719.             case CipherSuite.TLS_DHE_RSA_WITH_AES_256_GCM_SHA384:
    1720. 

  1720.             case CipherSuite.DRAFT_TLS_DHE_RSA_WITH_AES_256_OCB:
    1721. 

  1721.             case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA:
    1722. 

  1722.             case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256:
    1723. 

  1723.             case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256:
    1724. 

  1724.             case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA:
    1725. 

  1725.             case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256:
    1726. 

  1726.             case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384:
    1727. 

  1727.             case CipherSuite.DRAFT_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256:
    1728. 

  1728.             case CipherSuite.TLS_DHE_RSA_WITH_SEED_CBC_SHA:
    1729. 

  1729.                 return KeyExchangeAlgorithm.DHE_RSA;
    1730. 

  1730. 

  1731.             case CipherSuite.TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA:
    1732. 

  1732.             case CipherSuite.TLS_ECDH_anon_WITH_AES_128_CBC_SHA:
    1733. 

  1733.             case CipherSuite.TLS_ECDH_anon_WITH_AES_256_CBC_SHA:
    1734. 

  1734.             case CipherSuite.TLS_ECDH_anon_WITH_NULL_SHA:
    1735. 

  1735.             case CipherSuite.TLS_ECDH_anon_WITH_RC4_128_SHA:
    1736. 

  1736.                 return KeyExchangeAlgorithm.ECDH_anon;
    1737. 

  1737. 

  1738.             case CipherSuite.TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA:
    1739. 

  1739.             case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA:
    1740. 

  1740.             case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256:
    1741. 

  1741.             case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256:
    1742. 

  1742.             case CipherSuite.DRAFT_TLS_ECDHE_ECDSA_WITH_AES_128_OCB:
    1743. 

  1743.             case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA:
    1744. 

  1744.             case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384:
    1745. 

  1745.             case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384:
    1746. 

  1746.             case CipherSuite.DRAFT_TLS_ECDHE_ECDSA_WITH_AES_256_OCB:
    1747. 

  1747.             case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256:
    1748. 

  1748.             case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256:
    1749. 

  1749.             case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384:
    1750. 

  1750.             case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384:
    1751. 

  1751.             case CipherSuite.TLS_ECDH_ECDSA_WITH_NULL_SHA:
    1752. 

  1752.             case CipherSuite.TLS_ECDH_ECDSA_WITH_RC4_128_SHA:
    1753. 

  1753.                 return KeyExchangeAlgorithm.ECDH_ECDSA;
    1754. 

  1754. 

  1755.             case CipherSuite.TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA:
    1756. 

  1756.             case CipherSuite.TLS_ECDH_RSA_WITH_AES_128_CBC_SHA:
    1757. 

  1757.             case CipherSuite.TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256:
    1758. 

  1758.             case CipherSuite.TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256:
    1759. 

  1759.             case CipherSuite.TLS_ECDH_RSA_WITH_AES_256_CBC_SHA:
    1760. 

  1760.             case CipherSuite.TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384:
    1761. 

  1761.             case CipherSuite.TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384:
    1762. 

  1762.             case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256:
    1763. 

  1763.             case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256:
    1764. 

  1764.             case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384:
    1765. 

  1765.             case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384:
    1766. 

  1766.             case CipherSuite.TLS_ECDH_RSA_WITH_NULL_SHA:
    1767. 

  1767.             case CipherSuite.TLS_ECDH_RSA_WITH_RC4_128_SHA:
    1768. 

  1768.                 return KeyExchangeAlgorithm.ECDH_RSA;
    1769. 

  1769. 

  1770.             case CipherSuite.TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA:
    1771. 

  1771.             case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA:
    1772. 

  1772.             case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256:
    1773. 

  1773.             case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CCM:
    1774. 

  1774.             case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8:
    1775. 

  1775.             case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:
    1776. 

  1776.             case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA:
    1777. 

  1777.             case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384:
    1778. 

  1778.             case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CCM:
    1779. 

  1779.             case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8:
    1780. 

  1780.             case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384:
    1781. 

  1781.             case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256:
    1782. 

  1782.             case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256:
    1783. 

  1783.             case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384:
    1784. 

  1784.             case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384:
    1785. 

  1785.             case CipherSuite.DRAFT_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256:
    1786. 

  1786.             case CipherSuite.TLS_ECDHE_ECDSA_WITH_NULL_SHA:
    1787. 

  1787.             case CipherSuite.TLS_ECDHE_ECDSA_WITH_RC4_128_SHA:
    1788. 

  1788.                 return KeyExchangeAlgorithm.ECDHE_ECDSA;
    1789. 

  1789. 

  1790.             case CipherSuite.TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA:
    1791. 

  1791.             case CipherSuite.TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA:
    1792. 

  1792.             case CipherSuite.TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256:
    1793. 

  1793.             case CipherSuite.DRAFT_TLS_ECDHE_PSK_WITH_AES_128_OCB:
    1794. 

  1794.             case CipherSuite.TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA:
    1795. 

  1795.             case CipherSuite.TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384:
    1796. 

  1796.             case CipherSuite.DRAFT_TLS_ECDHE_PSK_WITH_AES_256_OCB:
    1797. 

  1797.             case CipherSuite.TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256:
    1798. 

  1798.             case CipherSuite.TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384:
    1799. 

  1799.             case CipherSuite.DRAFT_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256:
    1800. 

  1800.             case CipherSuite.TLS_ECDHE_PSK_WITH_NULL_SHA:
    1801. 

  1801.             case CipherSuite.TLS_ECDHE_PSK_WITH_NULL_SHA256:
    1802. 

  1802.             case CipherSuite.TLS_ECDHE_PSK_WITH_NULL_SHA384:
    1803. 

  1803.             case CipherSuite.TLS_ECDHE_PSK_WITH_RC4_128_SHA:
    1804. 

  1804.                 return KeyExchangeAlgorithm.ECDHE_PSK;
    1805. 

  1805. 

  1806.             case CipherSuite.TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA:
    1807. 

  1807.             case CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA:
    1808. 

  1808.             case CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256:
    1809. 

  1809.             case CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256:
    1810. 

  1810.             case CipherSuite.DRAFT_TLS_ECDHE_RSA_WITH_AES_128_OCB:
    1811. 

  1811.             case CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA:
    1812. 

  1812.             case CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384:
    1813. 

  1813.             case CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384:
    1814. 

  1814.             case CipherSuite.DRAFT_TLS_ECDHE_RSA_WITH_AES_256_OCB:
    1815. 

  1815.             case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256:
    1816. 

  1816.             case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256:
    1817. 

  1817.             case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384:
    1818. 

  1818.             case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384:
    1819. 

  1819.             case CipherSuite.DRAFT_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256:
    1820. 

  1820.             case CipherSuite.TLS_ECDHE_RSA_WITH_NULL_SHA:
    1821. 

  1821.             case CipherSuite.TLS_ECDHE_RSA_WITH_RC4_128_SHA:
    1822. 

  1822.                 return KeyExchangeAlgorithm.ECDHE_RSA;
    1823. 

  1823. 

  1824.             case CipherSuite.TLS_PSK_WITH_3DES_EDE_CBC_SHA:
    1825. 

  1825.             case CipherSuite.TLS_PSK_WITH_AES_128_CBC_SHA:
    1826. 

  1826.             case CipherSuite.TLS_PSK_WITH_AES_128_CBC_SHA256:
    1827. 

  1827.             case CipherSuite.TLS_PSK_WITH_AES_128_CCM:
    1828. 

  1828.             case CipherSuite.TLS_PSK_WITH_AES_128_CCM_8:
    1829. 

  1829.             case CipherSuite.TLS_PSK_WITH_AES_128_GCM_SHA256:
    1830. 

  1830.             case CipherSuite.DRAFT_TLS_PSK_WITH_AES_128_OCB:
    1831. 

  1831.             case CipherSuite.TLS_PSK_WITH_AES_256_CBC_SHA:
    1832. 

  1832.             case CipherSuite.TLS_PSK_WITH_AES_256_CBC_SHA384:
    1833. 

  1833.             case CipherSuite.TLS_PSK_WITH_AES_256_CCM:
    1834. 

  1834.             case CipherSuite.TLS_PSK_WITH_AES_256_CCM_8:
    1835. 

  1835.             case CipherSuite.TLS_PSK_WITH_AES_256_GCM_SHA384:
    1836. 

  1836.             case CipherSuite.DRAFT_TLS_PSK_WITH_AES_256_OCB:
    1837. 

  1837.             case CipherSuite.TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256:
    1838. 

  1838.             case CipherSuite.TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256:
    1839. 

  1839.             case CipherSuite.TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384:
    1840. 

  1840.             case CipherSuite.TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384:
    1841. 

  1841.             case CipherSuite.DRAFT_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256:
    1842. 

  1842.             case CipherSuite.TLS_PSK_WITH_NULL_SHA:
    1843. 

  1843.             case CipherSuite.TLS_PSK_WITH_NULL_SHA256:
    1844. 

  1844.             case CipherSuite.TLS_PSK_WITH_NULL_SHA384:
    1845. 

  1845.             case CipherSuite.TLS_PSK_WITH_RC4_128_SHA:
    1846. 

  1846.                 return KeyExchangeAlgorithm.PSK;
    1847. 

  1847. 

  1848.             case CipherSuite.TLS_RSA_WITH_3DES_EDE_CBC_SHA:
    1849. 

  1849.             case CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA:
    1850. 

  1850.             case CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA256:
    1851. 

  1851.             case CipherSuite.TLS_RSA_WITH_AES_128_CCM:
    1852. 

  1852.             case CipherSuite.TLS_RSA_WITH_AES_128_CCM_8:
    1853. 

  1853.             case CipherSuite.TLS_RSA_WITH_AES_128_GCM_SHA256:
    1854. 

  1854.             case CipherSuite.TLS_RSA_WITH_AES_256_CBC_SHA:
    1855. 

  1855.             case CipherSuite.TLS_RSA_WITH_AES_256_CBC_SHA256:
    1856. 

  1856.             case CipherSuite.TLS_RSA_WITH_AES_256_CCM:
    1857. 

  1857.             case CipherSuite.TLS_RSA_WITH_AES_256_CCM_8:
    1858. 

  1858.             case CipherSuite.TLS_RSA_WITH_AES_256_GCM_SHA384:
    1859. 

  1859.             case CipherSuite.TLS_RSA_WITH_CAMELLIA_128_CBC_SHA:
    1860. 

  1860.             case CipherSuite.TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256:
    1861. 

  1861.             case CipherSuite.TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256:
    1862. 

  1862.             case CipherSuite.TLS_RSA_WITH_CAMELLIA_256_CBC_SHA:
    1863. 

  1863.             case CipherSuite.TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256:
    1864. 

  1864.             case CipherSuite.TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384:
    1865. 

  1865.             case CipherSuite.DRAFT_TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256:
    1866. 

  1866.             case CipherSuite.TLS_RSA_WITH_NULL_MD5:
    1867. 

  1867.             case CipherSuite.TLS_RSA_WITH_NULL_SHA:
    1868. 

  1868.             case CipherSuite.TLS_RSA_WITH_NULL_SHA256:
    1869. 

  1869.             case CipherSuite.TLS_RSA_WITH_RC4_128_MD5:
    1870. 

  1870.             case CipherSuite.TLS_RSA_WITH_RC4_128_SHA:
    1871. 

  1871.             case CipherSuite.TLS_RSA_WITH_SEED_CBC_SHA:
    1872. 

  1872.                 return KeyExchangeAlgorithm.RSA;
    1873. 

  1873. 

  1874.             case CipherSuite.TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA:
    1875. 

  1875.             case CipherSuite.TLS_RSA_PSK_WITH_AES_128_CBC_SHA:
    1876. 

  1876.             case CipherSuite.TLS_RSA_PSK_WITH_AES_128_CBC_SHA256:
    1877. 

  1877.             case CipherSuite.TLS_RSA_PSK_WITH_AES_128_GCM_SHA256:
    1878. 

  1878.             case CipherSuite.TLS_RSA_PSK_WITH_AES_256_CBC_SHA:
    1879. 

  1879.             case CipherSuite.TLS_RSA_PSK_WITH_AES_256_CBC_SHA384:
    1880. 

  1880.             case CipherSuite.TLS_RSA_PSK_WITH_AES_256_GCM_SHA384:
    1881. 

  1881.             case CipherSuite.TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256:
    1882. 

  1882.             case CipherSuite.TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256:
    1883. 

  1883.             case CipherSuite.TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384:
    1884. 

  1884.             case CipherSuite.TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384:
    1885. 

  1885.             case CipherSuite.TLS_RSA_PSK_WITH_NULL_SHA:
    1886. 

  1886.             case CipherSuite.TLS_RSA_PSK_WITH_NULL_SHA256:
    1887. 

  1887.             case CipherSuite.TLS_RSA_PSK_WITH_NULL_SHA384:
    1888. 

  1888.             case CipherSuite.TLS_RSA_PSK_WITH_RC4_128_SHA:
    1889. 

  1889.                 return KeyExchangeAlgorithm.RSA_PSK;
    1890. 

  1890. 

  1891.             case CipherSuite.TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA:
    1892. 

  1892.             case CipherSuite.TLS_SRP_SHA_WITH_AES_128_CBC_SHA:
    1893. 

  1893.             case CipherSuite.TLS_SRP_SHA_WITH_AES_256_CBC_SHA:
    1894. 

  1894.                 return KeyExchangeAlgorithm.SRP;
    1895. 

  1895. 

  1896.             case CipherSuite.TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA:
    1897. 

  1897.             case CipherSuite.TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA:
    1898. 

  1898.             case CipherSuite.TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA:
    1899. 

  1899.                 return KeyExchangeAlgorithm.SRP_DSS;
    1900. 

  1900. 

  1901.             case CipherSuite.TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA:
    1902. 

  1902.             case CipherSuite.TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA:
    1903. 

  1903.             case CipherSuite.TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA:
    1904. 

  1904.                 return KeyExchangeAlgorithm.SRP_RSA;
    1905. 

  1905. 

  1906.             default:
    1907. 

  1907.                 throw new TlsFatalAlert(AlertDescription.internal_error);
    1908. 

  1908.             }
    1909. 

  1909.         }
    1910. 

  1910. 

  1911.         public static int GetMacAlgorithm(int ciphersuite)
    1912. 

  1912.         {
    1913. 

  1913.             switch (ciphersuite)
    1914. 

  1914.             {
    1915. 

  1915.             case CipherSuite.TLS_DH_anon_WITH_AES_128_GCM_SHA256:
    1916. 

  1916.             case CipherSuite.TLS_DH_anon_WITH_AES_256_GCM_SHA384:
    1917. 

  1917.             case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256:
    1918. 

  1918.             case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384:
    1919. 

  1919.             case CipherSuite.TLS_DH_DSS_WITH_AES_128_GCM_SHA256:
    1920. 

  1920.             case CipherSuite.TLS_DH_DSS_WITH_AES_256_GCM_SHA384:
    1921. 

  1921.             case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256:
    1922. 

  1922.             case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384:
    1923. 

  1923.             case CipherSuite.TLS_DH_RSA_WITH_AES_128_GCM_SHA256:
    1924. 

  1924.             case CipherSuite.TLS_DH_RSA_WITH_AES_256_GCM_SHA384:
    1925. 

  1925.             case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256:
    1926. 

  1926.             case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384:
    1927. 

  1927.             case CipherSuite.TLS_DHE_DSS_WITH_AES_128_GCM_SHA256:
    1928. 

  1928.             case CipherSuite.TLS_DHE_DSS_WITH_AES_256_GCM_SHA384:
    1929. 

  1929.             case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256:
    1930. 

  1930.             case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384:
    1931. 

  1931.             case CipherSuite.TLS_DHE_PSK_WITH_AES_128_CCM:
    1932. 

  1932.             case CipherSuite.TLS_DHE_PSK_WITH_AES_128_GCM_SHA256:
    1933. 

  1933.             case CipherSuite.DRAFT_TLS_DHE_PSK_WITH_AES_128_OCB:
    1934. 

  1934.             case CipherSuite.TLS_DHE_PSK_WITH_AES_256_CCM:
    1935. 

  1935.             case CipherSuite.TLS_DHE_PSK_WITH_AES_256_GCM_SHA384:
    1936. 

  1936.             case CipherSuite.DRAFT_TLS_DHE_PSK_WITH_AES_256_OCB:
    1937. 

  1937.             case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256:
    1938. 

  1938.             case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384:
    1939. 

  1939.             case CipherSuite.DRAFT_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256:
    1940. 

  1940.             case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CCM:
    1941. 

  1941.             case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CCM_8:
    1942. 

  1942.             case CipherSuite.TLS_DHE_RSA_WITH_AES_128_GCM_SHA256:
    1943. 

  1943.             case CipherSuite.DRAFT_TLS_DHE_RSA_WITH_AES_128_OCB:
    1944. 

  1944.             case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CCM:
    1945. 

  1945.             case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CCM_8:
    1946. 

  1946.             case CipherSuite.TLS_DHE_RSA_WITH_AES_256_GCM_SHA384:
    1947. 

  1947.             case CipherSuite.DRAFT_TLS_DHE_RSA_WITH_AES_256_OCB:
    1948. 

  1948.             case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256:
    1949. 

  1949.             case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384:
    1950. 

  1950.             case CipherSuite.DRAFT_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256:
    1951. 

  1951.             case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256:
    1952. 

  1952.             case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384:
    1953. 

  1953.             case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256:
    1954. 

  1954.             case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384:
    1955. 

  1955.             case CipherSuite.TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256:
    1956. 

  1956.             case CipherSuite.TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384:
    1957. 

  1957.             case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256:
    1958. 

  1958.             case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384:
    1959. 

  1959.             case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CCM:
    1960. 

  1960.             case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8:
    1961. 

  1961.             case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:
    1962. 

  1962.             case CipherSuite.DRAFT_TLS_ECDHE_ECDSA_WITH_AES_128_OCB:
    1963. 

  1963.             case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CCM:
    1964. 

  1964.             case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8:
    1965. 

  1965.             case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384:
    1966. 

  1966.             case CipherSuite.DRAFT_TLS_ECDHE_ECDSA_WITH_AES_256_OCB:
    1967. 

  1967.             case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256:
    1968. 

  1968.             case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384:
    1969. 

  1969.             case CipherSuite.DRAFT_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256:
    1970. 

  1970.             case CipherSuite.DRAFT_TLS_ECDHE_PSK_WITH_AES_128_OCB:
    1971. 

  1971.             case CipherSuite.DRAFT_TLS_ECDHE_PSK_WITH_AES_256_OCB:
    1972. 

  1972.             case CipherSuite.DRAFT_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256:
    1973. 

  1973.             case CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256:
    1974. 

  1974.             case CipherSuite.DRAFT_TLS_ECDHE_RSA_WITH_AES_128_OCB:
    1975. 

  1975.             case CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384:
    1976. 

  1976.             case CipherSuite.DRAFT_TLS_ECDHE_RSA_WITH_AES_256_OCB:
    1977. 

  1977.             case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256:
    1978. 

  1978.             case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384:
    1979. 

  1979.             case CipherSuite.DRAFT_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256:
    1980. 

  1980.             case CipherSuite.TLS_PSK_DHE_WITH_AES_128_CCM_8:
    1981. 

  1981.             case CipherSuite.TLS_PSK_DHE_WITH_AES_256_CCM_8:
    1982. 

  1982.             case CipherSuite.TLS_PSK_WITH_AES_128_CCM:
    1983. 

  1983.             case CipherSuite.TLS_PSK_WITH_AES_128_CCM_8:
    1984. 

  1984.             case CipherSuite.TLS_PSK_WITH_AES_128_GCM_SHA256:
    1985. 

  1985.             case CipherSuite.DRAFT_TLS_PSK_WITH_AES_128_OCB:
    1986. 

  1986.             case CipherSuite.TLS_PSK_WITH_AES_256_CCM:
    1987. 

  1987.             case CipherSuite.TLS_PSK_WITH_AES_256_CCM_8:
    1988. 

  1988.             case CipherSuite.TLS_PSK_WITH_AES_256_GCM_SHA384:
    1989. 

  1989.             case CipherSuite.DRAFT_TLS_PSK_WITH_AES_256_OCB:
    1990. 

  1990.             case CipherSuite.TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256:
    1991. 

  1991.             case CipherSuite.TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384:
    1992. 

  1992.             case CipherSuite.DRAFT_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256:
    1993. 

  1993.             case CipherSuite.TLS_RSA_PSK_WITH_AES_128_GCM_SHA256:
    1994. 

  1994.             case CipherSuite.TLS_RSA_PSK_WITH_AES_256_GCM_SHA384:
    1995. 

  1995.             case CipherSuite.TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256:
    1996. 

  1996.             case CipherSuite.TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384:
    1997. 

  1997.             case CipherSuite.DRAFT_TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256:
    1998. 

  1998.             case CipherSuite.TLS_RSA_WITH_AES_128_CCM:
    1999. 

  1999.             case CipherSuite.TLS_RSA_WITH_AES_128_CCM_8:
    2000. 

  2000.             case CipherSuite.TLS_RSA_WITH_AES_128_GCM_SHA256:
    2001. 

  2001.             case CipherSuite.TLS_RSA_WITH_AES_256_CCM:
    2002. 

  2002.             case CipherSuite.TLS_RSA_WITH_AES_256_CCM_8:
    2003. 

  2003.             case CipherSuite.TLS_RSA_WITH_AES_256_GCM_SHA384:
    2004. 

  2004.             case CipherSuite.TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256:
    2005. 

  2005.             case CipherSuite.TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384:
    2006. 

  2006.                 return MacAlgorithm.cls_null;
    2007. 

  2007. 

  2008.             case CipherSuite.TLS_DH_anon_WITH_RC4_128_MD5:
    2009. 

  2009.             case CipherSuite.TLS_RSA_WITH_NULL_MD5:
    2010. 

  2010.             case CipherSuite.TLS_RSA_WITH_RC4_128_MD5:
    2011. 

  2011.                 return MacAlgorithm.hmac_md5;
    2012. 

  2012. 

  2013.             case CipherSuite.TLS_DH_anon_WITH_3DES_EDE_CBC_SHA:
    2014. 

  2014.             case CipherSuite.TLS_DH_anon_WITH_AES_128_CBC_SHA:
    2015. 

  2015.             case CipherSuite.TLS_DH_anon_WITH_AES_256_CBC_SHA:
    2016. 

  2016.             case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA:
    2017. 

  2017.             case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA:
    2018. 

  2018.             case CipherSuite.TLS_DH_anon_WITH_SEED_CBC_SHA:
    2019. 

  2019.             case CipherSuite.TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA:
    2020. 

  2020.             case CipherSuite.TLS_DH_DSS_WITH_AES_128_CBC_SHA:
    2021. 

  2021.             case CipherSuite.TLS_DH_DSS_WITH_AES_256_CBC_SHA:
    2022. 

  2022.             case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA:
    2023. 

  2023.             case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA:
    2024. 

  2024.             case CipherSuite.TLS_DH_DSS_WITH_SEED_CBC_SHA:
    2025. 

  2025.             case CipherSuite.TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA:
    2026. 

  2026.             case CipherSuite.TLS_DH_RSA_WITH_AES_128_CBC_SHA:
    2027. 

  2027.             case CipherSuite.TLS_DH_RSA_WITH_AES_256_CBC_SHA:
    2028. 

  2028.             case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA:
    2029. 

  2029.             case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA:
    2030. 

  2030.             case CipherSuite.TLS_DH_RSA_WITH_SEED_CBC_SHA:
    2031. 

  2031.             case CipherSuite.TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA:
    2032. 

  2032.             case CipherSuite.TLS_DHE_DSS_WITH_AES_128_CBC_SHA:
    2033. 

  2033.             case CipherSuite.TLS_DHE_DSS_WITH_AES_256_CBC_SHA:
    2034. 

  2034.             case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA:
    2035. 

  2035.             case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA:
    2036. 

  2036.             case CipherSuite.TLS_DHE_DSS_WITH_SEED_CBC_SHA:
    2037. 

  2037.             case CipherSuite.TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA:
    2038. 

  2038.             case CipherSuite.TLS_DHE_PSK_WITH_AES_128_CBC_SHA:
    2039. 

  2039.             case CipherSuite.TLS_DHE_PSK_WITH_AES_256_CBC_SHA:
    2040. 

  2040.             case CipherSuite.TLS_DHE_PSK_WITH_NULL_SHA:
    2041. 

  2041.             case CipherSuite.TLS_DHE_PSK_WITH_RC4_128_SHA:
    2042. 

  2042.             case CipherSuite.TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA:
    2043. 

  2043.             case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA:
    2044. 

  2044.             case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CBC_SHA:
    2045. 

  2045.             case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA:
    2046. 

  2046.             case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA:
    2047. 

  2047.             case CipherSuite.TLS_DHE_RSA_WITH_SEED_CBC_SHA:
    2048. 

  2048.             case CipherSuite.TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA:
    2049. 

  2049.             case CipherSuite.TLS_ECDH_anon_WITH_AES_128_CBC_SHA:
    2050. 

  2050.             case CipherSuite.TLS_ECDH_anon_WITH_AES_256_CBC_SHA:
    2051. 

  2051.             case CipherSuite.TLS_ECDH_anon_WITH_NULL_SHA:
    2052. 

  2052.             case CipherSuite.TLS_ECDH_anon_WITH_RC4_128_SHA:
    2053. 

  2053.             case CipherSuite.TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA:
    2054. 

  2054.             case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA:
    2055. 

  2055.             case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA:
    2056. 

  2056.             case CipherSuite.TLS_ECDH_ECDSA_WITH_NULL_SHA:
    2057. 

  2057.             case CipherSuite.TLS_ECDH_ECDSA_WITH_RC4_128_SHA:
    2058. 

  2058.             case CipherSuite.TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA:
    2059. 

  2059.             case CipherSuite.TLS_ECDH_RSA_WITH_AES_128_CBC_SHA:
    2060. 

  2060.             case CipherSuite.TLS_ECDH_RSA_WITH_AES_256_CBC_SHA:
    2061. 

  2061.             case CipherSuite.TLS_ECDH_RSA_WITH_NULL_SHA:
    2062. 

  2062.             case CipherSuite.TLS_ECDH_RSA_WITH_RC4_128_SHA:
    2063. 

  2063.             case CipherSuite.TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA:
    2064. 

  2064.             case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA:
    2065. 

  2065.             case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA:
    2066. 

  2066.             case CipherSuite.TLS_ECDHE_ECDSA_WITH_NULL_SHA:
    2067. 

  2067.             case CipherSuite.TLS_ECDHE_ECDSA_WITH_RC4_128_SHA:
    2068. 

  2068.             case CipherSuite.TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA:
    2069. 

  2069.             case CipherSuite.TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA:
    2070. 

  2070.             case CipherSuite.TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA:
    2071. 

  2071.             case CipherSuite.TLS_ECDHE_PSK_WITH_NULL_SHA:
    2072. 

  2072.             case CipherSuite.TLS_ECDHE_PSK_WITH_RC4_128_SHA:
    2073. 

  2073.             case CipherSuite.TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA:
    2074. 

  2074.             case CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA:
    2075. 

  2075.             case CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA:
    2076. 

  2076.             case CipherSuite.TLS_ECDHE_RSA_WITH_NULL_SHA:
    2077. 

  2077.             case CipherSuite.TLS_ECDHE_RSA_WITH_RC4_128_SHA:
    2078. 

  2078.             case CipherSuite.TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA:
    2079. 

  2079.             case CipherSuite.TLS_RSA_PSK_WITH_AES_128_CBC_SHA:
    2080. 

  2080.             case CipherSuite.TLS_RSA_PSK_WITH_AES_256_CBC_SHA:
    2081. 

  2081.             case CipherSuite.TLS_PSK_WITH_3DES_EDE_CBC_SHA:
    2082. 

  2082.             case CipherSuite.TLS_PSK_WITH_AES_128_CBC_SHA:
    2083. 

  2083.             case CipherSuite.TLS_PSK_WITH_AES_256_CBC_SHA:
    2084. 

  2084.             case CipherSuite.TLS_PSK_WITH_NULL_SHA:
    2085. 

  2085.             case CipherSuite.TLS_PSK_WITH_RC4_128_SHA:
    2086. 

  2086.             case CipherSuite.TLS_RSA_PSK_WITH_NULL_SHA:
    2087. 

  2087.             case CipherSuite.TLS_RSA_PSK_WITH_RC4_128_SHA:
    2088. 

  2088.             case CipherSuite.TLS_RSA_WITH_3DES_EDE_CBC_SHA:
    2089. 

  2089.             case CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA:
    2090. 

  2090.             case CipherSuite.TLS_RSA_WITH_AES_256_CBC_SHA:
    2091. 

  2091.             case CipherSuite.TLS_RSA_WITH_CAMELLIA_128_CBC_SHA:
    2092. 

  2092.             case CipherSuite.TLS_RSA_WITH_CAMELLIA_256_CBC_SHA:
    2093. 

  2093.             case CipherSuite.TLS_RSA_WITH_NULL_SHA:
    2094. 

  2094.             case CipherSuite.TLS_RSA_WITH_RC4_128_SHA:
    2095. 

  2095.             case CipherSuite.TLS_RSA_WITH_SEED_CBC_SHA:
    2096. 

  2096.             case CipherSuite.TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA:
    2097. 

  2097.             case CipherSuite.TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA:
    2098. 

  2098.             case CipherSuite.TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA:
    2099. 

  2099.             case CipherSuite.TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA:
    2100. 

  2100.             case CipherSuite.TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA:
    2101. 

  2101.             case CipherSuite.TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA:
    2102. 

  2102.             case CipherSuite.TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA:
    2103. 

  2103.             case CipherSuite.TLS_SRP_SHA_WITH_AES_128_CBC_SHA:
    2104. 

  2104.             case CipherSuite.TLS_SRP_SHA_WITH_AES_256_CBC_SHA:
    2105. 

  2105.                 return MacAlgorithm.hmac_sha1;
    2106. 

  2106. 

  2107.             case CipherSuite.TLS_DH_anon_WITH_AES_128_CBC_SHA256:
    2108. 

  2108.             case CipherSuite.TLS_DH_anon_WITH_AES_256_CBC_SHA256:
    2109. 

  2109.             case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256:
    2110. 

  2110.             case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256:
    2111. 

  2111.             case CipherSuite.TLS_DH_DSS_WITH_AES_128_CBC_SHA256:
    2112. 

  2112.             case CipherSuite.TLS_DH_DSS_WITH_AES_256_CBC_SHA256:
    2113. 

  2113.             case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256:
    2114. 

  2114.             case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256:
    2115. 

  2115.             case CipherSuite.TLS_DH_RSA_WITH_AES_128_CBC_SHA256:
    2116. 

  2116.             case CipherSuite.TLS_DH_RSA_WITH_AES_256_CBC_SHA256:
    2117. 

  2117.             case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256:
    2118. 

  2118.             case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256:
    2119. 

  2119.             case CipherSuite.TLS_DHE_DSS_WITH_AES_128_CBC_SHA256:
    2120. 

  2120.             case CipherSuite.TLS_DHE_DSS_WITH_AES_256_CBC_SHA256:
    2121. 

  2121.             case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256:
    2122. 

  2122.             case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256:
    2123. 

  2123.             case CipherSuite.TLS_DHE_PSK_WITH_AES_128_CBC_SHA256:
    2124. 

  2124.             case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256:
    2125. 

  2125.             case CipherSuite.TLS_DHE_PSK_WITH_NULL_SHA256:
    2126. 

  2126.             case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA256:
    2127. 

  2127.             case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CBC_SHA256:
    2128. 

  2128.             case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256:
    2129. 

  2129.             case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256:
    2130. 

  2130.             case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256:
    2131. 

  2131.             case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256:
    2132. 

  2132.             case CipherSuite.TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256:
    2133. 

  2133.             case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256:
    2134. 

  2134.             case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256:
    2135. 

  2135.             case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256:
    2136. 

  2136.             case CipherSuite.TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256:
    2137. 

  2137.             case CipherSuite.TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256:
    2138. 

  2138.             case CipherSuite.TLS_ECDHE_PSK_WITH_NULL_SHA256:
    2139. 

  2139.             case CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256:
    2140. 

  2140.             case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256:
    2141. 

  2141.             case CipherSuite.TLS_PSK_WITH_AES_128_CBC_SHA256:
    2142. 

  2142.             case CipherSuite.TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256:
    2143. 

  2143.             case CipherSuite.TLS_PSK_WITH_NULL_SHA256:
    2144. 

  2144.             case CipherSuite.TLS_RSA_PSK_WITH_AES_128_CBC_SHA256:
    2145. 

  2145.             case CipherSuite.TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256:
    2146. 

  2146.             case CipherSuite.TLS_RSA_PSK_WITH_NULL_SHA256:
    2147. 

  2147.             case CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA256:
    2148. 

  2148.             case CipherSuite.TLS_RSA_WITH_AES_256_CBC_SHA256:
    2149. 

  2149.             case CipherSuite.TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256:
    2150. 

  2150.             case CipherSuite.TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256:
    2151. 

  2151.             case CipherSuite.TLS_RSA_WITH_NULL_SHA256:
    2152. 

  2152.                 return MacAlgorithm.hmac_sha256;
    2153. 

  2153. 

  2154.             case CipherSuite.TLS_DHE_PSK_WITH_AES_256_CBC_SHA384:
    2155. 

  2155.             case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384:
    2156. 

  2156.             case CipherSuite.TLS_DHE_PSK_WITH_NULL_SHA384:
    2157. 

  2157.             case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384:
    2158. 

  2158.             case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384:
    2159. 

  2159.             case CipherSuite.TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384:
    2160. 

  2160.             case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384:
    2161. 

  2161.             case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384:
    2162. 

  2162.             case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384:
    2163. 

  2163.             case CipherSuite.TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384:
    2164. 

  2164.             case CipherSuite.TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384:
    2165. 

  2165.             case CipherSuite.TLS_ECDHE_PSK_WITH_NULL_SHA384:
    2166. 

  2166.             case CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384:
    2167. 

  2167.             case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384:
    2168. 

  2168.             case CipherSuite.TLS_PSK_WITH_AES_256_CBC_SHA384:
    2169. 

  2169.             case CipherSuite.TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384:
    2170. 

  2170.             case CipherSuite.TLS_PSK_WITH_NULL_SHA384:
    2171. 

  2171.             case CipherSuite.TLS_RSA_PSK_WITH_AES_256_CBC_SHA384:
    2172. 

  2172.             case CipherSuite.TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384:
    2173. 

  2173.             case CipherSuite.TLS_RSA_PSK_WITH_NULL_SHA384:
    2174. 

  2174.                 return MacAlgorithm.hmac_sha384;
    2175. 

  2175. 

  2176.             default:
    2177. 

  2177.                 throw new TlsFatalAlert(AlertDescription.internal_error);
    2178. 

  2178.             }
    2179. 

  2179.         }
    2180. 

  2180. 

  2181.         public static ProtocolVersion GetMinimumVersion(int ciphersuite)
    2182. 

  2182.         {
    2183. 

  2183.             switch (ciphersuite)
    2184. 

  2184.             {
    2185. 

  2185.             case CipherSuite.TLS_DH_anon_WITH_AES_128_CBC_SHA256:
    2186. 

  2186.             case CipherSuite.TLS_DH_anon_WITH_AES_128_GCM_SHA256:
    2187. 

  2187.             case CipherSuite.TLS_DH_anon_WITH_AES_256_CBC_SHA256:
    2188. 

  2188.             case CipherSuite.TLS_DH_anon_WITH_AES_256_GCM_SHA384:
    2189. 

  2189.             case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256:
    2190. 

  2190.             case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256:
    2191. 

  2191.             case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256:
    2192. 

  2192.             case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384:
    2193. 

  2193.             case CipherSuite.TLS_DH_DSS_WITH_AES_128_CBC_SHA256:
    2194. 

  2194.             case CipherSuite.TLS_DH_DSS_WITH_AES_128_GCM_SHA256:
    2195. 

  2195.             case CipherSuite.TLS_DH_DSS_WITH_AES_256_CBC_SHA256:
    2196. 

  2196.             case CipherSuite.TLS_DH_DSS_WITH_AES_256_GCM_SHA384:
    2197. 

  2197.             case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256:
    2198. 

  2198.             case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256:
    2199. 

  2199.             case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256:
    2200. 

  2200.             case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384:
    2201. 

  2201.             case CipherSuite.TLS_DH_RSA_WITH_AES_128_CBC_SHA256:
    2202. 

  2202.             case CipherSuite.TLS_DH_RSA_WITH_AES_128_GCM_SHA256:
    2203. 

  2203.             case CipherSuite.TLS_DH_RSA_WITH_AES_256_CBC_SHA256:
    2204. 

  2204.             case CipherSuite.TLS_DH_RSA_WITH_AES_256_GCM_SHA384:
    2205. 

  2205.             case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256:
    2206. 

  2206.             case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256:
    2207. 

  2207.             case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256:
    2208. 

  2208.             case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384:
    2209. 

  2209.             case CipherSuite.TLS_DHE_DSS_WITH_AES_128_CBC_SHA256:
    2210. 

  2210.             case CipherSuite.TLS_DHE_DSS_WITH_AES_128_GCM_SHA256:
    2211. 

  2211.             case CipherSuite.TLS_DHE_DSS_WITH_AES_256_CBC_SHA256:
    2212. 

  2212.             case CipherSuite.TLS_DHE_DSS_WITH_AES_256_GCM_SHA384:
    2213. 

  2213.             case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256:
    2214. 

  2214.             case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256:
    2215. 

  2215.             case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256:
    2216. 

  2216.             case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384:
    2217. 

  2217.             case CipherSuite.TLS_DHE_PSK_WITH_AES_128_CCM:
    2218. 

  2218.             case CipherSuite.TLS_DHE_PSK_WITH_AES_128_GCM_SHA256:
    2219. 

  2219.             case CipherSuite.DRAFT_TLS_DHE_PSK_WITH_AES_128_OCB:
    2220. 

  2220.             case CipherSuite.TLS_DHE_PSK_WITH_AES_256_CCM:
    2221. 

  2221.             case CipherSuite.TLS_DHE_PSK_WITH_AES_256_GCM_SHA384:
    2222. 

  2222.             case CipherSuite.DRAFT_TLS_DHE_PSK_WITH_AES_256_OCB:
    2223. 

  2223.             case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256:
    2224. 

  2224.             case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384:
    2225. 

  2225.             case CipherSuite.DRAFT_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256:
    2226. 

  2226.             case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA256:
    2227. 

  2227.             case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CCM:
    2228. 

  2228.             case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CCM_8:
    2229. 

  2229.             case CipherSuite.TLS_DHE_RSA_WITH_AES_128_GCM_SHA256:
    2230. 

  2230.             case CipherSuite.DRAFT_TLS_DHE_RSA_WITH_AES_128_OCB:
    2231. 

  2231.             case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CBC_SHA256:
    2232. 

  2232.             case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CCM:
    2233. 

  2233.             case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CCM_8:
    2234. 

  2234.             case CipherSuite.TLS_DHE_RSA_WITH_AES_256_GCM_SHA384:
    2235. 

  2235.             case CipherSuite.DRAFT_TLS_DHE_RSA_WITH_AES_256_OCB:
    2236. 

  2236.             case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256:
    2237. 

  2237.             case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256:
    2238. 

  2238.             case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256:
    2239. 

  2239.             case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384:
    2240. 

  2240.             case CipherSuite.DRAFT_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256:
    2241. 

  2241.             case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256:
    2242. 

  2242.             case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256:
    2243. 

  2243.             case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384:
    2244. 

  2244.             case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384:
    2245. 

  2245.             case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256:
    2246. 

  2246.             case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256:
    2247. 

  2247.             case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384:
    2248. 

  2248.             case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384:
    2249. 

  2249.             case CipherSuite.TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256:
    2250. 

  2250.             case CipherSuite.TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256:
    2251. 

  2251.             case CipherSuite.TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384:
    2252. 

  2252.             case CipherSuite.TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384:
    2253. 

  2253.             case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256:
    2254. 

  2254.             case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256:
    2255. 

  2255.             case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384:
    2256. 

  2256.             case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384:
    2257. 

  2257.             case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256:
    2258. 

  2258.             case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CCM:
    2259. 

  2259.             case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8:
    2260. 

  2260.             case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:
    2261. 

  2261.             case CipherSuite.DRAFT_TLS_ECDHE_ECDSA_WITH_AES_128_OCB:
    2262. 

  2262.             case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384:
    2263. 

  2263.             case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CCM:
    2264. 

  2264.             case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8:
    2265. 

  2265.             case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384:
    2266. 

  2266.             case CipherSuite.DRAFT_TLS_ECDHE_ECDSA_WITH_AES_256_OCB:
    2267. 

  2267.             case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256:
    2268. 

  2268.             case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256:
    2269. 

  2269.             case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384:
    2270. 

  2270.             case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384:
    2271. 

  2271.             case CipherSuite.DRAFT_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256:
    2272. 

  2272.             case CipherSuite.DRAFT_TLS_ECDHE_PSK_WITH_AES_128_OCB:
    2273. 

  2273.             case CipherSuite.DRAFT_TLS_ECDHE_PSK_WITH_AES_256_OCB:
    2274. 

  2274.             case CipherSuite.DRAFT_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256:
    2275. 

  2275.             case CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256:
    2276. 

  2276.             case CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256:
    2277. 

  2277.             case CipherSuite.DRAFT_TLS_ECDHE_RSA_WITH_AES_128_OCB:
    2278. 

  2278.             case CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384:
    2279. 

  2279.             case CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384:
    2280. 

  2280.             case CipherSuite.DRAFT_TLS_ECDHE_RSA_WITH_AES_256_OCB:
    2281. 

  2281.             case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256:
    2282. 

  2282.             case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256:
    2283. 

  2283.             case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384:
    2284. 

  2284.             case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384:
    2285. 

  2285.             case CipherSuite.DRAFT_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256:
    2286. 

  2286.             case CipherSuite.TLS_PSK_DHE_WITH_AES_128_CCM_8:
    2287. 

  2287.             case CipherSuite.TLS_PSK_DHE_WITH_AES_256_CCM_8:
    2288. 

  2288.             case CipherSuite.TLS_PSK_WITH_AES_128_CCM:
    2289. 

  2289.             case CipherSuite.TLS_PSK_WITH_AES_128_CCM_8:
    2290. 

  2290.             case CipherSuite.TLS_PSK_WITH_AES_128_GCM_SHA256:
    2291. 

  2291.             case CipherSuite.DRAFT_TLS_PSK_WITH_AES_128_OCB:
    2292. 

  2292.             case CipherSuite.TLS_PSK_WITH_AES_256_CCM:
    2293. 

  2293.             case CipherSuite.TLS_PSK_WITH_AES_256_CCM_8:
    2294. 

  2294.             case CipherSuite.TLS_PSK_WITH_AES_256_GCM_SHA384:
    2295. 

  2295.             case CipherSuite.DRAFT_TLS_PSK_WITH_AES_256_OCB:
    2296. 

  2296.             case CipherSuite.TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256:
    2297. 

  2297.             case CipherSuite.TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384:
    2298. 

  2298.             case CipherSuite.DRAFT_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256:
    2299. 

  2299.             case CipherSuite.TLS_RSA_PSK_WITH_AES_128_GCM_SHA256:
    2300. 

  2300.             case CipherSuite.TLS_RSA_PSK_WITH_AES_256_GCM_SHA384:
    2301. 

  2301.             case CipherSuite.TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256:
    2302. 

  2302.             case CipherSuite.TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384:
    2303. 

  2303.             case CipherSuite.DRAFT_TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256:
    2304. 

  2304.             case CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA256:
    2305. 

  2305.             case CipherSuite.TLS_RSA_WITH_AES_128_CCM:
    2306. 

  2306.             case CipherSuite.TLS_RSA_WITH_AES_128_CCM_8:
    2307. 

  2307.             case CipherSuite.TLS_RSA_WITH_AES_128_GCM_SHA256:
    2308. 

  2308.             case CipherSuite.TLS_RSA_WITH_AES_256_CBC_SHA256:
    2309. 

  2309.             case CipherSuite.TLS_RSA_WITH_AES_256_CCM:
    2310. 

  2310.             case CipherSuite.TLS_RSA_WITH_AES_256_CCM_8:
    2311. 

  2311.             case CipherSuite.TLS_RSA_WITH_AES_256_GCM_SHA384:
    2312. 

  2312.             case CipherSuite.TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256:
    2313. 

  2313.             case CipherSuite.TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256:
    2314. 

  2314.             case CipherSuite.TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256:
    2315. 

  2315.             case CipherSuite.TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384:
    2316. 

  2316.             case CipherSuite.TLS_RSA_WITH_NULL_SHA256:
    2317. 

  2317.                 return ProtocolVersion.TLSv12;
    2318. 

  2318. 

  2319.             default:
    2320. 

  2320.                 return ProtocolVersion.SSLv3;
    2321. 

  2321.             }
    2322. 

  2322.         }
    2323. 

  2323. 

  2324.         public static bool IsAeadCipherSuite(int ciphersuite)
    2325. 

  2325.         {
    2326. 

  2326.             return CipherType.aead == GetCipherType(ciphersuite);
    2327. 

  2327.         }
    2328. 

  2328. 

  2329.         public static bool IsBlockCipherSuite(int ciphersuite)
    2330. 

  2330.         {
    2331. 

  2331.             return CipherType.block == GetCipherType(ciphersuite);
    2332. 

  2332.         }
    2333. 

  2333. 

  2334.         public static bool IsStreamCipherSuite(int ciphersuite)
    2335. 

  2335.         {
    2336. 

  2336.             return CipherType.stream == GetCipherType(ciphersuite);
    2337. 

  2337.         }
    2338. 

  2338. 

  2339.         public static bool IsValidCipherSuiteForSignatureAlgorithms(int cipherSuite, IList sigAlgs)
    2340. 

  2340.         {
    2341. 

  2341.             int keyExchangeAlgorithm;
    2342. 

  2342.             try
    2343. 

  2343.             {
    2344. 

  2344.                 keyExchangeAlgorithm = GetKeyExchangeAlgorithm(cipherSuite);
    2345. 

  2345.             }
    2346. 

  2346.             catch (IOException e)
    2347. 

  2347.             {
    2348. 

  2348.                 return true;
    2349. 

  2349.             }
    2350. 

  2350. 

  2351.             switch (keyExchangeAlgorithm)
    2352. 

  2352.             {
    2353. 

  2353.             case KeyExchangeAlgorithm.DH_anon:
    2354. 

  2354.             case KeyExchangeAlgorithm.DH_anon_EXPORT:
    2355. 

  2355.             case KeyExchangeAlgorithm.ECDH_anon:
    2356. 

  2356.                 return sigAlgs.Contains(SignatureAlgorithm.anonymous);
    2357. 

  2357. 

  2358.             case KeyExchangeAlgorithm.DHE_RSA:
    2359. 

  2359.             case KeyExchangeAlgorithm.DHE_RSA_EXPORT:
    2360. 

  2360.             case KeyExchangeAlgorithm.ECDHE_RSA:
    2361. 

  2361.             case KeyExchangeAlgorithm.SRP_RSA:
    2362. 

  2362.                 return sigAlgs.Contains(SignatureAlgorithm.rsa);
    2363. 

  2363. 

  2364.             case KeyExchangeAlgorithm.DHE_DSS:
    2365. 

  2365.             case KeyExchangeAlgorithm.DHE_DSS_EXPORT:
    2366. 

  2366.             case KeyExchangeAlgorithm.SRP_DSS:
    2367. 

  2367.                 return sigAlgs.Contains(SignatureAlgorithm.dsa);
    2368. 

  2368. 

  2369.             case KeyExchangeAlgorithm.ECDHE_ECDSA:
    2370. 

  2370.                 return sigAlgs.Contains(SignatureAlgorithm.ecdsa);
    2371. 

  2371. 

  2372.             default:
    2373. 

  2373.                 return true;
    2374. 

  2374.             }
    2375. 

  2375.         }
    2376. 

  2376. 

  2377.         public static bool IsValidCipherSuiteForVersion(int cipherSuite, ProtocolVersion serverVersion)
    2378. 

  2378.         {
    2379. 

  2379.             return GetMinimumVersion(cipherSuite).IsEqualOrEarlierVersionOf(serverVersion.GetEquivalentTLSVersion());
    2380. 

  2380.         }
    2381. 

  2381. 

  2382.         public static IList GetUsableSignatureAlgorithms(IList sigHashAlgs)
    2383. 

  2383.         {
    2384. 

  2384.             if (sigHashAlgs == null)
    2385. 

  2385.                 return GetAllSignatureAlgorithms();
    2386. 

  2386. 

  2387.             IList v = BestHTTP.SecureProtocol.Org.BouncyCastle.Utilities.Platform.CreateArrayList(4);
    2388. 

  2388.             v.Add(SignatureAlgorithm.anonymous);
    2389. 

  2389.             foreach (SignatureAndHashAlgorithm sigHashAlg in sigHashAlgs)
    2390. 

  2390.             {
    2391. 

  2391.                 //if (sigHashAlg.Hash >= MINIMUM_HASH_STRICT)
    2392. 

  2392.                 {
    2393. 

  2393.                     byte sigAlg = sigHashAlg.Signature;
    2394. 

  2394.                     if (!v.Contains(sigAlg))
    2395. 

  2395.                     {
    2396. 

  2396.                         v.Add(sigAlg);
    2397. 

  2397.                     }
    2398. 

  2398.                 }
    2399. 

  2399.             }
    2400. 

  2400.             return v;
    2401. 

  2401.         }
    2402. 

  2402.     }
    2403. 

  2403. }
    2404. 

  2404. #pragma warning restore
    2405. 

  2405. #endif
    2406.