private void HandleExchangeFrame(ClientExchangeFrame frame) { if (frame.Tag.Length > MAX_TAG_LENGTH) { OnExceptionThrown(new InvalidDataException("Invalid tag length.")); return; } if (MutualAuthenticationRequired && !frame.IsMutual) { OnExceptionThrown(new InvalidDataException("Server authentication failed.")); return; } Tag remoteTag = Tag.Deserialize(frame.Tag); if (!remoteTag.Verify(TrustedIssuers)) { OnExceptionThrown(new InvalidDataException("Invalid tag.")); return; } IsMutuallyAuthenticated = frame.IsMutual; List <byte[]> signatureParts = new List <byte[]>(); signatureParts.Add(frame.PublicKey); signatureParts.Add(ClientNonce); signatureParts.Add(new byte[] { frame.IsMutual ? (byte)1 : (byte)0 }); if (IsMutuallyAuthenticated) { signatureParts.Add(LocalTag.RawData); } if (!VerifyData(remoteTag.Holder.Key, frame.Signature, signatureParts.ToArray())) { OnExceptionThrown(new InvalidDataException("Invalid signature.")); return; } SendValidateFrame(GetPublicKey(), remoteTag); InitializeCrypto(frame.PublicKey, false); ClientNonce = CreateNonce(NONCE_LENGTH); BufferFrame(new ClientEchoFrame(), FrameState.ClientEcho); SendEchoFrame(ClientNonce); }
private void SendExchangeFrame(byte[] publicKey, bool isMutual) { List <byte[]> signatureParts = new List <byte[]>(); signatureParts.Add(publicKey); signatureParts.Add(ClientNonce); signatureParts.Add(new byte[] { isMutual ? (byte)1 : (byte)0 }); if (IsMutuallyAuthenticated) { signatureParts.Add(_remoteTag.RawData); } ClientExchangeFrame frame = new ClientExchangeFrame(); frame.IsMutual = isMutual; frame.PublicKey = publicKey; frame.Signature = SignData(LocalTag.Holder.Key, signatureParts.ToArray()); frame.Tag = LocalTag.RawData; SendFrame(frame); }