public void TestDecrypt()
        {
            var input  = GetBuffer(HelloWorldResult);
            var output = new TlsBuffer(input.Size + MagicDataSize + MagicData2Size);

            output.Write(GetBuffer(MagicDataName));
            output.Write(GetBuffer(MagicData2Name));

            var hello = GetField(HelloWorldName);

            var length = Context.Decrypt(input, output.GetRemaining());

            Assert.That(length, Is.EqualTo(hello.Length), "#1");

            output.Position = 0;
            var magic = output.ReadBytes(MagicDataSize);

            Assert.That(magic, Is.EqualTo(GetField(MagicDataName)), "#2");

            var magic2 = output.ReadBytes(MagicData2Size);

            Assert.That(magic2, Is.EqualTo(GetField(MagicData2Name)), "#3");

            var decrypted = output.ReadBytes(length);

            Assert.That(decrypted, Is.EqualTo(hello), "#4");
        }
		public override void Encode (TlsBuffer buffer)
		{
			var size = Data != null ? Data.Size : 0;
			buffer.Write ((short)ExtensionType);
			buffer.Write ((short)(size + 1));
			buffer.Write ((byte)size);
			if (Data != null)
				buffer.Write (Data.Buffer);
		}
Beispiel #3
0
        protected override int Decrypt(DisposeContext d, ContentType contentType, IBufferOffsetSize input, IBufferOffsetSize output)
        {
            var implicitNonce = IsClient ? ServerWriteIV : ClientWriteIV;
            var writeKey      = IsClient ? ServerWriteKey : ClientWriteKey;

                        #if DEBUG_FULL
            if (Cipher.EnableDebugging)
            {
                DebugHelper.WriteLine("FIXED IV", implicitNonce);
                DebugHelper.WriteLine("WRITE KEY", writeKey);
                DebugHelper.WriteLine("SEQUENCE: {0}", ReadSequenceNumber);
            }
                        #endif

            var length = input.Size - ExplicitNonceSize;

            var aad = new TlsBuffer(13);
            aad.Write(ReadSequenceNumber);
            aad.Write((byte)contentType);
            aad.Write((short)Protocol);
            aad.Write((short)(length - MacSize));

                        #if DEBUG_FULL
            if (Cipher.EnableDebugging)
            {
                DebugHelper.WriteFull("TAG", aad);
            }
                        #endif

            var gcm = new GcmBlockCipher(new AesEngine());
            var key = new KeyParameter(writeKey.Buffer);

            var nonce = d.CreateBuffer(ImplicitNonceSize + ExplicitNonceSize);
            Buffer.BlockCopy(implicitNonce.Buffer, 0, nonce.Buffer, 0, ImplicitNonceSize);
            Buffer.BlockCopy(input.Buffer, input.Offset, nonce.Buffer, ImplicitNonceSize, ExplicitNonceSize);

                        #if DEBUG_FULL
            if (Cipher.EnableDebugging)
            {
                DebugHelper.WriteLine("NONCE", nonce);
            }
                        #endif

            var parameters = new AeadParameters(key, 128, nonce.Buffer, aad.Buffer);
            gcm.Init(false, parameters);

            int ret;
            try {
                ret = gcm.ProcessBytes(input.Buffer, input.Offset + ExplicitNonceSize, length, output.Buffer, output.Offset);

                ret += gcm.DoFinal(output.Buffer, output.Offset + ret);
            } catch (CryptoException ex) {
                throw new TlsException(AlertDescription.BadRecordMAC, ex.Message);
            }

            return(ret);
        }
		public override void Encode (TlsBuffer buffer)
		{
			var algorithms = SignatureParameters.SignatureAndHashAlgorithms;
			buffer.Write ((short)ExtensionType);
			buffer.Write ((short)(algorithms.Count * 2 + 2));
			buffer.Write ((short)(algorithms.Count * 2));
			foreach (var algorithm in algorithms)
				algorithm.Encode (buffer);
		}
 public override void Encode(TlsBuffer buffer)
 {
     buffer.Write((short)ExtensionType);
     buffer.Write((short)(Algorithms.Count * 2 + 2));
     buffer.Write((short)(Algorithms.Count * 2));
     foreach (var algorithm in Algorithms)
     {
         algorithm.Encode(buffer);
     }
 }
Beispiel #6
0
        public override void Encode(TlsBuffer buffer)
        {
            var size = Data != null ? Data.Size : 0;

            buffer.Write((short)ExtensionType);
            buffer.Write((short)(size + 1));
            buffer.Write((byte)size);
            if (Data != null)
            {
                buffer.Write(Data.Buffer);
            }
        }
Beispiel #7
0
        public override void Encode(TlsBuffer buffer)
        {
            var algorithms = SignatureParameters.SignatureAndHashAlgorithms;

            buffer.Write((short)ExtensionType);
            buffer.Write((short)(algorithms.Count * 2 + 2));
            buffer.Write((short)(algorithms.Count * 2));
            foreach (var algorithm in algorithms)
            {
                SignatureHelper.EncodeSignatureAndHashAlgorithm(algorithm, buffer);
            }
        }
        static byte[] ComputeRecordMAC(TlsProtocolCode protocol, HMac hmac, ulong seqnum, ContentType contentType, IBufferOffsetSize fragment)
        {
            var header = new TlsBuffer(13);

            header.Write(seqnum);
            header.Write((byte)contentType);
            header.Write((short)protocol);
            header.Write((short)fragment.Size);

            hmac.Reset();
            hmac.TransformBlock(header.Buffer, 0, header.Size);
            hmac.TransformBlock(fragment.Buffer, fragment.Offset, fragment.Size);
            return(hmac.TransformFinalBlock());
        }
Beispiel #9
0
        public void TestOutputOffset(TestContext ctx, [TestHost] IEncryptionTestHost host)
        {
            var input = GetBuffer(HelloWorldName);

            var output = new TlsBuffer(input.Size + host.MaxExtraEncryptedBytes + MagicDataSize);

            output.Write(GetBuffer(MagicDataName));

            var startOffset = output.Offset;
            var startPos    = output.Position;
            var startSize   = output.Size;

            var length = host.Encrypt(input, output.GetRemaining());

            ctx.Assert(length, Is.GreaterThanOrEqualTo(0), "#1");
            ctx.Assert(length, Is.GreaterThanOrEqualTo(input.Size + host.MinExtraEncryptedBytes), "#2a");
            ctx.Assert(length, Is.LessThanOrEqualTo(input.Size + host.MaxExtraEncryptedBytes), "#2a");
            ctx.Assert(output.Offset, Is.EqualTo(startOffset), "#2b");
            ctx.Assert(output.Size, Is.EqualTo(startSize), "#2c");

            output.Position = 0;
            var magic = output.ReadBytes(MagicDataSize);

            ctx.Assert(magic, Is.EqualTo(GetField(MagicDataName)), "#3");

            var encrypted = output.ReadBytes(length);

            CheckOutput(ctx, HelloWorldResult, new BufferOffsetSize(encrypted));
        }
        public void TestInputOffset()
        {
            var hello = GetBuffer(HelloWorldName);
            var input = new TlsBuffer(hello.Size + MagicDataSize + MagicData2Size);

            input.Write(GetBuffer(MagicDataName));
            var startPos = input.Position;

            input.Write(hello);
            input.Write(GetBuffer(MagicData2Name));

            var output = Context.Encrypt(new BufferOffsetSize(input.Buffer, startPos, hello.Size));

            Assert.That(output, Is.Not.Null, "#1");
            Assert.That(output.Size, Is.EqualTo(hello.Size + Context.MinExtraEncryptedBytes), "#2");

            CheckOutput(HelloWorldResult, output);
        }
Beispiel #11
0
        public void TestInputOffset(TestContext ctx, [TestHost] IEncryptionTestHost host)
        {
            var hello = GetBuffer(HelloWorldName);
            var input = new TlsBuffer(hello.Size + MagicDataSize + MagicData2Size);

            input.Write(GetField(MagicDataName));
            var startPos = input.Position;

            input.Write(hello);
            input.Write(GetBuffer(MagicData2Name));

            var output = host.Encrypt(new BufferOffsetSize(input.Buffer, startPos, hello.Size));

            ctx.Assert(output, Is.Not.Null, "#1");
            ctx.Assert(output.Size, Is.GreaterThanOrEqualTo(hello.Size + host.MinExtraEncryptedBytes), "#2");
            ctx.Assert(output.Size, Is.LessThanOrEqualTo(hello.Size + host.MaxExtraEncryptedBytes), "#2");
            CheckOutput(ctx, HelloWorldResult, output);
        }
Beispiel #12
0
        protected override int Encrypt(DisposeContext d, ContentType contentType, IBufferOffsetSize input, IBufferOffsetSize output)
        {
            // Calculate message MAC
            byte[] mac = null;
            if (IsServer)
            {
                mac = ComputeServerRecordMAC(contentType, input);
            }
            else
            {
                mac = ComputeClientRecordMAC(contentType, input);
            }

                        #if DEBUG_FULL
            if (Cipher.EnableDebugging)
            {
                DebugHelper.WriteLine("RECORD MAC", mac);
            }
                        #endif

            int  plen;
            byte padLen;
            int  totalLength = GetEncryptedSize(input.Size, out plen, out padLen);

            var totalOutput  = new BufferOffsetSize(output.Buffer, output.Offset, totalLength);
            var outputWriter = new TlsBuffer(totalOutput);

            outputWriter.Position += HeaderSize;

            outputWriter.Write(input.Buffer, input.Offset, input.Size);
            outputWriter.Write(mac);

            for (int i = 0; i <= padLen; i++)
            {
                outputWriter.Write(padLen);
            }

            // Encrypt the message
            EncryptRecord(d, totalOutput);
            return(totalLength);
        }
Beispiel #13
0
        public void SetCipherList(ICollection <CipherSuiteCode> ciphers)
        {
            var codes = new TlsBuffer(ciphers.Count * 2);

            foreach (var cipher in ciphers)
            {
                codes.Write((short)cipher);
            }

            var ret = native_openssl_set_cipher_list(handle, codes.Buffer, ciphers.Count);

            CheckError(ret);
        }
        SecureBuffer CreateParameterBuffer(HandshakeParameters hsp)
        {
            var length = P.Length + G.Length + Y.Length + 6;

            var buffer = new TlsBuffer(64 + length);

            buffer.Write(hsp.ClientRandom.Buffer);
            buffer.Write(hsp.ServerRandom.Buffer);
            buffer.Write((short)P.Length);
            buffer.Write(P);
            buffer.Write((short)G.Length);
            buffer.Write(G);
            buffer.Write((short)Y.Length);
            buffer.Write(Y);
            return(new SecureBuffer(buffer.Buffer));
        }
		public override void Encode (TlsBuffer buffer)
		{
			var asciiName = Encoding.ASCII.GetBytes (ServerName);

			buffer.Write ((short)ExtensionType);
			buffer.Write ((short)(asciiName.Length + 5)); // ServerNameList
			buffer.Write ((short)(asciiName.Length + 3)); // ServerList
			buffer.Write ((byte)0x00); // HostName
			buffer.Write ((short)asciiName.Length);
			buffer.Write (asciiName);
		}
Beispiel #16
0
        public override void Encode(TlsBuffer buffer)
        {
            var asciiName = Encoding.ASCII.GetBytes(ServerName);

            buffer.Write((short)ExtensionType);
            buffer.Write((short)(asciiName.Length + 5)); // ServerNameList
            buffer.Write((short)(asciiName.Length + 3)); // ServerList
            buffer.Write((byte)0x00);                    // HostName
            buffer.Write((short)asciiName.Length);
            buffer.Write(asciiName);
        }
Beispiel #17
0
        SecureBuffer CreateParameterBuffer(HandshakeParameters hsp)
        {
            var length = 4 + publicBytes.Length;

            var buffer = new TlsBuffer(64 + length);

            buffer.Write(hsp.ClientRandom.Buffer);
            buffer.Write(hsp.ServerRandom.Buffer);
            buffer.Write((byte)curveType);
            buffer.Write((short)namedCurve);
            buffer.Write((byte)publicBytes.Length);
            buffer.Write(publicBytes);
            return(new SecureBuffer(buffer.Buffer));
        }
Beispiel #18
0
        public void TestDecryptWithInvalidPadding2(TestContext ctx, [TestHost] IEncryptionTestHost host)
        {
            var input = GetBuffer(Data11Result);

            var modified = new TlsBuffer(input.Size);

            modified.Write(input.Buffer);

            // Flip a bit in the last byte, this will affect the padding size.
            modified.Buffer [modified.Size - 1] ^= 0x01;

            input = new BufferOffsetSize(modified.Buffer, 0, modified.Size);

            try {
                host.Decrypt(input);
                ctx.AssertFail("#1");
            } catch (Exception ex) {
                ctx.Assert(ex, Is.InstanceOf <TlsException> (), "#2");
                var tlsEx = (TlsException)ex;
                ctx.Assert(tlsEx.Alert.Level, Is.EqualTo(AlertLevel.Fatal), "#3");
                ctx.Assert(tlsEx.Alert.Description, Is.EqualTo(AlertDescription.BadRecordMAC), "#4");
            }
        }
Beispiel #19
0
        public void TestDecryptWithInvalidPadding(TestContext ctx, [TestHost] IEncryptionTestHost host)
        {
            var input = GetBuffer(ExtraPaddingResult);

            var modified = new TlsBuffer(input.Size);

            modified.Write(input.Buffer);

            var theOffset = modified.Size - (2 * host.BlockSize) - 5;

            modified.Buffer [theOffset] ^= 0x01;

            input = new BufferOffsetSize(modified.Buffer, 0, modified.Size);

            try {
                host.Decrypt(input);
                ctx.AssertFail("#1");
            } catch (Exception ex) {
                ctx.Assert(ex, Is.InstanceOf <TlsException> (), "#2");
                var tlsEx = (TlsException)ex;
                ctx.Assert(tlsEx.Alert.Level, Is.EqualTo(AlertLevel.Fatal), "#3");
                ctx.Assert(tlsEx.Alert.Description, Is.EqualTo(AlertDescription.BadRecordMAC), "#4");
            }
        }
		public void TestInputOffset (TestContext ctx, [TestHost] IEncryptionTestHost host)
		{
			var hello = GetBuffer (HelloWorldName);
			var input = new TlsBuffer (hello.Size + MagicDataSize + MagicData2Size);
			input.Write (GetBuffer (MagicDataName));
			var startPos = input.Position;
			input.Write (hello);
			input.Write (GetBuffer (MagicData2Name));

			var output = host.Encrypt (new BufferOffsetSize (input.Buffer, startPos, hello.Size));
			ctx.Assert (output, Is.Not.Null, "#1");
			ctx.Assert (output.Size, Is.EqualTo (hello.Size + host.MinExtraEncryptedBytes), "#2");

			WriteAndCheckOutput (ctx, HelloWorldResult, output);
		}
		SecureBuffer CreateParameterBuffer (HandshakeParameters hsp)
		{
			var length = P.Length + G.Length + Y.Length + 6;

			var buffer = new TlsBuffer (64 + length);
			buffer.Write (hsp.ClientRandom.Buffer);
			buffer.Write (hsp.ServerRandom.Buffer);
			buffer.Write ((short)P.Length);
			buffer.Write (P);
			buffer.Write ((short)G.Length);
			buffer.Write (G);
			buffer.Write ((short)Y.Length);
			buffer.Write (Y);
			return new SecureBuffer (buffer.Buffer);
		}
		public void TestOutputOffset (TestContext ctx, [TestHost] IEncryptionTestHost host)
		{
			var input = GetBuffer (HelloWorldName);

			var output = new TlsBuffer (input.Size + host.MaxExtraEncryptedBytes + MagicDataSize);
			output.Write (GetBuffer (MagicDataName));

			var startOffset = output.Offset;
			var startPos = output.Position;
			var startSize = output.Size;

			var length = host.Encrypt (input, output.GetRemaining ());

			ctx.Assert (length, Is.GreaterThanOrEqualTo (0), "#1");
			ctx.Assert (length, Is.EqualTo (input.Size + host.MinExtraEncryptedBytes), "#2a");
			ctx.Assert (output.Offset, Is.EqualTo (startOffset), "#2b");
			ctx.Assert (output.Size, Is.EqualTo (startSize), "#2c");

			output.Position = 0;
			var magic = output.ReadBytes (MagicDataSize);
			ctx.Assert (magic, Is.EqualTo (GetField (MagicDataName)), "#3");

			var encrypted = output.ReadBytes (length);
			CheckOutput (ctx, HelloWorldResult, new BufferOffsetSize (encrypted));
		}
		internal void Encode (TlsBuffer buffer)
		{
			buffer.Write ((byte)Hash);
			buffer.Write ((byte)Signature);
		}
 internal void Encode(TlsBuffer buffer)
 {
     buffer.Write((byte)Hash);
     buffer.Write((byte)Signature);
 }
		static byte[] ComputeRecordMAC (TlsProtocolCode protocol, HMac hmac, ulong seqnum, ContentType contentType, IBufferOffsetSize fragment)
		{
			var header = new TlsBuffer (13);
			header.Write (seqnum);
			header.Write ((byte)contentType);
			header.Write ((short)protocol);
			header.Write ((short)fragment.Size);

			hmac.Reset ();
			hmac.TransformBlock (header.Buffer, 0, header.Size);
			hmac.TransformBlock (fragment.Buffer, fragment.Offset, fragment.Size);
			return hmac.TransformFinalBlock ();
		}
		protected override int Encrypt (DisposeContext d, ContentType contentType, IBufferOffsetSize input, IBufferOffsetSize output)
		{
			// Calculate message MAC
			byte[] mac = null;
			if (IsServer)
				mac = ComputeServerRecordMAC (contentType, input);
			else
				mac = ComputeClientRecordMAC (contentType, input);

			#if DEBUG_FULL
			if (Cipher.EnableDebugging)
				DebugHelper.WriteLine ("RECORD MAC", mac);
			#endif

			int plen;
			byte padLen;
			int totalLength = GetEncryptedSize (input.Size, out plen, out padLen);

			var totalOutput = new BufferOffsetSize (output.Buffer, output.Offset, totalLength);
			var outputWriter = new TlsBuffer (totalOutput);

			outputWriter.Position += HeaderSize;

			outputWriter.Write (input.Buffer, input.Offset, input.Size);
			outputWriter.Write (mac);

			for (int i = 0; i <= padLen; i++)
				outputWriter.Write (padLen);

			// Encrypt the message
			EncryptRecord (d, totalOutput);
			return totalLength;
		}
Beispiel #27
0
 public static void EncodeSignatureAndHashAlgorithm(SignatureAndHashAlgorithm algorithm, TlsBuffer buffer)
 {
     buffer.Write((byte)algorithm.Hash);
     buffer.Write((byte)algorithm.Signature);
 }
		SecureBuffer CreateParameterBuffer (HandshakeParameters hsp)
		{
			var length = 4 + publicBytes.Length;

			var buffer = new TlsBuffer (64 + length);
			buffer.Write (hsp.ClientRandom.Buffer);
			buffer.Write (hsp.ServerRandom.Buffer);
			buffer.Write ((byte)curveType);
			buffer.Write ((short)namedCurve);
			buffer.Write ((byte)publicBytes.Length);
			buffer.Write (publicBytes);
			return new SecureBuffer (buffer.Buffer);
		}
		public void TestDecrypt (TestContext ctx, [TestHost] IEncryptionTestHost host)
		{
			var input = GetBuffer (HelloWorldResult);
			var output = new TlsBuffer (input.Size + MagicDataSize + MagicData2Size);
			output.Write (GetBuffer (MagicDataName));
			output.Write (GetBuffer (MagicData2Name));

			var hello = GetField (HelloWorldName);

			var length = host.Decrypt (input, output.GetRemaining ());
			ctx.Assert (length, Is.EqualTo (hello.Length), "#1");

			output.Position = 0;
			var magic = output.ReadBytes (MagicDataSize);
			ctx.Assert (magic, Is.EqualTo (GetField (MagicDataName)), "#2");

			var magic2 = output.ReadBytes (MagicData2Size);
			ctx.Assert (magic2, Is.EqualTo (GetField (MagicData2Name)), "#3");

			var decrypted = output.ReadBytes (length);
			ctx.Assert (decrypted, Is.EqualTo (hello), "#4");
		}
		protected override int Decrypt (DisposeContext d, ContentType contentType, IBufferOffsetSize input, IBufferOffsetSize output)
		{
			var implicitNonce = IsClient ? ServerWriteIV : ClientWriteIV;
			var writeKey = IsClient ? ServerWriteKey : ClientWriteKey;

			#if DEBUG_FULL
			if (Cipher.EnableDebugging) {
				DebugHelper.WriteLine ("FIXED IV", implicitNonce);
				DebugHelper.WriteLine ("WRITE KEY", writeKey);
				DebugHelper.WriteLine ("SEQUENCE: {0}", ReadSequenceNumber);
			}
			#endif

			var length = input.Size - ExplicitNonceSize;

			var aad = new TlsBuffer (13);
			aad.Write (ReadSequenceNumber);
			aad.Write ((byte)contentType);
			aad.Write ((short)Protocol);
			aad.Write ((short)(length - MacSize));

			#if DEBUG_FULL
			if (Cipher.EnableDebugging)
				DebugHelper.WriteFull ("TAG", aad);
			#endif

			var gcm = new GcmBlockCipher (new AesEngine ());
			var key = new KeyParameter (writeKey.Buffer);

			var nonce = d.CreateBuffer (ImplicitNonceSize + ExplicitNonceSize);
			Buffer.BlockCopy (implicitNonce.Buffer, 0, nonce.Buffer, 0, ImplicitNonceSize);
			Buffer.BlockCopy (input.Buffer, input.Offset, nonce.Buffer, ImplicitNonceSize, ExplicitNonceSize);

			#if DEBUG_FULL
			if (Cipher.EnableDebugging)
				DebugHelper.WriteLine ("NONCE", nonce);
			#endif

			var parameters = new AeadParameters (key, 128, nonce.Buffer, aad.Buffer);
			gcm.Init (false, parameters);

			int ret;
			try {
				ret = gcm.ProcessBytes (input.Buffer, input.Offset + ExplicitNonceSize, length, output.Buffer, output.Offset);

				ret += gcm.DoFinal (output.Buffer, output.Offset + ret);
			} catch (CryptoException ex) {
				throw new TlsException (AlertDescription.BadRecordMAC, ex.Message);
			}

			return ret;
		}