protected virtual void HandleClientKeyExchange(TlsClientKeyExchange message) { HandshakeParameters.KeyExchange.HandleClient(Context, message.KeyExchange); // Initialize Cipher Suite PendingCrypto.InitializeCipher(); }
protected override NegotiationHandler GenerateOutput(TlsMultiBuffer outgoing) { ClientCertificate = GenerateClientCertificate(); if (ClientCertificate != null) { outgoing.Add(Context.EncodeHandshakeRecord(ClientCertificate)); } // Send Client Key Exchange ClientKeyExchange = GenerateClientKeyExchange(); outgoing.Add(Context.EncodeHandshakeRecord(ClientKeyExchange)); CertificateVerify = GenerateCertificateVerify(); if (CertificateVerify != null) { outgoing.Add(Context.EncodeHandshakeRecord(CertificateVerify)); } // Now initialize session cipher with the generated keys Session.PendingCrypto.InitializeCipher(); SendChangeCipherSpec(outgoing); outgoing.Add(Context.EncodeHandshakeRecord(GenerateFinished())); return(Context.CreateNegotiationHandler(NegotiationState.ServerFinished)); }
protected override MessageStatus HandleMessage(Message message) { switch (message.Type) { case HandshakeType.Certificate: if (!Session.AskedForCertificate) { throw new TlsException(AlertDescription.UnexpectedMessage); } certificate = (TlsCertificate)message; HandleCertificate(certificate); return(MessageStatus.ContinueNeeded); case HandshakeType.ClientKeyExchange: if (Settings.RequireClientCertificate && certificate == null) { throw new TlsException(AlertDescription.UnexpectedMessage, "Peer did not respond with a certificate."); } keyExchange = (TlsClientKeyExchange)message; HandleClientKeyExchange(keyExchange); return(MessageStatus.ContinueNeeded); case HandshakeType.ChanceCipherSpec: if (Settings.RequireClientCertificate && certificateVerify == null) { throw new TlsException(AlertDescription.UnexpectedMessage, "Missing CertificateVerify message."); } cipherSpec = (TlsChangeCipherSpec)message; HandleChangeCipherSpec(cipherSpec); return(MessageStatus.ContinueNeeded); case HandshakeType.Finished: finished = (TlsFinished)message; HandleFinished(finished); return(MessageStatus.Finished); case HandshakeType.CertificateVerify: certificateVerify = (TlsCertificateVerify)message; HandleCertificateVerify(certificateVerify); return(MessageStatus.ContinueNeeded); default: throw new InvalidOperationException(); } }
protected override MessageStatus HandleMessage (Message message) { switch (message.Type) { case HandshakeType.Certificate: if (!Session.AskedForCertificate) throw new TlsException (AlertDescription.UnexpectedMessage); certificate = (TlsCertificate)message; HandleCertificate (certificate); return MessageStatus.ContinueNeeded; case HandshakeType.ClientKeyExchange: if (Settings.RequireClientCertificate && certificate == null) throw new TlsException (AlertDescription.UnexpectedMessage, "Peer did not respond with a certificate."); keyExchange = (TlsClientKeyExchange)message; HandleClientKeyExchange (keyExchange); return MessageStatus.ContinueNeeded; case HandshakeType.ChanceCipherSpec: if (Settings.RequireClientCertificate && certificateVerify == null) throw new TlsException (AlertDescription.UnexpectedMessage, "Missing CertificateVerify message."); cipherSpec = (TlsChangeCipherSpec)message; HandleChangeCipherSpec (cipherSpec); return MessageStatus.ContinueNeeded; case HandshakeType.Finished: finished = (TlsFinished)message; HandleFinished (finished); return MessageStatus.Finished; case HandshakeType.CertificateVerify: certificateVerify = (TlsCertificateVerify)message; HandleCertificateVerify (certificateVerify); return MessageStatus.ContinueNeeded; default: throw new InvalidOperationException (); } }
protected override NegotiationHandler GenerateOutput (TlsMultiBuffer outgoing) { ClientCertificate = GenerateClientCertificate (); if (ClientCertificate != null) outgoing.Add (Context.EncodeHandshakeRecord (ClientCertificate)); // Send Client Key Exchange ClientKeyExchange = GenerateClientKeyExchange (); outgoing.Add (Context.EncodeHandshakeRecord (ClientKeyExchange)); CertificateVerify = GenerateCertificateVerify (); if (CertificateVerify != null) outgoing.Add (Context.EncodeHandshakeRecord (CertificateVerify)); // Now initialize session cipher with the generated keys Session.PendingCrypto.InitializeCipher (); SendChangeCipherSpec (outgoing); outgoing.Add (Context.EncodeHandshakeRecord (GenerateFinished ())); return Context.CreateNegotiationHandler (NegotiationState.ServerFinished); }
private void _read() { _msgType = ((TlsPacket.TlsHandshakeType)m_io.ReadU1()); _length = new TlsLength(m_io, this, m_root); switch (MsgType) { case TlsPacket.TlsHandshakeType.HelloRequest: { __raw_body = m_io.ReadBytes(Length.Value); var io___raw_body = new KaitaiStream(__raw_body); _body = new TlsHelloRequest(io___raw_body, this, m_root); break; } case TlsPacket.TlsHandshakeType.Certificate: { __raw_body = m_io.ReadBytes(Length.Value); var io___raw_body = new KaitaiStream(__raw_body); _body = new TlsCertificate(io___raw_body, this, m_root); break; } case TlsPacket.TlsHandshakeType.CertificateVerify: { __raw_body = m_io.ReadBytes(Length.Value); var io___raw_body = new KaitaiStream(__raw_body); _body = new TlsCertificateVerify(io___raw_body, this, m_root); break; } case TlsPacket.TlsHandshakeType.ServerKeyExchange: { __raw_body = m_io.ReadBytes(Length.Value); var io___raw_body = new KaitaiStream(__raw_body); _body = new TlsServerKeyExchange(io___raw_body, this, m_root); break; } case TlsPacket.TlsHandshakeType.ClientHello: { __raw_body = m_io.ReadBytes(Length.Value); var io___raw_body = new KaitaiStream(__raw_body); _body = new TlsClientHello(io___raw_body, this, m_root); break; } case TlsPacket.TlsHandshakeType.ClientKeyExchange: { __raw_body = m_io.ReadBytes(Length.Value); var io___raw_body = new KaitaiStream(__raw_body); _body = new TlsClientKeyExchange(io___raw_body, this, m_root); break; } case TlsPacket.TlsHandshakeType.ServerHello: { __raw_body = m_io.ReadBytes(Length.Value); var io___raw_body = new KaitaiStream(__raw_body); _body = new TlsServerHello(io___raw_body, this, m_root); break; } case TlsPacket.TlsHandshakeType.CertificateRequest: { __raw_body = m_io.ReadBytes(Length.Value); var io___raw_body = new KaitaiStream(__raw_body); _body = new TlsCertificateRequest(io___raw_body, this, m_root); break; } case TlsPacket.TlsHandshakeType.ServerHelloDone: { __raw_body = m_io.ReadBytes(Length.Value); var io___raw_body = new KaitaiStream(__raw_body); _body = new TlsServerHelloDone(io___raw_body, this, m_root); break; } default: { _body = m_io.ReadBytes(Length.Value); break; } } }
protected virtual void HandleClientKeyExchange (TlsClientKeyExchange message) { HandshakeParameters.KeyExchange.HandleClient (Context, message.KeyExchange); // Initialize Cipher Suite PendingCrypto.InitializeCipher (); }
private void _parse() { _handshakeType = ((TlsRecord.TlsHandshakeType)m_io.ReadU1()); _bodyLength = new TlsLength(m_io, this, m_root); switch (HandshakeType) { case TlsRecord.TlsHandshakeType.HelloRequest: { __raw_body = m_io.ReadBytes((M_Parent.Length - 4)); var io___raw_body = new KaitaiStream(__raw_body); _body = new TlsEmpty(io___raw_body, this, m_root); break; } case TlsRecord.TlsHandshakeType.Certificate: { __raw_body = m_io.ReadBytes((M_Parent.Length - 4)); var io___raw_body = new KaitaiStream(__raw_body); _body = new TlsCertificate(io___raw_body, this, m_root); break; } case TlsRecord.TlsHandshakeType.CertificateVerify: { __raw_body = m_io.ReadBytes((M_Parent.Length - 4)); var io___raw_body = new KaitaiStream(__raw_body); _body = new TlsCertificateVerify(io___raw_body, this, m_root); break; } case TlsRecord.TlsHandshakeType.ServerKeyExchange: { __raw_body = m_io.ReadBytes((M_Parent.Length - 4)); var io___raw_body = new KaitaiStream(__raw_body); _body = new TlsServerKeyExchange(io___raw_body, this, m_root); break; } case TlsRecord.TlsHandshakeType.ClientHello: { __raw_body = m_io.ReadBytes((M_Parent.Length - 4)); var io___raw_body = new KaitaiStream(__raw_body); _body = new TlsClientHello(io___raw_body, this, m_root); break; } case TlsRecord.TlsHandshakeType.Finished: { __raw_body = m_io.ReadBytes((M_Parent.Length - 4)); var io___raw_body = new KaitaiStream(__raw_body); _body = new TlsFinished(io___raw_body, this, m_root); break; } case TlsRecord.TlsHandshakeType.ClientKeyExchange: { __raw_body = m_io.ReadBytes((M_Parent.Length - 4)); var io___raw_body = new KaitaiStream(__raw_body); _body = new TlsClientKeyExchange(io___raw_body, this, m_root); break; } case TlsRecord.TlsHandshakeType.ServerHello: { __raw_body = m_io.ReadBytes((M_Parent.Length - 4)); var io___raw_body = new KaitaiStream(__raw_body); _body = new TlsServerHello(io___raw_body, this, m_root); break; } case TlsRecord.TlsHandshakeType.CertificateRequest: { __raw_body = m_io.ReadBytes((M_Parent.Length - 4)); var io___raw_body = new KaitaiStream(__raw_body); _body = new TlsCertificateRequest(io___raw_body, this, m_root); break; } case TlsRecord.TlsHandshakeType.ServerHelloDone: { __raw_body = m_io.ReadBytes((M_Parent.Length - 4)); var io___raw_body = new KaitaiStream(__raw_body); _body = new TlsServerHelloDone(io___raw_body, this, m_root); break; } default: { __raw_body = m_io.ReadBytes((M_Parent.Length - 4)); var io___raw_body = new KaitaiStream(__raw_body); _body = new TlsEncryptedMessage(io___raw_body, this, m_root); break; } } }
public TlsPreMasterSecret(KaitaiStream io, TlsClientKeyExchange parent = null, TlsRecord root = null) : base(io) { m_parent = parent; m_root = root; _parse(); }