private void SendClientKeyExchange()
{
var preMasterSecret = TLS12.GetPreMasterSecret();
_session.MasterSecret = TLS12.GetMasterSecret(preMasterSecret, _session.ClientRandom, _session.ServerRandom);
var clientKeyExchange = new ClientKeyExchange
{
SessionId = _session.Id,
PreMasterSecret = preMasterSecret
};
var serverRsa = Rsa.CreateFromPublicPEM(_session.RSAPublicPem);
var request = new SecurityLayerMessage
{
Type = SecurityMessageType.ClientKeyExchange,
Data = serverRsa.Encrypt(_serializer.Serialize <ClientKeyExchange>(clientKeyExchange))
};
var requestBytes = _serializer.Serialize <SecurityLayerMessage>(request);
Send(requestBytes);
var responseBytes = Receive();
var message = _serializer.Deserialize <SecurityLayerMessage>(responseBytes);
var serverFinished = _serializer.Deserialize <ServerFinished>(message.Data);
_session.Id = serverFinished.SessionId;
var keys = TLS12.GetKeys(_session.MasterSecret, _session.ClientRandom, _session.ServerRandom);
_session.ClientWriteMACKey = TLS12.GetClientWriteMACKey(keys);
_session.ServerWriteMACKey = TLS12.GetServerWriteMACKey(keys);
_session.ClientWriteKey = TLS12.GetClientWriteKey(keys);
_session.ServerWriteKey = TLS12.GetServerWriteKey(keys);
_session.IsAuthenticated = true;
}
private void SendClientHello()
{
var random = TLS12.GetRandom();
_session.ClientRandom = random;
var clientHello = new ClientHello
{
Random = random,
RSAPublicPem = _rsa.PublicPem
};
var request = new SecurityLayerMessage
{
Type = SecurityMessageType.ClientHello,
Data = _serializer.Serialize <ClientHello>(clientHello)
};
var requestBytes = _serializer.Serialize <SecurityLayerMessage>(request);
Send(requestBytes);
var responseBytes = Receive();
var message = _serializer.Deserialize <SecurityLayerMessage>(responseBytes);
var serverHello = _serializer.Deserialize <ServerHello>(message.Data);
_session.Id = serverHello.SessionId;
_session.ServerRandom = serverHello.Random;
_session.RSAPublicPem = serverHello.RSAPublicPem;
}
private void HandleClientKeyExchange(byte[] message)
{
var decryptedMessage = _rsa.Decrypt(message);
var clientKeyExchange = _serializer.Deserialize <ClientKeyExchange>(decryptedMessage);
var session = _sessionCache.Get(clientKeyExchange.SessionId);
if (session == null)
{
// TODO: Send error
}
else
{
session.MasterSecret = TLS12.GetMasterSecret(clientKeyExchange.PreMasterSecret, session.ClientRandom, session.ServerRandom);
var keys = TLS12.GetKeys(session.MasterSecret, session.ClientRandom, session.ServerRandom);
session.ClientWriteMACKey = TLS12.GetClientWriteMACKey(keys);
session.ServerWriteMACKey = TLS12.GetServerWriteMACKey(keys);
session.ClientWriteKey = TLS12.GetClientWriteKey(keys);
session.ServerWriteKey = TLS12.GetServerWriteKey(keys);
session.IsAuthenticated = true;
}
var serverFinished = new ServerFinished
{
SessionId = session.Id
};
var response = new SecurityLayerMessage
{
Type = SecurityMessageType.ServerFinished,
Data = _serializer.Serialize <ServerFinished>(serverFinished)
};
var responseBytes = _serializer.Serialize <SecurityLayerMessage>(response);
Send(responseBytes);
}
public void SendApplicationData(byte[] data)
{
if (!_session.IsAuthenticated)
{
throw new Exception("Not authenticated");
}
var aesIv = TLS12.GetIV();
var applicationData = new ApplicationData
{
SessionId = _session.Id,
AesIv = aesIv,
Data = EncryptAes(data, _session.ClientWriteKey, aesIv)
};
var bytes = _serializer.Serialize <ApplicationData>(applicationData);
var message = new SecurityLayerMessage
{
Type = SecurityMessageType.ApplicationData,
Data = bytes
};
Send(_serializer.Serialize <SecurityLayerMessage>(message));
}
private void HandleClientHello(byte[] message)
{
var clientHello = _serializer.Deserialize <ClientHello>(message);
var session = _sessionCache.NewSession();
var random = TLS12.GetRandom();
session.ServerRandom = random;
session.ClientRandom = clientHello.Random;
session.RSAPublicPem = clientHello.RSAPublicPem;
var serverHello = new ServerHello
{
SessionId = session.Id,
Random = random,
RSAPublicPem = _rsa.PublicPem
};
var response = new SecurityLayerMessage
{
Type = SecurityMessageType.ServerHello,
Data = _serializer.Serialize <ServerHello>(serverHello)
};
var responseBytes = _serializer.Serialize <SecurityLayerMessage>(response);
Send(responseBytes);
}
