SecurityStatus EncodeHandshakeRecord(HandshakeMessage message, TlsMultiBuffer output)
{
var bytes = EncodeHandshakeRecord(message);
output.Add(bytes);
return(message.Type == HandshakeType.Finished ? SecurityStatus.OK : SecurityStatus.ContinueNeeded);
}
public SecurityStatus GenerateNextToken(TlsBuffer incoming, TlsMultiBuffer outgoing)
{
try {
CheckValid();
return(_GenerateNextToken(incoming, outgoing));
} catch (TlsException ex) {
LastError = ex;
var alert = CreateAlert(ex.Alert);
outgoing.Add(alert);
Clear();
return(SecurityStatus.ContextExpired);
} catch {
Clear();
throw;
}
}
public SecurityStatus GenerateNextToken(TlsBuffer incoming, TlsMultiBuffer outgoing)
{
try {
CheckValid();
return(_GenerateNextToken(incoming, outgoing));
} catch (TlsException ex) {
var alert = OnError(ex);
if (alert != null)
{
outgoing.Add(alert);
}
Clear();
return(SecurityStatus.ContextExpired);
} catch {
Clear();
throw;
}
}
SecurityStatus _GenerateNextToken(TlsBuffer incoming, TlsMultiBuffer outgoing)
{
#if DEBUG_FULL
if (EnableDebugging)
{
DebugHelper.WriteLine("GenerateNextToken: {0}", negotiationHandler);
if (incoming != null)
{
DebugHelper.WriteRemaining(" incoming", incoming);
}
}
#endif
if (incoming == null)
{
negotiationHandler = negotiationHandler.GenerateReply(outgoing);
return(SecurityStatus.ContinueNeeded);
}
var contentType = (ContentType)incoming.ReadByte();
#if DEBUG_FULL
if (EnableDebugging)
{
DebugHelper.WriteLine(" received message type {0}", contentType);
}
#endif
if (skipToOffset >= 0 && contentType != ContentType.Handshake)
{
throw new TlsException(AlertDescription.InternalError);
}
if (contentType == ContentType.Alert)
{
return(ProcessAlert(incoming));
}
bool decrypted = false;
if (cachedFragment != null)
{
if (contentType != ContentType.Handshake)
{
throw new TlsException(AlertDescription.DecodeError);
}
decrypted = ReadStandardBuffer(ContentType.Handshake, ref incoming);
cachedFragment.Write(incoming.Buffer, incoming.Position, incoming.Position + incoming.Remaining);
if (cachedFragment.Remaining > 0)
{
return(SecurityStatus.ContinueNeeded);
}
incoming.Dispose();
incoming = cachedFragment;
cachedFragment = null;
incoming.Position = 0;
}
else
{
decrypted = ReadStandardBuffer(contentType, ref incoming);
}
if (Session.Read != null && Session.Read.Cipher != null && !decrypted)
{
throw new TlsException(AlertDescription.DecryptError, "Expected encrypted message.");
}
try {
if (contentType == ContentType.ChangeCipherSpec)
{
return(negotiationHandler.ProcessMessage(new TlsChangeCipherSpec()));
}
else if (contentType == ContentType.ApplicationData)
{
if (session.Read == null || session.Read.Cipher == null || !session.SecureRenegotiation)
{
throw new TlsException(AlertDescription.DecodeError);
}
// FIXME
throw new NotImplementedException();
}
else if (contentType != ContentType.Handshake)
{
throw new TlsException(AlertDescription.UnexpectedMessage);
}
if (skipToOffset >= 0)
{
incoming.Position = skipToOffset;
skipToOffset = -1;
}
SecurityStatus result;
bool finished;
while (true)
{
var startOffset = incoming.Position;
finished = ProcessHandshakeMessage(incoming, out result);
if (result == SecurityStatus.CredentialsNeeded)
{
// Caller will call us again with the same input.
skipToOffset = startOffset;
if (decrypted)
{
Session.Read.ReadSequenceNumber--;
}
return(result);
}
if (incoming.Remaining == 0)
{
break;
}
if (finished || result != SecurityStatus.ContinueNeeded)
{
throw new TlsException(AlertDescription.UnexpectedMessage);
}
}
if (finished)
{
negotiationHandler = negotiationHandler.GenerateReply(outgoing);
}
return(result);
} finally {
if (decrypted)
{
incoming.Dispose();
}
}
}
int XITlsContext.GenerateNextToken(TlsBuffer incoming, TlsMultiBuffer outgoing)
{
return((int)GenerateNextToken(incoming, outgoing));
}