public virtual void ProcessClientExtensions(IDictionary clientExtensions)
{
mClientExtensions = clientExtensions;
if (clientExtensions != null)
{
mEncryptThenMacOffered = TlsExtensionsUtilities.HasEncryptThenMacExtension(clientExtensions);
mMaxFragmentLengthOffered = TlsExtensionsUtilities.GetMaxFragmentLengthExtension(clientExtensions);
if (mMaxFragmentLengthOffered >= 0 && !MaxFragmentLength.IsValid((byte)mMaxFragmentLengthOffered))
{
throw new TlsFatalAlert(47);
}
mTruncatedHMacOffered = TlsExtensionsUtilities.HasTruncatedHMacExtension(clientExtensions);
mSupportedSignatureAlgorithms = TlsUtilities.GetSignatureAlgorithmsExtension(clientExtensions);
if (mSupportedSignatureAlgorithms != null && !TlsUtilities.IsSignatureAlgorithmsExtensionAllowed(mClientVersion))
{
throw new TlsFatalAlert(47);
}
mNamedCurves = TlsEccUtilities.GetSupportedEllipticCurvesExtension(clientExtensions);
mClientECPointFormats = TlsEccUtilities.GetSupportedPointFormatsExtension(clientExtensions);
}
if (!mEccCipherSuitesOffered && (mNamedCurves != null || mClientECPointFormats != null))
{
throw new TlsFatalAlert(47);
}
}
/// <exception cref="IOException"></exception>
public static byte[] CreateMaxFragmentLengthExtension(byte maxFragmentLength)
{
if (!MaxFragmentLength.IsValid(maxFragmentLength))
{
throw new TlsFatalAlert(AlertDescription.internal_error);
}
return(new byte[] { maxFragmentLength });
}
protected virtual short ProcessMaxFragmentLengthExtension(IDictionary clientExtensions, IDictionary serverExtensions, byte alertDescription)
{
short maxFragmentLengthExtension = TlsExtensionsUtilities.GetMaxFragmentLengthExtension(serverExtensions);
if (maxFragmentLengthExtension >= 0 && (!MaxFragmentLength.IsValid((byte)maxFragmentLengthExtension) || (!this.mResumedSession && maxFragmentLengthExtension != TlsExtensionsUtilities.GetMaxFragmentLengthExtension(clientExtensions))))
{
throw new TlsFatalAlert(alertDescription);
}
return(maxFragmentLengthExtension);
}
protected static short EvaluateMaxFragmentLengthExtension(bool resumedSession, IDictionary clientExtensions, IDictionary serverExtensions, byte alertDescription)
{
short maxFragmentLengthExtension = TlsExtensionsUtilities.GetMaxFragmentLengthExtension(serverExtensions);
if (maxFragmentLengthExtension >= 0 && (!MaxFragmentLength.IsValid((byte)maxFragmentLengthExtension) || (!resumedSession && maxFragmentLengthExtension != TlsExtensionsUtilities.GetMaxFragmentLengthExtension(clientExtensions))))
{
throw new TlsFatalAlert(alertDescription);
}
return(maxFragmentLengthExtension);
}
protected virtual void ApplyMaxFragmentLengthExtension()
{
if (this.mSecurityParameters.maxFragmentLength >= 0)
{
if (!MaxFragmentLength.IsValid((byte)this.mSecurityParameters.maxFragmentLength))
{
throw new TlsFatalAlert(80);
}
int plaintextLimit = 1 << (int)(8 + this.mSecurityParameters.maxFragmentLength);
this.mRecordStream.SetPlaintextLimit(plaintextLimit);
}
}
internal static void ApplyMaxFragmentLengthExtension(DtlsRecordLayer recordLayer, short maxFragmentLength)
{
if (maxFragmentLength >= 0)
{
if (!MaxFragmentLength.IsValid((byte)maxFragmentLength))
{
throw new TlsFatalAlert(80);
}
int plaintextLimit = 1 << 8 + maxFragmentLength;
recordLayer.SetPlaintextLimit(plaintextLimit);
}
}
protected virtual void ApplyMaxFragmentLengthExtension()
{
if (mSecurityParameters.maxFragmentLength >= 0)
{
if (!MaxFragmentLength.IsValid((byte)mSecurityParameters.maxFragmentLength))
{
throw new TlsFatalAlert(AlertDescription.internal_error);
}
int plainTextLimit = 1 << (8 + mSecurityParameters.maxFragmentLength);
mRecordStream.SetPlaintextLimit(plainTextLimit);
}
}
public virtual void ProcessClientExtensions(IDictionary clientExtensions)
{
this.mClientExtensions = clientExtensions;
if (clientExtensions != null)
{
this.mEncryptThenMacOffered = TlsExtensionsUtilities.HasEncryptThenMacExtension(clientExtensions);
this.mMaxFragmentLengthOffered = TlsExtensionsUtilities.GetMaxFragmentLengthExtension(clientExtensions);
if (mMaxFragmentLengthOffered >= 0 && !MaxFragmentLength.IsValid((byte)mMaxFragmentLengthOffered))
{
throw new TlsFatalAlert(AlertDescription.illegal_parameter);
}
this.mTruncatedHMacOffered = TlsExtensionsUtilities.HasTruncatedHMacExtension(clientExtensions);
this.mSupportedSignatureAlgorithms = TlsUtilities.GetSignatureAlgorithmsExtension(clientExtensions);
if (this.mSupportedSignatureAlgorithms != null)
{
/*
* RFC 5246 7.4.1.4.1. Note: this extension is not meaningful for TLS versions prior
* to 1.2. Clients MUST NOT offer it if they are offering prior versions.
*/
if (!TlsUtilities.IsSignatureAlgorithmsExtensionAllowed(mClientVersion))
{
throw new TlsFatalAlert(AlertDescription.illegal_parameter);
}
}
this.mNamedCurves = TlsEccUtilities.GetSupportedEllipticCurvesExtension(clientExtensions);
this.mClientECPointFormats = TlsEccUtilities.GetSupportedPointFormatsExtension(clientExtensions);
}
/*
* RFC 4429 4. The client MUST NOT include these extensions in the ClientHello message if it
* does not propose any ECC cipher suites.
*
* NOTE: This was overly strict as there may be ECC cipher suites that we don't recognize.
* Also, draft-ietf-tls-negotiated-ff-dhe will be overloading the 'elliptic_curves'
* extension to explicitly allow FFDHE (i.e. non-ECC) groups.
*/
//if (!this.mEccCipherSuitesOffered && (this.mNamedCurves != null || this.mClientECPointFormats != null))
// throw new TlsFatalAlert(AlertDescription.illegal_parameter);
}
// IDictionary is (Int32 -> byte[])
public virtual IDictionary GetServerExtensions()
{
if (this.mEncryptThenMacOffered && AllowEncryptThenMac)
{
/*
* RFC 7366 3. If a server receives an encrypt-then-MAC request extension from a client
* and then selects a stream or Authenticated Encryption with Associated Data (AEAD)
* ciphersuite, it MUST NOT send an encrypt-then-MAC response extension back to the
* client.
*/
if (TlsUtilities.IsBlockCipherSuite(this.mSelectedCipherSuite))
{
TlsExtensionsUtilities.AddEncryptThenMacExtension(CheckServerExtensions());
}
}
if (this.mMaxFragmentLengthOffered >= 0 &&
TlsUtilities.IsValidUint8(mMaxFragmentLengthOffered) &&
MaxFragmentLength.IsValid((byte)mMaxFragmentLengthOffered))
{
TlsExtensionsUtilities.AddMaxFragmentLengthExtension(CheckServerExtensions(), (byte)mMaxFragmentLengthOffered);
}
if (this.mTruncatedHMacOffered && AllowTruncatedHMac)
{
TlsExtensionsUtilities.AddTruncatedHMacExtension(CheckServerExtensions());
}
if (this.mClientECPointFormats != null && TlsEccUtilities.IsEccCipherSuite(this.mSelectedCipherSuite))
{
/*
* RFC 4492 5.2. A server that selects an ECC cipher suite in response to a ClientHello
* message including a Supported Point Formats Extension appends this extension (along
* with others) to its ServerHello message, enumerating the point formats it can parse.
*/
this.mServerECPointFormats = new byte[] { ECPointFormat.uncompressed,
ECPointFormat.ansiX962_compressed_prime, ECPointFormat.ansiX962_compressed_char2, };
TlsEccUtilities.AddSupportedPointFormatsExtension(CheckServerExtensions(), mServerECPointFormats);
}
return(mServerExtensions);
}
public virtual void ProcessClientExtensions(IDictionary clientExtensions)
{
this.mClientExtensions = clientExtensions;
if (clientExtensions != null)
{
this.mEncryptThenMacOffered = TlsExtensionsUtilities.HasEncryptThenMacExtension(clientExtensions);
this.mMaxFragmentLengthOffered = TlsExtensionsUtilities.GetMaxFragmentLengthExtension(clientExtensions);
if (mMaxFragmentLengthOffered >= 0 && !MaxFragmentLength.IsValid((byte)mMaxFragmentLengthOffered))
{
throw new TlsFatalAlert(AlertDescription.illegal_parameter);
}
this.mTruncatedHMacOffered = TlsExtensionsUtilities.HasTruncatedHMacExtension(clientExtensions);
this.mSupportedSignatureAlgorithms = TlsUtilities.GetSignatureAlgorithmsExtension(clientExtensions);
if (this.mSupportedSignatureAlgorithms != null)
{
/*
* RFC 5246 7.4.1.4.1. Note: this extension is not meaningful for TLS versions prior
* to 1.2. Clients MUST NOT offer it if they are offering prior versions.
*/
if (!TlsUtilities.IsSignatureAlgorithmsExtensionAllowed(mClientVersion))
{
throw new TlsFatalAlert(AlertDescription.illegal_parameter);
}
}
this.mNamedCurves = TlsEccUtilities.GetSupportedEllipticCurvesExtension(clientExtensions);
this.mClientECPointFormats = TlsEccUtilities.GetSupportedPointFormatsExtension(clientExtensions);
}
/*
* RFC 4429 4. The client MUST NOT include these extensions in the ClientHello message if it
* does not propose any ECC cipher suites.
*/
if (!this.mEccCipherSuitesOffered && (this.mNamedCurves != null || this.mClientECPointFormats != null))
{
throw new TlsFatalAlert(AlertDescription.illegal_parameter);
}
}
public virtual void ProcessClientExtensions(IDictionary clientExtensions)
{
this.mClientExtensions = clientExtensions;
if (clientExtensions != null)
{
this.mEncryptThenMacOffered = TlsExtensionsUtilities.HasEncryptThenMacExtension(clientExtensions);
this.mMaxFragmentLengthOffered = TlsExtensionsUtilities.GetMaxFragmentLengthExtension(clientExtensions);
if ((this.mMaxFragmentLengthOffered >= 0) && !MaxFragmentLength.IsValid((byte)this.mMaxFragmentLengthOffered))
{
throw new TlsFatalAlert(0x2f);
}
this.mTruncatedHMacOffered = TlsExtensionsUtilities.HasTruncatedHMacExtension(clientExtensions);
this.mSupportedSignatureAlgorithms = TlsUtilities.GetSignatureAlgorithmsExtension(clientExtensions);
if ((this.mSupportedSignatureAlgorithms != null) && !TlsUtilities.IsSignatureAlgorithmsExtensionAllowed(this.mClientVersion))
{
throw new TlsFatalAlert(0x2f);
}
this.mNamedCurves = TlsEccUtilities.GetSupportedEllipticCurvesExtension(clientExtensions);
this.mClientECPointFormats = TlsEccUtilities.GetSupportedPointFormatsExtension(clientExtensions);
}
}
/// <exception cref="IOException"></exception>
public static short ReadMaxFragmentLengthExtension(byte[] extensionData)
{
if (extensionData == null)
{
throw new ArgumentNullException("extensionData");
}
if (extensionData.Length != 1)
{
throw new TlsFatalAlert(AlertDescription.decode_error);
}
byte maxFragmentLength = extensionData[0];
if (!MaxFragmentLength.IsValid(maxFragmentLength))
{
throw new TlsFatalAlert(AlertDescription.illegal_parameter);
}
return(maxFragmentLength);
}
public virtual IDictionary GetServerExtensions()
{
if ((this.mEncryptThenMacOffered && this.AllowEncryptThenMac) && TlsUtilities.IsBlockCipherSuite(this.mSelectedCipherSuite))
{
TlsExtensionsUtilities.AddEncryptThenMacExtension(this.CheckServerExtensions());
}
if (((this.mMaxFragmentLengthOffered >= 0) && TlsUtilities.IsValidUint8((int)this.mMaxFragmentLengthOffered)) && MaxFragmentLength.IsValid((byte)this.mMaxFragmentLengthOffered))
{
TlsExtensionsUtilities.AddMaxFragmentLengthExtension(this.CheckServerExtensions(), (byte)this.mMaxFragmentLengthOffered);
}
if (this.mTruncatedHMacOffered && this.AllowTruncatedHMac)
{
TlsExtensionsUtilities.AddTruncatedHMacExtension(this.CheckServerExtensions());
}
if ((this.mClientECPointFormats != null) && TlsEccUtilities.IsEccCipherSuite(this.mSelectedCipherSuite))
{
byte[] buffer1 = new byte[3];
buffer1[1] = 1;
buffer1[2] = 2;
this.mServerECPointFormats = buffer1;
TlsEccUtilities.AddSupportedPointFormatsExtension(this.CheckServerExtensions(), this.mServerECPointFormats);
}
return(this.mServerExtensions);
}
public virtual IDictionary GetServerExtensions()
{
if (mEncryptThenMacOffered && AllowEncryptThenMac && TlsUtilities.IsBlockCipherSuite(mSelectedCipherSuite))
{
TlsExtensionsUtilities.AddEncryptThenMacExtension(CheckServerExtensions());
}
if (mMaxFragmentLengthOffered >= 0 && TlsUtilities.IsValidUint8(mMaxFragmentLengthOffered) && MaxFragmentLength.IsValid((byte)mMaxFragmentLengthOffered))
{
TlsExtensionsUtilities.AddMaxFragmentLengthExtension(CheckServerExtensions(), (byte)mMaxFragmentLengthOffered);
}
if (mTruncatedHMacOffered && AllowTruncatedHMac)
{
TlsExtensionsUtilities.AddTruncatedHMacExtension(CheckServerExtensions());
}
if (mClientECPointFormats != null && TlsEccUtilities.IsEccCipherSuite(mSelectedCipherSuite))
{
mServerECPointFormats = new byte[3]
{
0,
1,
2
};
TlsEccUtilities.AddSupportedPointFormatsExtension(CheckServerExtensions(), mServerECPointFormats);
}
return(mServerExtensions);
}
