public byte[] DecryptApplicationData(TlsKeys tlsKeys, TlsPacket.TlsApplicationData applicationData, ulong sequenceNumber)
{
if (KeyBlock == null)
{
throw new InvalidOperationException($"KeyBlock not initialized. Please, call {nameof(InitializeKeyBlock)} first.");
}
var content = new Span <byte>(applicationData.Body);
if (this.SecurityParameters.CipherType == TlsCipherType.Aead)
{
var macLength = SecurityParameters.MacLength / 8;
var recordNonceLength = SecurityParameters.RecordIVLength / 8;
var nonce = ComputeNonce(tlsKeys, content);
var additionalData = ByteString.Combine(
BitConverter.GetBytes(sequenceNumber).Reverse().ToArray(),
new byte[] { (byte)applicationData.M_Parent.ContentType,
applicationData.M_Parent.Version.Major,
applicationData.M_Parent.Version.Minor },
BitConverter.GetBytes((ushort)(applicationData.Body.Length - (recordNonceLength + macLength))).Reverse().ToArray()
);
var aead = CreateAeadCipher(SecurityParameters.CipherMode, CreateBlockCipher(SecurityParameters.CipherAlgorithm.ToString().ToUpperInvariant()));
return(DecryptAead(aead, tlsKeys.EncodingKey, nonce, content.Slice(recordNonceLength), additionalData));
}
if (this.SecurityParameters.CipherType == TlsCipherType.Block)
{
var cbc = CreateBlockCipher(SecurityParameters.CipherMode, CreateBlockCipher(SecurityParameters.CipherAlgorithm.ToString().ToUpperInvariant()));
var mac = CreateHMacAlgorithm(SecurityParameters.MacAlgorithm);
return(DecryptBlock(cbc, mac, tlsKeys.EncodingKey, tlsKeys.IV, tlsKeys.MacKey, content));
}
if (this.SecurityParameters.CipherType == TlsCipherType.Stream)
{
throw new NotImplementedException();
}
throw new NotSupportedException($"Decrypting {CipherSuite.ToString()} is not supported.");
}
public override string ToString()
{
return(CipherSuite.ToString());
}