Beispiel #1
0
        /// <exception cref="IOException"/>
        protected static short EvaluateMaxFragmentLengthExtension(bool resumedSession, IDictionary clientExtensions,
                                                                  IDictionary serverExtensions, byte alertDescription)
        {
            short maxFragmentLength = TlsExtensionsUtilities.GetMaxFragmentLengthExtension(serverExtensions);

            if (maxFragmentLength >= 0)
            {
                if (!MaxFragmentLength.IsValid((byte)maxFragmentLength) ||
                    (!resumedSession && maxFragmentLength != TlsExtensionsUtilities
                     .GetMaxFragmentLengthExtension(clientExtensions)))
                {
                    throw new TlsFatalAlert(alertDescription);
                }
            }
            return(maxFragmentLength);
        }
        public virtual void ProcessClientExtensions(IDictionary clientExtensions)
        {
            this.mClientExtensions = clientExtensions;

            if (clientExtensions != null)
            {
                this.mEncryptThenMacOffered = TlsExtensionsUtilities.HasEncryptThenMacExtension(clientExtensions);

                this.mMaxFragmentLengthOffered = TlsExtensionsUtilities.GetMaxFragmentLengthExtension(clientExtensions);
                if (mMaxFragmentLengthOffered >= 0 && !MaxFragmentLength.IsValid((byte)mMaxFragmentLengthOffered))
                {
                    throw new TlsFatalAlert(AlertDescription.illegal_parameter);
                }

                this.mTruncatedHMacOffered = TlsExtensionsUtilities.HasTruncatedHMacExtension(clientExtensions);

                this.mSupportedSignatureAlgorithms = TlsUtilities.GetSignatureAlgorithmsExtension(clientExtensions);
                if (this.mSupportedSignatureAlgorithms != null)
                {
                    /*
                     * RFC 5246 7.4.1.4.1. Note: this extension is not meaningful for TLS versions prior
                     * to 1.2. Clients MUST NOT offer it if they are offering prior versions.
                     */
                    if (!TlsUtilities.IsSignatureAlgorithmsExtensionAllowed(mClientVersion))
                    {
                        throw new TlsFatalAlert(AlertDescription.illegal_parameter);
                    }
                }

                this.mNamedCurves          = TlsEccUtilities.GetSupportedEllipticCurvesExtension(clientExtensions);
                this.mClientECPointFormats = TlsEccUtilities.GetSupportedPointFormatsExtension(clientExtensions);
            }

            /*
             * RFC 4429 4. The client MUST NOT include these extensions in the ClientHello message if it
             * does not propose any ECC cipher suites.
             *
             * NOTE: This was overly strict as there may be ECC cipher suites that we don't recognize.
             * Also, draft-ietf-tls-negotiated-ff-dhe will be overloading the 'elliptic_curves'
             * extension to explicitly allow FFDHE (i.e. non-ECC) groups.
             */
            //if (!this.mEccCipherSuitesOffered && (this.mNamedCurves != null || this.mClientECPointFormats != null))
            //    throw new TlsFatalAlert(AlertDescription.illegal_parameter);
        }