public void TestOutputOffset(TestContext ctx, [TestHost] IEncryptionTestHost host)
{
var input = GetBuffer(HelloWorldName);
var output = new TlsBuffer(input.Size + host.MaxExtraEncryptedBytes + MagicDataSize);
output.Write(GetBuffer(MagicDataName));
var startOffset = output.Offset;
var startPos = output.Position;
var startSize = output.Size;
var length = host.Encrypt(input, output.GetRemaining());
ctx.Assert(length, Is.GreaterThanOrEqualTo(0), "#1");
ctx.Assert(length, Is.GreaterThanOrEqualTo(input.Size + host.MinExtraEncryptedBytes), "#2a");
ctx.Assert(length, Is.LessThanOrEqualTo(input.Size + host.MaxExtraEncryptedBytes), "#2a");
ctx.Assert(output.Offset, Is.EqualTo(startOffset), "#2b");
ctx.Assert(output.Size, Is.EqualTo(startSize), "#2c");
output.Position = 0;
var magic = output.ReadBytes(MagicDataSize);
ctx.Assert(magic, Is.EqualTo(GetField(MagicDataName)), "#3");
var encrypted = output.ReadBytes(length);
CheckOutput(ctx, HelloWorldResult, new BufferOffsetSize(encrypted));
}
public void TestDecrypt()
{
var input = GetBuffer(HelloWorldResult);
var output = new TlsBuffer(input.Size + MagicDataSize + MagicData2Size);
output.Write(GetBuffer(MagicDataName));
output.Write(GetBuffer(MagicData2Name));
var hello = GetField(HelloWorldName);
var length = Context.Decrypt(input, output.GetRemaining());
Assert.That(length, Is.EqualTo(hello.Length), "#1");
output.Position = 0;
var magic = output.ReadBytes(MagicDataSize);
Assert.That(magic, Is.EqualTo(GetField(MagicDataName)), "#2");
var magic2 = output.ReadBytes(MagicData2Size);
Assert.That(magic2, Is.EqualTo(GetField(MagicData2Name)), "#3");
var decrypted = output.ReadBytes(length);
Assert.That(decrypted, Is.EqualTo(hello), "#4");
}
protected override void Read (TlsBuffer incoming)
{
ClientRandom = new SecureBuffer (incoming.ReadBytes (32));
var length = (short)incoming.ReadByte ();
SessionID = new SecureBuffer (incoming.ReadBytes (length));
length = incoming.ReadInt16 ();
if ((length % 2) != 0)
throw new TlsException (AlertDescription.DecodeError);
bool seenSCSV = false;
ClientCiphers = new CipherSuiteCode [length >> 1];
for (int i = 0; i < ClientCiphers.Length; i++) {
ClientCiphers [i] = (CipherSuiteCode)incoming.ReadInt16 ();
if (ClientCiphers [i] == CipherSuiteCode.TLS_EMPTY_RENEGOTIATION_INFO_SCSV)
seenSCSV = true;
}
// Compression methods
length = incoming.ReadByte ();
incoming.Position += length;
Extensions = new TlsExtensionCollection (incoming);
if (seenSCSV)
Extensions.AddRenegotiationExtension ();
}
protected override void Read(TlsBuffer incoming)
{
// Server random
ServerRandom = new SecureBuffer(incoming.ReadBytes(32));
// Session ID
var sessionIdLength = (int)incoming.ReadByte();
if (sessionIdLength > 0)
{
SessionID = new SecureBuffer(incoming.ReadBytes(sessionIdLength));
}
// Cipher suite
SelectedCipher = (CipherSuiteCode)incoming.ReadInt16();
var compressionMethod = incoming.ReadByte();
if (compressionMethod != 0)
{
throw new TlsException(AlertDescription.IlegalParameter, "Invalid compression method received from server");
}
Extensions = new TlsExtensionCollection(incoming);
}
public override void ReadServer (TlsBuffer incoming)
{
P = incoming.ReadBytes (incoming.ReadInt16 ());
G = incoming.ReadBytes (incoming.ReadInt16 ());
Y = incoming.ReadBytes (incoming.ReadInt16 ());
Signature = Signature.Read (protocol, incoming);
}
public override void ReadServer(TlsBuffer incoming)
{
P = incoming.ReadBytes(incoming.ReadInt16());
G = incoming.ReadBytes(incoming.ReadInt16());
Y = incoming.ReadBytes(incoming.ReadInt16());
Signature = Signature.Read(protocol, incoming);
}
public override void ReadServer(TlsBuffer incoming)
{
P = incoming.ReadBytes(incoming.ReadInt16());
G = incoming.ReadBytes(incoming.ReadInt16());
Y = incoming.ReadBytes(incoming.ReadInt16());
SignatureAlgorithm = new SignatureAndHashAlgorithm(incoming);
Signature = incoming.ReadSecureBuffer(incoming.ReadInt16());
}
public ServerNameExtension(TlsBuffer incoming)
{
if (incoming.Remaining == 0)
{
return;
}
var length = incoming.ReadInt16();
if (length != incoming.Remaining)
{
throw new TlsException(AlertDescription.DecodeError);
}
var type = incoming.ReadByte();
if (type != 0x00)
{
throw new TlsException(AlertDescription.IlegalParameter, "Unknown NameType in ServerName extension");
}
var nameLength = incoming.ReadInt16();
if (nameLength + 3 != length)
{
throw new TlsException(AlertDescription.DecodeError);
}
ServerName = Encoding.ASCII.GetString(incoming.ReadBytes(nameLength));
}
protected override void Read(TlsBuffer incoming)
{
var length = incoming.ReadInt24();
var endOffset = incoming.Position + length;
while (incoming.Position < endOffset)
{
var certLength = incoming.ReadInt24();
if (certLength == 0)
{
break;
}
var buffer = incoming.ReadBytes(certLength);
// Create a new X509 Certificate
var certificate = new X509Certificate(buffer);
Certificates.Add(certificate);
}
if (incoming.Position != endOffset || incoming.Remaining != 0)
{
throw new TlsException(AlertDescription.DecodeError);
}
}
public override void ReadServer(TlsBuffer incoming)
{
curveType = (ECCurveType)incoming.ReadByte();
// Currently, we only support named curves
if (curveType == ECCurveType.named_curve)
{
namedCurve = (NamedCurve)incoming.ReadInt16();
// TODO Check namedCurve is one we offered?
domainParameters = NamedCurveHelper.GetECParameters(namedCurve);
}
else
{
// TODO Add support for explicit curve parameters
throw new TlsException(AlertDescription.HandshakeFailure, "Unsupported elliptic curve type `{0}'.", curveType);
}
var publicLength = incoming.ReadByte();
publicBytes = incoming.ReadBytes(publicLength);
// TODO Check RFC 4492 for validation
serverQ = domainParameters.Curve.DecodePoint(publicBytes);
Signature = Signature.Read(TlsProtocolCode.Tls12, incoming);
}
protected override void Read(TlsBuffer incoming)
{
Hash = new SecureBuffer(incoming.ReadBytes(12));
if (incoming.Remaining != 0)
{
throw new TlsException(AlertDescription.DecodeError);
}
}
protected override void Read (TlsBuffer incoming)
{
// Server random
ServerRandom = new SecureBuffer (incoming.ReadBytes (32));
// Session ID
var sessionIdLength = (int)incoming.ReadByte ();
if (sessionIdLength > 0) {
SessionID = new SecureBuffer (incoming.ReadBytes (sessionIdLength));
}
// Cipher suite
SelectedCipher = (CipherSuiteCode)incoming.ReadInt16 ();
var compressionMethod = incoming.ReadByte ();
if (compressionMethod != 0)
throw new TlsException (AlertDescription.IlegalParameter, "Invalid compression method received from server");
Extensions = new TlsExtensionCollection (incoming);
}
protected override void Read(TlsBuffer incoming)
{
var length = incoming.ReadByte();
for (int i = 0; i < length; i++)
{
Parameters.CertificateTypes.Add((ClientCertificateType)incoming.ReadByte());
}
if (Protocol == TlsProtocolCode.Tls12)
{
var length2 = incoming.ReadInt16();
if ((length2 % 2) != 0)
{
throw new TlsException(AlertDescription.IlegalParameter);
}
var signatureTypes = new SignatureAndHashAlgorithm [length2 >> 1];
for (int i = 0; i < signatureTypes.Length; i++)
{
Parameters.SignatureParameters.SignatureAndHashAlgorithms.Add(SignatureHelper.DecodeSignatureAndHashAlgorithm(incoming));
}
}
var length3 = incoming.ReadInt16();
if (incoming.Remaining != length3)
{
throw new TlsException(AlertDescription.DecodeError);
}
/*
* Read requested certificate authorities (Distinguised Names)
*
* Name ::= SEQUENCE OF RelativeDistinguishedName
*
* RelativeDistinguishedName ::= SET OF AttributeValueAssertion
*
* AttributeValueAssertion ::= SEQUENCE {
* attributeType OBJECT IDENTIFIER
* attributeValue ANY
* }
*
*/
while (incoming.Remaining > 0)
{
var rdn = new ASN1(incoming.ReadBytes(incoming.ReadInt16()));
Parameters.CertificateAuthorities.Add(X501.ToString(rdn));
}
}
protected override void Read(TlsBuffer incoming)
{
ClientRandom = new SecureBuffer(incoming.ReadBytes(32));
var length = (short)incoming.ReadByte();
SessionID = new SecureBuffer(incoming.ReadBytes(length));
length = incoming.ReadInt16();
if ((length % 2) != 0)
{
throw new TlsException(AlertDescription.DecodeError);
}
bool seenSCSV = false;
ClientCiphers = new CipherSuiteCode [length >> 1];
for (int i = 0; i < ClientCiphers.Length; i++)
{
ClientCiphers [i] = (CipherSuiteCode)incoming.ReadInt16();
if (ClientCiphers [i] == CipherSuiteCode.TLS_EMPTY_RENEGOTIATION_INFO_SCSV)
{
seenSCSV = true;
}
}
// Compression methods
length = incoming.ReadByte();
incoming.Position += length;
Extensions = new TlsExtensionCollection(incoming);
if (seenSCSV)
{
Extensions.AddRenegotiationExtension();
}
}
public ServerNameExtension (TlsBuffer incoming)
{
if (incoming.Remaining == 0)
return;
var length = incoming.ReadInt16 ();
if (length != incoming.Remaining)
throw new TlsException (AlertDescription.DecodeError);
var type = incoming.ReadByte ();
if (type != 0x00)
throw new TlsException (AlertDescription.IlegalParameter, "Unknown NameType in ServerName extension");
var nameLength = incoming.ReadInt16 ();
if (nameLength + 3 != length)
throw new TlsException (AlertDescription.DecodeError);
ServerName = Encoding.ASCII.GetString (incoming.ReadBytes (nameLength));
}
public void TestDecrypt(TestContext ctx, [TestHost] IEncryptionTestHost host)
{
var input = GetBuffer(HelloWorldResult);
var output = new TlsBuffer(input.Size);
var hello = GetField(HelloWorldName);
var length = host.Decrypt(input, output.GetRemaining());
ctx.Assert(length, Is.EqualTo(hello.Length), "#1");
output.Position = 0;
var decrypted = output.ReadBytes(length);
ctx.Assert(decrypted, Is.EqualTo(hello), "#4");
}
protected override void Read (TlsBuffer incoming)
{
var length = incoming.ReadInt24 ();
var endOffset = incoming.Position + length;
while (incoming.Position < endOffset) {
var certLength = incoming.ReadInt24 ();
if (certLength == 0)
break;
var buffer = incoming.ReadBytes (certLength);
// Create a new X509 Certificate
var certificate = new X509Certificate (buffer);
Certificates.Add (certificate);
}
if (incoming.Position != endOffset || incoming.Remaining != 0)
throw new TlsException (AlertDescription.DecodeError);
}
protected override void Read (TlsBuffer incoming)
{
Hash = new SecureBuffer (incoming.ReadBytes (12));
if (incoming.Remaining != 0)
throw new TlsException (AlertDescription.DecodeError);
}
public void TestOutputOffset (TestContext ctx, [TestHost] IEncryptionTestHost host)
{
var input = GetBuffer (HelloWorldName);
var output = new TlsBuffer (input.Size + host.MaxExtraEncryptedBytes + MagicDataSize);
output.Write (GetBuffer (MagicDataName));
var startOffset = output.Offset;
var startPos = output.Position;
var startSize = output.Size;
var length = host.Encrypt (input, output.GetRemaining ());
ctx.Assert (length, Is.GreaterThanOrEqualTo (0), "#1");
ctx.Assert (length, Is.EqualTo (input.Size + host.MinExtraEncryptedBytes), "#2a");
ctx.Assert (output.Offset, Is.EqualTo (startOffset), "#2b");
ctx.Assert (output.Size, Is.EqualTo (startSize), "#2c");
output.Position = 0;
var magic = output.ReadBytes (MagicDataSize);
ctx.Assert (magic, Is.EqualTo (GetField (MagicDataName)), "#3");
var encrypted = output.ReadBytes (length);
CheckOutput (ctx, HelloWorldResult, new BufferOffsetSize (encrypted));
}
public override void ReadClient(TlsBuffer incoming)
{
encryptedPreMasterSecret = incoming.ReadBytes(incoming.ReadInt16());
}
protected override void Read (TlsBuffer incoming)
{
var length = incoming.ReadByte ();
for (int i = 0; i < length; i++)
Parameters.CertificateTypes.Add ((ClientCertificateType)incoming.ReadByte ());
if (Protocol == TlsProtocolCode.Tls12) {
var length2 = incoming.ReadInt16 ();
if ((length2 % 2) != 0)
throw new TlsException (AlertDescription.IlegalParameter);
var signatureTypes = new SignatureAndHashAlgorithm [length2 >> 1];
for (int i = 0; i < signatureTypes.Length; i++)
Parameters.SignatureParameters.SignatureAndHashAlgorithms.Add (new SignatureAndHashAlgorithm (incoming));
}
var length3 = incoming.ReadInt16 ();
if (incoming.Remaining != length3)
throw new TlsException (AlertDescription.DecodeError);
/*
* Read requested certificate authorities (Distinguised Names)
*
* Name ::= SEQUENCE OF RelativeDistinguishedName
*
* RelativeDistinguishedName ::= SET OF AttributeValueAssertion
*
* AttributeValueAssertion ::= SEQUENCE {
* attributeType OBJECT IDENTIFIER
* attributeValue ANY
* }
*
*/
while (incoming.Remaining > 0) {
var rdn = new ASN1 (incoming.ReadBytes (incoming.ReadInt16 ()));
Parameters.CertificateAuthorities.Add (X501.ToString (rdn));
}
}
public void TestDecrypt (TestContext ctx, [TestHost] IEncryptionTestHost host)
{
var input = GetBuffer (HelloWorldResult);
var output = new TlsBuffer (input.Size + MagicDataSize + MagicData2Size);
output.Write (GetBuffer (MagicDataName));
output.Write (GetBuffer (MagicData2Name));
var hello = GetField (HelloWorldName);
var length = host.Decrypt (input, output.GetRemaining ());
ctx.Assert (length, Is.EqualTo (hello.Length), "#1");
output.Position = 0;
var magic = output.ReadBytes (MagicDataSize);
ctx.Assert (magic, Is.EqualTo (GetField (MagicDataName)), "#2");
var magic2 = output.ReadBytes (MagicData2Size);
ctx.Assert (magic2, Is.EqualTo (GetField (MagicData2Name)), "#3");
var decrypted = output.ReadBytes (length);
ctx.Assert (decrypted, Is.EqualTo (hello), "#4");
}
public override void ReadClient(TlsBuffer incoming)
{
Y = incoming.ReadBytes(incoming.ReadInt16());
}
internal RenegotiationExtension (TlsBuffer incoming)
{
Data = new SecureBuffer (incoming.ReadBytes (incoming.ReadByte ()));
}
public override void ReadClient (TlsBuffer incoming)
{
clientKey = incoming.ReadBytes (incoming.ReadByte ());
}
public override void ReadServer (TlsBuffer incoming)
{
curveType = (ECCurveType)incoming.ReadByte ();
// Currently, we only support named curves
if (curveType == ECCurveType.named_curve) {
namedCurve = (NamedCurve)incoming.ReadInt16 ();
// TODO Check namedCurve is one we offered?
domainParameters = NamedCurveHelper.GetECParameters (namedCurve);
} else {
// TODO Add support for explicit curve parameters
throw new TlsException (AlertDescription.HandshakeFailure, "Unsupported elliptic curve type `{0}'.", curveType);
}
var publicLength = incoming.ReadByte ();
publicBytes = incoming.ReadBytes (publicLength);
// TODO Check RFC 4492 for validation
serverQ = domainParameters.Curve.DecodePoint (publicBytes);
Signature = Signature.Read (TlsProtocolCode.Tls12, incoming);
}
public override void ReadClient (TlsBuffer incoming)
{
Y = incoming.ReadBytes (incoming.ReadInt16 ());
}
internal RenegotiationExtension(TlsBuffer incoming)
{
Data = new SecureBuffer(incoming.ReadBytes(incoming.ReadByte()));
}
public override void ReadClient (TlsBuffer incoming)
{
encryptedPreMasterSecret = incoming.ReadBytes (incoming.ReadInt16 ());
}
public override void ReadClient(TlsBuffer incoming)
{
clientKey = incoming.ReadBytes(incoming.ReadByte());
}
