|
private WriteToRecordStream ( |
||
| protocol | ||
| return | void | |
protected virtual void SendFinishedMessage()
{
byte[] array = this.CreateVerifyData(this.Context.IsServer);
TlsProtocol.HandshakeMessage handshakeMessage = new TlsProtocol.HandshakeMessage(20, array.Length);
handshakeMessage.Write(array, 0, array.Length);
handshakeMessage.WriteToRecordStream(this);
}
protected virtual void SendNewSessionTicketMessage(NewSessionTicket newSessionTicket)
{
if (newSessionTicket == null)
{
throw new TlsFatalAlert(80);
}
TlsProtocol.HandshakeMessage handshakeMessage = new TlsProtocol.HandshakeMessage(4);
newSessionTicket.Encode(handshakeMessage);
handshakeMessage.WriteToRecordStream(this);
}
protected virtual void SendClientHelloMessage()
{
base.mRecordStream.SetWriteVersion(this.mTlsClient.ClientHelloRecordLayerVersion);
ProtocolVersion clientVersion = this.mTlsClient.ClientVersion;
if (clientVersion.IsDtls)
{
throw new TlsFatalAlert(80);
}
this.ContextAdmin.SetClientVersion(clientVersion);
byte[] emptyBytes = TlsUtilities.EmptyBytes;
if (base.mTlsSession != null)
{
emptyBytes = base.mTlsSession.SessionID;
if ((emptyBytes == null) || (emptyBytes.Length > 0x20))
{
emptyBytes = TlsUtilities.EmptyBytes;
}
}
bool isFallback = this.mTlsClient.IsFallback;
base.mOfferedCipherSuites = this.mTlsClient.GetCipherSuites();
base.mOfferedCompressionMethods = this.mTlsClient.GetCompressionMethods();
if (((emptyBytes.Length > 0) && (base.mSessionParameters != null)) && (!Arrays.Contains(base.mOfferedCipherSuites, base.mSessionParameters.CipherSuite) || !Arrays.Contains(base.mOfferedCompressionMethods, base.mSessionParameters.CompressionAlgorithm)))
{
emptyBytes = TlsUtilities.EmptyBytes;
}
base.mClientExtensions = this.mTlsClient.GetClientExtensions();
TlsProtocol.HandshakeMessage output = new TlsProtocol.HandshakeMessage(1);
TlsUtilities.WriteVersion(clientVersion, output);
output.Write(base.mSecurityParameters.ClientRandom);
TlsUtilities.WriteOpaque8(emptyBytes, output);
byte[] extensionData = TlsUtilities.GetExtensionData(base.mClientExtensions, 0xff01);
bool flag2 = null == extensionData;
bool flag3 = !Arrays.Contains(base.mOfferedCipherSuites, 0xff);
if (flag2 && flag3)
{
base.mOfferedCipherSuites = Arrays.Append(base.mOfferedCipherSuites, 0xff);
}
if (isFallback && !Arrays.Contains(base.mOfferedCipherSuites, 0x5600))
{
base.mOfferedCipherSuites = Arrays.Append(base.mOfferedCipherSuites, 0x5600);
}
TlsUtilities.WriteUint16ArrayWithUint16Length(base.mOfferedCipherSuites, output);
TlsUtilities.WriteUint8ArrayWithUint8Length(base.mOfferedCompressionMethods, output);
if (base.mClientExtensions != null)
{
TlsProtocol.WriteExtensions(output, base.mClientExtensions);
}
output.WriteToRecordStream(this);
}
protected virtual void SendClientHelloMessage()
{
this.mRecordStream.SetWriteVersion(this.mTlsClient.ClientHelloRecordLayerVersion);
ProtocolVersion clientVersion = this.mTlsClient.ClientVersion;
if (clientVersion.IsDtls)
{
throw new TlsFatalAlert(80);
}
this.ContextAdmin.SetClientVersion(clientVersion);
byte[] array = TlsUtilities.EmptyBytes;
if (this.mTlsSession != null)
{
array = this.mTlsSession.SessionID;
if (array == null || array.Length > 32)
{
array = TlsUtilities.EmptyBytes;
}
}
bool isFallback = this.mTlsClient.IsFallback;
this.mOfferedCipherSuites = this.mTlsClient.GetCipherSuites();
this.mOfferedCompressionMethods = this.mTlsClient.GetCompressionMethods();
if (array.Length > 0 && this.mSessionParameters != null && (!Arrays.Contains(this.mOfferedCipherSuites, this.mSessionParameters.CipherSuite) || !Arrays.Contains(this.mOfferedCompressionMethods, this.mSessionParameters.CompressionAlgorithm)))
{
array = TlsUtilities.EmptyBytes;
}
this.mClientExtensions = this.mTlsClient.GetClientExtensions();
TlsProtocol.HandshakeMessage handshakeMessage = new TlsProtocol.HandshakeMessage(1);
TlsUtilities.WriteVersion(clientVersion, handshakeMessage);
handshakeMessage.Write(this.mSecurityParameters.ClientRandom);
TlsUtilities.WriteOpaque8(array, handshakeMessage);
byte[] extensionData = TlsUtilities.GetExtensionData(this.mClientExtensions, 65281);
bool flag = null == extensionData;
bool flag2 = !Arrays.Contains(this.mOfferedCipherSuites, 255);
if (flag && flag2)
{
this.mOfferedCipherSuites = Arrays.Append(this.mOfferedCipherSuites, 255);
}
if (isFallback && !Arrays.Contains(this.mOfferedCipherSuites, 22016))
{
this.mOfferedCipherSuites = Arrays.Append(this.mOfferedCipherSuites, 22016);
}
TlsUtilities.WriteUint16ArrayWithUint16Length(this.mOfferedCipherSuites, handshakeMessage);
TlsUtilities.WriteUint8ArrayWithUint8Length(this.mOfferedCompressionMethods, handshakeMessage);
if (this.mClientExtensions != null)
{
TlsProtocol.WriteExtensions(handshakeMessage, this.mClientExtensions);
}
handshakeMessage.WriteToRecordStream(this);
}
protected virtual void SendCertificateMessage(Certificate certificate)
{
if (certificate == null)
{
certificate = Certificate.EmptyChain;
}
if (certificate.IsEmpty)
{
TlsContext context = this.Context;
if (!context.IsServer)
{
ProtocolVersion serverVersion = this.Context.ServerVersion;
if (serverVersion.IsSsl)
{
string message = serverVersion.ToString() + " client didn't provide credentials";
this.RaiseWarning(41, message);
return;
}
}
}
TlsProtocol.HandshakeMessage handshakeMessage = new TlsProtocol.HandshakeMessage(11);
certificate.Encode(handshakeMessage);
handshakeMessage.WriteToRecordStream(this);
}
protected virtual void SendServerKeyExchangeMessage(byte[] serverKeyExchange)
{
TlsProtocol.HandshakeMessage handshakeMessage = new TlsProtocol.HandshakeMessage(12, serverKeyExchange.Length);
handshakeMessage.Write(serverKeyExchange);
handshakeMessage.WriteToRecordStream(this);
}
protected virtual void SendServerHelloMessage()
{
TlsProtocol.HandshakeMessage handshakeMessage = new TlsProtocol.HandshakeMessage(2);
ProtocolVersion serverVersion = this.mTlsServer.GetServerVersion();
if (!serverVersion.IsEqualOrEarlierVersionOf(this.Context.ClientVersion))
{
throw new TlsFatalAlert(80);
}
this.mRecordStream.ReadVersion = serverVersion;
this.mRecordStream.SetWriteVersion(serverVersion);
this.mRecordStream.SetRestrictReadVersion(true);
this.ContextAdmin.SetServerVersion(serverVersion);
TlsUtilities.WriteVersion(serverVersion, handshakeMessage);
handshakeMessage.Write(this.mSecurityParameters.serverRandom);
TlsUtilities.WriteOpaque8(TlsUtilities.EmptyBytes, handshakeMessage);
int selectedCipherSuite = this.mTlsServer.GetSelectedCipherSuite();
if (!Arrays.Contains(this.mOfferedCipherSuites, selectedCipherSuite) || selectedCipherSuite == 0 || CipherSuite.IsScsv(selectedCipherSuite) || !TlsUtilities.IsValidCipherSuiteForVersion(selectedCipherSuite, this.Context.ServerVersion))
{
throw new TlsFatalAlert(80);
}
this.mSecurityParameters.cipherSuite = selectedCipherSuite;
byte selectedCompressionMethod = this.mTlsServer.GetSelectedCompressionMethod();
if (!Arrays.Contains(this.mOfferedCompressionMethods, selectedCompressionMethod))
{
throw new TlsFatalAlert(80);
}
this.mSecurityParameters.compressionAlgorithm = selectedCompressionMethod;
TlsUtilities.WriteUint16(selectedCipherSuite, handshakeMessage);
TlsUtilities.WriteUint8(selectedCompressionMethod, handshakeMessage);
this.mServerExtensions = this.mTlsServer.GetServerExtensions();
if (this.mSecureRenegotiation)
{
byte[] extensionData = TlsUtilities.GetExtensionData(this.mServerExtensions, 65281);
bool flag = null == extensionData;
if (flag)
{
this.mServerExtensions = TlsExtensionsUtilities.EnsureExtensionsInitialised(this.mServerExtensions);
this.mServerExtensions[65281] = TlsProtocol.CreateRenegotiationInfo(TlsUtilities.EmptyBytes);
}
}
if (this.mSecurityParameters.extendedMasterSecret)
{
this.mServerExtensions = TlsExtensionsUtilities.EnsureExtensionsInitialised(this.mServerExtensions);
TlsExtensionsUtilities.AddExtendedMasterSecretExtension(this.mServerExtensions);
}
if (this.mServerExtensions != null)
{
this.mSecurityParameters.encryptThenMac = TlsExtensionsUtilities.HasEncryptThenMacExtension(this.mServerExtensions);
this.mSecurityParameters.maxFragmentLength = this.ProcessMaxFragmentLengthExtension(this.mClientExtensions, this.mServerExtensions, 80);
this.mSecurityParameters.truncatedHMac = TlsExtensionsUtilities.HasTruncatedHMacExtension(this.mServerExtensions);
this.mAllowCertificateStatus = (!this.mResumedSession && TlsUtilities.HasExpectedEmptyExtensionData(this.mServerExtensions, 5, 80));
this.mExpectSessionTicket = (!this.mResumedSession && TlsUtilities.HasExpectedEmptyExtensionData(this.mServerExtensions, 35, 80));
TlsProtocol.WriteExtensions(handshakeMessage, this.mServerExtensions);
}
this.mSecurityParameters.prfAlgorithm = TlsProtocol.GetPrfAlgorithm(this.Context, this.mSecurityParameters.CipherSuite);
this.mSecurityParameters.verifyDataLength = 12;
this.ApplyMaxFragmentLengthExtension();
handshakeMessage.WriteToRecordStream(this);
}
protected virtual void SendCertificateStatusMessage(CertificateStatus certificateStatus)
{
TlsProtocol.HandshakeMessage handshakeMessage = new TlsProtocol.HandshakeMessage(22);
certificateStatus.Encode(handshakeMessage);
handshakeMessage.WriteToRecordStream(this);
}
protected virtual void SendCertificateRequestMessage(CertificateRequest certificateRequest)
{
TlsProtocol.HandshakeMessage handshakeMessage = new TlsProtocol.HandshakeMessage(13);
certificateRequest.Encode(handshakeMessage);
handshakeMessage.WriteToRecordStream(this);
}
protected virtual void SendSupplementalDataMessage(IList supplementalData)
{
TlsProtocol.HandshakeMessage handshakeMessage = new TlsProtocol.HandshakeMessage(23);
TlsProtocol.WriteSupplementalData(handshakeMessage, supplementalData);
handshakeMessage.WriteToRecordStream(this);
}
protected virtual void SendClientKeyExchangeMessage()
{
TlsProtocol.HandshakeMessage output = new TlsProtocol.HandshakeMessage(0x10);
this.mKeyExchange.GenerateClientKeyExchange(output);
output.WriteToRecordStream(this);
}
protected virtual void SendCertificateVerifyMessage(DigitallySigned certificateVerify)
{
TlsProtocol.HandshakeMessage output = new TlsProtocol.HandshakeMessage(15);
certificateVerify.Encode(output);
output.WriteToRecordStream(this);
}
protected virtual void SendClientKeyExchangeMessage()
{
TlsProtocol.HandshakeMessage handshakeMessage = new TlsProtocol.HandshakeMessage(16);
this.mKeyExchange.GenerateClientKeyExchange(handshakeMessage);
handshakeMessage.WriteToRecordStream(this);
}