private void AddFinished(OutgoingMessageBag outgoingMessages)
{
m_localHash.TransformFinalBlock(EmptyArray <byte> .Instance, 0, 0);
byte[] seed = m_localHash.Hash;
m_localHash.Dispose();
m_localHash = null;
var label = SecurityParameters.Entity == ConnectionEnd.Server ? ServerFinishedLabel : ClientFinshedLabel;
var finishedMessage = new FinishedMessage
{
VerifyData = PRF.Get(SecurityParameters.MasterSecret, label, seed, FinishedMessage.VerifyDataLength)
};
NetMQMessage outgoingMessage = finishedMessage.ToNetMQMessage();
outgoingMessages.AddHandshakeMessage(outgoingMessage);
m_lastSentMessage = HandshakeType.Finished;
if (SecurityParameters.Entity == ConnectionEnd.Client)
{
HashRemote(outgoingMessage);
}
}
private void OnHelloRequest(OutgoingMessageBag outgoingMessages)
{
//客户端根据配置决定握手层版本号
SubProtocolVersion = GetSubProtocol();
var clientHelloMessage = SubProtocolVersion.SequenceEqual(Constants.V3_3) ?
new V0_2.HandshakeMessages.ClientHelloMessage() :
new ClientHelloMessage();
clientHelloMessage.RandomNumber = new byte[RandomNumberLength];
clientHelloMessage.SessionID = SessionID;
m_rng.GetBytes(clientHelloMessage.RandomNumber);
////TODO: 测试
//string random = "5e c2 54 f6 fa cc f1 40 be ec 3b 43 44 1c 72 c3 25 ed 43 7a 5d cf a2 17 33 26 94 48 f7 cb 34 f9";
//clientHelloMessage.RandomNumber = random.ConvertHexToByteArray();
SecurityParameters.ClientRandom = clientHelloMessage.RandomNumber;
clientHelloMessage.CipherSuites = AllowedCipherSuites;
NetMQMessage outgoingMessage = clientHelloMessage.ToNetMQMessage();
HashLocalAndRemote(outgoingMessage);
//第一个record的seqnum从0开始
outgoingMessages.AddHandshakeMessage(outgoingMessage);
m_lastSentMessage = HandshakeType.ClientHello;
}
private void AddServerHelloMessage(OutgoingMessageBag outgoingMessages, CipherSuite[] cipherSuites)
{
var serverHelloMessage = new ServerHelloMessage {
RandomNumber = new byte[RandomNumberLength]
};
m_rng.GetBytes(serverHelloMessage.RandomNumber);
SecurityParameters.ServerRandom = serverHelloMessage.RandomNumber;
// in case there is no match the server will return this default
serverHelloMessage.CipherSuite = CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA;
foreach (var cipherSuite in cipherSuites)
{
if (AllowedCipherSuites.Contains(cipherSuite))
{
serverHelloMessage.CipherSuite = cipherSuite;
SetCipherSuite(cipherSuite);
break;
}
}
NetMQMessage outgoingMessage = serverHelloMessage.ToNetMQMessage();
HashLocalAndRemote(outgoingMessage);
outgoingMessages.AddHandshakeMessage(outgoingMessage);
m_lastSentMessage = HandshakeType.ServerHello;
}
private void AddFinished(OutgoingMessageBag outgoingMessages)
{
m_localHash.TransformFinalBlock(EmptyArray <byte> .Instance, 0, 0);
byte[] seed = m_localHash.Hash;
#if NET40
m_localHash.Dispose();
#endif
m_localHash = null;
var label = SecurityParameters.Entity == ConnectionEnd.Server ? ServerFinishedLabel : ClientFinshedLabel;
var finishedMessage = SubProtocolVersion.SequenceEqual(Constants.V3_3)?
new V0_2.HandshakeMessages.FinishedMessage():
new FinishedMessage();
finishedMessage.VerifyData = PRF.Get(SecurityParameters.MasterSecret, label, seed, FinishedMessage.VerifyDataLength);
#if DEBUG
Debug.WriteLine("[verify_data]:" + BitConverter.ToString(finishedMessage.VerifyData));
#endif
NetMQMessage outgoingMessage = finishedMessage.ToNetMQMessage();
outgoingMessages.AddHandshakeMessage(outgoingMessage);
m_lastSentMessage = HandshakeType.Finished;
if (SecurityParameters.Entity == ConnectionEnd.Client)
{
HashRemote(outgoingMessage);
}
}
private void AddFinished(OutgoingMessageBag outgoingMessages)
{
m_localHash.TransformFinalBlock(new byte[0], 0, 0);
byte[] seed = m_localHash.Hash;
m_localHash.Dispose();
m_localHash = null;
string label;
if (SecurityParameters.Entity == ConnectionEnd.Server)
{
label = ServerFinishedLabel;
}
else
{
label = ClientFinshedLabel;
}
FinishedMessage finishedMessage = new FinishedMessage();
finishedMessage.VerifyData =
PRF.Get(SecurityParameters.MasterSecret, label, seed, FinishedMessage.VerifyDataLength);
NetMQMessage outgoingMessage = finishedMessage.ToNetMQMessage();
outgoingMessages.AddHandshakeMessage(outgoingMessage);
m_lastSentMessage = HandshakeType.Finished;
if (SecurityParameters.Entity == ConnectionEnd.Client)
{
HashRemote(outgoingMessage);
}
}
private void AddServerHelloDone(OutgoingMessageBag outgoingMessages)
{
var serverHelloDoneMessage = new ServerHelloDoneMessage();
NetMQMessage outgoingMessage = serverHelloDoneMessage.ToNetMQMessage();
HashLocalAndRemote(outgoingMessage);
outgoingMessages.AddHandshakeMessage(outgoingMessage);
m_lastSentMessage = HandshakeType.ServerHelloDone;
}
private void AddServerHelloDone(OutgoingMessageBag outgoingMessages)
{
var serverHelloDoneMessage = SubProtocolVersion.SequenceEqual(Constants.V3_3)?
new V0_2.HandshakeMessages.ServerHelloDoneMessage():
new ServerHelloDoneMessage();
NetMQMessage outgoingMessage = serverHelloDoneMessage.ToNetMQMessage();
HashLocalAndRemote(outgoingMessage);
outgoingMessages.AddHandshakeMessage(outgoingMessage);
m_lastSentMessage = HandshakeType.ServerHelloDone;
}
private void AddCertificateMessage(OutgoingMessageBag outgoingMessages)
{
var certificateMessage = new CertificateMessage {
Certificate = LocalCertificate
};
NetMQMessage outgoingMessage = certificateMessage.ToNetMQMessage();
HashLocalAndRemote(outgoingMessage);
outgoingMessages.AddHandshakeMessage(outgoingMessage);
m_lastSentMessage = HandshakeType.Certificate;
}
private void AddCertificateMessage(OutgoingMessageBag outgoingMessages)
{
var certificateMessage = SubProtocolVersion.SequenceEqual(Constants.V3_3)?
new V0_2.HandshakeMessages.CertificateMessage():
new CertificateMessage();
certificateMessage.Certificate = LocalCertificate;
NetMQMessage outgoingMessage = certificateMessage.ToNetMQMessage();
HashLocalAndRemote(outgoingMessage);
outgoingMessages.AddHandshakeMessage(outgoingMessage);
m_lastSentMessage = HandshakeType.Certificate;
}
private void AddServerHelloMessage(OutgoingMessageBag outgoingMessages, CipherSuite[] cipherSuites)
{
var serverHelloMessage = SubProtocolVersion.SequenceEqual(Constants.V3_3)?
new V0_2.HandshakeMessages.ServerHelloMessage():
new ServerHelloMessage();
serverHelloMessage.RandomNumber = new byte[RandomNumberLength];
m_rng.GetBytes(serverHelloMessage.RandomNumber);
////TODO: 测试
//string random = "ae f1 ba 12 3a 54 3c 51 7b 3d 49 87 05 80 6e 67 45 c5 76 77 74 26 01 d9 b9 da 69 79 e2 84 1d 37";
//serverHelloMessage.RandomNumber = random.ConvertHexToByteArray();
SecurityParameters.ServerRandom = serverHelloMessage.RandomNumber;
//客户端没有传sessionid则生成一个新的sessionid
if (this.SessionID.Length == 0)
{
this.SessionID = Encoding.ASCII.GetBytes(Guid.NewGuid().ToString("N"));
}
////TODO: 测试
//this.SessionID = "37 61 36 36 35 64 37 38 36 62 61 36 34 32 62 64 38 36 61 62 32 61 63 39 36 31 35 34 37 34 33 61".ConvertHexToByteArray();
serverHelloMessage.SessionID = this.SessionID;
// in case there is no match the server will return this default
serverHelloMessage.CipherSuite = CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA;
foreach (var cipherSuite in cipherSuites)
{
if (AllowedCipherSuites.Contains(cipherSuite))
{
serverHelloMessage.CipherSuite = cipherSuite;
SetCipherSuite(cipherSuite);
break;
}
}
NetMQMessage outgoingMessage = serverHelloMessage.ToNetMQMessage();
HashLocalAndRemote(outgoingMessage);
outgoingMessages.AddHandshakeMessage(outgoingMessage);
m_lastSentMessage = HandshakeType.ServerHello;
}
private void AddClientKeyExchange(OutgoingMessageBag outgoingMessages)
{
var clientKeyExchangeMessage = SubProtocolVersion.SequenceEqual(Constants.V3_3) ?
new V0_2.HandshakeMessages.ClientKeyExchangeMessage() :
new ClientKeyExchangeMessage();
//struct {
// ProtocolVersion client_version;
// opaque random[46];
//}PreMasterSecret;
var premasterSecret = new byte[ClientKeyExchangeMessage.PreMasterSecretLength];
// The version number in the PreMasterSecret is the version
// offered by the client in the ClientHello.client_version, not the
// version negotiated for the connection. This feature is designed to
// prevent rollback attacks.Unfortunately, some old implementations
// use the negotiated version instead, and therefore checking the
// version number may lead to failure to interoperate with such
// incorrect client implementations.
// Client implementations MUST always send the correct version number in
// PreMasterSecret.If ClientHello.client_version is TLS 1.1 or higher,
// server implementations MUST check the version number as described in
// the note below.If the version number is TLS 1.0 or earlier, server
// implementations SHOULD check the version number, but MAY have a
// configuration option to disable the check.
premasterSecret[0] = 3;
premasterSecret[1] = 3;
byte[] random = new byte[46];
m_rng.GetBytes(random);
Buffer.BlockCopy(random, 0, premasterSecret, 2, random.Length);
////TODO :测试
//premasterSecret = "03-03-11-41-D4-8F-8C-62-6F-31-12-40-D8-1D-F3-1C-8C-E3-6D-2F-0E-87-C6-DA-D1-17-96-CF-91-CD-EC-DB-F9-B5-52-FB-66-B6-E6-EB-65-71-1F-7A-05-25-0B-03".ConvertHexToByteArray('-');
var rsa = RemoteCertificate.PublicKey.Key as RSACryptoServiceProvider;
clientKeyExchangeMessage.EncryptedPreMasterSecret = rsa.Encrypt(premasterSecret, false);
GenerateMasterSecret(premasterSecret);
NetMQMessage outgoingMessage = clientKeyExchangeMessage.ToNetMQMessage();
HashLocalAndRemote(outgoingMessage);
outgoingMessages.AddHandshakeMessage(outgoingMessage);
m_lastSentMessage = HandshakeType.ClientKeyExchange;
}
private void OnHelloRequest(OutgoingMessageBag outgoingMessages)
{
ClientHelloMessage clientHelloMessage = new ClientHelloMessage();
clientHelloMessage.RandomNumber = new byte[RandomNumberLength];
m_rng.GetBytes(clientHelloMessage.RandomNumber);
SecurityParameters.ClientRandom = clientHelloMessage.RandomNumber;
clientHelloMessage.CipherSuites = AllowedCipherSuites;
NetMQMessage outgoingMessage = clientHelloMessage.ToNetMQMessage();
HashLocalAndRemote(outgoingMessage);
outgoingMessages.AddHandshakeMessage(outgoingMessage);
m_lastSentMessage = HandshakeType.ClientHello;
}
private void AddClientKeyExchange(OutgoingMessageBag outgoingMessages)
{
ClientKeyExchangeMessage clientKeyExchangeMessage = new ClientKeyExchangeMessage();
byte[] premasterSecret = new byte[ClientKeyExchangeMessage.PreMasterSecretLength];
m_rng.GetBytes(premasterSecret);
RSACryptoServiceProvider rsa = RemoteCertificate.PublicKey.Key as RSACryptoServiceProvider;
clientKeyExchangeMessage.EncryptedPreMasterSecret = rsa.Encrypt(premasterSecret, false);
GenerateMasterSecret(premasterSecret);
NetMQMessage outgoingMessage = clientKeyExchangeMessage.ToNetMQMessage();
HashLocalAndRemote(outgoingMessage);
outgoingMessages.AddHandshakeMessage(outgoingMessage);
m_lastSentMessage = HandshakeType.ClientKeyExchange;
}
private void AddClientKeyExchange(OutgoingMessageBag outgoingMessages)
{
var clientKeyExchangeMessage = new ClientKeyExchangeMessage();
var premasterSecret = new byte[ClientKeyExchangeMessage.PreMasterSecretLength];
m_rng.GetBytes(premasterSecret);
using (var rsa = RemoteCertificate.GetRSAPublicKey()) // .PublicKey.Key as RSA; //RSACryptoServiceProvider;
{
clientKeyExchangeMessage.EncryptedPreMasterSecret = rsa.Encrypt(premasterSecret, RSAEncryptionPadding.Pkcs1); // false);
}
GenerateMasterSecret(premasterSecret);
NetMQMessage outgoingMessage = clientKeyExchangeMessage.ToNetMQMessage();
HashLocalAndRemote(outgoingMessage);
outgoingMessages.AddHandshakeMessage(outgoingMessage);
m_lastSentMessage = HandshakeType.ClientKeyExchange;
}
private void OnHelloRequest(OutgoingMessageBag outgoingMessages)
{
ClientHelloMessage clientHelloMessage = new ClientHelloMessage();
clientHelloMessage.RandomNumber = new byte[RandomNumberLength];
m_rng.GetBytes(clientHelloMessage.RandomNumber);
SecurityParameters.ClientRandom = clientHelloMessage.RandomNumber;
clientHelloMessage.CipherSuites = AllowedCipherSuites;
NetMQMessage outgoingMessage = clientHelloMessage.ToNetMQMessage();
HashLocalAndRemote(outgoingMessage);
outgoingMessages.AddHandshakeMessage(outgoingMessage);
m_lastSentMessage = HandshakeType.ClientHello;
}
private void AddServerHelloMessage(OutgoingMessageBag outgoingMessages, CipherSuite[] cipherSuites)
{
ServerHelloMessage serverHelloMessage = new ServerHelloMessage();
serverHelloMessage.RandomNumber = new byte[RandomNumberLength];
m_rng.GetBytes(serverHelloMessage.RandomNumber);
SecurityParameters.ServerRandom = serverHelloMessage.RandomNumber;
// in case their is no much the server will return this defaul
serverHelloMessage.CipherSuite = CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA;
foreach (CipherSuite cipherSuite in cipherSuites)
{
if (AllowedCipherSuites.Contains(cipherSuite))
{
serverHelloMessage.CipherSuite = cipherSuite;
SetCipherSuite(cipherSuite);
break;
}
}
NetMQMessage outgoingMessage = serverHelloMessage.ToNetMQMessage();
HashLocalAndRemote(outgoingMessage);
outgoingMessages.AddHandshakeMessage(outgoingMessage);
m_lastSentMessage = HandshakeType.ServerHello;
}
private void AddServerHelloDone(OutgoingMessageBag outgoingMessages)
{
ServerHelloDoneMessage serverHelloDoneMessage = new ServerHelloDoneMessage();
NetMQMessage outgoingMessage = serverHelloDoneMessage.ToNetMQMessage();
HashLocalAndRemote(outgoingMessage);
outgoingMessages.AddHandshakeMessage(outgoingMessage);
m_lastSentMessage = HandshakeType.ServerHelloDone;
}
private void AddFinished(OutgoingMessageBag outgoingMessages)
{
m_localHash.TransformFinalBlock(new byte[0], 0, 0);
byte[] seed = m_localHash.Hash;
m_localHash.Dispose();
m_localHash = null;
string label;
if (SecurityParameters.Entity == ConnectionEnd.Server)
{
label = ServerFinishedLabel;
}
else
{
label = ClientFinshedLabel;
}
FinishedMessage finishedMessage = new FinishedMessage();
finishedMessage.VerifyData =
PRF.Get(SecurityParameters.MasterSecret, label, seed, FinishedMessage.VerifyDataLength);
NetMQMessage outgoingMessage = finishedMessage.ToNetMQMessage();
outgoingMessages.AddHandshakeMessage(outgoingMessage);
m_lastSentMessage = HandshakeType.Finished;
if (SecurityParameters.Entity == ConnectionEnd.Client)
{
HashRemote(outgoingMessage);
}
}
private void AddFinished(OutgoingMessageBag outgoingMessages)
{
m_localHash.TransformFinalBlock(EmptyArray<byte>.Instance, 0, 0);
byte[] seed = m_localHash.Hash;
m_localHash.Dispose();
m_localHash = null;
var label = SecurityParameters.Entity == ConnectionEnd.Server ? ServerFinishedLabel : ClientFinshedLabel;
var finishedMessage = new FinishedMessage
{
VerifyData = PRF.Get(SecurityParameters.MasterSecret, label, seed, FinishedMessage.VerifyDataLength)
};
NetMQMessage outgoingMessage = finishedMessage.ToNetMQMessage();
outgoingMessages.AddHandshakeMessage(outgoingMessage);
m_lastSentMessage = HandshakeType.Finished;
if (SecurityParameters.Entity == ConnectionEnd.Client)
{
HashRemote(outgoingMessage);
}
}
private void AddCertificateMessage(OutgoingMessageBag outgoingMessages)
{
CertificateMessage certificateMessage = new CertificateMessage();
certificateMessage.Certificate = LocalCertificate;
NetMQMessage outgoingMessage = certificateMessage.ToNetMQMessage();
HashLocalAndRemote(outgoingMessage);
outgoingMessages.AddHandshakeMessage(outgoingMessage);
m_lastSentMessage = HandshakeType.Certificate;
}
private void AddClientKeyExchange(OutgoingMessageBag outgoingMessages)
{
ClientKeyExchangeMessage clientKeyExchangeMessage = new ClientKeyExchangeMessage();
byte[] premasterSecret = new byte[ClientKeyExchangeMessage.PreMasterSecretLength];
m_rng.GetBytes(premasterSecret);
RSACryptoServiceProvider rsa = RemoteCertificate.PublicKey.Key as RSACryptoServiceProvider;
clientKeyExchangeMessage.EncryptedPreMasterSecret = rsa.Encrypt(premasterSecret, false);
GenerateMasterSecret(premasterSecret);
NetMQMessage outgoingMessage = clientKeyExchangeMessage.ToNetMQMessage();
HashLocalAndRemote(outgoingMessage);
outgoingMessages.AddHandshakeMessage(outgoingMessage);
m_lastSentMessage = HandshakeType.ClientKeyExchange;
}
