protected override void Read(TlsBuffer incoming) { // Server random ServerRandom = new SecureBuffer(incoming.ReadBytes(32)); // Session ID var sessionIdLength = (int)incoming.ReadByte(); if (sessionIdLength > 0) { SessionID = new SecureBuffer(incoming.ReadBytes(sessionIdLength)); } // Cipher suite SelectedCipher = (CipherSuiteCode)incoming.ReadInt16(); var compressionMethod = incoming.ReadByte(); if (compressionMethod != 0) { throw new TlsException(AlertDescription.IlegalParameter, "Invalid compression method received from server"); } Extensions = new TlsExtensionCollection(incoming); }
protected override void Read (TlsBuffer incoming) { ClientRandom = new SecureBuffer (incoming.ReadBytes (32)); var length = (short)incoming.ReadByte (); SessionID = new SecureBuffer (incoming.ReadBytes (length)); length = incoming.ReadInt16 (); if ((length % 2) != 0) throw new TlsException (AlertDescription.DecodeError); bool seenSCSV = false; ClientCiphers = new CipherSuiteCode [length >> 1]; for (int i = 0; i < ClientCiphers.Length; i++) { ClientCiphers [i] = (CipherSuiteCode)incoming.ReadInt16 (); if (ClientCiphers [i] == CipherSuiteCode.TLS_EMPTY_RENEGOTIATION_INFO_SCSV) seenSCSV = true; } // Compression methods length = incoming.ReadByte (); incoming.Position += length; Extensions = new TlsExtensionCollection (incoming); if (seenSCSV) Extensions.AddRenegotiationExtension (); }
public override void ReadServer(TlsBuffer incoming) { curveType = (ECCurveType)incoming.ReadByte(); // Currently, we only support named curves if (curveType == ECCurveType.named_curve) { namedCurve = (NamedCurve)incoming.ReadInt16(); // TODO Check namedCurve is one we offered? domainParameters = NamedCurveHelper.GetECParameters(namedCurve); } else { // TODO Add support for explicit curve parameters throw new TlsException(AlertDescription.HandshakeFailure, "Unsupported elliptic curve type `{0}'.", curveType); } var publicLength = incoming.ReadByte(); publicBytes = incoming.ReadBytes(publicLength); // TODO Check RFC 4492 for validation serverQ = domainParameters.Curve.DecodePoint(publicBytes); Signature = Signature.Read(TlsProtocolCode.Tls12, incoming); }
public static SignatureAndHashAlgorithm DecodeSignatureAndHashAlgorithm(TlsBuffer buffer) { var hash = (HashAlgorithmType)buffer.ReadByte(); var signature = (SignatureAlgorithmType)buffer.ReadByte(); return(new SignatureAndHashAlgorithm(hash, signature)); }
protected override void Read(TlsBuffer incoming) { var length = incoming.ReadByte(); for (int i = 0; i < length; i++) { Parameters.CertificateTypes.Add((ClientCertificateType)incoming.ReadByte()); } if (Protocol == TlsProtocolCode.Tls12) { var length2 = incoming.ReadInt16(); if ((length2 % 2) != 0) { throw new TlsException(AlertDescription.IlegalParameter); } var signatureTypes = new SignatureAndHashAlgorithm [length2 >> 1]; for (int i = 0; i < signatureTypes.Length; i++) { Parameters.SignatureParameters.SignatureAndHashAlgorithms.Add(SignatureHelper.DecodeSignatureAndHashAlgorithm(incoming)); } } var length3 = incoming.ReadInt16(); if (incoming.Remaining != length3) { throw new TlsException(AlertDescription.DecodeError); } /* * Read requested certificate authorities (Distinguised Names) * * Name ::= SEQUENCE OF RelativeDistinguishedName * * RelativeDistinguishedName ::= SET OF AttributeValueAssertion * * AttributeValueAssertion ::= SEQUENCE { * attributeType OBJECT IDENTIFIER * attributeValue ANY * } * */ while (incoming.Remaining > 0) { var rdn = new ASN1(incoming.ReadBytes(incoming.ReadInt16())); Parameters.CertificateAuthorities.Add(X501.ToString(rdn)); } }
public ServerNameExtension(TlsBuffer incoming) { if (incoming.Remaining == 0) { return; } var length = incoming.ReadInt16(); if (length != incoming.Remaining) { throw new TlsException(AlertDescription.DecodeError); } var type = incoming.ReadByte(); if (type != 0x00) { throw new TlsException(AlertDescription.IlegalParameter, "Unknown NameType in ServerName extension"); } var nameLength = incoming.ReadInt16(); if (nameLength + 3 != length) { throw new TlsException(AlertDescription.DecodeError); } ServerName = Encoding.ASCII.GetString(incoming.ReadBytes(nameLength)); }
protected override void Read(TlsBuffer incoming) { var message = incoming.ReadByte(); if (message != 1 || incoming.Remaining != 0) { throw new TlsException(AlertDescription.DecodeError, "Received invalid ChangeCipherSpec message"); } }
protected override void Read (TlsBuffer incoming) { // Server random ServerRandom = new SecureBuffer (incoming.ReadBytes (32)); // Session ID var sessionIdLength = (int)incoming.ReadByte (); if (sessionIdLength > 0) { SessionID = new SecureBuffer (incoming.ReadBytes (sessionIdLength)); } // Cipher suite SelectedCipher = (CipherSuiteCode)incoming.ReadInt16 (); var compressionMethod = incoming.ReadByte (); if (compressionMethod != 0) throw new TlsException (AlertDescription.IlegalParameter, "Invalid compression method received from server"); Extensions = new TlsExtensionCollection (incoming); }
protected override void Read (TlsBuffer incoming) { var length = incoming.ReadByte (); for (int i = 0; i < length; i++) Parameters.CertificateTypes.Add ((ClientCertificateType)incoming.ReadByte ()); if (Protocol == TlsProtocolCode.Tls12) { var length2 = incoming.ReadInt16 (); if ((length2 % 2) != 0) throw new TlsException (AlertDescription.IlegalParameter); var signatureTypes = new SignatureAndHashAlgorithm [length2 >> 1]; for (int i = 0; i < signatureTypes.Length; i++) Parameters.SignatureParameters.SignatureAndHashAlgorithms.Add (new SignatureAndHashAlgorithm (incoming)); } var length3 = incoming.ReadInt16 (); if (incoming.Remaining != length3) throw new TlsException (AlertDescription.DecodeError); /* * Read requested certificate authorities (Distinguised Names) * * Name ::= SEQUENCE OF RelativeDistinguishedName * * RelativeDistinguishedName ::= SET OF AttributeValueAssertion * * AttributeValueAssertion ::= SEQUENCE { * attributeType OBJECT IDENTIFIER * attributeValue ANY * } * */ while (incoming.Remaining > 0) { var rdn = new ASN1 (incoming.ReadBytes (incoming.ReadInt16 ())); Parameters.CertificateAuthorities.Add (X501.ToString (rdn)); } }
protected override void Read(TlsBuffer incoming) { ClientRandom = new SecureBuffer(incoming.ReadBytes(32)); var length = (short)incoming.ReadByte(); SessionID = new SecureBuffer(incoming.ReadBytes(length)); length = incoming.ReadInt16(); if ((length % 2) != 0) { throw new TlsException(AlertDescription.DecodeError); } bool seenSCSV = false; ClientCiphers = new CipherSuiteCode [length >> 1]; for (int i = 0; i < ClientCiphers.Length; i++) { ClientCiphers [i] = (CipherSuiteCode)incoming.ReadInt16(); if (ClientCiphers [i] == CipherSuiteCode.TLS_EMPTY_RENEGOTIATION_INFO_SCSV) { seenSCSV = true; } } // Compression methods length = incoming.ReadByte(); incoming.Position += length; Extensions = new TlsExtensionCollection(incoming); if (seenSCSV) { Extensions.AddRenegotiationExtension(); } }
public ServerNameExtension (TlsBuffer incoming) { if (incoming.Remaining == 0) return; var length = incoming.ReadInt16 (); if (length != incoming.Remaining) throw new TlsException (AlertDescription.DecodeError); var type = incoming.ReadByte (); if (type != 0x00) throw new TlsException (AlertDescription.IlegalParameter, "Unknown NameType in ServerName extension"); var nameLength = incoming.ReadInt16 (); if (nameLength + 3 != length) throw new TlsException (AlertDescription.DecodeError); ServerName = Encoding.ASCII.GetString (incoming.ReadBytes (nameLength)); }
SecurityStatus ProcessAlert (TlsBuffer buffer) { bool decrypted = false; if ((session.Read != null && session.Read.Cipher != null) || (buffer.Remaining != 2)) decrypted = ReadStandardBuffer (ContentType.Alert, ref buffer); if (buffer.Remaining != 2) throw new TlsException (AlertDescription.IlegalParameter, "Invalid Alert message size"); var level = (AlertLevel)buffer.ReadByte (); var description = (AlertDescription)buffer.ReadByte (); if (decrypted) buffer.Dispose (); if (level == AlertLevel.Warning) { if (description == AlertDescription.CloseNotify) { ReceivedCloseNotify = true; if (eventSink != null) eventSink.ReceivedCloseNotify (); return SecurityStatus.ContextExpired; } DebugHelper.WriteLine ("Received alert: {0}", description); return SecurityStatus.ContinueNeeded; } else { throw new TlsException (description); } }
SecurityStatus _GenerateNextToken (TlsBuffer incoming, TlsMultiBuffer outgoing) { #if DEBUG_FULL if (EnableDebugging) { DebugHelper.WriteLine ("GenerateNextToken: {0}", negotiationHandler); if (incoming != null) DebugHelper.WriteRemaining (" incoming", incoming); } #endif if (incoming == null) { negotiationHandler = negotiationHandler.GenerateReply (outgoing); return SecurityStatus.ContinueNeeded; } var contentType = (ContentType)incoming.ReadByte (); #if DEBUG_FULL if (EnableDebugging) DebugHelper.WriteLine (" received message type {0}", contentType); #endif if (skipToOffset >= 0 && contentType != ContentType.Handshake) throw new TlsException (AlertDescription.InternalError); if (contentType == ContentType.Alert) return ProcessAlert (incoming); bool decrypted = false; if (cachedFragment != null) { if (contentType != ContentType.Handshake) throw new TlsException (AlertDescription.DecodeError); decrypted = ReadStandardBuffer (ContentType.Handshake, ref incoming); cachedFragment.Write (incoming.Buffer, incoming.Position, incoming.Remaining); if (cachedFragment.Remaining > 0) return SecurityStatus.ContinueNeeded; incoming.Dispose (); incoming = cachedFragment; cachedFragment = null; incoming.Position = 0; } else { decrypted = ReadStandardBuffer (contentType, ref incoming); } if (Session.Read != null && Session.Read.Cipher != null && !decrypted) throw new TlsException (AlertDescription.DecryptError, "Expected encrypted message."); try { if (contentType == ContentType.ChangeCipherSpec) return negotiationHandler.ProcessMessage (new TlsChangeCipherSpec ()); else if (contentType == ContentType.ApplicationData) { if (session.Read == null || session.Read.Cipher == null || !session.SecureRenegotiation) throw new TlsException (AlertDescription.DecodeError); // FIXME throw new NotImplementedException (); } else if (contentType != ContentType.Handshake) { throw new TlsException (AlertDescription.UnexpectedMessage); } if (skipToOffset >= 0) { incoming.Position = skipToOffset; skipToOffset = -1; } SecurityStatus result; bool finished; while (true) { var startOffset = incoming.Position; finished = ProcessHandshakeMessage (incoming, out result); if (result == SecurityStatus.CredentialsNeeded) { // Caller will call us again with the same input. skipToOffset = startOffset; if (decrypted) Session.Read.ReadSequenceNumber--; return result; } if (incoming.Remaining == 0) break; if (finished || result != SecurityStatus.ContinueNeeded) throw new TlsException (AlertDescription.UnexpectedMessage); } if (finished) negotiationHandler = negotiationHandler.GenerateReply (outgoing); return result; } finally { if (decrypted) incoming.Dispose (); } }
internal SignatureAndHashAlgorithm (TlsBuffer buffer) { Hash = (HashAlgorithmType)buffer.ReadByte (); Signature = (SignatureAlgorithmType)buffer.ReadByte (); }
protected override void Read (TlsBuffer incoming) { var message = incoming.ReadByte (); if (message != 1 || incoming.Remaining != 0) throw new TlsException (AlertDescription.DecodeError, "Received invalid ChangeCipherSpec message"); }
internal RenegotiationExtension (TlsBuffer incoming) { Data = new SecureBuffer (incoming.ReadBytes (incoming.ReadByte ())); }
public override void ReadClient (TlsBuffer incoming) { clientKey = incoming.ReadBytes (incoming.ReadByte ()); }
public override void ReadServer (TlsBuffer incoming) { curveType = (ECCurveType)incoming.ReadByte (); // Currently, we only support named curves if (curveType == ECCurveType.named_curve) { namedCurve = (NamedCurve)incoming.ReadInt16 (); // TODO Check namedCurve is one we offered? domainParameters = NamedCurveHelper.GetECParameters (namedCurve); } else { // TODO Add support for explicit curve parameters throw new TlsException (AlertDescription.HandshakeFailure, "Unsupported elliptic curve type `{0}'.", curveType); } var publicLength = incoming.ReadByte (); publicBytes = incoming.ReadBytes (publicLength); // TODO Check RFC 4492 for validation serverQ = domainParameters.Curve.DecodePoint (publicBytes); Signature = Signature.Read (TlsProtocolCode.Tls12, incoming); }
SecurityStatus _DecryptMessage (ref TlsBuffer incoming) { // Try to read the Record Content Type var contentType = (ContentType)incoming.ReadByte (); #if DEBUG_FULL if (EnableDebugging) DebugHelper.WriteLine ("DecryptMessage({0}): {1}", IsServer ? "server" : "client", contentType); #endif if (contentType == ContentType.Handshake) { #if INSTRUMENTATION if (HasInstrumentationEventSink) InstrumentationEventSink.StartRenegotiation (this); #endif incoming.Position--; return SecurityStatus.Renegotiate; } ReadStandardBuffer (contentType, ref incoming); if (contentType == ContentType.Alert) { var level = (AlertLevel)incoming.ReadByte (); var description = (AlertDescription)incoming.ReadByte (); if (level == AlertLevel.Warning && description == AlertDescription.CloseNotify) { ReceivedCloseNotify = true; if (eventSink != null) eventSink.ReceivedCloseNotify (); return SecurityStatus.ContextExpired; } DebugHelper.WriteLine ("ALERT: {0} {1}", level, description); throw new TlsException (level, description); } else if (contentType == ContentType.ApplicationData) { return SecurityStatus.OK; } throw new TlsException (AlertDescription.UnexpectedMessage, "Unknown content type {0}", contentType); }
internal SignatureAndHashAlgorithm(TlsBuffer buffer) { Hash = (HashAlgorithmType)buffer.ReadByte(); Signature = (SignatureAlgorithmType)buffer.ReadByte(); }
bool ProcessHandshakeMessage (TlsBuffer incoming, out SecurityStatus status) { var handshakeType = (HandshakeType)incoming.ReadByte (); #if DEBUG_FULL if (EnableDebugging) { DebugHelper.WriteLine (">>>> Processing Handshake record ({0})", handshakeType); DebugHelper.WriteRemaining ("HANDSHAKE", incoming); } #endif // Read message length int length = incoming.ReadInt24 (); if (incoming.Remaining < length) { cachedFragment = new TlsBuffer (length + 4); cachedFragment.Position = incoming.Remaining + 4; Buffer.BlockCopy (incoming.Buffer, incoming.Position - 4, cachedFragment.Buffer, 0, cachedFragment.Position); incoming.Position += incoming.Remaining; status = SecurityStatus.ContinueNeeded; return false; } var buffer = incoming.ReadBuffer (length); return negotiationHandler.ProcessHandshakeMessage (handshakeType, buffer, out status); }
public override void ReadClient(TlsBuffer incoming) { clientKey = incoming.ReadBytes(incoming.ReadByte()); }
SecurityStatus _DecryptMessage (ref TlsBuffer incoming) { // Try to read the Record Content Type var contentType = (ContentType)incoming.ReadByte (); #if DEBUG_FULL if (EnableDebugging) DebugHelper.WriteLine ("DecryptMessage: {0}", contentType); #endif ReadStandardBuffer (contentType, ref incoming); if (contentType == ContentType.Alert) { var level = (AlertLevel)incoming.ReadByte (); var description = (AlertDescription)incoming.ReadByte (); if (level == AlertLevel.Warning && description == AlertDescription.CloseNotify) { ReceivedCloseNotify = true; if (eventSink != null) eventSink.ReceivedCloseNotify (); return SecurityStatus.ContextExpired; } DebugHelper.WriteLine ("ALERT: {0} {1}", level, description); throw new TlsException (level, description); } else if (contentType == ContentType.ApplicationData) return SecurityStatus.OK; else if (contentType != ContentType.Handshake) throw new TlsException (AlertDescription.UnexpectedMessage, "Unknown content type {0}", contentType); try { SecurityStatus status; var finished = ProcessHandshakeMessage (incoming, out status); DebugHelper.WriteLine ("RENEGOTIATION REQUEST: {0} {1}", finished, status); return status; } finally { incoming.Dispose (); incoming = null; } }
internal RenegotiationExtension(TlsBuffer incoming) { Data = new SecureBuffer(incoming.ReadBytes(incoming.ReadByte())); }