public void SetPeerKey(BigEndianAdvancingSpan peerKey, ICertificate certificate, SignatureScheme scheme)
{
peerKey = peerKey.ReadVector <ushort>();
var decryptedLength = certificate.Decrypt(scheme, peerKey.ToSpan(), peerKey.ToSpan());
peerKey = peerKey.TakeSlice(decryptedLength);
_premasterSecret = peerKey.ToArray();
}
public ServerHelloParser(ReadableBuffer buffer, SecurePipeConnection secureConnection)
{
_originalMessage = buffer.ToSpan();
var span = new BigEndianAdvancingSpan(_originalMessage);
span.Read <HandshakeHeader>();
_tlsVersion = span.Read <TlsVersion>();
_serverRandom = span.TakeSlice(TlsConstants.RandomLength).ToSpan();
_sessionId = span.ReadVector <byte>().ToSpan();
_cipherSuite = span.Read <ushort>();
var compression = span.Read <byte>(); //Dump compression
if (compression != 0)
{
Alerts.AlertException.ThrowAlert(Alerts.AlertLevel.Fatal, Alerts.AlertDescription.handshake_failure, "Compression is not supported");
}
_supportedGroups = default;
if (span.Length == 0)
{
return;
}
span = span.ReadVector <ushort>();
while (span.Length > 0)
{
var extType = span.Read <ExtensionType>();
var extBuffer = span.ReadVector <ushort>();
switch (extType)
{
case ExtensionType.supported_groups:
throw new NotImplementedException();
case ExtensionType.application_layer_protocol_negotiation:
throw new NotImplementedException();
case ExtensionType.server_name:
throw new NotImplementedException();
case ExtensionType.SessionTicket:
throw new NotImplementedException();
case ExtensionType.signature_algorithms:
throw new NotImplementedException();
case ExtensionType.renegotiation_info:
throw new NotImplementedException();
}
}
}
public ClientHelloParser(ReadableBuffer buffer, SecurePipeConnection secureConnection)
{
_originalMessage = buffer.ToSpan();
var span = new BigEndianAdvancingSpan(_originalMessage);
span.Read <HandshakeHeader>();
_tlsVersion = span.Read <TlsVersion>();
_clientRandom = span.TakeSlice(TlsConstants.RandomLength).ToSpan();
_sessionId = span.ReadVector <byte>().ToSpan();
_cipherSuite = span.ReadVector <ushort>();
_compressionMethods = span.ReadVector <byte>().ToSpan();
_negotiatedAlpn = ApplicationLayerProtocolType.None;
_hostName = null;
if (span.Length == 0)
{
return;
}
var extensionSpan = new BigEndianAdvancingSpan(span.ReadVector <ushort>().ToSpan());
while (extensionSpan.Length > 0)
{
var extType = extensionSpan.Read <ExtensionType>();
var extBuffer = extensionSpan.ReadVector <ushort>();
switch (extType)
{
case ExtensionType.application_layer_protocol_negotiation:
_negotiatedAlpn = secureConnection.Listener.AlpnProvider.ProcessExtension(extBuffer);
break;
case ExtensionType.server_name:
_hostName = secureConnection.Listener.HostNameProvider.ProcessHostNameExtension(extBuffer);
break;
case ExtensionType.signature_algorithms:
_signatureAlgos = extBuffer;
break;
case ExtensionType.supported_groups:
_supportedGroups = extBuffer;
break;
case ExtensionType.SessionTicket:
_sessionTicket = extBuffer;
break;
case ExtensionType.psk_key_exchange_modes:
case ExtensionType.pre_shared_key:
case ExtensionType.supported_versions:
case ExtensionType.key_share:
break;
}
}
if (span.Length > 0)
{
ThrowBytesLeftOver();
}
}