private static bool PumpData(TlsProtocol from, TlsProtocol to, bool fragment)
{
int byteCount = from.GetAvailableOutputBytes();
if (byteCount == 0)
{
return false;
}
if (fragment)
{
while (from.GetAvailableOutputBytes() > 0)
{
byte[] buffer = new byte[1];
from.ReadOutput(buffer, 0, 1);
to.OfferInput(buffer);
}
}
else
{
byte[] buffer = new byte[byteCount];
from.ReadOutput(buffer, 0, buffer.Length);
to.OfferInput(buffer);
}
return true;
}
internal RecordStream(TlsProtocol handler, Stream input, Stream output)
{
mHandler = handler;
mInput = input;
mOutput = output;
mReadCompression = new TlsNullCompression();
mWriteCompression = mReadCompression;
}
internal RecordStream(TlsProtocol handler, Stream input, Stream output)
{
this.mHandler = handler;
this.mInput = input;
this.mOutput = output;
this.mReadCompression = new TlsNullCompression();
this.mWriteCompression = this.mReadCompression;
}
protected virtual void ProcessClientKeyExchange(ServerHandshakeState state, byte[] body)
{
MemoryStream buf = new MemoryStream(body, false);
state.keyExchange.ProcessClientKeyExchange(buf);
TlsProtocol.AssertEmpty(buf);
}
protected virtual void ReceiveClientHelloMessage(MemoryStream buf)
{
ProtocolVersion protocolVersion = TlsUtilities.ReadVersion(buf);
mRecordStream.SetWriteVersion(protocolVersion);
if (protocolVersion.IsDtls)
{
throw new TlsFatalAlert(47);
}
byte[] clientRandom = TlsUtilities.ReadFully(32, buf);
byte[] array = TlsUtilities.ReadOpaque8(buf);
if (array.Length > 32)
{
throw new TlsFatalAlert(47);
}
int num = TlsUtilities.ReadUint16(buf);
if (num < 2 || (num & 1) != 0)
{
throw new TlsFatalAlert(50);
}
mOfferedCipherSuites = TlsUtilities.ReadUint16Array(num / 2, buf);
int num2 = TlsUtilities.ReadUint8(buf);
if (num2 < 1)
{
throw new TlsFatalAlert(47);
}
mOfferedCompressionMethods = TlsUtilities.ReadUint8Array(num2, buf);
mClientExtensions = TlsProtocol.ReadExtensions(buf);
mSecurityParameters.extendedMasterSecret = TlsExtensionsUtilities.HasExtendedMasterSecretExtension(mClientExtensions);
ContextAdmin.SetClientVersion(protocolVersion);
mTlsServer.NotifyClientVersion(protocolVersion);
mTlsServer.NotifyFallback(Arrays.Contains(mOfferedCipherSuites, 22016));
mSecurityParameters.clientRandom = clientRandom;
mTlsServer.NotifyOfferedCipherSuites(mOfferedCipherSuites);
mTlsServer.NotifyOfferedCompressionMethods(mOfferedCompressionMethods);
if (Arrays.Contains(mOfferedCipherSuites, 255))
{
mSecureRenegotiation = true;
}
byte[] extensionData = TlsUtilities.GetExtensionData(mClientExtensions, 65281);
if (extensionData != null)
{
mSecureRenegotiation = true;
if (!Arrays.ConstantTimeAreEqual(extensionData, TlsProtocol.CreateRenegotiationInfo(TlsUtilities.EmptyBytes)))
{
throw new TlsFatalAlert(40);
}
}
mTlsServer.NotifySecureRenegotiation(mSecureRenegotiation);
if (mClientExtensions != null)
{
mTlsServer.ProcessClientExtensions(mClientExtensions);
}
}
public IDictionary ReadServerExtensions()
{
if (mEncodedServerExtensions == null)
{
return(null);
}
MemoryStream input = new MemoryStream(mEncodedServerExtensions, writable: false);
return(TlsProtocol.ReadExtensions(input));
}
protected virtual void ProcessClientCertificate(ServerHandshakeState state, byte[] body)
{
MemoryStream buf = new MemoryStream(body, false);
Certificate clientCertificate = Certificate.Parse(buf);
TlsProtocol.AssertEmpty(buf);
NotifyClientCertificate(state, clientCertificate);
}
protected virtual void ProcessNewSessionTicket(ClientHandshakeState state, byte[] body)
{
MemoryStream buf = new MemoryStream(body, false);
NewSessionTicket newSessionTicket = NewSessionTicket.Parse(buf);
TlsProtocol.AssertEmpty(buf);
state.client.NotifyNewSessionTicket(newSessionTicket);
}
public virtual DtlsTransport Accept(TlsServer server, DatagramTransport transport)
{
if (server == null)
{
throw new ArgumentNullException("server");
}
if (transport == null)
{
throw new ArgumentNullException("transport");
}
SecurityParameters securityParameters = new SecurityParameters();
securityParameters.entity = ConnectionEnd.server;
ServerHandshakeState state = new ServerHandshakeState();
state.server = server;
state.serverContext = new TlsServerContextImpl(mSecureRandom, securityParameters);
securityParameters.serverRandom = TlsProtocol.CreateRandomBlock(server.ShouldUseGmtUnixTime(),
state.serverContext.NonceRandomGenerator);
server.Init(state.serverContext);
DtlsRecordLayer recordLayer = new DtlsRecordLayer(transport, state.serverContext, server, ContentType.handshake);
server.NotifyCloseHandle(recordLayer);
// TODO Need to handle sending of HelloVerifyRequest without entering a full connection
try
{
return(ServerHandshake(state, recordLayer));
}
catch (TlsFatalAlert fatalAlert)
{
AbortServerHandshake(state, recordLayer, fatalAlert.AlertDescription);
throw fatalAlert;
}
catch (IOException e)
{
AbortServerHandshake(state, recordLayer, AlertDescription.internal_error);
throw e;
}
catch (Exception e)
{
AbortServerHandshake(state, recordLayer, AlertDescription.internal_error);
throw new TlsFatalAlert(AlertDescription.internal_error, e);
}
finally
{
securityParameters.Clear();
}
}
public IDictionary ReadServerExtensions()
{
if (mEncodedServerExtensions == null)
{
return(null);
}
MemoryStream buf = new MemoryStream(mEncodedServerExtensions, false);
return(TlsProtocol.ReadExtensions(buf));
}
protected virtual void ProcessFinished(byte[] body, byte[] expected_verify_data)
{
MemoryStream memoryStream = new MemoryStream(body, writable: false);
byte[] b = TlsUtilities.ReadFully(expected_verify_data.Length, memoryStream);
TlsProtocol.AssertEmpty(memoryStream);
if (!Arrays.ConstantTimeAreEqual(expected_verify_data, b))
{
throw new TlsFatalAlert(40);
}
}
private static void WriteAndRead(TlsProtocol writer, TlsProtocol reader, byte[] data, bool fragment)
{
int dataSize = data.Length;
writer.OfferOutput(data, 0, dataSize);
PumpData(writer, reader, fragment);
Assert.AreEqual(dataSize, reader.GetAvailableInputBytes());
byte[] readData = new byte[dataSize];
reader.ReadInput(readData, 0, dataSize);
AssertArrayEquals(data, readData);
}
public static CertificateStatusRequest ReadStatusRequestExtension(byte[] extensionData)
{
if (extensionData == null)
{
throw new ArgumentNullException("extensionData");
}
MemoryStream memoryStream = new MemoryStream(extensionData, writable: false);
CertificateStatusRequest result = CertificateStatusRequest.Parse(memoryStream);
TlsProtocol.AssertEmpty(memoryStream);
return(result);
}
public static ServerNameList ReadServerNameExtension(byte[] extensionData)
{
if (extensionData == null)
{
throw new ArgumentNullException("extensionData");
}
MemoryStream memoryStream = new MemoryStream(extensionData, writable: false);
ServerNameList result = ServerNameList.Parse(memoryStream);
TlsProtocol.AssertEmpty(memoryStream);
return(result);
}
public static HeartbeatExtension ReadHeartbeatExtension(byte[] extensionData)
{
if (extensionData == null)
{
throw new ArgumentNullException("extensionData");
}
MemoryStream memoryStream = new MemoryStream(extensionData, writable: false);
HeartbeatExtension result = HeartbeatExtension.Parse(memoryStream);
TlsProtocol.AssertEmpty(memoryStream);
return(result);
}
private static void WriteAndRead(TlsProtocol writer, TlsProtocol reader, byte[] data, bool fragment)
{
int dataSize = data.Length;
writer.OfferOutput(data, 0, dataSize);
PumpData(writer, reader, fragment);
Assert.AreEqual(dataSize, reader.GetAvailableInputBytes());
byte[] readData = new byte[dataSize];
reader.ReadInput(readData, 0, dataSize);
AssertArrayEquals(data, readData);
}
public static byte[] ReadSrpExtension(byte[] extensionData)
{
if (extensionData == null)
{
throw new ArgumentNullException("extensionData");
}
MemoryStream memoryStream = new MemoryStream(extensionData, writable: false);
byte[] result = TlsUtilities.ReadOpaque8(memoryStream);
TlsProtocol.AssertEmpty(memoryStream);
return(result);
}
protected virtual void ReceiveClientKeyExchangeMessage(MemoryStream buf)
{
mKeyExchange.ProcessClientKeyExchange(buf);
TlsProtocol.AssertEmpty(buf);
mPrepareFinishHash = mRecordStream.PrepareToFinish();
mSecurityParameters.sessionHash = TlsProtocol.GetCurrentPrfHash(Context, mPrepareFinishHash, null);
TlsProtocol.EstablishMasterSecret(Context, mKeyExchange);
mRecordStream.SetPendingConnectionState(Peer.GetCompression(), Peer.GetCipher());
if (!mExpectSessionTicket)
{
SendChangeCipherSpecMessage();
}
}
internal void WriteToRecordStream(TlsProtocol protocol)
{
long num = Length - 4;
TlsUtilities.CheckUint24(num);
Position = 1L;
TlsUtilities.WriteUint24((int)num, this);
byte[] buffer = GetBuffer();
int len = (int)Length;
protocol.WriteHandshakeMessage(buffer, 0, len);
Platform.Dispose(this);
}
public SimpleSocketTcpSslClient(X509Certificate2 certificate, TlsProtocol tls = TlsProtocol.Tls12, bool acceptInvalidCertificates = true, bool mutualAuth = false) : base()
{
if (certificate == null)
{
throw new ArgumentNullException(nameof(certificate));
}
_sslCertificate = certificate;
_tlsProtocol = tls;
AcceptInvalidCertificates = acceptInvalidCertificates;
MutualAuthentication = mutualAuth;
}
/// <exception cref="IOException"/>
protected virtual void ProcessFinished(byte[] body, byte[] expected_verify_data)
{
MemoryStream buf = new MemoryStream(body, false);
byte[] verify_data = TlsUtilities.ReadFully(expected_verify_data.Length, buf);
TlsProtocol.AssertEmpty(buf);
if (!Arrays.ConstantTimeAreEqual(expected_verify_data, verify_data))
{
throw new TlsFatalAlert(AlertDescription.handshake_failure);
}
}
protected virtual Certificate ProcessServerCertificate(ClientHandshakeState state, byte[] body)
{
MemoryStream buf = new MemoryStream(body, false);
Certificate serverCertificate = Certificate.Parse(buf);
TlsProtocol.AssertEmpty(buf);
state.keyExchange.ProcessServerCertificate(serverCertificate);
state.authentication = state.client.GetAuthentication();
state.authentication.NotifyServerCertificate(serverCertificate);
return(serverCertificate);
}
public Builder SetServerExtensions(IDictionary serverExtensions)
{
if (serverExtensions == null)
{
mEncodedServerExtensions = null;
}
else
{
MemoryStream buf = new MemoryStream();
TlsProtocol.WriteExtensions(buf, serverExtensions);
mEncodedServerExtensions = buf.ToArray();
}
return(this);
}
protected virtual void ProcessCertificateVerify(ServerHandshakeState state, byte[] body, TlsHandshakeHash prepareFinishHash)
{
if (state.certificateRequest == null)
{
throw new InvalidOperationException();
}
MemoryStream buf = new MemoryStream(body, false);
TlsServerContextImpl context = state.serverContext;
DigitallySigned clientCertificateVerify = DigitallySigned.Parse(context, buf);
TlsProtocol.AssertEmpty(buf);
// Verify the CertificateVerify message contains a correct signature.
try
{
SignatureAndHashAlgorithm signatureAlgorithm = clientCertificateVerify.Algorithm;
byte[] hash;
if (TlsUtilities.IsTlsV12(context))
{
TlsUtilities.VerifySupportedSignatureAlgorithm(state.certificateRequest.SupportedSignatureAlgorithms, signatureAlgorithm);
hash = prepareFinishHash.GetFinalHash(signatureAlgorithm.Hash);
}
else
{
hash = context.SecurityParameters.SessionHash;
}
X509CertificateStructure x509Cert = state.clientCertificate.GetCertificateAt(0);
SubjectPublicKeyInfo keyInfo = x509Cert.SubjectPublicKeyInfo;
AsymmetricKeyParameter publicKey = PublicKeyFactory.CreateKey(keyInfo);
TlsSigner tlsSigner = TlsUtilities.CreateTlsSigner((byte)state.clientCertificateType);
tlsSigner.Init(context);
if (!tlsSigner.VerifyRawSignature(signatureAlgorithm, clientCertificateVerify.Signature, publicKey, hash))
{
throw new TlsFatalAlert(AlertDescription.decrypt_error);
}
}
catch (TlsFatalAlert e)
{
throw e;
}
catch (Exception e)
{
throw new TlsFatalAlert(AlertDescription.decrypt_error, e);
}
}
/// <exception cref="IOException"></exception>
public static CertificateStatusRequest ReadStatusRequestExtension(byte[] extensionData)
{
if (extensionData == null)
{
throw new ArgumentNullException("extensionData");
}
MemoryStream buf = new MemoryStream(extensionData, false);
CertificateStatusRequest statusRequest = CertificateStatusRequest.Parse(buf);
TlsProtocol.AssertEmpty(buf);
return(statusRequest);
}
/// <exception cref="IOException"></exception>
public static ServerNameList ReadServerNameExtension(byte[] extensionData)
{
if (extensionData == null)
{
throw new ArgumentNullException("extensionData");
}
MemoryStream buf = new MemoryStream(extensionData, false);
ServerNameList serverNameList = ServerNameList.Parse(buf);
TlsProtocol.AssertEmpty(buf);
return(serverNameList);
}
/// <exception cref="IOException"></exception>
public static HeartbeatExtension ReadHeartbeatExtension(byte[] extensionData)
{
if (extensionData == null)
{
throw new ArgumentNullException("extensionData");
}
MemoryStream buf = new MemoryStream(extensionData, false);
HeartbeatExtension heartbeatExtension = HeartbeatExtension.Parse(buf);
TlsProtocol.AssertEmpty(buf);
return(heartbeatExtension);
}
public static byte[] ReadSrpExtension(byte[] extensionData)
{
if (extensionData == null)
{
throw new ArgumentNullException("extensionData");
}
MemoryStream buf = new MemoryStream(extensionData, false);
byte[] identity = TlsUtilities.ReadOpaque8(buf);
TlsProtocol.AssertEmpty(buf);
return(identity);
}
public static byte[] ReadNegotiatedDheGroupsClientExtension(byte[] extensionData)
{
if (extensionData == null)
{
throw new ArgumentNullException("extensionData");
}
MemoryStream memoryStream = new MemoryStream(extensionData, writable: false);
byte b = TlsUtilities.ReadUint8(memoryStream);
if (b < 1)
{
throw new TlsFatalAlert(50);
}
byte[] result = TlsUtilities.ReadUint8Array(b, memoryStream);
TlsProtocol.AssertEmpty(memoryStream);
return(result);
}
public static int[] ReadSupportedEllipticCurvesExtension(byte[] extensionData)
{
if (extensionData == null)
{
throw new ArgumentNullException("extensionData");
}
MemoryStream memoryStream = new MemoryStream(extensionData, writable: false);
int num = TlsUtilities.ReadUint16(memoryStream);
if (num < 2 || (num & 1) != 0)
{
throw new TlsFatalAlert(50);
}
int[] result = TlsUtilities.ReadUint16Array(num / 2, memoryStream);
TlsProtocol.AssertEmpty(memoryStream);
return(result);
}
protected virtual void ProcessCertificateRequest(ClientHandshakeState state, byte[] body)
{
if (state.authentication == null)
{
/*
* RFC 2246 7.4.4. It is a fatal handshake_failure alert for an anonymous server to
* request client identification.
*/
throw new TlsFatalAlert(AlertDescription.handshake_failure);
}
MemoryStream buf = new MemoryStream(body, false);
state.certificateRequest = CertificateRequest.Parse(state.clientContext, buf);
TlsProtocol.AssertEmpty(buf);
state.keyExchange.ValidateCertificateRequest(state.certificateRequest);
}
/// <summary>
/// Constructor
/// </summary>
/// <param name="certificate"></param>
/// <param name="password"></param>
/// <param name="tlsProtocol"></param>
/// <param name="acceptInvalidCertificates"></param>
public AsyncSocketSslListener(string certificate, string password, TlsProtocol tlsProtocol = TlsProtocol.Tls12, bool acceptInvalidCertificates = true) : base()
{
if (string.IsNullOrEmpty(certificate))
{
throw new ArgumentNullException(nameof(certificate));
}
AcceptInvalidCertificates = acceptInvalidCertificates;
_tlsProtocol = tlsProtocol;
if (string.IsNullOrEmpty(password))
{
_serverCertificate = new X509Certificate2(File.ReadAllBytes(Path.GetFullPath(certificate)));
}
else
{
_serverCertificate = new X509Certificate2(File.ReadAllBytes(Path.GetFullPath(certificate)), password);
}
}
private static void CheckClosed(TlsProtocol protocol)
{
Assert.IsTrue(protocol.IsClosed);
try
{
protocol.OfferInput(new byte[10]);
Assert.Fail("Input was accepted after close");
}
catch (IOException)
{
}
try
{
protocol.OfferOutput(new byte[10], 0, 10);
Assert.Fail("Output was accepted after close");
}
catch (IOException)
{
}
}
