public void Write_ResultBytesAreExpected()
{
//Arrange
var expectedBytes = GetMessageHexString();
var buffer = new byte[TlsBuffer.MaxRecordSize];
var random = HandshakeRandom.Parse(GetBytesOfRandom());
var sessionId = SessionId.Parse(GetBytesOfSessionId());
//Act
var cursor = new MemoryCursor(buffer);
using (TlsRecord.StartWriting(cursor, RecordType.Handshake, ProtocolVersion.Tls12))
using (ServerHello.StartWriting(cursor, random, Cipher.TLS_AES_128_GCM_SHA256, sessionId))
{
using (cursor.StartKeyShareWriting())
{
using (KeyShareEntry.StartWriting(cursor, NamedGroup.X25519))
{
GetBytesOfPublicKey().CopyTo(cursor);
}
}
using (cursor.StartSupportedVersionWriting())
{
ProtocolVersion.Tls13.WriteBytes(cursor);
}
}
//Assert
Assert.Equal(expectedBytes, Utils.ToHexString(cursor.PeekStart().ToArray()), true);
}
private ISession GetSession()
{
var sessionId = Request.Headers.TryGetValue("x-session-id", out var sessionIdValues)
? SessionId.Parse(sessionIdValues.FirstOrDefault())
: null;
return(sessionStore.GetSession(sessionId));
}
public void Read_ResultsAreExpected()
{
//Arrange
var messageBytes = Utils.ParseHexString(GetMessageHexString());
var record = new TlsRecord();
var message = new ServerHello();
var keyShareEntry = new KeyShareEntry();
var supportedVersion = new ProtocolVersion();
//Act
var cursor = new MemoryCursor(messageBytes);
var result = TlsRecord.TryParse(cursor, RecordType.Handshake, out record);
using (record.Payload.SetCursor(cursor))
{
result &= ServerHello.TryParse(cursor, out message);
using (message.Payload.SetCursor(cursor))
{
result &= cursor.TryParseKeyShare(out var keyShareBuffer);
using (keyShareBuffer.SetCursor(cursor))
{
keyShareEntry = KeyShareEntry.Parse(cursor);
}
result &= cursor.TryParseSupportedVersion(out var supportedVersionBuffer);
using (supportedVersionBuffer.SetCursor(cursor))
{
supportedVersion = ProtocolVersion.Parse(cursor);
}
result &= cursor.IsEnd();
}
result &= cursor.IsEnd();
}
result &= cursor.IsEnd();
//Assert
Assert.True(result);
Assert.Equal(RecordType.Handshake, record.Type);
Assert.Equal(ProtocolVersion.Tls12, record.ProtocolVersion);
Assert.Equal(HandshakeRandom.Parse(GetBytesOfRandom()), message.Random);
Assert.Equal(SessionId.Parse(GetBytesOfSessionId()), message.SessionId);
Assert.Equal(Cipher.TLS_AES_128_GCM_SHA256, message.Cipher);
Assert.Equal(NamedGroup.X25519, keyShareEntry.Group);
Assert.True(GetBytesOfPublicKey().AsSpan().SequenceEqual(keyShareEntry.Key.Read(cursor).Span));
Assert.Equal(ProtocolVersion.Tls13, supportedVersion);
}
public void Read_ResultsAreExpected()
{
//Arrange
var messageBytes = Utils.ParseHexString(GetMessageHexString());
var record = new TlsRecord();
var message = new ClientHello();
var serverNames = new List <ServerNameEntry>();
var namedGroups = new List <NamedGroup>();
var signatureSchemes = new List <SignatureScheme>();
var keyShareEntries = new List <KeyShareEntry>();
var pskModes = new List <PskKeyExchangeMode>();
var supportedVersions = new List <ProtocolVersion>();
var ciphers = new List <Cipher>();
//Act
var cursor = new MemoryCursor(messageBytes);
var result = TlsRecord.TryParse(cursor, RecordType.Handshake, out record);
using (record.Payload.SetCursor(cursor))
{
result &= ClientHello.TryParse(cursor, out message);
foreach (var cipher in message.CipherSuite)
{
ciphers.Add(cipher);
}
using (message.Payload.SetCursor(cursor))
{
result &= cursor.TryParseServerNames(out var serverNamesBuffer);
foreach (var entry in serverNamesBuffer.GetServerNameEntryReader(cursor))
{
serverNames.Add(entry);
}
result &= cursor.TryParseSupportedGroups(out var supportedGroupsBuffer);
foreach (var group in supportedGroupsBuffer.GetNamedGroupReader(cursor))
{
namedGroups.Add(group);
}
result &= cursor.TryParseSignatureAlgorithms(out var signatureAlgorithmsBuffer);
foreach (var scheme in signatureAlgorithmsBuffer.GetSignatureSchemeReader(cursor))
{
signatureSchemes.Add(scheme);
}
result &= cursor.TryParseKeyShares(out var keySharesBuffer);
foreach (var entry in keySharesBuffer.GetKeyShareEntryReader(cursor))
{
keyShareEntries.Add(entry);
}
result &= cursor.TryParsePskKeyExchangeModes(out var pskModesBuffer);
foreach (var mode in pskModesBuffer.GetPskKeyExchangeModeReader(cursor))
{
pskModes.Add(mode);
}
result &= cursor.TryParseSupportedVersions(out var supportedVersionsBuffer);
foreach (var version in supportedVersionsBuffer.GetProtocolVersionReader(cursor))
{
supportedVersions.Add(version);
}
result &= cursor.IsEnd();
}
result &= cursor.IsEnd();
}
result &= cursor.IsEnd();
//Assert
Assert.True(result);
Assert.Equal(RecordType.Handshake, record.Type);
Assert.Equal(ProtocolVersion.Tls10, record.ProtocolVersion);
Assert.Equal(HandshakeRandom.Parse(GetBytesOfRandom()), message.Random);
Assert.Equal(SessionId.Parse(GetBytesOfSessionId()), message.SessionId);
Assert.Equal(new[]
{
Cipher.TLS_AES_128_GCM_SHA256,
Cipher.TLS_AES_256_GCM_SHA384,
Cipher.TLS_CHACHA20_POLY1305_SHA256
}, ciphers);
var serverNameEntry = Assert.Single(serverNames);
Assert.True(serverNameEntry.IsHostName());
Assert.Equal("example.ulfheim.net", serverNameEntry.ToString());
Assert.Equal(new[]
{
NamedGroup.X25519,
NamedGroup.SECP256R1,
NamedGroup.SECP384R1
}, namedGroups);
Assert.Equal(new[]
{
SignatureScheme.ECDSA_SECP256R1_SHA256,
SignatureScheme.RSA_PSS_RSAE_SHA256,
SignatureScheme.RSA_PKCS1_SHA256,
SignatureScheme.ECDSA_SECP384R1_SHA384,
SignatureScheme.RSA_PSS_RSAE_SHA384,
SignatureScheme.RSA_PKCS1_SHA384,
SignatureScheme.RSA_PSS_RSAE_SHA512,
SignatureScheme.RSA_PKCS1_SHA512,
SignatureScheme.RSA_PKCS1_SHA1
}, signatureSchemes);
var keyShareEntry = Assert.Single(keyShareEntries);
Assert.Equal(NamedGroup.X25519, keyShareEntry.Group);
Assert.True(GetBytesOfPublicKey().AsSpan().SequenceEqual(keyShareEntry.Key.Read(cursor).Span));
var pskMode = Assert.Single(pskModes);
Assert.Equal(PskKeyExchangeMode.PskDheKe, pskMode);
var supportedVersion = Assert.Single(supportedVersions);
Assert.Equal(ProtocolVersion.Tls13, supportedVersion);
}
public void Write_ResultBytesAreExpected()
{
//Arrange
var expectedBytes = GetMessageHexString();
var buffer = new byte[TlsBuffer.MaxRecordSize];
var random = HandshakeRandom.Parse(GetBytesOfRandom());
var ciphers = new[] { Cipher.TLS_AES_128_GCM_SHA256, Cipher.TLS_AES_256_GCM_SHA384, Cipher.TLS_CHACHA20_POLY1305_SHA256 };
var sessionId = SessionId.Parse(GetBytesOfSessionId());
//Act
var cursor = new MemoryCursor(buffer);
using (TlsRecord.StartWriting(cursor, RecordType.Handshake, ProtocolVersion.Tls10))
using (ClientHello.StartWriting(cursor, random, ciphers, sessionId))
{
using (cursor.StartServerNamesWriting())
{
ServerNameEntry.WriteHostName(cursor, "example.ulfheim.net");
}
using (cursor.StartSupportedGroupsWriting())
{
NamedGroup.X25519.WriteBytes(cursor);
NamedGroup.SECP256R1.WriteBytes(cursor);
NamedGroup.SECP384R1.WriteBytes(cursor);
}
using (cursor.StartSignatureAlgorithmsWriting())
{
SignatureScheme.ECDSA_SECP256R1_SHA256.WriteBytes(cursor);
SignatureScheme.RSA_PSS_RSAE_SHA256.WriteBytes(cursor);
SignatureScheme.RSA_PKCS1_SHA256.WriteBytes(cursor);
SignatureScheme.ECDSA_SECP384R1_SHA384.WriteBytes(cursor);
SignatureScheme.RSA_PSS_RSAE_SHA384.WriteBytes(cursor);
SignatureScheme.RSA_PKCS1_SHA384.WriteBytes(cursor);
SignatureScheme.RSA_PSS_RSAE_SHA512.WriteBytes(cursor);
SignatureScheme.RSA_PKCS1_SHA512.WriteBytes(cursor);
SignatureScheme.RSA_PKCS1_SHA1.WriteBytes(cursor);
}
using (cursor.StartKeySharesWriting())
{
using (KeyShareEntry.StartWriting(cursor, NamedGroup.X25519))
{
GetBytesOfPublicKey().CopyTo(cursor);
}
}
using (cursor.StartPskKeyExchangeModesWriting())
{
PskKeyExchangeMode.PskDheKe.WriteBytes(cursor);
}
using (cursor.StartSupportedVersionsWriting())
{
ProtocolVersion.Tls13.WriteBytes(cursor);
}
}
//Assert
Assert.Equal(expectedBytes, Utils.ToHexString(cursor.PeekStart().ToArray()), true);
}