<PackageReference Include="BouncyCastle.Cryptography" Version="2.5.0" />

TlsCrypto

public interface TlsCrypto
Service and object creation interface for the primitive types and services that are associated with cryptography in the API.
SecureRandom SecureRandom { get; }

Return the primary (safest) SecureRandom for this crypto.

TlsSecret AdoptSecret(TlsSecret secret)

Adopt the passed in secret, creating a new copy of it.

TlsCertificate CreateCertificate(byte[] encoding)

Create a TlsCertificate from an ASN.1 binary encoding of an X.509 certificate.

TlsCertificate CreateCertificate(short type, byte[] encoding)

Create a TlsCertificate from an ASN.1 binary encoding of a certificate.

TlsCipher CreateCipher(TlsCryptoParameters cryptoParams, int encryptionAlgorithm, int macAlgorithm)

Create a cipher for the specified encryption and MAC algorithms.

TlsDHDomain CreateDHDomain(TlsDHConfig dhConfig)

Create a domain object supporting the domain parameters described in dhConfig.

TlsECDomain CreateECDomain(TlsECConfig ecConfig)

Create a domain object supporting the domain parameters described in ecConfig.

TlsHash CreateHash(int cryptoHashAlgorithm)

Create a suitable hash for the hash algorithm identifier passed in.

TlsHmac CreateHmac(int macAlgorithm)

Create a suitable HMAC for the MAC algorithm identifier passed in.

TlsHmac CreateHmacForHash(int cryptoHashAlgorithm)

Create a suitable HMAC using the hash algorithm identifier passed in.

TlsKemDomain CreateKemDomain(TlsKemConfig kemConfig)

Create a domain object supporting the domain parameters described in kemConfig.

TlsNonceGenerator CreateNonceGenerator(byte[] additionalSeedMaterial)

Create a nonce generator.

TlsSecret CreateSecret(byte[] data)

Create a TlsSecret object based on provided data.

TlsSrp6Client CreateSrp6Client(TlsSrpConfig srpConfig)

Create an SRP-6 client.

TlsSrp6Server CreateSrp6Server(TlsSrpConfig srpConfig, BigInteger srpVerifier)

Create an SRP-6 server.

TlsSrp6VerifierGenerator CreateSrp6VerifierGenerator(TlsSrpConfig srpConfig)

Create an SRP-6 verifier generator.

TlsSecret GenerateRsaPreMasterSecret(ProtocolVersion clientVersion)

Create a TlsSecret object containing a randomly-generated RSA PreMasterSecret

bool HasAnyStreamVerifiers(IList<SignatureAndHashAlgorithm> signatureAndHashAlgorithms)

Return true if this TlsCrypto would use a stream verifier for any of the passed in algorithms.

bool HasAnyStreamVerifiersLegacy(short[] clientCertificateTypes)

Return true if this TlsCrypto would use a stream verifier for any of the passed in algorithms.

bool HasCryptoHashAlgorithm(int cryptoHashAlgorithm)

Return true if this TlsCrypto can support the passed in hash algorithm.

bool HasCryptoSignatureAlgorithm(int cryptoSignatureAlgorithm)

Return true if this TlsCrypto can support the passed in signature algorithm (not necessarily in combination with EVERY hash algorithm).

bool HasDHAgreement()

Return true if this TlsCrypto can support DH key agreement.

bool HasECDHAgreement()

Return true if this TlsCrypto can support ECDH key agreement.

bool HasEncryptionAlgorithm(int encryptionAlgorithm)

Return true if this TlsCrypto can support the passed in block/stream encryption algorithm.

bool HasHkdfAlgorithm(int cryptoHashAlgorithm)

Return true if this TlsCrypto can support HKDF with the passed in hash algorithm.

bool HasKemAgreement()

Return true if this TlsCrypto can support KEM key agreement.

bool HasMacAlgorithm(int macAlgorithm)

Return true if this TlsCrypto can support the passed in MAC algorithm.

bool HasNamedGroup(int namedGroup)

Return true if this TlsCrypto supports the passed in NamedGroupnamed group value.

bool HasRsaEncryption()

Return true if this TlsCrypto can support RSA encryption/decryption.

bool HasSignatureAlgorithm(short signatureAlgorithm)

Return true if this TlsCrypto can support the passed in signature algorithm (not necessarily in combination with EVERY hash algorithm).

bool HasSignatureAndHashAlgorithm(SignatureAndHashAlgorithm sigAndHashAlgorithm)

Return true if this TlsCrypto can support the passed in signature algorithm.

bool HasSignatureScheme(int signatureScheme)

Return true if this TlsCrypto can support the passed in signature scheme.

bool HasSrpAuthentication()

Return true if this TlsCrypto can support SRP authentication.

TlsSecret HkdfInit(int cryptoHashAlgorithm)

Setup an initial "secret" for a chain of HKDF calls (RFC 5869), containing a string of HashLen zeroes.