DefaultTlsCipherFactory.cs 9.9 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231
  1. #if !BESTHTTP_DISABLE_ALTERNATE_SSL && (!UNITY_WEBGL || UNITY_EDITOR)
  2. using System;
  3. using System.IO;
  4. using Org.BouncyCastle.Crypto.Engines;
  5. using Org.BouncyCastle.Crypto.Modes;
  6. namespace Org.BouncyCastle.Crypto.Tls
  7. {
  8. public class DefaultTlsCipherFactory
  9. : AbstractTlsCipherFactory
  10. {
  11. /// <exception cref="IOException"></exception>
  12. public override TlsCipher CreateCipher(TlsContext context, int encryptionAlgorithm, int macAlgorithm)
  13. {
  14. switch (encryptionAlgorithm)
  15. {
  16. case EncryptionAlgorithm.cls_3DES_EDE_CBC:
  17. return CreateDesEdeCipher(context, macAlgorithm);
  18. case EncryptionAlgorithm.AES_128_CBC:
  19. return CreateAESCipher(context, 16, macAlgorithm);
  20. case EncryptionAlgorithm.AES_128_CCM:
  21. // NOTE: Ignores macAlgorithm
  22. return CreateCipher_Aes_Ccm(context, 16, 16);
  23. case EncryptionAlgorithm.AES_128_CCM_8:
  24. // NOTE: Ignores macAlgorithm
  25. return CreateCipher_Aes_Ccm(context, 16, 8);
  26. case EncryptionAlgorithm.AES_128_GCM:
  27. // NOTE: Ignores macAlgorithm
  28. return CreateCipher_Aes_Gcm(context, 16, 16);
  29. case EncryptionAlgorithm.AES_128_OCB_TAGLEN96:
  30. // NOTE: Ignores macAlgorithm
  31. return CreateCipher_Aes_Ocb(context, 16, 12);
  32. case EncryptionAlgorithm.AES_256_CBC:
  33. return CreateAESCipher(context, 32, macAlgorithm);
  34. case EncryptionAlgorithm.AES_256_CCM:
  35. // NOTE: Ignores macAlgorithm
  36. return CreateCipher_Aes_Ccm(context, 32, 16);
  37. case EncryptionAlgorithm.AES_256_CCM_8:
  38. // NOTE: Ignores macAlgorithm
  39. return CreateCipher_Aes_Ccm(context, 32, 8);
  40. case EncryptionAlgorithm.AES_256_GCM:
  41. // NOTE: Ignores macAlgorithm
  42. return CreateCipher_Aes_Gcm(context, 32, 16);
  43. case EncryptionAlgorithm.AES_256_OCB_TAGLEN96:
  44. // NOTE: Ignores macAlgorithm
  45. return CreateCipher_Aes_Ocb(context, 32, 12);
  46. case EncryptionAlgorithm.CAMELLIA_128_CBC:
  47. return CreateCamelliaCipher(context, 16, macAlgorithm);
  48. case EncryptionAlgorithm.CAMELLIA_128_GCM:
  49. // NOTE: Ignores macAlgorithm
  50. return CreateCipher_Camellia_Gcm(context, 16, 16);
  51. case EncryptionAlgorithm.CAMELLIA_256_CBC:
  52. return CreateCamelliaCipher(context, 32, macAlgorithm);
  53. case EncryptionAlgorithm.CAMELLIA_256_GCM:
  54. // NOTE: Ignores macAlgorithm
  55. return CreateCipher_Camellia_Gcm(context, 32, 16);
  56. case EncryptionAlgorithm.CHACHA20_POLY1305:
  57. // NOTE: Ignores macAlgorithm
  58. return CreateChaCha20Poly1305(context);
  59. case EncryptionAlgorithm.NULL:
  60. return CreateNullCipher(context, macAlgorithm);
  61. case EncryptionAlgorithm.RC4_128:
  62. return CreateRC4Cipher(context, 16, macAlgorithm);
  63. case EncryptionAlgorithm.SEED_CBC:
  64. return CreateSeedCipher(context, macAlgorithm);
  65. default:
  66. throw new TlsFatalAlert(AlertDescription.internal_error);
  67. }
  68. }
  69. /// <exception cref="IOException"></exception>
  70. protected virtual TlsBlockCipher CreateAESCipher(TlsContext context, int cipherKeySize, int macAlgorithm)
  71. {
  72. return new TlsBlockCipher(context, CreateAesBlockCipher(), CreateAesBlockCipher(),
  73. CreateHMacDigest(macAlgorithm), CreateHMacDigest(macAlgorithm), cipherKeySize);
  74. }
  75. /// <exception cref="IOException"></exception>
  76. protected virtual TlsBlockCipher CreateCamelliaCipher(TlsContext context, int cipherKeySize, int macAlgorithm)
  77. {
  78. return new TlsBlockCipher(context, CreateCamelliaBlockCipher(),
  79. CreateCamelliaBlockCipher(), CreateHMacDigest(macAlgorithm),
  80. CreateHMacDigest(macAlgorithm), cipherKeySize);
  81. }
  82. /// <exception cref="IOException"></exception>
  83. protected virtual TlsCipher CreateChaCha20Poly1305(TlsContext context)
  84. {
  85. return new Chacha20Poly1305(context);
  86. }
  87. /// <exception cref="IOException"></exception>
  88. protected virtual TlsAeadCipher CreateCipher_Aes_Ccm(TlsContext context, int cipherKeySize, int macSize)
  89. {
  90. return new TlsAeadCipher(context, CreateAeadBlockCipher_Aes_Ccm(),
  91. CreateAeadBlockCipher_Aes_Ccm(), cipherKeySize, macSize);
  92. }
  93. /// <exception cref="IOException"></exception>
  94. protected virtual TlsAeadCipher CreateCipher_Aes_Gcm(TlsContext context, int cipherKeySize, int macSize)
  95. {
  96. return new TlsAeadCipher(context, CreateAeadBlockCipher_Aes_Gcm(),
  97. CreateAeadBlockCipher_Aes_Gcm(), cipherKeySize, macSize);
  98. }
  99. /// <exception cref="IOException"></exception>
  100. protected virtual TlsAeadCipher CreateCipher_Aes_Ocb(TlsContext context, int cipherKeySize, int macSize)
  101. {
  102. return new TlsAeadCipher(context, CreateAeadBlockCipher_Aes_Ocb(),
  103. CreateAeadBlockCipher_Aes_Ocb(), cipherKeySize, macSize, TlsAeadCipher.NONCE_DRAFT_CHACHA20_POLY1305);
  104. }
  105. /// <exception cref="IOException"></exception>
  106. protected virtual TlsAeadCipher CreateCipher_Camellia_Gcm(TlsContext context, int cipherKeySize, int macSize)
  107. {
  108. return new TlsAeadCipher(context, CreateAeadBlockCipher_Camellia_Gcm(),
  109. CreateAeadBlockCipher_Camellia_Gcm(), cipherKeySize, macSize);
  110. }
  111. /// <exception cref="IOException"></exception>
  112. protected virtual TlsBlockCipher CreateDesEdeCipher(TlsContext context, int macAlgorithm)
  113. {
  114. return new TlsBlockCipher(context, CreateDesEdeBlockCipher(), CreateDesEdeBlockCipher(),
  115. CreateHMacDigest(macAlgorithm), CreateHMacDigest(macAlgorithm), 24);
  116. }
  117. /// <exception cref="IOException"></exception>
  118. protected virtual TlsNullCipher CreateNullCipher(TlsContext context, int macAlgorithm)
  119. {
  120. return new TlsNullCipher(context, CreateHMacDigest(macAlgorithm),
  121. CreateHMacDigest(macAlgorithm));
  122. }
  123. /// <exception cref="IOException"></exception>
  124. protected virtual TlsStreamCipher CreateRC4Cipher(TlsContext context, int cipherKeySize, int macAlgorithm)
  125. {
  126. return new TlsStreamCipher(context, CreateRC4StreamCipher(), CreateRC4StreamCipher(),
  127. CreateHMacDigest(macAlgorithm), CreateHMacDigest(macAlgorithm), cipherKeySize, false);
  128. }
  129. /// <exception cref="IOException"></exception>
  130. protected virtual TlsBlockCipher CreateSeedCipher(TlsContext context, int macAlgorithm)
  131. {
  132. return new TlsBlockCipher(context, CreateSeedBlockCipher(), CreateSeedBlockCipher(),
  133. CreateHMacDigest(macAlgorithm), CreateHMacDigest(macAlgorithm), 16);
  134. }
  135. protected virtual IBlockCipher CreateAesEngine()
  136. {
  137. return new AesFastEngine();
  138. }
  139. protected virtual IBlockCipher CreateCamelliaEngine()
  140. {
  141. return new CamelliaEngine();
  142. }
  143. protected virtual IBlockCipher CreateAesBlockCipher()
  144. {
  145. return new CbcBlockCipher(CreateAesEngine());
  146. }
  147. protected virtual IAeadBlockCipher CreateAeadBlockCipher_Aes_Ccm()
  148. {
  149. return new CcmBlockCipher(CreateAesEngine());
  150. }
  151. protected virtual IAeadBlockCipher CreateAeadBlockCipher_Aes_Gcm()
  152. {
  153. // TODO Consider allowing custom configuration of multiplier
  154. return new GcmBlockCipher(CreateAesEngine());
  155. }
  156. protected virtual IAeadBlockCipher CreateAeadBlockCipher_Aes_Ocb()
  157. {
  158. return new OcbBlockCipher(CreateAesEngine(), CreateAesEngine());
  159. }
  160. protected virtual IAeadBlockCipher CreateAeadBlockCipher_Camellia_Gcm()
  161. {
  162. // TODO Consider allowing custom configuration of multiplier
  163. return new GcmBlockCipher(CreateCamelliaEngine());
  164. }
  165. protected virtual IBlockCipher CreateCamelliaBlockCipher()
  166. {
  167. return new CbcBlockCipher(CreateCamelliaEngine());
  168. }
  169. protected virtual IBlockCipher CreateDesEdeBlockCipher()
  170. {
  171. return new CbcBlockCipher(new DesEdeEngine());
  172. }
  173. protected virtual IStreamCipher CreateRC4StreamCipher()
  174. {
  175. return new RC4Engine();
  176. }
  177. protected virtual IBlockCipher CreateSeedBlockCipher()
  178. {
  179. return new CbcBlockCipher(new SeedEngine());
  180. }
  181. /// <exception cref="IOException"></exception>
  182. protected virtual IDigest CreateHMacDigest(int macAlgorithm)
  183. {
  184. switch (macAlgorithm)
  185. {
  186. case MacAlgorithm.cls_null:
  187. return null;
  188. case MacAlgorithm.hmac_md5:
  189. return TlsUtilities.CreateHash(HashAlgorithm.md5);
  190. case MacAlgorithm.hmac_sha1:
  191. return TlsUtilities.CreateHash(HashAlgorithm.sha1);
  192. case MacAlgorithm.hmac_sha256:
  193. return TlsUtilities.CreateHash(HashAlgorithm.sha256);
  194. case MacAlgorithm.hmac_sha384:
  195. return TlsUtilities.CreateHash(HashAlgorithm.sha384);
  196. case MacAlgorithm.hmac_sha512:
  197. return TlsUtilities.CreateHash(HashAlgorithm.sha512);
  198. default:
  199. throw new TlsFatalAlert(AlertDescription.internal_error);
  200. }
  201. }
  202. }
  203. }
  204. #endif