An implementation of all high level protocols in TLS 1.0.
Ejemplo n.º 1
0
        internal TlsDHKeyExchange(TlsProtocolHandler handler, ICertificateVerifyer verifyer,
                                  TlsKeyExchangeAlgorithm keyExchange)
        {
            switch (keyExchange)
            {
            case TlsKeyExchangeAlgorithm.KE_DH_RSA:
            case TlsKeyExchangeAlgorithm.KE_DH_DSS:
                this.tlsSigner = null;
                break;

            case TlsKeyExchangeAlgorithm.KE_DHE_RSA:
                this.tlsSigner = new TlsRsaSigner();
                break;

            case TlsKeyExchangeAlgorithm.KE_DHE_DSS:
                this.tlsSigner = new TlsDssSigner();
                break;

            default:
                throw new ArgumentException("unsupported key exchange algorithm", "keyExchange");
            }

            this.handler     = handler;
            this.verifyer    = verifyer;
            this.keyExchange = keyExchange;
        }
Ejemplo n.º 2
0
 internal static void CheckVersion(byte[] readVersion, TlsProtocolHandler handler)
 {
     if ((readVersion[0] != 3) || (readVersion[1] != 1))
     {
         handler.FailWithError(TlsProtocolHandler.AL_fatal, TlsProtocolHandler.AP_protocol_version);
     }
 }
Ejemplo n.º 3
0
 internal static void CheckVersion(byte[] readVersion, TlsProtocolHandler handler)
 {
     if ((readVersion[0] != 3) || (readVersion[1] != 1))
     {
         throw new TlsFatalAlert(AlertDescription.protocol_version);
     }
 }
Ejemplo n.º 4
0
        internal static TlsCipherSuite GetCipherSuite(
            int number,
            TlsProtocolHandler handler)
        {
            switch (number)
            {
            case TLS_RSA_WITH_3DES_EDE_CBC_SHA:
                return(new TlsBlockCipherCipherSuite(new CbcBlockCipher(new DesEdeEngine()), new CbcBlockCipher(new DesEdeEngine()), new Sha1Digest(), new Sha1Digest(), 24, TlsCipherSuite.KE_RSA));

            case TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA:
                return(new TlsBlockCipherCipherSuite(new CbcBlockCipher(new DesEdeEngine()), new CbcBlockCipher(new DesEdeEngine()), new Sha1Digest(), new Sha1Digest(), 24, TlsCipherSuite.KE_DHE_RSA));

            case TLS_RSA_WITH_AES_128_CBC_SHA:
                return(new TlsBlockCipherCipherSuite(new CbcBlockCipher(new AesFastEngine()), new CbcBlockCipher(new AesFastEngine()), new Sha1Digest(), new Sha1Digest(), 16, TlsCipherSuite.KE_RSA));

            case TLS_DHE_RSA_WITH_AES_128_CBC_SHA:
                return(new TlsBlockCipherCipherSuite(new CbcBlockCipher(new AesFastEngine()), new CbcBlockCipher(new AesFastEngine()), new Sha1Digest(), new Sha1Digest(), 16, TlsCipherSuite.KE_DHE_RSA));

            case TLS_RSA_WITH_AES_256_CBC_SHA:
                return(new TlsBlockCipherCipherSuite(new CbcBlockCipher(new AesFastEngine()), new CbcBlockCipher(new AesFastEngine()), new Sha1Digest(), new Sha1Digest(), 32, TlsCipherSuite.KE_RSA));

            case TLS_DHE_RSA_WITH_AES_256_CBC_SHA:
                return(new TlsBlockCipherCipherSuite(new CbcBlockCipher(new AesFastEngine()), new CbcBlockCipher(new AesFastEngine()), new Sha1Digest(), new Sha1Digest(), 32, TlsCipherSuite.KE_DHE_RSA));

            default:
                handler.FailWithError(TlsProtocolHandler.AL_fatal, TlsProtocolHandler.AP_handshake_failure);

                /*
                 * Unreachable Code, failWithError will always throw an exception!
                 */
                return(null);
            }
        }
Ejemplo n.º 5
0
        internal static TlsCipherSuite GetCipherSuite(
			int					number,
			TlsProtocolHandler	handler)
        {
            switch (number)
            {
                case TLS_RSA_WITH_3DES_EDE_CBC_SHA:
                    return new TlsBlockCipherCipherSuite(new CbcBlockCipher(new DesEdeEngine()), new CbcBlockCipher(new DesEdeEngine()), new Sha1Digest(), new Sha1Digest(), 24, TlsCipherSuite.KE_RSA);

                case TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA:
                    return new TlsBlockCipherCipherSuite(new CbcBlockCipher(new DesEdeEngine()), new CbcBlockCipher(new DesEdeEngine()), new Sha1Digest(), new Sha1Digest(), 24, TlsCipherSuite.KE_DHE_RSA);

                case TLS_RSA_WITH_AES_128_CBC_SHA:
                    return new TlsBlockCipherCipherSuite(new CbcBlockCipher(new AesFastEngine()), new CbcBlockCipher(new AesFastEngine()), new Sha1Digest(), new Sha1Digest(), 16, TlsCipherSuite.KE_RSA);

                case TLS_DHE_RSA_WITH_AES_128_CBC_SHA:
                    return new TlsBlockCipherCipherSuite(new CbcBlockCipher(new AesFastEngine()), new CbcBlockCipher(new AesFastEngine()), new Sha1Digest(), new Sha1Digest(), 16, TlsCipherSuite.KE_DHE_RSA);

                case TLS_RSA_WITH_AES_256_CBC_SHA:
                    return new TlsBlockCipherCipherSuite(new CbcBlockCipher(new AesFastEngine()), new CbcBlockCipher(new AesFastEngine()), new Sha1Digest(), new Sha1Digest(), 32, TlsCipherSuite.KE_RSA);

                case TLS_DHE_RSA_WITH_AES_256_CBC_SHA:
                    return new TlsBlockCipherCipherSuite(new CbcBlockCipher(new AesFastEngine()), new CbcBlockCipher(new AesFastEngine()), new Sha1Digest(), new Sha1Digest(), 32, TlsCipherSuite.KE_DHE_RSA);

                default:
                    handler.FailWithError(TlsProtocolHandler.AL_fatal, TlsProtocolHandler.AP_handshake_failure);

                    /*
                    * Unreachable Code, failWithError will always throw an exception!
                    */
                    return null;
            }
        }
 internal static void CheckVersion(byte[] readVersion, TlsProtocolHandler handler)
 {
     if ((readVersion[0] != 3) || (readVersion[1] != 1))
     {
         handler.FailWithError(TlsProtocolHandler.AL_fatal, TlsProtocolHandler.AP_protocol_version);
     }
 }
Ejemplo n.º 7
0
        void StartAuthentication(object state)
        {
            var result = state as AuthenticateResult;

            m_TlsHandler = new TlsProtocolHandler(m_InnerStream);

            try
            {
                m_TlsHandler.Connect(new LegacyTlsClient(new AlwaysValidVerifyer()));
                m_SecureStream = m_TlsHandler.Stream;
            }
            catch (Exception e)
            {
                result.Exception = e;
            }
            finally
            {
                result.IsCompleted = true;

                var callback = result.Callback;

                if (callback != null)
                    callback(result);
            }
        }
Ejemplo n.º 8
0
 internal override void Init(
     TlsProtocolHandler handler,
     byte[]  ms,
     byte[]  cr,
     byte[]  sr)
 {
     throw new TlsException("Sorry, init of TLS_NULL_WITH_NULL_NULL is forbidden");
 }
Ejemplo n.º 9
0
 internal static void CheckVersion(Stream inStr, TlsProtocolHandler handler)
 {
     int i1 = inStr.ReadByte();
     int i2 = inStr.ReadByte();
     if ((i1 != 3) || (i2 != 1))
     {
         handler.FailWithError(TlsProtocolHandler.AL_fatal, TlsProtocolHandler.AP_protocol_version);
     }
 }
Ejemplo n.º 10
0
        protected override void HandleConnectionReady()
        {
            var stream = this.GetStream();

            var handler = new TlsProtocolHandler(stream);
            handler.Connect(tlsClient);

            this.secureStream = handler.Stream;
        }
        internal static void CheckVersion(Stream inStr, TlsProtocolHandler handler)
        {
            int i1 = inStr.ReadByte();
            int i2 = inStr.ReadByte();

            if ((i1 != 3) || (i2 != 1))
            {
                handler.FailWithError(TlsProtocolHandler.AL_fatal, TlsProtocolHandler.AP_protocol_version);
            }
        }
Ejemplo n.º 12
0
        internal static void CheckVersion(Stream inStr, TlsProtocolHandler handler)
        {
            int i1 = inStr.ReadByte();
            int i2 = inStr.ReadByte();

            if ((i1 != 3) || (i2 != 1))
            {
                throw new TlsFatalAlert(AlertDescription.protocol_version);
            }
        }
Ejemplo n.º 13
0
		/// <summary>
		/// Connect to the server and wrap the socket in a TLS handler.
		/// </summary>
		public void Connect(string ipAddress, int port, int sendTimeout, int receiveTimeout)
		{
			_tcpClient = new TcpClient { SendTimeout = sendTimeout, ReceiveTimeout = receiveTimeout };
			_tcpClient.Connect(ipAddress, port);

			_tlsProtocolHandler = new TlsProtocolHandler(_tcpClient.GetStream());
			_tlsProtocolHandler.Connect(this);

			_hasConnected = true;
		}
Ejemplo n.º 14
0
        internal override byte[] DecodeCiphertext(
			short				type,
			byte[]				plaintext,
			int					offset,
			int					len,
			TlsProtocolHandler	handler)
        {
            byte[] result = new byte[len];
            Array.Copy(plaintext, offset, result, 0, len);
            return result;
        }
Ejemplo n.º 15
0
 internal override byte[] DecodeCiphertext(
     short type,
     byte[]                          plaintext,
     int offset,
     int len,
     TlsProtocolHandler handler)
 {
     byte[] result = new byte[len];
     Array.Copy(plaintext, offset, result, 0, len);
     return(result);
 }
Ejemplo n.º 16
0
		internal RecordStream(
			TlsProtocolHandler	handler,
			Stream				inStr,
			Stream				outStr)
		{
			this.handler = handler;
			this.inStr = inStr;
			this.outStr = outStr;
			this.hash = new CombinedHash();
			this.readCipher = new TlsNullCipher();
			this.writeCipher = this.readCipher;
		}
Ejemplo n.º 17
0
 internal RecordStream(
     TlsProtocolHandler handler,
     Stream inStr,
     Stream outStr)
 {
     this.handler     = handler;
     this.inStr       = inStr;
     this.outStr      = outStr;
     this.hash        = new CombinedHash();
     this.readCipher  = new TlsNullCipher();
     this.writeCipher = this.readCipher;
 }
Ejemplo n.º 18
0
		internal RecordStream(
			TlsProtocolHandler	handler,
			Stream				inStr,
			Stream				outStr)
		{
			this.handler = handler;
			this.inStr = inStr;
			this.outStr = outStr;
			hash1 = new CombinedHash();
			hash2 = new CombinedHash();
			this.readSuite = new TlsNullCipherSuite();
			this.writeSuite = this.readSuite;
		}
Ejemplo n.º 19
0
 internal RecordStream(
     TlsProtocolHandler handler,
     Stream inStr,
     Stream outStr)
 {
     this.handler    = handler;
     this.inStr      = inStr;
     this.outStr     = outStr;
     hash1           = new CombinedHash();
     hash2           = new CombinedHash();
     this.readSuite  = new TlsNullCipherSuite();
     this.writeSuite = this.readSuite;
 }
        internal static TlsCipherSuite GetCipherSuite(
            int number,
            TlsProtocolHandler handler)
        {
            switch (number)
            {
            case TLS_RSA_WITH_3DES_EDE_CBC_SHA:
                return(createDesEdeCipherSuite(24, TlsCipherSuite.KE_RSA));

            case TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA:
                return(createDesEdeCipherSuite(24, TlsCipherSuite.KE_DHE_DSS));

            case TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA:
                return(createDesEdeCipherSuite(24, TlsCipherSuite.KE_DHE_RSA));

            case TLS_RSA_WITH_AES_128_CBC_SHA:
                return(createAesCipherSuite(16, TlsCipherSuite.KE_RSA));

            case TLS_DHE_DSS_WITH_AES_128_CBC_SHA:
                return(createAesCipherSuite(16, TlsCipherSuite.KE_DHE_DSS));

            case TLS_DHE_RSA_WITH_AES_128_CBC_SHA:
                return(createAesCipherSuite(16, TlsCipherSuite.KE_DHE_RSA));

            case TLS_RSA_WITH_AES_256_CBC_SHA:
                return(createAesCipherSuite(32, TlsCipherSuite.KE_RSA));

            case TLS_DHE_DSS_WITH_AES_256_CBC_SHA:
                return(createAesCipherSuite(32, TlsCipherSuite.KE_DHE_DSS));

            case TLS_DHE_RSA_WITH_AES_256_CBC_SHA:
                return(createAesCipherSuite(32, TlsCipherSuite.KE_DHE_RSA));

            default:
                handler.FailWithError(TlsProtocolHandler.AL_fatal, TlsProtocolHandler.AP_handshake_failure);

                /*
                 * Unreachable Code, failWithError will always throw an exception!
                 */
                return(null);
            }
        }
		internal static TlsCipherSuite GetCipherSuite(
			int					number,
			TlsProtocolHandler	handler)
		{
			switch (number)
			{
				case TLS_RSA_WITH_3DES_EDE_CBC_SHA:
					return createDesEdeCipherSuite(24, TlsCipherSuite.KE_RSA);

				case TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA:
					return createDesEdeCipherSuite(24, TlsCipherSuite.KE_DHE_DSS);

				case TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA:
					return createDesEdeCipherSuite(24, TlsCipherSuite.KE_DHE_RSA);

				case TLS_RSA_WITH_AES_128_CBC_SHA:
					return createAesCipherSuite(16, TlsCipherSuite.KE_RSA);

				case TLS_DHE_DSS_WITH_AES_128_CBC_SHA:
					return createAesCipherSuite(16, TlsCipherSuite.KE_DHE_DSS);

				case TLS_DHE_RSA_WITH_AES_128_CBC_SHA:
					return createAesCipherSuite(16, TlsCipherSuite.KE_DHE_RSA);

				case TLS_RSA_WITH_AES_256_CBC_SHA:
					return createAesCipherSuite(32, TlsCipherSuite.KE_RSA);

				case TLS_DHE_DSS_WITH_AES_256_CBC_SHA:
					return createAesCipherSuite(32, TlsCipherSuite.KE_DHE_DSS);

				case TLS_DHE_RSA_WITH_AES_256_CBC_SHA:
					return createAesCipherSuite(32, TlsCipherSuite.KE_DHE_RSA);

				default:
					handler.FailWithError(TlsProtocolHandler.AL_fatal, TlsProtocolHandler.AP_handshake_failure);

					/*
					* Unreachable Code, failWithError will always throw an exception!
					*/
					return null;
			}
		}
Ejemplo n.º 22
0
        internal TlsBlockCipher(TlsProtocolHandler handler, IBlockCipher encryptCipher,
                                IBlockCipher decryptCipher, IDigest writeDigest, IDigest readDigest, int cipherKeySize,
                                SecurityParameters securityParameters)
        {
            this.handler       = handler;
            this.encryptCipher = encryptCipher;
            this.decryptCipher = decryptCipher;

            int prfSize = (2 * cipherKeySize) + writeDigest.GetDigestSize()
                          + readDigest.GetDigestSize() + encryptCipher.GetBlockSize()
                          + decryptCipher.GetBlockSize();

            byte[] keyBlock = TlsUtilities.PRF(securityParameters.masterSecret, "key expansion",
                                               TlsUtilities.Concat(securityParameters.serverRandom, securityParameters.clientRandom),
                                               prfSize);

            int offset = 0;

            // Init MACs
            writeMac = CreateTlsMac(writeDigest, keyBlock, ref offset);
            readMac  = CreateTlsMac(readDigest, keyBlock, ref offset);

            // Build keys
            KeyParameter encryptKey = CreateKeyParameter(keyBlock, ref offset, cipherKeySize);
            KeyParameter decryptKey = CreateKeyParameter(keyBlock, ref offset, cipherKeySize);

            // Add IVs
            ParametersWithIV encryptParams = CreateParametersWithIV(encryptKey,
                                                                    keyBlock, ref offset, encryptCipher.GetBlockSize());
            ParametersWithIV decryptParams = CreateParametersWithIV(decryptKey,
                                                                    keyBlock, ref offset, decryptCipher.GetBlockSize());

            if (offset != prfSize)
            {
                handler.FailWithError(TlsProtocolHandler.AL_fatal, TlsProtocolHandler.AP_internal_error);
            }

            // Init Ciphers
            encryptCipher.Init(true, encryptParams);
            decryptCipher.Init(false, decryptParams);
        }
Ejemplo n.º 23
0
		internal TlsBlockCipher(TlsProtocolHandler handler, IBlockCipher encryptCipher,
			IBlockCipher decryptCipher, IDigest writeDigest, IDigest readDigest, int cipherKeySize,
			SecurityParameters securityParameters)
		{
			this.handler = handler;
			this.encryptCipher = encryptCipher;
			this.decryptCipher = decryptCipher;
			
			int prfSize = (2 * cipherKeySize) + writeDigest.GetDigestSize()
				+ readDigest.GetDigestSize() + encryptCipher.GetBlockSize()
				+ decryptCipher.GetBlockSize();

			byte[] keyBlock = TlsUtilities.PRF(securityParameters.masterSecret, "key expansion",
				TlsUtilities.Concat(securityParameters.serverRandom, securityParameters.clientRandom),
				prfSize);

			int offset = 0;

			// Init MACs
			writeMac = CreateTlsMac(writeDigest, keyBlock, ref offset);
			readMac = CreateTlsMac(readDigest, keyBlock, ref offset);

			// Build keys
			KeyParameter encryptKey = CreateKeyParameter(keyBlock, ref offset, cipherKeySize);
			KeyParameter decryptKey = CreateKeyParameter(keyBlock, ref offset, cipherKeySize);

			// Add IVs
			ParametersWithIV encryptParams = CreateParametersWithIV(encryptKey,
				keyBlock, ref offset, encryptCipher.GetBlockSize());
			ParametersWithIV decryptParams = CreateParametersWithIV(decryptKey,
				keyBlock, ref offset, decryptCipher.GetBlockSize());

			if (offset != prfSize)
				handler.FailWithError(TlsProtocolHandler.AL_fatal, TlsProtocolHandler.AP_internal_error);

			// Init Ciphers
			encryptCipher.Init(true, encryptParams);
			decryptCipher.Init(false, decryptParams);
		}
Ejemplo n.º 24
0
		internal TlsSrpKeyExchange(TlsProtocolHandler handler, ICertificateVerifyer verifyer,
			TlsKeyExchangeAlgorithm keyExchange)
		{
			switch (keyExchange)
			{
				case TlsKeyExchangeAlgorithm.KE_SRP:
					this.tlsSigner = null;
					break;
				case TlsKeyExchangeAlgorithm.KE_SRP_RSA:
					this.tlsSigner = new TlsRsaSigner();
					break;
				case TlsKeyExchangeAlgorithm.KE_SRP_DSS:
					this.tlsSigner = new TlsDssSigner();
					break;
				default:
					throw new ArgumentException("unsupported key exchange algorithm", "keyExchange");
			}

			this.handler = handler;
			this.verifyer = verifyer;
			this.keyExchange = keyExchange;
		}
        internal override void Init(TlsProtocolHandler handler, byte[] ms, byte[] cr, byte[] sr)
        {
            this.handler = handler;

            int prfSize = (2 * cipherKeySize) + writeDigest.GetDigestSize() + readDigest.GetDigestSize()
                          + encryptCipher.GetBlockSize() + decryptCipher.GetBlockSize();

            byte[] keyBlock = new byte[prfSize];
            byte[] random   = new byte[cr.Length + sr.Length];
            Array.Copy(cr, 0, random, sr.Length, cr.Length);
            Array.Copy(sr, 0, random, 0, sr.Length);
            TlsUtilities.PRF(ms, "key expansion", random, keyBlock);

            int offset = 0;

            // Init MACs
            writeMac = CreateTlsMac(writeDigest, keyBlock, ref offset);
            readMac  = CreateTlsMac(readDigest, keyBlock, ref offset);

            // Build keys
            KeyParameter encryptKey = CreateKeyParameter(keyBlock, ref offset, cipherKeySize);
            KeyParameter decryptKey = CreateKeyParameter(keyBlock, ref offset, cipherKeySize);

            // Add IVs
            ParametersWithIV encryptParams = CreateParametersWithIV(encryptKey,
                                                                    keyBlock, ref offset, encryptCipher.GetBlockSize());
            ParametersWithIV decryptParams = CreateParametersWithIV(decryptKey,
                                                                    keyBlock, ref offset, decryptCipher.GetBlockSize());

            if (offset != prfSize)
            {
                handler.FailWithError(TlsProtocolHandler.AL_fatal, TlsProtocolHandler.AP_internal_error);
            }

            // Init Ciphers
            encryptCipher.Init(true, encryptParams);
            decryptCipher.Init(false, decryptParams);
        }
Ejemplo n.º 26
0
		internal abstract byte[] DecodeCiphertext(short type, byte[] plaintext, int offset, int len, TlsProtocolHandler handler);
Ejemplo n.º 27
0
 public void Init(TlsProtocolHandler handler)
 {
     this.handler = handler;
 }
Ejemplo n.º 28
0
		public void Init(TlsProtocolHandler handler)
		{
			this.handler = handler;
		}
Ejemplo n.º 29
0
 internal TlsRsaKeyExchange(TlsProtocolHandler handler, ICertificateVerifyer verifyer)
 {
     this.handler  = handler;
     this.verifyer = verifyer;
 }
Ejemplo n.º 30
0
        internal override byte[] DecodeCiphertext(
            short type,
            byte[]                          ciphertext,
            int offset,
            int len,
            TlsProtocolHandler handler)
        {
            int  blocksize    = decryptCipher.GetBlockSize();
            bool decrypterror = false;

            /*
             * Decrypt all the ciphertext using the blockcipher
             */
            for (int i = 0; i < len; i += blocksize)
            {
                decryptCipher.ProcessBlock(ciphertext, i + offset, ciphertext, i
                                           + offset);
            }

            /*
             * Check if padding is correct
             */
            int paddingsize = ciphertext[offset + len - 1];

            if (offset + len - 1 - paddingsize < 0)
            {
                /*
                 * This would lead to an negativ array index, so this padding
                 * must be incorrect!
                 */
                decrypterror = true;
                paddingsize  = 0;
            }
            else
            {
                /*
                 * Now, check all the padding-bytes.
                 */
                for (int i = 0; i <= paddingsize; i++)
                {
                    if (ciphertext[offset + len - 1 - i] != paddingsize)
                    {
                        /* Wrong padding */
                        decrypterror = true;
                    }
                }
            }

            /*
             * We now don't care if padding verification has failed or not,
             * we will calculate the mac to give an attacker no kind of timing
             * profile he can use to find out if mac verification failed or
             * padding verification failed.
             */
            int plaintextlength = len - readMac.Size - paddingsize - 1;

            byte[] calculatedMac = readMac.CalculateMac(type, ciphertext, offset,
                                                        plaintextlength);

            /*
             * Check all bytes in the mac.
             */
            for (int i = 0; i < calculatedMac.Length; i++)
            {
                if (ciphertext[offset + plaintextlength + i] != calculatedMac[i])
                {
                    decrypterror = true;
                }
            }

            /*
             * Now, it is save to fail.
             */
            if (decrypterror)
            {
                handler.FailWithError(TlsProtocolHandler.AL_fatal,
                                      TlsProtocolHandler.AP_bad_record_mac);
            }
            byte[] plaintext = new byte[plaintextlength];
            Array.Copy(ciphertext, offset, plaintext, 0, plaintextlength);
            return(plaintext);
        }
Ejemplo n.º 31
0
		internal TlsStream(
			TlsProtocolHandler handler)
		{
			this.handler = handler;
		}
Ejemplo n.º 32
0
		public SslStream(Stream stream) {
			handler = new TlsProtocolHandler(stream);
		}
Ejemplo n.º 33
0
 public static Stream Connect(NetworkStream ns, bool verifyCertificates)
 {
     var handler = new TlsProtocolHandler(ns);
     handler.Connect(new TlsClient(verifyCertificates));
     return handler.Stream;
 }
Ejemplo n.º 34
0
 internal abstract void Init(TlsProtocolHandler handler, byte[] ms, byte[] cr, byte[] sr);
Ejemplo n.º 35
0
 internal abstract byte[] DecodeCiphertext(short type, byte[] plaintext, int offset, int len, TlsProtocolHandler handler);
Ejemplo n.º 36
0
 internal TlsInputStream(
     TlsProtocolHandler handler)
 {
     this.handler = handler;
 }
Ejemplo n.º 37
0
		internal static void CheckVersion(byte[] readVersion, TlsProtocolHandler handler)
		{
			if ((readVersion[0] != 3) || (readVersion[1] != 1))
			{
				throw new TlsFatalAlert(AlertDescription.protocol_version);
			}
		}
		internal override byte[] DecodeCiphertext(
			short				type,
			byte[]				ciphertext,
			int					offset,
			int					len,
			TlsProtocolHandler	handler)
		{
			int blocksize = decryptCipher.GetBlockSize();
			bool decrypterror = false;

			/*
			* Decrypt all the ciphertext using the blockcipher
			*/
			for (int i = 0; i < len; i += blocksize)
			{
				decryptCipher.ProcessBlock(ciphertext, i + offset, ciphertext, i
					+ offset);
			}

			/*
			* Check if padding is correct
			*/
			int paddingsize = ciphertext[offset + len - 1];
			if (offset + len - 1 - paddingsize < 0)
			{
				/*
				* This would lead to a negative array index, so this padding
				* must be incorrect!
				*/
				decrypterror = true;
				paddingsize = 0;
			}
			else
			{
				/*
				* Now, check all the padding-bytes.
				*/
				for (int i = 0; i <= paddingsize; i++)
				{
					if (ciphertext[offset + len - 1 - i] != paddingsize)
					{
						/* Wrong padding */
						decrypterror = true;
					}
				}
			}

			/*
			* We now don't care if padding verification has failed or not,
			* we will calculate the mac to give an attacker no kind of timing
			* profile he can use to find out if mac verification failed or
			* padding verification failed.
			*/
			int plaintextlength = len - readMac.Size - paddingsize - 1;
			byte[] calculatedMac = readMac.CalculateMac(type, ciphertext, offset,
				plaintextlength);

			/*
			* Check all bytes in the mac.
			*/
			for (int i = 0; i < calculatedMac.Length; i++)
			{
				if (ciphertext[offset + plaintextlength + i] != calculatedMac[i])
				{
					decrypterror = true;
				}
			}

			/*
			* Now, it is safe to fail.
			*/
			if (decrypterror)
			{
				handler.FailWithError(TlsProtocolHandler.AL_fatal,
					TlsProtocolHandler.AP_bad_record_mac);
			}
			byte[] plaintext = new byte[plaintextlength];
			Array.Copy(ciphertext, offset, plaintext, 0, plaintextlength);
			return plaintext;

		}
Ejemplo n.º 39
0
		internal static void CheckVersion(Stream inStr, TlsProtocolHandler handler)
		{
			int i1 = inStr.ReadByte();
			int i2 = inStr.ReadByte();
			if ((i1 != 3) || (i2 != 1))
			{
				throw new TlsFatalAlert(AlertDescription.protocol_version);
			}
		}