public static bool VerifySignature(SignatureAndHashAlgorithm type, SecureBuffer data, AsymmetricAlgorithm key, SecureBuffer signature) { using (var d = new DisposeContext()) { var algorithm = d.Add((HashAlgorithm)GetAlgorithm(type.Hash)); algorithm.TransformFinalBlock(data.Buffer, 0, data.Size); return(VerifySignature(type, algorithm, d.Add(algorithm.Hash), key, signature)); } }
protected override void EncryptRecord(DisposeContext d, IBufferOffsetSize input) { ICryptoTransform cipher; if (!Cipher.HasFixedIV) { EncryptionAlgorithm.GenerateIV(); cipher = d.Add(EncryptionAlgorithm.CreateEncryptor()); } else { cipher = encryptionCipher; } if (!Cipher.HasFixedIV) { Buffer.BlockCopy(EncryptionAlgorithm.IV, 0, input.Buffer, input.Offset, BlockSize); } var ret = cipher.TransformBlock(input.Buffer, input.Offset + HeaderSize, input.Size - HeaderSize, input.Buffer, input.Offset + HeaderSize); if (ret <= 0 || ret != input.Size - HeaderSize) { throw new InvalidOperationException(); } if (Cipher.HasFixedIV) { var IV = new byte [BlockSize]; Buffer.BlockCopy(input.Buffer, input.Offset + input.Size - BlockSize, IV, 0, BlockSize); EncryptionAlgorithm.IV = IV; } }
protected override int DecryptRecord(DisposeContext d, IBufferOffsetSize input, IBufferOffsetSize output) { if ((input.Size % BlockSize) != 0) { return(-1); } int ivSize; ICryptoTransform cipher; if (!Cipher.HasFixedIV) { var IV = new byte [BlockSize]; Buffer.BlockCopy(input.Buffer, input.Offset, IV, 0, BlockSize); ivSize = BlockSize; DecryptionAlgorithm.IV = IV; cipher = d.Add(DecryptionAlgorithm.CreateDecryptor()); } else { ivSize = 0; cipher = decryptionCipher; } var ret = cipher.TransformBlock(input.Buffer, input.Offset + ivSize, input.Size - ivSize, output.Buffer, output.Offset); if (ret <= 0 || ret != input.Size - ivSize) { return(-1); } return(ret); }
protected override SecureBuffer PRF(DisposeContext d, SecureBuffer secret, string label, SecureBuffer data, int length) { /* Secret Length calc exmplain from the RFC2246. Section 5 * * S1 and S2 are the two halves of the secret and each is the same * length. S1 is taken from the first half of the secret, S2 from the * second half. Their length is created by rounding up the length of the * overall secret divided by two; thus, if the original secret is an odd * number of bytes long, the last byte of S1 will be the same as the * first byte of S2. */ // split secret in 2 int secretLen = secret.Size >> 1; // rounding up if ((secret.Size & 0x1) == 0x1) { secretLen++; } // Secret 1 var secret1 = d.CreateBuffer(secretLen); Buffer.BlockCopy(secret.Buffer, 0, secret1.Buffer, 0, secretLen); // Secret2 var secret2 = d.CreateBuffer(secretLen); Buffer.BlockCopy(secret.Buffer, (secret.Size - secretLen), secret2.Buffer, 0, secretLen); // Secret 1 processing var p_md5 = d.Add(Expand(d, HMac.Create(HashAlgorithmType.Md5, secret1), label, data, length)); // Secret 2 processing var p_sha = d.Add(Expand(d, HMac.Create(HashAlgorithmType.Sha1, secret2), label, data, length)); // Perfor XOR of both results var masterSecret = new SecureBuffer(length); for (int i = 0; i < length; i++) { masterSecret.Buffer[i] = (byte)(p_md5.Buffer[i] ^ p_sha.Buffer[i]); } return(masterSecret); }
static byte[] CreateHash (HashAlgorithmType type, SecureBuffer data) { if (!HashAlgorithmProvider.IsAlgorithmSupported (type)) throw new TlsException (AlertDescription.IlegalParameter); using (var d = new DisposeContext ()) { var algorithm = d.Add (HashAlgorithmProvider.CreateAlgorithm (type)); algorithm.TransformBlock (data.Buffer, 0, data.Size); return algorithm.GetRunningHash (); } }
static byte[] CreateHash(HashAlgorithmType type, SecureBuffer data) { if (!HashAlgorithmProvider.IsAlgorithmSupported(type)) { throw new TlsException(AlertDescription.IlegalParameter); } using (var d = new DisposeContext()) { var algorithm = d.Add(HashAlgorithmProvider.CreateAlgorithm(type)); algorithm.TransformBlock(data.Buffer, 0, data.Size); return(algorithm.GetRunningHash()); } }
protected override SecureBuffer PRF (DisposeContext d, SecureBuffer secret, string label, SecureBuffer data, int length) { /* Secret Length calc exmplain from the RFC2246. Section 5 * * S1 and S2 are the two halves of the secret and each is the same * length. S1 is taken from the first half of the secret, S2 from the * second half. Their length is created by rounding up the length of the * overall secret divided by two; thus, if the original secret is an odd * number of bytes long, the last byte of S1 will be the same as the * first byte of S2. */ // split secret in 2 int secretLen = secret.Size >> 1; // rounding up if ((secret.Size & 0x1) == 0x1) secretLen++; // Secret 1 var secret1 = d.CreateBuffer (secretLen); Buffer.BlockCopy (secret.Buffer, 0, secret1.Buffer, 0, secretLen); // Secret2 var secret2 = d.CreateBuffer (secretLen); Buffer.BlockCopy (secret.Buffer, (secret.Size - secretLen), secret2.Buffer, 0, secretLen); // Secret 1 processing var p_md5 = d.Add (Expand (d, HMac.Create (HashAlgorithmType.Md5, secret1), label, data, length)); // Secret 2 processing var p_sha = d.Add (Expand (d, HMac.Create (HashAlgorithmType.Sha1, secret2), label, data, length)); // Perfor XOR of both results var masterSecret = new SecureBuffer (length); for (int i = 0; i < length; i++) masterSecret.Buffer[i] = (byte)(p_md5.Buffer[i] ^ p_sha.Buffer[i]); return masterSecret; }
protected override void EncryptRecord(DisposeContext d, IBufferOffsetSize buffer) { ICryptoTransform cipher; if (!Cipher.HasFixedIV) { EncryptionAlgorithm.GenerateIV(); cipher = d.Add(EncryptionAlgorithm.CreateEncryptor()); } else { cipher = encryptionCipher; } if (!Cipher.HasFixedIV) { Buffer.BlockCopy(EncryptionAlgorithm.IV, 0, buffer.Buffer, buffer.Offset, BlockSize); } cipher.TransformBlock(buffer.Buffer, buffer.Offset + HeaderSize, buffer.Size - HeaderSize, buffer.Buffer, buffer.Offset + HeaderSize); }
public TlsBuffer ComputeKeyExpansion(DisposeContext d, SecureBuffer masterSecret, SecureBuffer sc, int size) { var buffer = d.Add(PRF(d, masterSecret, "key expansion", sc, size)); return(new TlsBuffer(buffer.Buffer)); }
protected override int DecryptRecord (DisposeContext d, IBufferOffsetSize input, IBufferOffsetSize output) { if ((input.Size % BlockSize) != 0) return -1; int ivSize; ICryptoTransform cipher; if (!Cipher.HasFixedIV) { var IV = new byte [BlockSize]; Buffer.BlockCopy (input.Buffer, input.Offset, IV, 0, BlockSize); ivSize = BlockSize; DecryptionAlgorithm.IV = IV; cipher = d.Add (DecryptionAlgorithm.CreateDecryptor ()); } else { ivSize = 0; cipher = decryptionCipher; } var ret = cipher.TransformBlock (input.Buffer, input.Offset + ivSize, input.Size - ivSize, output.Buffer, output.Offset); if (ret <= 0 || ret != input.Size - ivSize) return -1; if (Cipher.HasFixedIV) { var IV = new byte [BlockSize]; Buffer.BlockCopy (input.Buffer, input.Offset + input.Size - BlockSize, IV, 0, BlockSize); DecryptionAlgorithm.IV = IV; } return ret; }
protected override void EncryptRecord (DisposeContext d, IBufferOffsetSize input) { ICryptoTransform cipher; if (!Cipher.HasFixedIV) { EncryptionAlgorithm.GenerateIV (); cipher = d.Add (EncryptionAlgorithm.CreateEncryptor ()); } else { cipher = encryptionCipher; } if (!Cipher.HasFixedIV) Buffer.BlockCopy (EncryptionAlgorithm.IV, 0, input.Buffer, input.Offset, BlockSize); var ret = cipher.TransformBlock (input.Buffer, input.Offset + HeaderSize, input.Size - HeaderSize, input.Buffer, input.Offset + HeaderSize); if (ret <= 0 || ret != input.Size - HeaderSize) throw new InvalidOperationException (); if (Cipher.HasFixedIV) { var IV = new byte [BlockSize]; Buffer.BlockCopy (input.Buffer, input.Offset + input.Size - BlockSize, IV, 0, BlockSize); EncryptionAlgorithm.IV = IV; } }
public TlsBuffer ComputeKeyExpansion (DisposeContext d, SecureBuffer masterSecret, SecureBuffer sc, int size) { var buffer = d.Add (PRF (d, masterSecret, "key expansion", sc, size)); return new TlsBuffer (buffer.Buffer); }