public Task <ChangeCipherSpecRequest> ClientKeyExchange(ISession session, ClientKeyExchangeRequest request)
{
_logger.Verbose(
$"Handling {nameof(ClientKeyExchange)} " +
$"(ClientPublicKey='{BitConverter.ToString(request.ClientPublicKey)}')."
);
session.ClientPublicKeyParameters = _diffieHellmanService.DeserializeECPublicKey(request.ClientPublicKey);
session.PreMasterSecret = _diffieHellmanService.GetPreMasterSecret(
session.ClientPublicKeyParameters,
session.ServerPrivateKeyParameters
);
session.State = SessionState.Established;
session.ReceiveKey = new byte[32];
session.SendKey = new byte[32];
var sendMacSourceArray = new byte[64];
var receiveMacSourceArray = new byte[64];
var masterSecretSeed = MakeSeed(_masterSecretSeed, session.ServerRandom, session.ClientRandom);
var keyExpansionSeed = MakeSeed(_keyExpansionSeed, session.ServerRandom, session.ClientRandom);
var sourceArray = PRF(
PRF(session.PreMasterSecret, masterSecretSeed, 48),
keyExpansionSeed,
192
);
Array.Copy(sourceArray, 0, session.SendKey, 0, 32);
Array.Copy(sourceArray, 32, session.ReceiveKey, 0, 32);
Array.Copy(sourceArray, 64, sendMacSourceArray, 0, 64);
Array.Copy(sourceArray, 128, receiveMacSourceArray, 0, 64);
session.SendMac = new HMACSHA256(sendMacSourceArray);
session.ReceiveMac = new HMACSHA256(receiveMacSourceArray);
_logger.Information($"Session established (EndPoint='{session.EndPoint}').");
return(Task.FromResult(new ChangeCipherSpecRequest()));
}
protected override async void HandleClientKeyExchangeRequest(ClientKeyExchangeRequest packet, MessageOrigin origin)
{
var preMasterSecret = await serverKeys[origin.endPoint].GetPreMasterSecretAsync(packet.clientPublicKey);
SendReliableResponse(1u, origin.endPoint, packet, ChangeCipherSpecRequest.pool.Obtain());
_encryptionLayer.AddEncryptedEndpoint(1u, origin.endPoint, null, null, preMasterSecret, serverRandoms[origin.endPoint], clientRandoms[origin.endPoint], false);
packet.Release();
}
