void Read(TlsBuffer incoming)
{
if (incoming.Remaining == 0)
{
return;
}
var length = incoming.ReadInt16();
if (incoming.Remaining != length)
{
throw new TlsException(AlertDescription.DecodeError);
}
while (incoming.Remaining > 0)
{
var extensionType = (ExtensionType)incoming.ReadInt16();
length = incoming.ReadInt16();
var extensionBuffer = incoming.ReadBuffer(length);
var extension = CreateExtension(extensionType, extensionBuffer);
if (extension != null)
{
Add(extension);
}
}
}
protected override void Read (TlsBuffer incoming)
{
ClientRandom = new SecureBuffer (incoming.ReadBytes (32));
var length = (short)incoming.ReadByte ();
SessionID = new SecureBuffer (incoming.ReadBytes (length));
length = incoming.ReadInt16 ();
if ((length % 2) != 0)
throw new TlsException (AlertDescription.DecodeError);
bool seenSCSV = false;
ClientCiphers = new CipherSuiteCode [length >> 1];
for (int i = 0; i < ClientCiphers.Length; i++) {
ClientCiphers [i] = (CipherSuiteCode)incoming.ReadInt16 ();
if (ClientCiphers [i] == CipherSuiteCode.TLS_EMPTY_RENEGOTIATION_INFO_SCSV)
seenSCSV = true;
}
// Compression methods
length = incoming.ReadByte ();
incoming.Position += length;
Extensions = new TlsExtensionCollection (incoming);
if (seenSCSV)
Extensions.AddRenegotiationExtension ();
}
public ServerNameExtension(TlsBuffer incoming)
{
if (incoming.Remaining == 0)
{
return;
}
var length = incoming.ReadInt16();
if (length != incoming.Remaining)
{
throw new TlsException(AlertDescription.DecodeError);
}
var type = incoming.ReadByte();
if (type != 0x00)
{
throw new TlsException(AlertDescription.IlegalParameter, "Unknown NameType in ServerName extension");
}
var nameLength = incoming.ReadInt16();
if (nameLength + 3 != length)
{
throw new TlsException(AlertDescription.DecodeError);
}
ServerName = Encoding.ASCII.GetString(incoming.ReadBytes(nameLength));
}
public override void ReadServer(TlsBuffer incoming)
{
P = incoming.ReadBytes(incoming.ReadInt16());
G = incoming.ReadBytes(incoming.ReadInt16());
Y = incoming.ReadBytes(incoming.ReadInt16());
Signature = Signature.Read(protocol, incoming);
}
public override void ReadServer (TlsBuffer incoming)
{
P = incoming.ReadBytes (incoming.ReadInt16 ());
G = incoming.ReadBytes (incoming.ReadInt16 ());
Y = incoming.ReadBytes (incoming.ReadInt16 ());
Signature = Signature.Read (protocol, incoming);
}
public override void ReadServer(TlsBuffer incoming)
{
P = incoming.ReadBytes(incoming.ReadInt16());
G = incoming.ReadBytes(incoming.ReadInt16());
Y = incoming.ReadBytes(incoming.ReadInt16());
SignatureAlgorithm = new SignatureAndHashAlgorithm(incoming);
Signature = incoming.ReadSecureBuffer(incoming.ReadInt16());
}
protected override void Read(TlsBuffer incoming)
{
var length = incoming.ReadByte();
for (int i = 0; i < length; i++)
{
Parameters.CertificateTypes.Add((ClientCertificateType)incoming.ReadByte());
}
if (Protocol == TlsProtocolCode.Tls12)
{
var length2 = incoming.ReadInt16();
if ((length2 % 2) != 0)
{
throw new TlsException(AlertDescription.IlegalParameter);
}
var signatureTypes = new SignatureAndHashAlgorithm [length2 >> 1];
for (int i = 0; i < signatureTypes.Length; i++)
{
Parameters.SignatureParameters.SignatureAndHashAlgorithms.Add(SignatureHelper.DecodeSignatureAndHashAlgorithm(incoming));
}
}
var length3 = incoming.ReadInt16();
if (incoming.Remaining != length3)
{
throw new TlsException(AlertDescription.DecodeError);
}
/*
* Read requested certificate authorities (Distinguised Names)
*
* Name ::= SEQUENCE OF RelativeDistinguishedName
*
* RelativeDistinguishedName ::= SET OF AttributeValueAssertion
*
* AttributeValueAssertion ::= SEQUENCE {
* attributeType OBJECT IDENTIFIER
* attributeValue ANY
* }
*
*/
while (incoming.Remaining > 0)
{
var rdn = new ASN1(incoming.ReadBytes(incoming.ReadInt16()));
Parameters.CertificateAuthorities.Add(X501.ToString(rdn));
}
}
public ServerNameExtension (TlsBuffer incoming)
{
if (incoming.Remaining == 0)
return;
var length = incoming.ReadInt16 ();
if (length != incoming.Remaining)
throw new TlsException (AlertDescription.DecodeError);
var type = incoming.ReadByte ();
if (type != 0x00)
throw new TlsException (AlertDescription.IlegalParameter, "Unknown NameType in ServerName extension");
var nameLength = incoming.ReadInt16 ();
if (nameLength + 3 != length)
throw new TlsException (AlertDescription.DecodeError);
ServerName = Encoding.ASCII.GetString (incoming.ReadBytes (nameLength));
}
public TlsClientHello (TlsContext context, TlsBuffer incoming)
: base (HandshakeType.ClientHello)
{
ClientProtocol = (TlsProtocolCode)incoming.ReadInt16 ();
Read (incoming);
}
public TlsServerHello(TlsContext context, TlsBuffer incoming)
: base(HandshakeType.ServerHello)
{
ServerProtocol = (TlsProtocolCode)incoming.ReadInt16();
Read(incoming);
}
public TlsServerHello (TlsContext context, TlsBuffer incoming)
: base (HandshakeType.ServerHello)
{
ServerProtocol = (TlsProtocolCode)incoming.ReadInt16 ();
Read (incoming);
}
public TlsClientHello(TlsContext context, TlsBuffer incoming)
: base(HandshakeType.ClientHello)
{
ClientProtocol = (TlsProtocolCode)incoming.ReadInt16();
Read(incoming);
}
protected override void Read(TlsBuffer incoming)
{
// Server random
ServerRandom = new SecureBuffer(incoming.ReadBytes(32));
// Session ID
var sessionIdLength = (int)incoming.ReadByte();
if (sessionIdLength > 0)
{
SessionID = new SecureBuffer(incoming.ReadBytes(sessionIdLength));
}
// Cipher suite
SelectedCipher = (CipherSuiteCode)incoming.ReadInt16();
var compressionMethod = incoming.ReadByte();
if (compressionMethod != 0)
{
throw new TlsException(AlertDescription.IlegalParameter, "Invalid compression method received from server");
}
Extensions = new TlsExtensionCollection(incoming);
}
public override void ReadServer(TlsBuffer incoming)
{
curveType = (ECCurveType)incoming.ReadByte();
// Currently, we only support named curves
if (curveType == ECCurveType.named_curve)
{
namedCurve = (NamedCurve)incoming.ReadInt16();
// TODO Check namedCurve is one we offered?
domainParameters = NamedCurveHelper.GetECParameters(namedCurve);
}
else
{
// TODO Add support for explicit curve parameters
throw new TlsException(AlertDescription.HandshakeFailure, "Unsupported elliptic curve type `{0}'.", curveType);
}
var publicLength = incoming.ReadByte();
publicBytes = incoming.ReadBytes(publicLength);
// TODO Check RFC 4492 for validation
serverQ = domainParameters.Curve.DecodePoint(publicBytes);
Signature = Signature.Read(TlsProtocolCode.Tls12, incoming);
}
public TlsClientHello(TlsContext context, TlsBuffer incoming)
: base(HandshakeType.ClientHello)
{
// FIXME: Fallback
ClientProtocol = (TlsProtocolCode)incoming.ReadInt16();
context.VerifyServerProtocol(ClientProtocol);
Read(incoming);
}
public TlsServerHello(TlsContext context, TlsBuffer incoming)
: base(HandshakeType.ServerHello)
{
// Read and verify protocol version
ServerProtocol = (TlsProtocolCode)incoming.ReadInt16();
context.VerifyServerProtocol(ServerProtocol);
Read(incoming);
}
public SignatureAlgorithmsExtension (TlsBuffer incoming)
{
var length = incoming.ReadInt16 ();
if ((length % 2) != 0)
throw new TlsException (AlertDescription.DecodeError);
SignatureParameters = new SignatureParameters ();
var count = length >> 1;
for (int i = 0; i < count; i++) {
SignatureParameters.SignatureAndHashAlgorithms.Add (new SignatureAndHashAlgorithm (incoming));
}
}
protected override void Read (TlsBuffer incoming)
{
var length = incoming.ReadByte ();
for (int i = 0; i < length; i++)
Parameters.CertificateTypes.Add ((ClientCertificateType)incoming.ReadByte ());
if (Protocol == TlsProtocolCode.Tls12) {
var length2 = incoming.ReadInt16 ();
if ((length2 % 2) != 0)
throw new TlsException (AlertDescription.IlegalParameter);
var signatureTypes = new SignatureAndHashAlgorithm [length2 >> 1];
for (int i = 0; i < signatureTypes.Length; i++)
Parameters.SignatureParameters.SignatureAndHashAlgorithms.Add (new SignatureAndHashAlgorithm (incoming));
}
var length3 = incoming.ReadInt16 ();
if (incoming.Remaining != length3)
throw new TlsException (AlertDescription.DecodeError);
/*
* Read requested certificate authorities (Distinguised Names)
*
* Name ::= SEQUENCE OF RelativeDistinguishedName
*
* RelativeDistinguishedName ::= SET OF AttributeValueAssertion
*
* AttributeValueAssertion ::= SEQUENCE {
* attributeType OBJECT IDENTIFIER
* attributeValue ANY
* }
*
*/
while (incoming.Remaining > 0) {
var rdn = new ASN1 (incoming.ReadBytes (incoming.ReadInt16 ()));
Parameters.CertificateAuthorities.Add (X501.ToString (rdn));
}
}
protected override void Read(TlsBuffer incoming)
{
ClientRandom = new SecureBuffer(incoming.ReadBytes(32));
var length = (short)incoming.ReadByte();
SessionID = new SecureBuffer(incoming.ReadBytes(length));
length = incoming.ReadInt16();
if ((length % 2) != 0)
{
throw new TlsException(AlertDescription.DecodeError);
}
bool seenSCSV = false;
ClientCiphers = new CipherSuiteCode [length >> 1];
for (int i = 0; i < ClientCiphers.Length; i++)
{
ClientCiphers [i] = (CipherSuiteCode)incoming.ReadInt16();
if (ClientCiphers [i] == CipherSuiteCode.TLS_EMPTY_RENEGOTIATION_INFO_SCSV)
{
seenSCSV = true;
}
}
// Compression methods
length = incoming.ReadByte();
incoming.Position += length;
Extensions = new TlsExtensionCollection(incoming);
if (seenSCSV)
{
Extensions.AddRenegotiationExtension();
}
}
public SignatureAlgorithmsExtension(TlsBuffer incoming)
{
var length = incoming.ReadInt16();
if ((length % 2) != 0)
{
throw new TlsException(AlertDescription.DecodeError);
}
SignatureParameters = new SignatureParameters();
var count = length >> 1;
for (int i = 0; i < count; i++)
{
SignatureParameters.SignatureAndHashAlgorithms.Add(SignatureHelper.DecodeSignatureAndHashAlgorithm(incoming));
}
}
public SignatureAlgorithmsExtension(TlsBuffer incoming)
{
var length = incoming.ReadInt16();
if ((length % 2) != 0)
{
throw new TlsException(AlertDescription.DecodeError);
}
var count = length >> 1;
var algorithms = new List <SignatureAndHashAlgorithm> (count);
for (int i = 0; i < count; i++)
{
algorithms.Add(new SignatureAndHashAlgorithm(incoming));
}
Algorithms = algorithms;
}
protected override void Read (TlsBuffer incoming)
{
// Server random
ServerRandom = new SecureBuffer (incoming.ReadBytes (32));
// Session ID
var sessionIdLength = (int)incoming.ReadByte ();
if (sessionIdLength > 0) {
SessionID = new SecureBuffer (incoming.ReadBytes (sessionIdLength));
}
// Cipher suite
SelectedCipher = (CipherSuiteCode)incoming.ReadInt16 ();
var compressionMethod = incoming.ReadByte ();
if (compressionMethod != 0)
throw new TlsException (AlertDescription.IlegalParameter, "Invalid compression method received from server");
Extensions = new TlsExtensionCollection (incoming);
}
public SignatureTls10 (TlsBuffer incoming)
{
Signature = Add (incoming.ReadSecureBuffer (incoming.ReadInt16 ()));
}
public override void ReadClient(TlsBuffer incoming)
{
encryptedPreMasterSecret = incoming.ReadBytes(incoming.ReadInt16());
}
public SignatureTls12(TlsBuffer incoming)
{
SignatureAlgorithm = SignatureHelper.DecodeSignatureAndHashAlgorithm(incoming);
Signature = Add(incoming.ReadSecureBuffer(incoming.ReadInt16()));
}
protected override void Read(TlsBuffer incoming)
{
Algorithm = new SignatureAndHashAlgorithm(incoming);
Signature = incoming.ReadSecureBuffer(incoming.ReadInt16());
}
public override void ReadClient(TlsBuffer incoming)
{
Y = incoming.ReadBytes(incoming.ReadInt16());
}
public override void ReadServer (TlsBuffer incoming)
{
curveType = (ECCurveType)incoming.ReadByte ();
// Currently, we only support named curves
if (curveType == ECCurveType.named_curve) {
namedCurve = (NamedCurve)incoming.ReadInt16 ();
// TODO Check namedCurve is one we offered?
domainParameters = NamedCurveHelper.GetECParameters (namedCurve);
} else {
// TODO Add support for explicit curve parameters
throw new TlsException (AlertDescription.HandshakeFailure, "Unsupported elliptic curve type `{0}'.", curveType);
}
var publicLength = incoming.ReadByte ();
publicBytes = incoming.ReadBytes (publicLength);
// TODO Check RFC 4492 for validation
serverQ = domainParameters.Curve.DecodePoint (publicBytes);
Signature = Signature.Read (TlsProtocolCode.Tls12, incoming);
}
public SignatureTls12 (TlsBuffer incoming)
{
SignatureAlgorithm = new SignatureAndHashAlgorithm (incoming);
Signature = Add (incoming.ReadSecureBuffer (incoming.ReadInt16 ()));
}
public override void ReadClient (TlsBuffer incoming)
{
Y = incoming.ReadBytes (incoming.ReadInt16 ());
}
public SignatureTls10(TlsBuffer incoming)
{
Signature = Add(incoming.ReadSecureBuffer(incoming.ReadInt16()));
}
bool ReadStandardBuffer (ContentType contentType, ref TlsBuffer buffer)
{
if (buffer.Remaining < 4)
throw new TlsException (
AlertDescription.DecodeError, "buffer underrun");
short protocolCode = buffer.ReadInt16 ();
short length = buffer.ReadInt16 ();
#if DEBUG_FULL
if (EnableDebugging) {
DebugHelper.WriteLine ("ReadStandardBuffer: {0:x} {1:x}", protocolCode, length);
DebugHelper.WriteRemaining (" Buffer", buffer);
}
#endif
if (HasNegotiatedProtocol) {
var protocol = (TlsProtocolCode)protocolCode;
if (protocol != NegotiatedProtocol)
throw new TlsException (AlertDescription.ProtocolVersion);
} else {
if ((protocolCode >> 8 != 3) || ((protocolCode & 0x00ff) < 1))
throw new TlsException (AlertDescription.ProtocolVersion);
}
if (length != buffer.Remaining)
throw new TlsException (
AlertDescription.DecodeError, "Invalid buffer size");
return DecryptRecordFragment (contentType, ref buffer);
}
public override void ReadClient (TlsBuffer incoming)
{
encryptedPreMasterSecret = incoming.ReadBytes (incoming.ReadInt16 ());
}
