private void SendClientKeyExchange() { var preMasterSecret = TLS12.GetPreMasterSecret(); _session.MasterSecret = TLS12.GetMasterSecret(preMasterSecret, _session.ClientRandom, _session.ServerRandom); var clientKeyExchange = new ClientKeyExchange { SessionId = _session.Id, PreMasterSecret = preMasterSecret }; var serverRsa = Rsa.CreateFromPublicPEM(_session.RSAPublicPem); var request = new SecurityLayerMessage { Type = SecurityMessageType.ClientKeyExchange, Data = serverRsa.Encrypt(_serializer.Serialize <ClientKeyExchange>(clientKeyExchange)) }; var requestBytes = _serializer.Serialize <SecurityLayerMessage>(request); Send(requestBytes); var responseBytes = Receive(); var message = _serializer.Deserialize <SecurityLayerMessage>(responseBytes); var serverFinished = _serializer.Deserialize <ServerFinished>(message.Data); _session.Id = serverFinished.SessionId; var keys = TLS12.GetKeys(_session.MasterSecret, _session.ClientRandom, _session.ServerRandom); _session.ClientWriteMACKey = TLS12.GetClientWriteMACKey(keys); _session.ServerWriteMACKey = TLS12.GetServerWriteMACKey(keys); _session.ClientWriteKey = TLS12.GetClientWriteKey(keys); _session.ServerWriteKey = TLS12.GetServerWriteKey(keys); _session.IsAuthenticated = true; }
private void SendClientHello() { var random = TLS12.GetRandom(); _session.ClientRandom = random; var clientHello = new ClientHello { Random = random, RSAPublicPem = _rsa.PublicPem }; var request = new SecurityLayerMessage { Type = SecurityMessageType.ClientHello, Data = _serializer.Serialize <ClientHello>(clientHello) }; var requestBytes = _serializer.Serialize <SecurityLayerMessage>(request); Send(requestBytes); var responseBytes = Receive(); var message = _serializer.Deserialize <SecurityLayerMessage>(responseBytes); var serverHello = _serializer.Deserialize <ServerHello>(message.Data); _session.Id = serverHello.SessionId; _session.ServerRandom = serverHello.Random; _session.RSAPublicPem = serverHello.RSAPublicPem; }
private void HandleClientKeyExchange(byte[] message) { var decryptedMessage = _rsa.Decrypt(message); var clientKeyExchange = _serializer.Deserialize <ClientKeyExchange>(decryptedMessage); var session = _sessionCache.Get(clientKeyExchange.SessionId); if (session == null) { // TODO: Send error } else { session.MasterSecret = TLS12.GetMasterSecret(clientKeyExchange.PreMasterSecret, session.ClientRandom, session.ServerRandom); var keys = TLS12.GetKeys(session.MasterSecret, session.ClientRandom, session.ServerRandom); session.ClientWriteMACKey = TLS12.GetClientWriteMACKey(keys); session.ServerWriteMACKey = TLS12.GetServerWriteMACKey(keys); session.ClientWriteKey = TLS12.GetClientWriteKey(keys); session.ServerWriteKey = TLS12.GetServerWriteKey(keys); session.IsAuthenticated = true; } var serverFinished = new ServerFinished { SessionId = session.Id }; var response = new SecurityLayerMessage { Type = SecurityMessageType.ServerFinished, Data = _serializer.Serialize <ServerFinished>(serverFinished) }; var responseBytes = _serializer.Serialize <SecurityLayerMessage>(response); Send(responseBytes); }
public void SendApplicationData(byte[] data) { if (!_session.IsAuthenticated) { throw new Exception("Not authenticated"); } var aesIv = TLS12.GetIV(); var applicationData = new ApplicationData { SessionId = _session.Id, AesIv = aesIv, Data = EncryptAes(data, _session.ClientWriteKey, aesIv) }; var bytes = _serializer.Serialize <ApplicationData>(applicationData); var message = new SecurityLayerMessage { Type = SecurityMessageType.ApplicationData, Data = bytes }; Send(_serializer.Serialize <SecurityLayerMessage>(message)); }
private void HandleClientHello(byte[] message) { var clientHello = _serializer.Deserialize <ClientHello>(message); var session = _sessionCache.NewSession(); var random = TLS12.GetRandom(); session.ServerRandom = random; session.ClientRandom = clientHello.Random; session.RSAPublicPem = clientHello.RSAPublicPem; var serverHello = new ServerHello { SessionId = session.Id, Random = random, RSAPublicPem = _rsa.PublicPem }; var response = new SecurityLayerMessage { Type = SecurityMessageType.ServerHello, Data = _serializer.Serialize <ServerHello>(serverHello) }; var responseBytes = _serializer.Serialize <SecurityLayerMessage>(response); Send(responseBytes); }