protected virtual short ProcessMaxFragmentLengthExtension(IDictionary clientExtensions, IDictionary serverExtensions, byte alertDescription) { short maxFragmentLengthExtension = TlsExtensionsUtilities.GetMaxFragmentLengthExtension(serverExtensions); if (maxFragmentLengthExtension >= 0 && (!MaxFragmentLength.IsValid((byte)maxFragmentLengthExtension) || (!mResumedSession && maxFragmentLengthExtension != TlsExtensionsUtilities.GetMaxFragmentLengthExtension(clientExtensions)))) { throw new TlsFatalAlert(alertDescription); } return(maxFragmentLengthExtension); }
protected static short EvaluateMaxFragmentLengthExtension(bool resumedSession, IDictionary clientExtensions, IDictionary serverExtensions, byte alertDescription) { short maxFragmentLengthExtension = TlsExtensionsUtilities.GetMaxFragmentLengthExtension(serverExtensions); if (maxFragmentLengthExtension >= 0 && (!MaxFragmentLength.IsValid((byte)maxFragmentLengthExtension) || (!resumedSession && maxFragmentLengthExtension != TlsExtensionsUtilities.GetMaxFragmentLengthExtension(clientExtensions)))) { throw new TlsFatalAlert(alertDescription); } return(maxFragmentLengthExtension); }
protected virtual void ApplyMaxFragmentLengthExtension() { if (mSecurityParameters.maxFragmentLength >= 0) { if (!MaxFragmentLength.IsValid((byte)mSecurityParameters.maxFragmentLength)) { throw new TlsFatalAlert(80); } int plaintextLimit = 1 << 8 + mSecurityParameters.maxFragmentLength; mRecordStream.SetPlaintextLimit(plaintextLimit); } }
internal static void ApplyMaxFragmentLengthExtension(DtlsRecordLayer recordLayer, short maxFragmentLength) { if (maxFragmentLength >= 0) { if (!MaxFragmentLength.IsValid((byte)maxFragmentLength)) { throw new TlsFatalAlert(80); } int plaintextLimit = 1 << 8 + maxFragmentLength; recordLayer.SetPlaintextLimit(plaintextLimit); } }
public virtual void ProcessClientExtensions(IDictionary clientExtensions) { mClientExtensions = clientExtensions; if (clientExtensions != null) { mEncryptThenMacOffered = TlsExtensionsUtilities.HasEncryptThenMacExtension(clientExtensions); mMaxFragmentLengthOffered = TlsExtensionsUtilities.GetMaxFragmentLengthExtension(clientExtensions); if (mMaxFragmentLengthOffered >= 0 && !MaxFragmentLength.IsValid((byte)mMaxFragmentLengthOffered)) { throw new TlsFatalAlert(47); } mTruncatedHMacOffered = TlsExtensionsUtilities.HasTruncatedHMacExtension(clientExtensions); mSupportedSignatureAlgorithms = TlsUtilities.GetSignatureAlgorithmsExtension(clientExtensions); if (mSupportedSignatureAlgorithms != null && !TlsUtilities.IsSignatureAlgorithmsExtensionAllowed(mClientVersion)) { throw new TlsFatalAlert(47); } mNamedCurves = TlsEccUtilities.GetSupportedEllipticCurvesExtension(clientExtensions); mClientECPointFormats = TlsEccUtilities.GetSupportedPointFormatsExtension(clientExtensions); } }
public virtual IDictionary GetServerExtensions() { if (mEncryptThenMacOffered && AllowEncryptThenMac && TlsUtilities.IsBlockCipherSuite(mSelectedCipherSuite)) { TlsExtensionsUtilities.AddEncryptThenMacExtension(CheckServerExtensions()); } if (mMaxFragmentLengthOffered >= 0 && TlsUtilities.IsValidUint8(mMaxFragmentLengthOffered) && MaxFragmentLength.IsValid((byte)mMaxFragmentLengthOffered)) { TlsExtensionsUtilities.AddMaxFragmentLengthExtension(CheckServerExtensions(), (byte)mMaxFragmentLengthOffered); } if (mTruncatedHMacOffered && AllowTruncatedHMac) { TlsExtensionsUtilities.AddTruncatedHMacExtension(CheckServerExtensions()); } if (mClientECPointFormats != null && TlsEccUtilities.IsEccCipherSuite(mSelectedCipherSuite)) { mServerECPointFormats = new byte[3] { 0, 1, 2 }; TlsEccUtilities.AddSupportedPointFormatsExtension(CheckServerExtensions(), mServerECPointFormats); } return(mServerExtensions); }
public void HandleHandshake(MessageType messageType, IByteBuffer data) { switch (messageType) { case MessageType.HELLO_VERIFY_REQUEST: if (handshakeState != State.CLIENT_HELLO_SENT) { throw new TlsFatalAlert(AlertDescription.unexpected_message); } ProcessHelloVerifyRequest(data); break; case MessageType.SERVER_HELLO: if (handshakeState != State.CLIENT_HELLO_SENT) { throw new TlsFatalAlert(AlertDescription.unexpected_message); } ProcessServerHello(data); clientState.HandshakeHash = clientState.HandshakeHash.NotifyPrfDetermined(); short maxFragmentLength = ((AsyncDtlsSecurityParameters)clientState.ClientContext.SecurityParameters).GetMaxFragmentLength(); if (maxFragmentLength >= 0) { if (!MaxFragmentLength.IsValid((byte)maxFragmentLength)) { throw new TlsFatalAlert(AlertDescription.internal_error); } int plainTextLimit = 1 << (8 + maxFragmentLength); recordLayer.SetPlaintextLimit(plainTextLimit); } if (clientState.ResumedSession) { byte[] masterSecret = new byte[clientState.SessionParameters.MasterSecret.Length]; Array.Copy(clientState.SessionParameters.MasterSecret, 0, masterSecret, 0, masterSecret.Length); ((AsyncDtlsSecurityParameters)clientState.ClientContext.SecurityParameters).SetMasterSecret(masterSecret); recordLayer.InitPendingEpoch(clientState.Client.GetCipher()); } else { if (clientState.SessionParameters != null) { clientState.SessionParameters.Clear(); clientState.SessionParameters = null; } if (clientState.TlsSession != null) { clientState.TlsSession.Invalidate(); clientState.TlsSession = null; } if (clientState.SelectedSessionID.Length > 0) { clientState.TlsSession = new AsyncDtlsSessionImpl(clientState.SelectedSessionID, null); } } handshakeState = State.SERVER_HELLO_RECEIVED; break; case MessageType.SUPPLEMENTAL_DATA: if (handshakeState != State.SERVER_HELLO_RECEIVED) { throw new TlsFatalAlert(AlertDescription.unexpected_message); } ProcessServerSupplementalData(data); handshakeState = State.SUPP_DATA_RECEIVED; break; case MessageType.CERTIFICATE: if (handshakeState == State.SERVER_HELLO_RECEIVED) { clientState.Client.ProcessServerSupplementalData(null); handshakeState = State.SUPP_DATA_RECEIVED; } if (handshakeState != State.SUPP_DATA_RECEIVED) { throw new TlsFatalAlert(AlertDescription.unexpected_message); } clientState.KeyExchange = clientState.Client.GetKeyExchange(); clientState.KeyExchange.Init(clientState.ClientContext); ProcessServerCertificate(data); handshakeState = State.CERTIFICATE_RECEIVED; break; case MessageType.CERTIFICATE_STATUS: if (handshakeState == State.SERVER_HELLO_RECEIVED) { clientState.Client.ProcessServerSupplementalData(null); handshakeState = State.SUPP_DATA_RECEIVED; } if (handshakeState == State.SUPP_DATA_RECEIVED) { clientState.KeyExchange = clientState.Client.GetKeyExchange(); clientState.KeyExchange.Init(clientState.ClientContext); clientState.KeyExchange.SkipServerCredentials(); handshakeState = State.CERTIFICATE_RECEIVED; } if (handshakeState != State.CERTIFICATE_RECEIVED) { throw new TlsFatalAlert(AlertDescription.unexpected_message); } ProcessCertificateStatus(data); handshakeState = State.CERTIFICATE_STATUS_RECEIVED; break; case MessageType.SERVER_KEY_EXCHANGE: if (handshakeState == State.SERVER_HELLO_RECEIVED) { clientState.Client.ProcessServerSupplementalData(null); handshakeState = State.SUPP_DATA_RECEIVED; } if (handshakeState == State.SUPP_DATA_RECEIVED) { clientState.KeyExchange = clientState.Client.GetKeyExchange(); clientState.KeyExchange.Init(clientState.ClientContext); clientState.KeyExchange.SkipServerCredentials(); handshakeState = State.CERTIFICATE_RECEIVED; } if (handshakeState == State.CERTIFICATE_RECEIVED) { handshakeState = State.CERTIFICATE_STATUS_RECEIVED; } if (handshakeState != State.CERTIFICATE_STATUS_RECEIVED) { throw new TlsFatalAlert(AlertDescription.unexpected_message); } ProcessServerKeyExchange(data); handshakeState = State.SERVER_KEY_EXCHANGE_RECEIVED; break; case MessageType.CERTIFICATE_REQUEST: if (handshakeState == State.SERVER_HELLO_RECEIVED) { clientState.Client.ProcessServerSupplementalData(null); handshakeState = State.SUPP_DATA_RECEIVED; } if (handshakeState == State.SUPP_DATA_RECEIVED) { clientState.KeyExchange = clientState.Client.GetKeyExchange(); clientState.KeyExchange.Init(clientState.ClientContext); clientState.KeyExchange.SkipServerCredentials(); handshakeState = State.CERTIFICATE_RECEIVED; } if (handshakeState == State.CERTIFICATE_RECEIVED) { handshakeState = State.CERTIFICATE_STATUS_RECEIVED; } if (handshakeState == State.CERTIFICATE_STATUS_RECEIVED) { clientState.KeyExchange.SkipServerKeyExchange(); handshakeState = State.SERVER_KEY_EXCHANGE_RECEIVED; } if (handshakeState != State.SERVER_KEY_EXCHANGE_RECEIVED) { throw new TlsFatalAlert(AlertDescription.unexpected_message); } ProcessCertificateRequest(data); handshakeState = State.CERTIFICATE_REQUEST_RECEIVED; break; case MessageType.SERVER_HELLO_DONE: if (handshakeState == State.SERVER_HELLO_RECEIVED) { clientState.Client.ProcessServerSupplementalData(null); handshakeState = State.SUPP_DATA_RECEIVED; } if (handshakeState == State.SUPP_DATA_RECEIVED) { clientState.KeyExchange = clientState.Client.GetKeyExchange(); clientState.KeyExchange.Init(clientState.ClientContext); clientState.KeyExchange.SkipServerCredentials(); handshakeState = State.CERTIFICATE_RECEIVED; } if (handshakeState == State.CERTIFICATE_RECEIVED) { handshakeState = State.CERTIFICATE_STATUS_RECEIVED; } if (handshakeState == State.CERTIFICATE_STATUS_RECEIVED) { clientState.KeyExchange.SkipServerKeyExchange(); handshakeState = State.SERVER_KEY_EXCHANGE_RECEIVED; } if (handshakeState == State.SERVER_KEY_EXCHANGE_RECEIVED) { handshakeState = State.CERTIFICATE_REQUEST_RECEIVED; } if (handshakeState != State.CERTIFICATE_REQUEST_RECEIVED) { throw new TlsFatalAlert(AlertDescription.unexpected_message); } ProcessServerHelloDone(data); handshakeState = State.SERVER_HELLO_DONE; break; case MessageType.SESSION_TICKET: if (handshakeState != State.FINISH_SENT || !clientState.ExpectSessionTicket) { throw new TlsFatalAlert(AlertDescription.unexpected_message); } ProcessNewSessionTicket(data); handshakeState = State.SESSION_TICKET_RECEIVED; break; case MessageType.FINISHED: if (handshakeState != State.FINISH_SENT && handshakeState != State.SESSION_TICKET_RECEIVED && handshakeState != State.SERVER_HELLO_RECEIVED) { throw new TlsFatalAlert(AlertDescription.unexpected_message); } if (handshakeState == State.FINISH_SENT && clientState.ExpectSessionTicket) { throw new TlsFatalAlert(AlertDescription.unexpected_message); } if (handshakeState == State.SERVER_HELLO_RECEIVED && clientState.ResumedSession) { throw new TlsFatalAlert(AlertDescription.unexpected_message); } ProcessFinished(data); break; default: throw new TlsFatalAlert(AlertDescription.unexpected_message); } }