internal RecordStream(TlsProtocol handler, Stream input, Stream output)
{
this.mHandler = handler;
this.mInput = input;
this.mOutput = output;
this.mReadCompression = new TlsNullCompression();
this.mWriteCompression = this.mReadCompression;
}
protected virtual void ProcessServerKeyExchange(ClientHandshakeState state, byte[] body)
{
MemoryStream buf = new MemoryStream(body, false);
state.keyExchange.ProcessServerKeyExchange(buf);
TlsProtocol.AssertEmpty(buf);
}
protected virtual void ReceiveNewSessionTicketMessage(MemoryStream buf)
{
NewSessionTicket newSessionTicket = NewSessionTicket.Parse(buf);
TlsProtocol.AssertEmpty(buf);
mTlsClient.NotifyNewSessionTicket(newSessionTicket);
}
internal RecordStream(TlsProtocol handler, Stream input, Stream output)
{
this.mHandler = handler;
this.mInput = input;
this.mOutput = output;
this.mReadCompression = new TlsNullCompression();
this.mWriteCompression = this.mReadCompression;
}
internal RecordStream(TlsProtocol handler, Stream input, Stream output)
{
mHandler = handler;
mInput = input;
mOutput = output;
mReadCompression = new TlsNullCompression();
mWriteCompression = mReadCompression;
}
protected virtual void ProcessNewSessionTicket(DtlsClientProtocol.ClientHandshakeState state, byte[] body)
{
MemoryStream memoryStream = new MemoryStream(body, false);
NewSessionTicket newSessionTicket = NewSessionTicket.Parse(memoryStream);
TlsProtocol.AssertEmpty(memoryStream);
state.client.NotifyNewSessionTicket(newSessionTicket);
}
protected virtual void ProcessClientSupplementalData(ServerHandshakeState state, byte[] body)
{
//IL_0002: Unknown result type (might be due to invalid IL or missing references)
//IL_0008: Expected O, but got Unknown
MemoryStream input = new MemoryStream(body, false);
global::System.Collections.IList clientSupplementalData = TlsProtocol.ReadSupplementalDataMessage(input);
state.server.ProcessClientSupplementalData(clientSupplementalData);
}
protected virtual void ProcessClientKeyExchange(ServerHandshakeState state, byte[] body)
{
//IL_0002: Unknown result type (might be due to invalid IL or missing references)
//IL_0008: Expected O, but got Unknown
MemoryStream val = new MemoryStream(body, false);
state.keyExchange.ProcessClientKeyExchange((Stream)(object)val);
TlsProtocol.AssertEmpty(val);
}
protected static byte[] GenerateSupplementalData(global::System.Collections.IList supplementalData)
{
//IL_0000: Unknown result type (might be due to invalid IL or missing references)
//IL_0006: Expected O, but got Unknown
MemoryStream val = new MemoryStream();
TlsProtocol.WriteSupplementalData((Stream)(object)val, supplementalData);
return(val.ToArray());
}
protected virtual byte[] CreateVerifyData(bool isServer)
{
TlsContext context = this.Context;
string asciiLabel = isServer ? "server finished" : "client finished";
byte[] sslSender = isServer ? TlsUtilities.SSL_SERVER : TlsUtilities.SSL_CLIENT;
byte[] currentPrfHash = TlsProtocol.GetCurrentPrfHash(context, this.mRecordStream.HandshakeHash, sslSender);
return(TlsUtilities.CalculateVerifyData(context, asciiLabel, currentPrfHash));
}
protected virtual void ReceiveClientHelloMessage(MemoryStream buf)
{
ProtocolVersion protocolVersion = TlsUtilities.ReadVersion(buf);
this.mRecordStream.SetWriteVersion(protocolVersion);
if (protocolVersion.IsDtls)
{
throw new TlsFatalAlert(47);
}
byte[] clientRandom = TlsUtilities.ReadFully(32, buf);
byte[] array = TlsUtilities.ReadOpaque8(buf);
if (array.Length > 32)
{
throw new TlsFatalAlert(47);
}
int num = TlsUtilities.ReadUint16(buf);
if (num < 2 || (num & 1) != 0)
{
throw new TlsFatalAlert(50);
}
this.mOfferedCipherSuites = TlsUtilities.ReadUint16Array(num / 2, buf);
int num2 = (int)TlsUtilities.ReadUint8(buf);
if (num2 < 1)
{
throw new TlsFatalAlert(47);
}
this.mOfferedCompressionMethods = TlsUtilities.ReadUint8Array(num2, buf);
this.mClientExtensions = TlsProtocol.ReadExtensions(buf);
this.mSecurityParameters.extendedMasterSecret = TlsExtensionsUtilities.HasExtendedMasterSecretExtension(this.mClientExtensions);
this.ContextAdmin.SetClientVersion(protocolVersion);
this.mTlsServer.NotifyClientVersion(protocolVersion);
this.mTlsServer.NotifyFallback(Arrays.Contains(this.mOfferedCipherSuites, 22016));
this.mSecurityParameters.clientRandom = clientRandom;
this.mTlsServer.NotifyOfferedCipherSuites(this.mOfferedCipherSuites);
this.mTlsServer.NotifyOfferedCompressionMethods(this.mOfferedCompressionMethods);
if (Arrays.Contains(this.mOfferedCipherSuites, 255))
{
this.mSecureRenegotiation = true;
}
byte[] extensionData = TlsUtilities.GetExtensionData(this.mClientExtensions, 65281);
if (extensionData != null)
{
this.mSecureRenegotiation = true;
if (!Arrays.ConstantTimeAreEqual(extensionData, TlsProtocol.CreateRenegotiationInfo(TlsUtilities.EmptyBytes)))
{
throw new TlsFatalAlert(40);
}
}
this.mTlsServer.NotifySecureRenegotiation(this.mSecureRenegotiation);
if (this.mClientExtensions != null)
{
this.mTlsServer.ProcessClientExtensions(this.mClientExtensions);
}
}
protected virtual void ProcessNewSessionTicket(ClientHandshakeState state, byte[] body)
{
//IL_0002: Unknown result type (might be due to invalid IL or missing references)
//IL_0008: Expected O, but got Unknown
MemoryStream val = new MemoryStream(body, false);
NewSessionTicket newSessionTicket = NewSessionTicket.Parse((Stream)(object)val);
TlsProtocol.AssertEmpty(val);
state.client.NotifyNewSessionTicket(newSessionTicket);
}
internal RecordStream(TlsProtocol handler, Stream input, Stream output)
{
//IL_003b: Unknown result type (might be due to invalid IL or missing references)
//IL_0045: Expected O, but got Unknown
mHandler = handler;
mInput = input;
mOutput = output;
mReadCompression = new TlsNullCompression();
mWriteCompression = mReadCompression;
}
protected virtual void ProcessClientCertificate(ServerHandshakeState state, byte[] body)
{
MemoryStream buf = new MemoryStream(body, false);
Certificate clientCertificate = Certificate.Parse(buf);
TlsProtocol.AssertEmpty(buf);
NotifyClientCertificate(state, clientCertificate);
}
internal void WriteToRecordStream(TlsProtocol protocol)
{
long num = this.Length - 4L;
TlsUtilities.CheckUint24(num);
this.Position = 1L;
TlsUtilities.WriteUint24((int)num, this);
protocol.WriteHandshakeMessage(this.GetBuffer(), 0, (int)this.Length);
this.Close();
}
public IDictionary ReadServerExtensions()
{
if (this.mEncodedServerExtensions == null)
{
return(null);
}
MemoryStream input = new MemoryStream(this.mEncodedServerExtensions, false);
return(TlsProtocol.ReadExtensions(input));
}
public virtual DtlsTransport Accept(TlsServer server, DatagramTransport transport)
{
if (server == null)
{
throw new ArgumentNullException("server");
}
if (transport == null)
{
throw new ArgumentNullException("transport");
}
SecurityParameters securityParameters = new SecurityParameters();
securityParameters.entity = ConnectionEnd.server;
ServerHandshakeState state = new ServerHandshakeState();
state.server = server;
state.serverContext = new TlsServerContextImpl(mSecureRandom, securityParameters);
securityParameters.serverRandom = TlsProtocol.CreateRandomBlock(server.ShouldUseGmtUnixTime(),
state.serverContext.NonceRandomGenerator);
server.Init(state.serverContext);
DtlsRecordLayer recordLayer = new DtlsRecordLayer(transport, state.serverContext, server, ContentType.handshake);
server.NotifyCloseHandle(recordLayer);
// TODO Need to handle sending of HelloVerifyRequest without entering a full connection
try
{
return(ServerHandshake(state, recordLayer));
}
catch (TlsFatalAlert fatalAlert)
{
AbortServerHandshake(state, recordLayer, fatalAlert.AlertDescription);
throw fatalAlert;
}
catch (IOException e)
{
AbortServerHandshake(state, recordLayer, AlertDescription.internal_error);
throw e;
}
catch (Exception e)
{
AbortServerHandshake(state, recordLayer, AlertDescription.internal_error);
throw new TlsFatalAlert(AlertDescription.internal_error, e);
}
finally
{
securityParameters.Clear();
}
}
public virtual DtlsTransport Connect(TlsClient client, DatagramTransport transport)
{
//IL_0008: Unknown result type (might be due to invalid IL or missing references)
//IL_0016: Unknown result type (might be due to invalid IL or missing references)
//IL_00d2: Expected O, but got Unknown
if (client == null)
{
throw new ArgumentNullException("client");
}
if (transport == null)
{
throw new ArgumentNullException("transport");
}
SecurityParameters securityParameters = new SecurityParameters();
securityParameters.entity = 1;
ClientHandshakeState clientHandshakeState = new ClientHandshakeState();
clientHandshakeState.client = client;
clientHandshakeState.clientContext = new TlsClientContextImpl(mSecureRandom, securityParameters);
securityParameters.clientRandom = TlsProtocol.CreateRandomBlock(client.ShouldUseGmtUnixTime(), clientHandshakeState.clientContext.NonceRandomGenerator);
client.Init(clientHandshakeState.clientContext);
DtlsRecordLayer dtlsRecordLayer = new DtlsRecordLayer(transport, clientHandshakeState.clientContext, client, 22);
TlsSession sessionToResume = clientHandshakeState.client.GetSessionToResume();
if (sessionToResume != null && sessionToResume.IsResumable)
{
SessionParameters sessionParameters = sessionToResume.ExportSessionParameters();
if (sessionParameters != null)
{
clientHandshakeState.tlsSession = sessionToResume;
clientHandshakeState.sessionParameters = sessionParameters;
}
}
try
{
return(ClientHandshake(clientHandshakeState, dtlsRecordLayer));
}
catch (TlsFatalAlert tlsFatalAlert)
{
dtlsRecordLayer.Fail(tlsFatalAlert.AlertDescription);
throw tlsFatalAlert;
}
catch (IOException val)
{
IOException val2 = val;
dtlsRecordLayer.Fail(80);
throw val2;
}
catch (global::System.Exception alertCause)
{
dtlsRecordLayer.Fail(80);
throw new TlsFatalAlert(80, alertCause);
}
}
protected virtual byte[] GenerateClientHello(ClientHandshakeState state, TlsClient client)
{
//IL_0000: Unknown result type (might be due to invalid IL or missing references)
//IL_0006: Expected O, but got Unknown
MemoryStream val = new MemoryStream();
ProtocolVersion clientVersion = client.ClientVersion;
if (!clientVersion.IsDtls)
{
throw new TlsFatalAlert(80);
}
TlsClientContextImpl clientContext = state.clientContext;
clientContext.SetClientVersion(clientVersion);
TlsUtilities.WriteVersion(clientVersion, (Stream)(object)val);
SecurityParameters securityParameters = clientContext.SecurityParameters;
((Stream)val).Write(securityParameters.ClientRandom, 0, securityParameters.ClientRandom.Length);
byte[] array = TlsUtilities.EmptyBytes;
if (state.tlsSession != null)
{
array = state.tlsSession.SessionID;
if (array == null || array.Length > 32)
{
array = TlsUtilities.EmptyBytes;
}
}
TlsUtilities.WriteOpaque8(array, (Stream)(object)val);
TlsUtilities.WriteOpaque8(TlsUtilities.EmptyBytes, (Stream)(object)val);
bool isFallback = client.IsFallback;
state.offeredCipherSuites = client.GetCipherSuites();
state.clientExtensions = client.GetClientExtensions();
byte[] extensionData = TlsUtilities.GetExtensionData(state.clientExtensions, 65281);
bool flag = null == extensionData;
bool flag2 = !Arrays.Contains(state.offeredCipherSuites, 255);
if (flag && flag2)
{
state.offeredCipherSuites = Arrays.Append(state.offeredCipherSuites, 255);
}
if (isFallback && !Arrays.Contains(state.offeredCipherSuites, 22016))
{
state.offeredCipherSuites = Arrays.Append(state.offeredCipherSuites, 22016);
}
TlsUtilities.WriteUint16ArrayWithUint16Length(state.offeredCipherSuites, (Stream)(object)val);
byte[] array2 = (state.offeredCompressionMethods = new byte[1]);
TlsUtilities.WriteUint8ArrayWithUint8Length(state.offeredCompressionMethods, (Stream)(object)val);
if (state.clientExtensions != null)
{
TlsProtocol.WriteExtensions((Stream)(object)val, state.clientExtensions);
}
return(val.ToArray());
}
internal void WriteToRecordStream(TlsProtocol protocol)
{
long num = Length - 4;
TlsUtilities.CheckUint24(num);
Position = 1L;
TlsUtilities.WriteUint24((int)num, this);
byte[] buf = ToArray();
protocol.WriteHandshakeMessage(buf, 0, (int)Length);
Dispose();
}
public IDictionary ReadServerExtensions()
{
if (mEncodedServerExtensions == null)
{
return(null);
}
MemoryStream buf = new MemoryStream(mEncodedServerExtensions, false);
return(TlsProtocol.ReadExtensions(buf));
}
protected virtual Certificate ProcessServerCertificate(DtlsClientProtocol.ClientHandshakeState state, byte[] body)
{
MemoryStream memoryStream = new MemoryStream(body, false);
Certificate certificate = Certificate.Parse(memoryStream);
TlsProtocol.AssertEmpty(memoryStream);
state.keyExchange.ProcessServerCertificate(certificate);
state.authentication = state.client.GetAuthentication();
state.authentication.NotifyServerCertificate(certificate);
return(certificate);
}
protected virtual void ProcessCertificateStatus(DtlsClientProtocol.ClientHandshakeState state, byte[] body)
{
if (!state.allowCertificateStatus)
{
throw new TlsFatalAlert(10);
}
MemoryStream memoryStream = new MemoryStream(body, false);
state.certificateStatus = CertificateStatus.Parse(memoryStream);
TlsProtocol.AssertEmpty(memoryStream);
}
protected virtual void ProcessFinished(byte[] body, byte[] expected_verify_data)
{
MemoryStream memoryStream = new MemoryStream(body, false);
byte[] b = TlsUtilities.ReadFully(expected_verify_data.Length, memoryStream);
TlsProtocol.AssertEmpty(memoryStream);
if (!Arrays.ConstantTimeAreEqual(expected_verify_data, b))
{
throw new TlsFatalAlert(40);
}
}
internal void WriteToRecordStream(TlsProtocol protocol)
{
// Patch actual length back in
long length = Length - 4;
TlsUtilities.CheckUint24(length);
this.Position = 1;
TlsUtilities.WriteUint24((int)length, this);
protocol.WriteHandshakeMessage(GetBuffer(), 0, (int)Length);
this.Close();
}
protected virtual byte[] GenerateClientHello(DtlsClientProtocol.ClientHandshakeState state, TlsClient client)
{
MemoryStream memoryStream = new MemoryStream();
ProtocolVersion clientVersion = client.ClientVersion;
if (!clientVersion.IsDtls)
{
throw new TlsFatalAlert(80);
}
TlsClientContextImpl clientContext = state.clientContext;
clientContext.SetClientVersion(clientVersion);
TlsUtilities.WriteVersion(clientVersion, memoryStream);
SecurityParameters securityParameters = clientContext.SecurityParameters;
memoryStream.Write(securityParameters.ClientRandom, 0, securityParameters.ClientRandom.Length);
byte[] array = TlsUtilities.EmptyBytes;
if (state.tlsSession != null)
{
array = state.tlsSession.SessionID;
if (array == null || array.Length > 32)
{
array = TlsUtilities.EmptyBytes;
}
}
TlsUtilities.WriteOpaque8(array, memoryStream);
TlsUtilities.WriteOpaque8(TlsUtilities.EmptyBytes, memoryStream);
bool isFallback = client.IsFallback;
state.offeredCipherSuites = client.GetCipherSuites();
state.clientExtensions = client.GetClientExtensions();
byte[] extensionData = TlsUtilities.GetExtensionData(state.clientExtensions, 65281);
bool flag = null == extensionData;
bool flag2 = !Arrays.Contains(state.offeredCipherSuites, 255);
if (flag && flag2)
{
state.offeredCipherSuites = Arrays.Append(state.offeredCipherSuites, 255);
}
if (isFallback && !Arrays.Contains(state.offeredCipherSuites, 22016))
{
state.offeredCipherSuites = Arrays.Append(state.offeredCipherSuites, 22016);
}
TlsUtilities.WriteUint16ArrayWithUint16Length(state.offeredCipherSuites, memoryStream);
byte[] offeredCompressionMethods = new byte[1];
state.offeredCompressionMethods = offeredCompressionMethods;
TlsUtilities.WriteUint8ArrayWithUint8Length(state.offeredCompressionMethods, memoryStream);
if (state.clientExtensions != null)
{
TlsProtocol.WriteExtensions(memoryStream, state.clientExtensions);
}
return(memoryStream.ToArray());
}
public static CertificateStatusRequest ReadStatusRequestExtension(byte[] extensionData)
{
if (extensionData == null)
{
throw new ArgumentNullException("extensionData");
}
MemoryStream memoryStream = new MemoryStream(extensionData, writable: false);
CertificateStatusRequest result = CertificateStatusRequest.Parse(memoryStream);
TlsProtocol.AssertEmpty(memoryStream);
return(result);
}
public static ServerNameList ReadServerNameExtension(byte[] extensionData)
{
if (extensionData == null)
{
throw new ArgumentNullException("extensionData");
}
MemoryStream memoryStream = new MemoryStream(extensionData, writable: false);
ServerNameList result = ServerNameList.Parse(memoryStream);
TlsProtocol.AssertEmpty(memoryStream);
return(result);
}
public static HeartbeatExtension ReadHeartbeatExtension(byte[] extensionData)
{
if (extensionData == null)
{
throw new ArgumentNullException("extensionData");
}
MemoryStream memoryStream = new MemoryStream(extensionData, writable: false);
HeartbeatExtension result = HeartbeatExtension.Parse(memoryStream);
TlsProtocol.AssertEmpty(memoryStream);
return(result);
}
protected virtual void ProcessCertificateRequest(DtlsClientProtocol.ClientHandshakeState state, byte[] body)
{
if (state.authentication == null)
{
throw new TlsFatalAlert(40);
}
MemoryStream memoryStream = new MemoryStream(body, false);
state.certificateRequest = CertificateRequest.Parse(state.clientContext, memoryStream);
TlsProtocol.AssertEmpty(memoryStream);
state.keyExchange.ValidateCertificateRequest(state.certificateRequest);
}
public virtual DtlsTransport Connect(TlsClient client, DatagramTransport transport)
{
if (client == null)
{
throw new ArgumentNullException("client");
}
if (transport == null)
{
throw new ArgumentNullException("transport");
}
SecurityParameters securityParameters = new SecurityParameters();
securityParameters.entity = 1;
DtlsClientProtocol.ClientHandshakeState clientHandshakeState = new DtlsClientProtocol.ClientHandshakeState();
clientHandshakeState.client = client;
clientHandshakeState.clientContext = new TlsClientContextImpl(this.mSecureRandom, securityParameters);
securityParameters.clientRandom = TlsProtocol.CreateRandomBlock(client.ShouldUseGmtUnixTime(), clientHandshakeState.clientContext.NonceRandomGenerator);
client.Init(clientHandshakeState.clientContext);
DtlsRecordLayer dtlsRecordLayer = new DtlsRecordLayer(transport, clientHandshakeState.clientContext, client, 22);
TlsSession sessionToResume = clientHandshakeState.client.GetSessionToResume();
if (sessionToResume != null && sessionToResume.IsResumable)
{
SessionParameters sessionParameters = sessionToResume.ExportSessionParameters();
if (sessionParameters != null)
{
clientHandshakeState.tlsSession = sessionToResume;
clientHandshakeState.sessionParameters = sessionParameters;
}
}
DtlsTransport result;
try
{
result = this.ClientHandshake(clientHandshakeState, dtlsRecordLayer);
}
catch (TlsFatalAlert tlsFatalAlert)
{
dtlsRecordLayer.Fail(tlsFatalAlert.AlertDescription);
throw tlsFatalAlert;
}
catch (IOException ex)
{
dtlsRecordLayer.Fail(80);
throw ex;
}
catch (Exception alertCause)
{
dtlsRecordLayer.Fail(80);
throw new TlsFatalAlert(80, alertCause);
}
return(result);
}
internal void WriteToRecordStream(TlsProtocol protocol)
{
// Patch actual length back in
long length = Length - 4;
TlsUtilities.CheckUint24(length);
this.Position = 1;
TlsUtilities.WriteUint24((int)length, this);
byte[] buffer = ToArray();
protocol.WriteHandshakeMessage(buffer /*GetBuffer()*/, 0, (int)Length);
this.Dispose();
}
internal TlsStream(TlsProtocol handler)
{
this.handler = handler;
}
internal void WriteToRecordStream(TlsProtocol protocol)
{
// Patch actual length back in
long length = Length - 4;
TlsUtilities.CheckUint24(length);
this.Position = 1;
TlsUtilities.WriteUint24((int)length, this);
#if PORTABLE
byte[] buf = ToArray();
int bufLen = buf.Length;
#else
byte[] buf = GetBuffer();
int bufLen = (int)Length;
#endif
protocol.WriteHandshakeMessage(buf, 0, bufLen);
Platform.Dispose(this);
}