ReadSupplementalDataMessage() protected static method

protected static ReadSupplementalDataMessage ( MemoryStream input ) : IList
input System.IO.MemoryStream
return IList
Beispiel #1
0
        protected virtual void ProcessClientSupplementalData(DtlsServerProtocol.ServerHandshakeState state, byte[] body)
        {
            MemoryStream input = new MemoryStream(body, false);
            IList        clientSupplementalData = TlsProtocol.ReadSupplementalDataMessage(input);

            state.server.ProcessClientSupplementalData(clientSupplementalData);
        }
Beispiel #2
0
        protected virtual void ProcessServerSupplementalData(ClientHandshakeState state, byte[] body)
        {
            MemoryStream buf = new MemoryStream(body, false);
            IList        serverSupplementalData = TlsProtocol.ReadSupplementalDataMessage(buf);

            state.client.ProcessServerSupplementalData(serverSupplementalData);
        }
        protected virtual void ProcessClientSupplementalData(ServerHandshakeState state, byte[] body)
        {
            //IL_0002: Unknown result type (might be due to invalid IL or missing references)
            //IL_0008: Expected O, but got Unknown
            MemoryStream input = new MemoryStream(body, false);

            global::System.Collections.IList clientSupplementalData = TlsProtocol.ReadSupplementalDataMessage(input);
            state.server.ProcessClientSupplementalData(clientSupplementalData);
        }
Beispiel #4
0
        protected override void HandleHandshakeMessage(byte type, byte[] data)
        {
            MemoryStream memoryStream = new MemoryStream(data);

            switch (type)
            {
            case 1:
            {
                short mConnectionState = this.mConnectionState;
                if (mConnectionState == 0)
                {
                    this.ReceiveClientHelloMessage(memoryStream);
                    this.mConnectionState = 1;
                    this.SendServerHelloMessage();
                    this.mConnectionState = 2;
                    this.mRecordStream.NotifyHelloComplete();
                    IList serverSupplementalData = this.mTlsServer.GetServerSupplementalData();
                    if (serverSupplementalData != null)
                    {
                        this.SendSupplementalDataMessage(serverSupplementalData);
                    }
                    this.mConnectionState = 3;
                    this.mKeyExchange     = this.mTlsServer.GetKeyExchange();
                    this.mKeyExchange.Init(this.Context);
                    this.mServerCredentials = this.mTlsServer.GetCredentials();
                    Certificate certificate = null;
                    if (this.mServerCredentials == null)
                    {
                        this.mKeyExchange.SkipServerCredentials();
                    }
                    else
                    {
                        this.mKeyExchange.ProcessServerCredentials(this.mServerCredentials);
                        certificate = this.mServerCredentials.Certificate;
                        this.SendCertificateMessage(certificate);
                    }
                    this.mConnectionState = 4;
                    if (certificate == null || certificate.IsEmpty)
                    {
                        this.mAllowCertificateStatus = false;
                    }
                    if (this.mAllowCertificateStatus)
                    {
                        CertificateStatus certificateStatus = this.mTlsServer.GetCertificateStatus();
                        if (certificateStatus != null)
                        {
                            this.SendCertificateStatusMessage(certificateStatus);
                        }
                    }
                    this.mConnectionState = 5;
                    byte[] array = this.mKeyExchange.GenerateServerKeyExchange();
                    if (array != null)
                    {
                        this.SendServerKeyExchangeMessage(array);
                    }
                    this.mConnectionState = 6;
                    if (this.mServerCredentials != null)
                    {
                        this.mCertificateRequest = this.mTlsServer.GetCertificateRequest();
                        if (this.mCertificateRequest != null)
                        {
                            this.mKeyExchange.ValidateCertificateRequest(this.mCertificateRequest);
                            this.SendCertificateRequestMessage(this.mCertificateRequest);
                            TlsUtilities.TrackHashAlgorithms(this.mRecordStream.HandshakeHash, this.mCertificateRequest.SupportedSignatureAlgorithms);
                        }
                    }
                    this.mConnectionState = 7;
                    this.SendServerHelloDoneMessage();
                    this.mConnectionState = 8;
                    this.mRecordStream.HandshakeHash.SealHashAlgorithms();
                    return;
                }
                if (mConnectionState != 16)
                {
                    throw new TlsFatalAlert(10);
                }
                this.RefuseRenegotiation();
                return;
            }

            case 11:
                switch (this.mConnectionState)
                {
                case 8:
                case 9:
                    if (this.mConnectionState < 9)
                    {
                        this.mTlsServer.ProcessClientSupplementalData(null);
                    }
                    if (this.mCertificateRequest == null)
                    {
                        throw new TlsFatalAlert(10);
                    }
                    this.ReceiveCertificateMessage(memoryStream);
                    this.mConnectionState = 10;
                    return;

                default:
                    throw new TlsFatalAlert(10);
                }
                break;

            case 15:
            {
                short mConnectionState2 = this.mConnectionState;
                if (mConnectionState2 != 11)
                {
                    throw new TlsFatalAlert(10);
                }
                if (!this.ExpectCertificateVerifyMessage())
                {
                    throw new TlsFatalAlert(10);
                }
                this.ReceiveCertificateVerifyMessage(memoryStream);
                this.mConnectionState = 12;
                return;
            }

            case 16:
                switch (this.mConnectionState)
                {
                case 8:
                case 9:
                case 10:
                    if (this.mConnectionState < 9)
                    {
                        this.mTlsServer.ProcessClientSupplementalData(null);
                    }
                    if (this.mConnectionState < 10)
                    {
                        if (this.mCertificateRequest == null)
                        {
                            this.mKeyExchange.SkipClientCredentials();
                        }
                        else
                        {
                            if (TlsUtilities.IsTlsV12(this.Context))
                            {
                                throw new TlsFatalAlert(10);
                            }
                            if (TlsUtilities.IsSsl(this.Context))
                            {
                                if (this.mPeerCertificate == null)
                                {
                                    throw new TlsFatalAlert(10);
                                }
                            }
                            else
                            {
                                this.NotifyClientCertificate(Certificate.EmptyChain);
                            }
                        }
                    }
                    this.ReceiveClientKeyExchangeMessage(memoryStream);
                    this.mConnectionState = 11;
                    return;

                default:
                    throw new TlsFatalAlert(10);
                }
                break;

            case 20:
                switch (this.mConnectionState)
                {
                case 11:
                case 12:
                    if (this.mConnectionState < 12 && this.ExpectCertificateVerifyMessage())
                    {
                        throw new TlsFatalAlert(10);
                    }
                    this.ProcessFinishedMessage(memoryStream);
                    this.mConnectionState = 13;
                    if (this.mExpectSessionTicket)
                    {
                        this.SendNewSessionTicketMessage(this.mTlsServer.GetNewSessionTicket());
                        this.SendChangeCipherSpecMessage();
                    }
                    this.mConnectionState = 14;
                    this.SendFinishedMessage();
                    this.mConnectionState = 15;
                    this.mConnectionState = 16;
                    return;

                default:
                    throw new TlsFatalAlert(10);
                }
                break;

            case 23:
            {
                short mConnectionState3 = this.mConnectionState;
                if (mConnectionState3 == 8)
                {
                    this.mTlsServer.ProcessClientSupplementalData(TlsProtocol.ReadSupplementalDataMessage(memoryStream));
                    this.mConnectionState = 9;
                    return;
                }
                throw new TlsFatalAlert(10);
            }
            }
            throw new TlsFatalAlert(10);
        }
Beispiel #5
0
        protected override void HandleHandshakeMessage(byte type, byte[] data)
        {
            //IL_0001: Unknown result type (might be due to invalid IL or missing references)
            //IL_0007: Expected O, but got Unknown
            MemoryStream val = new MemoryStream(data);

            switch (type)
            {
            case 1:
                switch (mConnectionState)
                {
                case 0:
                {
                    ReceiveClientHelloMessage(val);
                    mConnectionState = 1;
                    SendServerHelloMessage();
                    mConnectionState = 2;
                    mRecordStream.NotifyHelloComplete();
                    global::System.Collections.IList serverSupplementalData = mTlsServer.GetServerSupplementalData();
                    if (serverSupplementalData != null)
                    {
                        SendSupplementalDataMessage(serverSupplementalData);
                    }
                    mConnectionState = 3;
                    mKeyExchange     = mTlsServer.GetKeyExchange();
                    mKeyExchange.Init(Context);
                    mServerCredentials = mTlsServer.GetCredentials();
                    Certificate certificate = null;
                    if (mServerCredentials == null)
                    {
                        mKeyExchange.SkipServerCredentials();
                    }
                    else
                    {
                        mKeyExchange.ProcessServerCredentials(mServerCredentials);
                        certificate = mServerCredentials.Certificate;
                        SendCertificateMessage(certificate);
                    }
                    mConnectionState = 4;
                    if (certificate == null || certificate.IsEmpty)
                    {
                        mAllowCertificateStatus = false;
                    }
                    if (mAllowCertificateStatus)
                    {
                        CertificateStatus certificateStatus = mTlsServer.GetCertificateStatus();
                        if (certificateStatus != null)
                        {
                            SendCertificateStatusMessage(certificateStatus);
                        }
                    }
                    mConnectionState = 5;
                    byte[] array = mKeyExchange.GenerateServerKeyExchange();
                    if (array != null)
                    {
                        SendServerKeyExchangeMessage(array);
                    }
                    mConnectionState = 6;
                    if (mServerCredentials != null)
                    {
                        mCertificateRequest = mTlsServer.GetCertificateRequest();
                        if (mCertificateRequest != null)
                        {
                            if (TlsUtilities.IsTlsV12(Context) != (mCertificateRequest.SupportedSignatureAlgorithms != null))
                            {
                                throw new TlsFatalAlert(80);
                            }
                            mKeyExchange.ValidateCertificateRequest(mCertificateRequest);
                            SendCertificateRequestMessage(mCertificateRequest);
                            TlsUtilities.TrackHashAlgorithms(mRecordStream.HandshakeHash, mCertificateRequest.SupportedSignatureAlgorithms);
                        }
                    }
                    mConnectionState = 7;
                    SendServerHelloDoneMessage();
                    mConnectionState = 8;
                    mRecordStream.HandshakeHash.SealHashAlgorithms();
                    break;
                }

                case 16:
                    RefuseRenegotiation();
                    break;

                default:
                    throw new TlsFatalAlert(10);
                }
                break;

            case 23:
            {
                short num = mConnectionState;
                if (num == 8)
                {
                    mTlsServer.ProcessClientSupplementalData(TlsProtocol.ReadSupplementalDataMessage(val));
                    mConnectionState = 9;
                    break;
                }
                throw new TlsFatalAlert(10);
            }

            case 11:
                switch (mConnectionState)
                {
                case 8:
                case 9:
                    if (mConnectionState < 9)
                    {
                        mTlsServer.ProcessClientSupplementalData(null);
                    }
                    if (mCertificateRequest == null)
                    {
                        throw new TlsFatalAlert(10);
                    }
                    ReceiveCertificateMessage(val);
                    mConnectionState = 10;
                    break;

                default:
                    throw new TlsFatalAlert(10);
                }
                break;

            case 16:
                switch (mConnectionState)
                {
                case 8:
                case 9:
                case 10:
                    if (mConnectionState < 9)
                    {
                        mTlsServer.ProcessClientSupplementalData(null);
                    }
                    if (mConnectionState < 10)
                    {
                        if (mCertificateRequest == null)
                        {
                            mKeyExchange.SkipClientCredentials();
                        }
                        else
                        {
                            if (TlsUtilities.IsTlsV12(Context))
                            {
                                throw new TlsFatalAlert(10);
                            }
                            if (TlsUtilities.IsSsl(Context))
                            {
                                if (mPeerCertificate == null)
                                {
                                    throw new TlsFatalAlert(10);
                                }
                            }
                            else
                            {
                                NotifyClientCertificate(Certificate.EmptyChain);
                            }
                        }
                    }
                    ReceiveClientKeyExchangeMessage(val);
                    mConnectionState = 11;
                    break;

                default:
                    throw new TlsFatalAlert(10);
                }
                break;

            case 15:
            {
                short num = mConnectionState;
                if (num == 11)
                {
                    if (!ExpectCertificateVerifyMessage())
                    {
                        throw new TlsFatalAlert(10);
                    }
                    ReceiveCertificateVerifyMessage(val);
                    mConnectionState = 12;
                    break;
                }
                throw new TlsFatalAlert(10);
            }

            case 20:
                switch (mConnectionState)
                {
                case 11:
                case 12:
                    if (mConnectionState < 12 && ExpectCertificateVerifyMessage())
                    {
                        throw new TlsFatalAlert(10);
                    }
                    ProcessFinishedMessage(val);
                    mConnectionState = 13;
                    if (mExpectSessionTicket)
                    {
                        SendNewSessionTicketMessage(mTlsServer.GetNewSessionTicket());
                        SendChangeCipherSpecMessage();
                    }
                    mConnectionState = 14;
                    SendFinishedMessage();
                    mConnectionState = 15;
                    mConnectionState = 16;
                    CompleteHandshake();
                    break;

                default:
                    throw new TlsFatalAlert(10);
                }
                break;

            default:
                throw new TlsFatalAlert(10);
            }
        }
        protected override void HandleHandshakeMessage(byte type, byte[] data)
        {
            //IL_0002: Unknown result type (might be due to invalid IL or missing references)
            //IL_0008: Expected O, but got Unknown
            MemoryStream val = new MemoryStream(data, false);

            if (mResumedSession)
            {
                if (type != 20 || mConnectionState != 2)
                {
                    throw new TlsFatalAlert(10);
                }
                ProcessFinishedMessage(val);
                mConnectionState = 15;
                SendFinishedMessage();
                mConnectionState = 13;
                mConnectionState = 16;
                CompleteHandshake();
                return;
            }
            switch (type)
            {
            case 11:
                switch (mConnectionState)
                {
                case 2:
                case 3:
                    if (mConnectionState == 2)
                    {
                        HandleSupplementalData(null);
                    }
                    mPeerCertificate = Certificate.Parse((Stream)(object)val);
                    TlsProtocol.AssertEmpty(val);
                    if (mPeerCertificate == null || mPeerCertificate.IsEmpty)
                    {
                        mAllowCertificateStatus = false;
                    }
                    mKeyExchange.ProcessServerCertificate(mPeerCertificate);
                    mAuthentication = mTlsClient.GetAuthentication();
                    mAuthentication.NotifyServerCertificate(mPeerCertificate);
                    mConnectionState = 4;
                    break;

                default:
                    throw new TlsFatalAlert(10);
                }
                break;

            case 22:
            {
                short num = mConnectionState;
                if (num == 4)
                {
                    if (!mAllowCertificateStatus)
                    {
                        throw new TlsFatalAlert(10);
                    }
                    mCertificateStatus = CertificateStatus.Parse((Stream)(object)val);
                    TlsProtocol.AssertEmpty(val);
                    mConnectionState = 5;
                    break;
                }
                throw new TlsFatalAlert(10);
            }

            case 20:
                switch (mConnectionState)
                {
                case 13:
                case 14:
                    if (mConnectionState == 13 && mExpectSessionTicket)
                    {
                        throw new TlsFatalAlert(10);
                    }
                    ProcessFinishedMessage(val);
                    mConnectionState = 15;
                    mConnectionState = 16;
                    CompleteHandshake();
                    break;

                default:
                    throw new TlsFatalAlert(10);
                }
                break;

            case 2:
            {
                short num = mConnectionState;
                if (num == 1)
                {
                    ReceiveServerHelloMessage(val);
                    mConnectionState = 2;
                    mRecordStream.NotifyHelloComplete();
                    ApplyMaxFragmentLengthExtension();
                    if (mResumedSession)
                    {
                        mSecurityParameters.masterSecret = Arrays.Clone(mSessionParameters.MasterSecret);
                        mRecordStream.SetPendingConnectionState(Peer.GetCompression(), Peer.GetCipher());
                        SendChangeCipherSpecMessage();
                        break;
                    }
                    InvalidateSession();
                    if (mSelectedSessionID.Length > 0)
                    {
                        mTlsSession = new TlsSessionImpl(mSelectedSessionID, null);
                    }
                    break;
                }
                throw new TlsFatalAlert(10);
            }

            case 23:
            {
                short num = mConnectionState;
                if (num == 2)
                {
                    HandleSupplementalData(TlsProtocol.ReadSupplementalDataMessage(val));
                    break;
                }
                throw new TlsFatalAlert(10);
            }

            case 14:
                switch (mConnectionState)
                {
                case 2:
                case 3:
                case 4:
                case 5:
                case 6:
                case 7:
                {
                    if (mConnectionState < 3)
                    {
                        HandleSupplementalData(null);
                    }
                    if (mConnectionState < 4)
                    {
                        mKeyExchange.SkipServerCredentials();
                        mAuthentication = null;
                    }
                    if (mConnectionState < 6)
                    {
                        mKeyExchange.SkipServerKeyExchange();
                    }
                    TlsProtocol.AssertEmpty(val);
                    mConnectionState = 8;
                    mRecordStream.HandshakeHash.SealHashAlgorithms();
                    global::System.Collections.IList clientSupplementalData = mTlsClient.GetClientSupplementalData();
                    if (clientSupplementalData != null)
                    {
                        SendSupplementalDataMessage(clientSupplementalData);
                    }
                    mConnectionState = 9;
                    TlsCredentials tlsCredentials = null;
                    if (mCertificateRequest == null)
                    {
                        mKeyExchange.SkipClientCredentials();
                    }
                    else
                    {
                        tlsCredentials = mAuthentication.GetClientCredentials(mCertificateRequest);
                        if (tlsCredentials == null)
                        {
                            mKeyExchange.SkipClientCredentials();
                            SendCertificateMessage(Certificate.EmptyChain);
                        }
                        else
                        {
                            mKeyExchange.ProcessClientCredentials(tlsCredentials);
                            SendCertificateMessage(tlsCredentials.Certificate);
                        }
                    }
                    mConnectionState = 10;
                    SendClientKeyExchangeMessage();
                    mConnectionState = 11;
                    TlsHandshakeHash tlsHandshakeHash = mRecordStream.PrepareToFinish();
                    mSecurityParameters.sessionHash = TlsProtocol.GetCurrentPrfHash(Context, tlsHandshakeHash, null);
                    TlsProtocol.EstablishMasterSecret(Context, mKeyExchange);
                    mRecordStream.SetPendingConnectionState(Peer.GetCompression(), Peer.GetCipher());
                    if (tlsCredentials != null && tlsCredentials is TlsSignerCredentials)
                    {
                        TlsSignerCredentials      tlsSignerCredentials      = (TlsSignerCredentials)tlsCredentials;
                        SignatureAndHashAlgorithm signatureAndHashAlgorithm = TlsUtilities.GetSignatureAndHashAlgorithm(Context, tlsSignerCredentials);
                        byte[]          hash              = ((signatureAndHashAlgorithm != null) ? tlsHandshakeHash.GetFinalHash(signatureAndHashAlgorithm.Hash) : mSecurityParameters.SessionHash);
                        byte[]          signature         = tlsSignerCredentials.GenerateCertificateSignature(hash);
                        DigitallySigned certificateVerify = new DigitallySigned(signatureAndHashAlgorithm, signature);
                        SendCertificateVerifyMessage(certificateVerify);
                        mConnectionState = 12;
                    }
                    SendChangeCipherSpecMessage();
                    SendFinishedMessage();
                    mConnectionState = 13;
                    break;
                }

                default:
                    throw new TlsFatalAlert(40);
                }
                break;

            case 12:
                switch (mConnectionState)
                {
                case 2:
                case 3:
                case 4:
                case 5:
                    if (mConnectionState < 3)
                    {
                        HandleSupplementalData(null);
                    }
                    if (mConnectionState < 4)
                    {
                        mKeyExchange.SkipServerCredentials();
                        mAuthentication = null;
                    }
                    mKeyExchange.ProcessServerKeyExchange((Stream)(object)val);
                    TlsProtocol.AssertEmpty(val);
                    mConnectionState = 6;
                    break;

                default:
                    throw new TlsFatalAlert(10);
                }
                break;

            case 13:
                switch (mConnectionState)
                {
                case 4:
                case 5:
                case 6:
                    if (mConnectionState != 6)
                    {
                        mKeyExchange.SkipServerKeyExchange();
                    }
                    if (mAuthentication == null)
                    {
                        throw new TlsFatalAlert(40);
                    }
                    mCertificateRequest = CertificateRequest.Parse(Context, (Stream)(object)val);
                    TlsProtocol.AssertEmpty(val);
                    mKeyExchange.ValidateCertificateRequest(mCertificateRequest);
                    TlsUtilities.TrackHashAlgorithms(mRecordStream.HandshakeHash, mCertificateRequest.SupportedSignatureAlgorithms);
                    mConnectionState = 7;
                    break;

                default:
                    throw new TlsFatalAlert(10);
                }
                break;

            case 4:
            {
                short num = mConnectionState;
                if (num == 13)
                {
                    if (!mExpectSessionTicket)
                    {
                        throw new TlsFatalAlert(10);
                    }
                    InvalidateSession();
                    ReceiveNewSessionTicketMessage(val);
                    mConnectionState = 14;
                    break;
                }
                throw new TlsFatalAlert(10);
            }

            case 0:
                TlsProtocol.AssertEmpty(val);
                if (mConnectionState == 16)
                {
                    RefuseRenegotiation();
                }
                break;

            default:
                throw new TlsFatalAlert(10);
            }
        }
        protected override void HandleHandshakeMessage(byte type, byte[] data)
        {
            MemoryStream buf = new MemoryStream(data, false);

            if (base.mResumedSession)
            {
                if ((type != 20) || (base.mConnectionState != 2))
                {
                    throw new TlsFatalAlert(10);
                }
                this.ProcessFinishedMessage(buf);
                base.mConnectionState = 15;
                this.SendFinishedMessage();
                base.mConnectionState = 13;
                base.mConnectionState = 0x10;
                this.CompleteHandshake();
            }
            else
            {
                switch (type)
                {
                case 0:
                    TlsProtocol.AssertEmpty(buf);
                    if (base.mConnectionState == 0x10)
                    {
                        this.RefuseRenegotiation();
                    }
                    return;

                case 2:
                    if (base.mConnectionState != 1)
                    {
                        throw new TlsFatalAlert(10);
                    }
                    this.ReceiveServerHelloMessage(buf);
                    base.mConnectionState = 2;
                    base.mRecordStream.NotifyHelloComplete();
                    this.ApplyMaxFragmentLengthExtension();
                    if (base.mResumedSession)
                    {
                        base.mSecurityParameters.masterSecret = Arrays.Clone(base.mSessionParameters.MasterSecret);
                        base.mRecordStream.SetPendingConnectionState(this.Peer.GetCompression(), this.Peer.GetCipher());
                        this.SendChangeCipherSpecMessage();
                    }
                    else
                    {
                        this.InvalidateSession();
                        if (this.mSelectedSessionID.Length > 0)
                        {
                            base.mTlsSession = new TlsSessionImpl(this.mSelectedSessionID, null);
                        }
                    }
                    return;

                case 4:
                    if (base.mConnectionState != 13)
                    {
                        throw new TlsFatalAlert(10);
                    }
                    if (!base.mExpectSessionTicket)
                    {
                        throw new TlsFatalAlert(10);
                    }
                    this.InvalidateSession();
                    this.ReceiveNewSessionTicketMessage(buf);
                    base.mConnectionState = 14;
                    return;

                case 11:
                    switch (base.mConnectionState)
                    {
                    case 2:
                    case 3:
                        if (base.mConnectionState == 2)
                        {
                            this.HandleSupplementalData(null);
                        }
                        base.mPeerCertificate = Certificate.Parse(buf);
                        TlsProtocol.AssertEmpty(buf);
                        if ((base.mPeerCertificate == null) || base.mPeerCertificate.IsEmpty)
                        {
                            base.mAllowCertificateStatus = false;
                        }
                        this.mKeyExchange.ProcessServerCertificate(base.mPeerCertificate);
                        this.mAuthentication = this.mTlsClient.GetAuthentication();
                        this.mAuthentication.NotifyServerCertificate(base.mPeerCertificate);
                        base.mConnectionState = 4;
                        return;
                    }
                    throw new TlsFatalAlert(10);

                case 12:
                    switch (base.mConnectionState)
                    {
                    case 2:
                    case 3:
                    case 4:
                    case 5:
                        if (base.mConnectionState < 3)
                        {
                            this.HandleSupplementalData(null);
                        }
                        if (base.mConnectionState < 4)
                        {
                            this.mKeyExchange.SkipServerCredentials();
                            this.mAuthentication = null;
                        }
                        this.mKeyExchange.ProcessServerKeyExchange(buf);
                        TlsProtocol.AssertEmpty(buf);
                        base.mConnectionState = 6;
                        return;
                    }
                    throw new TlsFatalAlert(10);

                case 13:
                    switch (base.mConnectionState)
                    {
                    case 4:
                    case 5:
                    case 6:
                        if (base.mConnectionState != 6)
                        {
                            this.mKeyExchange.SkipServerKeyExchange();
                        }
                        if (this.mAuthentication == null)
                        {
                            throw new TlsFatalAlert(40);
                        }
                        this.mCertificateRequest = CertificateRequest.Parse(this.Context, buf);
                        TlsProtocol.AssertEmpty(buf);
                        this.mKeyExchange.ValidateCertificateRequest(this.mCertificateRequest);
                        TlsUtilities.TrackHashAlgorithms(base.mRecordStream.HandshakeHash, this.mCertificateRequest.SupportedSignatureAlgorithms);
                        base.mConnectionState = 7;
                        return;
                    }
                    throw new TlsFatalAlert(10);

                case 14:
                    switch (base.mConnectionState)
                    {
                    case 2:
                    case 3:
                    case 4:
                    case 5:
                    case 6:
                    case 7:
                    {
                        if (base.mConnectionState < 3)
                        {
                            this.HandleSupplementalData(null);
                        }
                        if (base.mConnectionState < 4)
                        {
                            this.mKeyExchange.SkipServerCredentials();
                            this.mAuthentication = null;
                        }
                        if (base.mConnectionState < 6)
                        {
                            this.mKeyExchange.SkipServerKeyExchange();
                        }
                        TlsProtocol.AssertEmpty(buf);
                        base.mConnectionState = 8;
                        base.mRecordStream.HandshakeHash.SealHashAlgorithms();
                        IList clientSupplementalData = this.mTlsClient.GetClientSupplementalData();
                        if (clientSupplementalData != null)
                        {
                            this.SendSupplementalDataMessage(clientSupplementalData);
                        }
                        base.mConnectionState = 9;
                        TlsCredentials clientCredentials = null;
                        if (this.mCertificateRequest == null)
                        {
                            this.mKeyExchange.SkipClientCredentials();
                        }
                        else
                        {
                            clientCredentials = this.mAuthentication.GetClientCredentials(this.Context, this.mCertificateRequest);
                            if (clientCredentials == null)
                            {
                                this.mKeyExchange.SkipClientCredentials();
                                this.SendCertificateMessage(Certificate.EmptyChain);
                            }
                            else
                            {
                                this.mKeyExchange.ProcessClientCredentials(clientCredentials);
                                this.SendCertificateMessage(clientCredentials.Certificate);
                            }
                        }
                        base.mConnectionState = 10;
                        this.SendClientKeyExchangeMessage();
                        base.mConnectionState = 11;
                        TlsHandshakeHash handshakeHash = base.mRecordStream.PrepareToFinish();
                        base.mSecurityParameters.sessionHash = TlsProtocol.GetCurrentPrfHash(this.Context, handshakeHash, null);
                        TlsProtocol.EstablishMasterSecret(this.Context, this.mKeyExchange);
                        base.mRecordStream.SetPendingConnectionState(this.Peer.GetCompression(), this.Peer.GetCipher());
                        if ((clientCredentials != null) && (clientCredentials is TlsSignerCredentials))
                        {
                            byte[] sessionHash;
                            TlsSignerCredentials      signerCredentials         = (TlsSignerCredentials)clientCredentials;
                            SignatureAndHashAlgorithm signatureAndHashAlgorithm = TlsUtilities.GetSignatureAndHashAlgorithm(this.Context, signerCredentials);
                            if (signatureAndHashAlgorithm == null)
                            {
                                sessionHash = base.mSecurityParameters.SessionHash;
                            }
                            else
                            {
                                sessionHash = handshakeHash.GetFinalHash(signatureAndHashAlgorithm.Hash);
                            }
                            byte[]          signature         = signerCredentials.GenerateCertificateSignature(sessionHash);
                            DigitallySigned certificateVerify = new DigitallySigned(signatureAndHashAlgorithm, signature);
                            this.SendCertificateVerifyMessage(certificateVerify);
                            base.mConnectionState = 12;
                        }
                        this.SendChangeCipherSpecMessage();
                        this.SendFinishedMessage();
                        base.mConnectionState = 13;
                        return;
                    }
                    }
                    throw new TlsFatalAlert(40);

                case 20:
                    switch (base.mConnectionState)
                    {
                    case 13:
                    case 14:
                        if ((base.mConnectionState == 13) && base.mExpectSessionTicket)
                        {
                            throw new TlsFatalAlert(10);
                        }
                        this.ProcessFinishedMessage(buf);
                        base.mConnectionState = 15;
                        base.mConnectionState = 0x10;
                        this.CompleteHandshake();
                        return;
                    }
                    throw new TlsFatalAlert(10);

                case 0x16:
                    if (base.mConnectionState != 4)
                    {
                        throw new TlsFatalAlert(10);
                    }
                    if (!base.mAllowCertificateStatus)
                    {
                        throw new TlsFatalAlert(10);
                    }
                    this.mCertificateStatus = CertificateStatus.Parse(buf);
                    TlsProtocol.AssertEmpty(buf);
                    base.mConnectionState = 5;
                    return;

                case 0x17:
                    if (base.mConnectionState != 2)
                    {
                        throw new TlsFatalAlert(10);
                    }
                    this.HandleSupplementalData(TlsProtocol.ReadSupplementalDataMessage(buf));
                    return;
                }
                throw new TlsFatalAlert(10);
            }
        }