public void Serialise(Stream stream, Version version)
{
stream.WriteByte((byte)CertificateTypes.Count);
foreach (TClientCertificateType item in CertificateTypes)
{
stream.WriteByte((byte)item);
}
if (version >= DTLSRecord.Version1_2)
{
NetworkByteOrderConverter.WriteUInt16(stream, (ushort)(SupportedAlgorithms.Count * 2));
foreach (SignatureHashAlgorithm item in SupportedAlgorithms)
{
stream.WriteByte((byte)item.Hash);
stream.WriteByte((byte)item.Signature);
}
}
ushort certificateAuthoritiesSize = 0;
if (CertificateAuthorities.Count > 0)
{
foreach (byte[] item in CertificateAuthorities)
{
certificateAuthoritiesSize += (ushort)item.Length;
}
}
NetworkByteOrderConverter.WriteUInt16(stream, certificateAuthoritiesSize);
if (CertificateAuthorities.Count > 0)
{
foreach (byte[] item in CertificateAuthorities)
{
NetworkByteOrderConverter.WriteUInt16(stream, (ushort)item.Length);
stream.Write(item, 0, item.Length);
}
}
}
public byte[] Serialise()
{
byte[] result = new byte[32];
NetworkByteOrderConverter.WriteUInt32(result, 0, _UnixTime);
Array.Copy(_RandomBytes, 0, result, 4, 28);
return(result);
}
public static Extensions Deserialise(Stream stream, bool client)
{
if (stream == null)
{
throw new ArgumentNullException(nameof(stream));
}
Extensions result = null;
if (stream.Position < stream.Length)
{
result = new Extensions();
var length = NetworkByteOrderConverter.ToUInt16(stream);
if (length > 0)
{
var extension = Extension.Deserialise(stream, client);
while (extension != null)
{
result.Add(extension);
extension = Extension.Deserialise(stream, client);
}
}
}
return(result);
}
public void Serialise(Stream stream, Version version)
{
int totalLength = CalculateSize(version);
NetworkByteOrderConverter.WriteInt24(stream, totalLength - 3);
switch (_CertificateType)
{
case TCertificateType.X509:
if (_CertChain != null)
{
foreach (byte[] item in _CertChain)
{
NetworkByteOrderConverter.WriteInt24(stream, item.Length);
stream.Write(item, 0, item.Length);
}
}
break;
case TCertificateType.OpenPGP:
break;
case TCertificateType.RawPublicKey:
break;
case TCertificateType.Unknown:
break;
default:
break;
}
}
public static ECDHEServerKeyExchange Deserialise(System.IO.Stream stream, Version version)
{
ECDHEServerKeyExchange result = new ECDHEServerKeyExchange();
result._EllipticCurveType = (TEllipticCurveType)stream.ReadByte();
result._EllipticCurve = (TEllipticCurve)NetworkByteOrderConverter.ToUInt16(stream);
int length = stream.ReadByte();
if (length > 0)
{
result._PublicKeyBytes = new byte[length];
stream.Read(result._PublicKeyBytes, 0, length);
}
if (version >= DTLSRecord.Version1_2)
{
result._HashAlgorithm = (THashAlgorithm)stream.ReadByte();
result._SignatureAlgorithm = (TSignatureAlgorithm)stream.ReadByte();
}
int signatureLength = NetworkByteOrderConverter.ToUInt16(stream);
if (signatureLength > 0)
{
result._Signature = new byte[signatureLength];
stream.Read(result._Signature, 0, signatureLength);
}
return(result);
}
public static DTLSRecord Deserialise(Stream stream)
{
DTLSRecord result = new DTLSRecord
{
_RecordType = (TRecordType)stream.ReadByte(),
// could check here for a valid type, and bail out if invalid
_Version = new Version(255 - stream.ReadByte(), 255 - stream.ReadByte()),
_Epoch = NetworkByteOrderConverter.ToUInt16(stream),
_SequenceNumber = NetworkByteOrderConverter.ToInt48(stream),
_Length = NetworkByteOrderConverter.ToUInt16(stream)
};
if (result._Length > 0)
{
result._Fragment = new byte[result._Length];
int length = stream.Read(result._Fragment, 0, result._Length);
while (length < result._Length)
{
int bytesRead = stream.Read(result._Fragment, length, result._Length - length);
if (bytesRead > 0)
{
length += bytesRead;
}
else
{
break;
}
}
}
return(result);
}
public static Certificate Deserialise(Stream stream, TCertificateType certificateType)
{
Certificate result = new Certificate();
int certificateChainLength = NetworkByteOrderConverter.ToInt24(stream);
if (certificateChainLength > 0)
{
result._CertificateType = certificateType;
if (certificateType == TCertificateType.X509)
{
result._CertChain = new List <byte[]>();
while (certificateChainLength > 0)
{
int certificateLength = NetworkByteOrderConverter.ToInt24(stream);
byte[] certificate = new byte[certificateLength];
stream.Read(certificate, 0, certificateLength);
result._CertChain.Add(certificate);
certificateChainLength = certificateChainLength - certificateLength - 3;
}
}
else
{
}
}
return(result);
}
public byte[] CalculateCookie(EndPoint remoteEndPoint, byte[] secret)
{
if (remoteEndPoint == null)
{
throw new ArgumentNullException(nameof(remoteEndPoint));
}
if (secret == null)
{
throw new ArgumentNullException(nameof(secret));
}
//Cookie = HMAC(Secret, Client-IP, Client-Parameters)
//(version, random, session_id, cipher_suites, compression_method)
var result = new byte[32];
var socketAddress = remoteEndPoint.Serialize();
var socketAddressSize = socketAddress.Size;
var message = new byte[socketAddressSize + 34];
for (var index = 0; index < socketAddressSize; index++)
{
message[0] = socketAddress[index];
}
NetworkByteOrderConverter.WriteUInt32(message, socketAddressSize, this.Random.UnixTime);
Buffer.BlockCopy(this.Random.RandomBytes, 0, message, socketAddressSize + 4, 28);
var hmac = new HMACSHA256(secret);
var hash = hmac.ComputeHash(message);
Buffer.BlockCopy(hash, 0, result, 0, 32);
return(result);
}
public static CertificateVerify Deserialise(Stream stream, Version version)
{
if (stream == null)
{
throw new ArgumentNullException(nameof(stream));
}
if (version == null)
{
throw new ArgumentNullException(nameof(version));
}
var result = new CertificateVerify();
if (version > DTLSRecord.Version1_0)
{
var hash = (THashAlgorithm)stream.ReadByte();
var signature = (TSignatureAlgorithm)stream.ReadByte();
result.SignatureHashAlgorithm = new SignatureHashAlgorithm()
{
Hash = hash, Signature = signature
};
}
var length = NetworkByteOrderConverter.ToUInt16(stream);
if (length > 0)
{
result.Signature = new byte[length];
stream.Read(result.Signature, 0, length);
}
return(result);
}
public void Serialise(Stream stream, Version version)
{
if (stream == null)
{
throw new ArgumentNullException(nameof(stream));
}
if (version == null)
{
throw new ArgumentNullException(nameof(version));
}
if (version > DTLSRecord.Version1_0)
{
stream.WriteByte((byte)this.SignatureHashAlgorithm.Hash);
stream.WriteByte((byte)this.SignatureHashAlgorithm.Signature);
}
if (this.Signature == null)
{
NetworkByteOrderConverter.WriteUInt16(stream, 0);
}
else
{
NetworkByteOrderConverter.WriteUInt16(stream, (ushort)this.Signature.Length);
stream.Write(this.Signature, 0, this.Signature.Length);
}
}
public static RandomData Deserialise(Stream stream)
{
RandomData result = new RandomData();
result._UnixTime = NetworkByteOrderConverter.ToUInt32(stream);
stream.Read(result._RandomBytes, 0, 28);
return(result);
}
public void Serialise(Stream stream)
{
stream.WriteByte((byte)this.MessageType);
NetworkByteOrderConverter.WriteUInt24(stream, this.Length);
NetworkByteOrderConverter.WriteUInt16(stream, this.MessageSeq);
NetworkByteOrderConverter.WriteUInt24(stream, this.FragmentOffset);
NetworkByteOrderConverter.WriteUInt24(stream, this.FragmentLength);
}
public void Serialise(System.IO.Stream stream)
{
stream.WriteByte((byte)_MessageType);
NetworkByteOrderConverter.WriteUInt24(stream, _Length);
NetworkByteOrderConverter.WriteUInt16(stream, _MessageSeq);
NetworkByteOrderConverter.WriteUInt24(stream, _FragmentOffset);
NetworkByteOrderConverter.WriteUInt24(stream, _FragmentLength);
}
public static CertificateRequest Deserialise(Stream stream, Version version)
{
if (stream == null)
{
throw new ArgumentNullException(nameof(stream));
}
if (version == null)
{
throw new ArgumentNullException(nameof(version));
}
var result = new CertificateRequest();
var certificateTypeCount = stream.ReadByte();
if (certificateTypeCount > 0)
{
for (var index = 0; index < certificateTypeCount; index++)
{
result.CertificateTypes.Add((TClientCertificateType)stream.ReadByte());
}
}
if (version >= DTLSRecord.Version1_2)
{
var length = NetworkByteOrderConverter.ToUInt16(stream);
var supportedAlgorithmsLength = (ushort)(length / 2);
if (supportedAlgorithmsLength > 0)
{
for (uint index = 0; index < supportedAlgorithmsLength; index++)
{
var hash = (THashAlgorithm)stream.ReadByte();
var signature = (TSignatureAlgorithm)stream.ReadByte();
result.SupportedAlgorithms.Add(new SignatureHashAlgorithm()
{
Hash = hash, Signature = signature
});
}
}
}
var certificateAuthoritiesLength = NetworkByteOrderConverter.ToUInt16(stream);
if (certificateAuthoritiesLength > 0)
{
var read = 0;
while (certificateAuthoritiesLength > read)
{
var distinguishedNameLength = NetworkByteOrderConverter.ToUInt16(stream);
read += (2 + distinguishedNameLength);
var distinguishedName = new byte[distinguishedNameLength];
stream.Read(distinguishedName, 0, distinguishedNameLength);
result.CertificateAuthorities.Add(distinguishedName);
}
}
return(result);
}
internal static byte[] GetPSKPreMasterSecret(byte[] otherSecret, byte[] psk)
{
byte[] result = new byte[4 + otherSecret.Length + psk.Length];
NetworkByteOrderConverter.WriteUInt16(result, 0, (ushort)otherSecret.Length);
Buffer.BlockCopy(otherSecret, 0, result, 2, otherSecret.Length);
NetworkByteOrderConverter.WriteUInt16(result, 2 + otherSecret.Length, (ushort)psk.Length);
Buffer.BlockCopy(psk, 0, result, 4 + otherSecret.Length, psk.Length);
return(result);
}
public void Serialise(Stream stream)
{
if (stream == null)
{
throw new ArgumentNullException(nameof(stream));
}
NetworkByteOrderConverter.WriteUInt32(stream, this.UnixTime);
stream.Write(this.RandomBytes, 0, 28);
}
public static HandshakeRecord Deserialise(System.IO.Stream stream)
{
HandshakeRecord result = new HandshakeRecord();
result._MessageType = (THandshakeType)stream.ReadByte();
result._Length = NetworkByteOrderConverter.ToUInt24(stream);
result._MessageSeq = NetworkByteOrderConverter.ToUInt16(stream);
result._FragmentOffset = NetworkByteOrderConverter.ToUInt24(stream);
result._FragmentLength = NetworkByteOrderConverter.ToUInt24(stream);
return(result);
}
public static ClientCertificateTypeExtension Deserialise(Stream stream, bool client)
{
ClientCertificateTypeExtension result = new ClientCertificateTypeExtension();
ushort length = NetworkByteOrderConverter.ToUInt16(stream);
if (length > 0)
{
result._CertificateTypes = new byte[length];
stream.Read(result._CertificateTypes, 0, length);
}
return(result);
}
public ECDHEPSKServerKeyExchange(ECDHEKeyExchange keyExchange)
{
_EllipticCurveType = TEllipticCurveType.NamedCurve;
_EllipticCurve = keyExchange.Curve;
System.IO.MemoryStream stream = new System.IO.MemoryStream();
stream.WriteByte((byte)_EllipticCurveType);
NetworkByteOrderConverter.WriteUInt16(stream, (ushort)_EllipticCurve);
byte[] pointEncoded = keyExchange.PublicKey.Q.GetEncoded(false);
stream.WriteByte((byte)pointEncoded.Length);
stream.Write(pointEncoded, 0, pointEncoded.Length);
_ServerParams = stream.ToArray();
}
public void Serialise(System.IO.Stream stream, Version version)
{
if (_PSKIdentity == null)
{
NetworkByteOrderConverter.WriteUInt16(stream, 0);
}
else
{
NetworkByteOrderConverter.WriteUInt16(stream, (ushort)_PSKIdentity.Length);
stream.Write(_PSKIdentity, 0, _PSKIdentity.Length);
}
}
public static PSKClientKeyExchange Deserialise(System.IO.Stream stream)
{
PSKClientKeyExchange result = null;
ushort pskIdentityLength = NetworkByteOrderConverter.ToUInt16(stream);
if (pskIdentityLength > 0)
{
result = new PSKClientKeyExchange();
result._PSKIdentity = new byte[pskIdentityLength];
stream.Read(result._PSKIdentity, 0, pskIdentityLength);
}
return(result);
}
public static PSKServerKeyExchange Deserialise(System.IO.Stream stream, Version version)
{
PSKServerKeyExchange result = new PSKServerKeyExchange();
int pdkIdentityHintLenth = NetworkByteOrderConverter.ToUInt16(stream);
if (pdkIdentityHintLenth > 0)
{
result._PSKIdentityHint = new byte[pdkIdentityHintLenth];
stream.Read(result._PSKIdentityHint, 0, pdkIdentityHintLenth);
}
return(result);
}
public void Serialise(Stream stream)
{
stream.WriteByte((byte)_RecordType);
stream.WriteByte((byte)(255 - _Version.Major));
stream.WriteByte((byte)(255 - _Version.Minor));
NetworkByteOrderConverter.WriteUInt16(stream, _Epoch);
NetworkByteOrderConverter.WriteInt48(stream, _SequenceNumber);
NetworkByteOrderConverter.WriteUInt16(stream, _Length);
if (_Length > 0)
{
stream.Write(_Fragment, 0, _Length);
}
}
public static HandshakeRecord Deserialise(Stream stream)
{
var result = new HandshakeRecord
{
MessageType = (THandshakeType)stream.ReadByte(),
Length = NetworkByteOrderConverter.ToUInt24(stream),
MessageSeq = NetworkByteOrderConverter.ToUInt16(stream),
FragmentOffset = NetworkByteOrderConverter.ToUInt24(stream),
FragmentLength = NetworkByteOrderConverter.ToUInt24(stream)
};
return(result);
}
public void Serialise(Stream stream, Version version)
{
if (stream == null)
{
throw new ArgumentNullException(nameof(stream));
}
stream.WriteByte((byte)(255 - this.ClientVersion.Major));
stream.WriteByte((byte)(255 - this.ClientVersion.Minor));
this.Random.Serialise(stream);
if (this.SessionID == null)
{
stream.WriteByte(0);
}
else
{
stream.WriteByte((byte)this.SessionID.Length);
stream.Write(this.SessionID, 0, this.SessionID.Length);
}
if (this.Cookie == null)
{
stream.WriteByte(0);
}
else
{
stream.WriteByte((byte)this.Cookie.Length);
stream.Write(this.Cookie, 0, this.Cookie.Length);
}
if (this.CipherSuites.Length > 0)
{
NetworkByteOrderConverter.WriteUInt16(stream, (ushort)(this.CipherSuites.Length * 2));
for (var index = 0; index < this.CipherSuites.Length; index++)
{
NetworkByteOrderConverter.WriteUInt16(stream, this.CipherSuites[index]);
}
}
stream.WriteByte((byte)this.CompressionMethods.Length);
stream.Write(this.CompressionMethods, 0, this.CompressionMethods.Length);
if (this.Extensions == null)
{
NetworkByteOrderConverter.WriteUInt16(stream, 0);
}
else
{
this.Extensions.Serialise(stream);
}
}
public void Serialise(System.IO.Stream stream)
{
uint length = 0;
foreach (Extension item in this)
{
length += (uint)item.CalculateSize();
}
NetworkByteOrderConverter.WriteUInt16(stream, (ushort)length);
foreach (Extension item in this)
{
item.Serialise(stream);
}
}
public void Serialise(Stream stream, Version version)
{
stream.WriteByte((byte)SignatureHashAlgorithm.Hash);
stream.WriteByte((byte)SignatureHashAlgorithm.Signature);
if (Signature == null)
{
NetworkByteOrderConverter.WriteUInt16(stream, (ushort)0);
}
else
{
NetworkByteOrderConverter.WriteUInt16(stream, (ushort)Signature.Length);
stream.Write(Signature, 0, Signature.Length);
}
}
public static ClientHello Deserialise(Stream stream)
{
if (stream == null)
{
throw new ArgumentNullException(nameof(stream));
}
var result = new ClientHello
{
ClientVersion = new Version(255 - stream.ReadByte(), 255 - stream.ReadByte()),
Random = RandomData.Deserialise(stream)
};
var length = stream.ReadByte();
if (length > 0)
{
result.SessionID = new byte[length];
stream.Read(result.SessionID, 0, length);
}
length = stream.ReadByte();
if (length > 0)
{
result.Cookie = new byte[length];
stream.Read(result.Cookie, 0, length);
}
var cipherSuitesLength = (ushort)(NetworkByteOrderConverter.ToUInt16(stream) / 2);
if (cipherSuitesLength > 0)
{
result.CipherSuites = new ushort[cipherSuitesLength];
for (uint index = 0; index < cipherSuitesLength; index++)
{
result.CipherSuites[index] = NetworkByteOrderConverter.ToUInt16(stream);
}
}
length = stream.ReadByte();
if (length > 0)
{
result.CompressionMethods = new byte[length];
stream.Read(result.CompressionMethods, 0, length);
}
result.Extensions = Extensions.Deserialise(stream, true);
return(result);
}
public static EllipticCurvesExtension Deserialise(Stream stream)
{
EllipticCurvesExtension result = new EllipticCurvesExtension();
ushort length = NetworkByteOrderConverter.ToUInt16(stream);
ushort supportedCurvesLength = (ushort)(length / 2);
if (supportedCurvesLength > 0)
{
for (uint index = 0; index < supportedCurvesLength; index++)
{
result.SupportedCurves.Add((TEllipticCurve)NetworkByteOrderConverter.ToUInt16(stream));
}
}
return(result);
}
public void Serialise(System.IO.Stream stream)
{
NetworkByteOrderConverter.WriteUInt16(stream, (ushort)_ExtensionType);
int length = 0;
if (_SpecifcExtension != null)
{
length += _SpecifcExtension.CalculateSize();
}
NetworkByteOrderConverter.WriteUInt16(stream, (ushort)length);
if (_SpecifcExtension != null)
{
_SpecifcExtension.Serialise(stream);
}
}
