protected override NegotiationHandler GenerateOutput(TlsMultiBuffer outgoing)
{
ClientCertificate = GenerateClientCertificate();
if (ClientCertificate != null)
{
outgoing.Add(Context.EncodeHandshakeRecord(ClientCertificate));
}
// Send Client Key Exchange
ClientKeyExchange = GenerateClientKeyExchange();
outgoing.Add(Context.EncodeHandshakeRecord(ClientKeyExchange));
CertificateVerify = GenerateCertificateVerify();
if (CertificateVerify != null)
{
outgoing.Add(Context.EncodeHandshakeRecord(CertificateVerify));
}
// Now initialize session cipher with the generated keys
Session.PendingCrypto.InitializeCipher();
SendChangeCipherSpec(outgoing);
outgoing.Add(Context.EncodeHandshakeRecord(GenerateFinished()));
return(Context.CreateNegotiationHandler(NegotiationState.ServerFinished));
}
protected override NegotiationHandler GenerateOutput(TlsMultiBuffer outgoing)
{
outgoing.Add(Context.EncodeHandshakeRecord(GenerateServerHello()));
ServerCertificate = GenerateServerCertificate();
if (ServerCertificate != null)
{
outgoing.Add(Context.EncodeHandshakeRecord(ServerCertificate));
}
ServerKeyExchange = GenerateServerKeyExchange();
if (ServerKeyExchange != null)
{
outgoing.Add(Context.EncodeHandshakeRecord(ServerKeyExchange));
}
CertificateRequest = GenerateCertificateRequest();
if (CertificateRequest != null)
{
outgoing.Add(Context.EncodeHandshakeRecord(CertificateRequest));
}
outgoing.Add(Context.EncodeHandshakeRecord(new TlsServerHelloDone()));
return(Context.CreateNegotiationHandler(NegotiationState.ClientKeyExchange));
}
protected void SendChangeCipherSpec(TlsMultiBuffer messages)
{
// send the chnage cipher spec.
messages.Add(Context.EncodeRecord(ContentType.ChangeCipherSpec, new BufferOffsetSize(new byte[] { 1 })));
Session.PendingCrypto.WriteSequenceNumber = 0;
Session.PendingWrite = true;
}
protected override NegotiationHandler GenerateOutput(TlsMultiBuffer outgoing)
{
SendChangeCipherSpec(outgoing);
SwitchToNewCipher();
outgoing.Add(Context.EncodeHandshakeRecord(GenerateFinished()));
FinishHandshake();
if (UserSettings.MartinHack_TriggerRenegotiationOnFinish)
{
// FIXME: HACK to force renegotiation!
Config.UserSettings.MartinHack_TriggerRenegotiationOnFinish = false;
outgoing.Add(Context.EncodeHandshakeRecord(new TlsHelloRequest()));
}
return(Context.CreateNegotiationHandler(NegotiationState.RenegotiatingServerConnection));
}
protected override NegotiationHandler GenerateOutput(TlsMultiBuffer outgoing)
{
StartHandshake();
Resolve();
#if INSTRUMENTATION
if (Renegotiating && Context.HasInstrument(HandshakeInstrumentType.SendBlobBeforeRenegotiatingHello))
{
var blob = Instrumentation.GetTextBuffer(HandshakeInstrumentType.SendBlobBeforeRenegotiatingHello);
outgoing.Add(Context.EncodeRecord(ContentType.ApplicationData, blob));
}
#endif
outgoing.Add(Context.EncodeHandshakeRecord(GenerateClientHello()));
canSendAlert = true;
return(Context.CreateNegotiationHandler(NegotiationState.ServerHello));
}
protected override NegotiationHandler GenerateOutput (TlsMultiBuffer outgoing)
{
#if INSTRUMENTATION
if (Context.HasInstrument (HandshakeInstrumentType.SendBlobAfterReceivingFinish)) {
var blob = Instrumentation.GetTextBuffer (HandshakeInstrumentType.SendBlobAfterReceivingFinish);
outgoing.Add (Context.EncodeRecord (ContentType.ApplicationData, blob));
}
#endif
return Context.CreateNegotiationHandler (NegotiationState.RenegotiatingClientConnection);
}
protected override NegotiationHandler GenerateOutput(TlsMultiBuffer outgoing)
{
SendChangeCipherSpec(outgoing);
SwitchToNewCipher();
outgoing.Add(Context.EncodeHandshakeRecord(GenerateFinished()));
FinishHandshake();
#if INSTRUMENTATION
if (Session.IsRenegotiated && Context.HasInstrumentationEventSink)
{
Context.InstrumentationEventSink.RenegotiationCompleted(Context);
}
else if (!Session.IsRenegotiated && Context.HasInstrument(HandshakeInstrumentType.RequestServerRenegotiation))
{
Session.IsRenegotiated = true;
if (Context.HasInstrument(HandshakeInstrumentType.SendBlobBeforeHelloRequest))
{
var blob = Instrumentation.GetTextBuffer(HandshakeInstrumentType.SendBlobBeforeHelloRequest);
outgoing.Add(Context.EncodeRecord(ContentType.ApplicationData, blob));
}
outgoing.Add(Context.EncodeHandshakeRecord(new TlsHelloRequest()));
if (Context.HasInstrument(HandshakeInstrumentType.SendBlobAfterHelloRequest))
{
var blob = Instrumentation.GetTextBuffer(HandshakeInstrumentType.SendBlobAfterHelloRequest);
outgoing.Add(Context.EncodeRecord(ContentType.ApplicationData, blob));
}
if (Context.HasInstrument(HandshakeInstrumentType.SendDuplicateHelloRequest))
{
outgoing.Add(Context.EncodeHandshakeRecord(new TlsHelloRequest()));
}
}
#endif
return(Context.CreateNegotiationHandler(NegotiationState.RenegotiatingServerConnection));
}
protected override NegotiationHandler GenerateOutput(TlsMultiBuffer outgoing)
{
#if INSTRUMENTATION
if (Context.HasInstrument(HandshakeInstrumentType.SendBlobAfterReceivingFinish))
{
var blob = Instrumentation.GetTextBuffer(HandshakeInstrumentType.SendBlobAfterReceivingFinish);
outgoing.Add(Context.EncodeRecord(ContentType.ApplicationData, blob));
}
#endif
return(Context.CreateNegotiationHandler(NegotiationState.RenegotiatingClientConnection));
}
protected override NegotiationHandler GenerateOutput (TlsMultiBuffer outgoing)
{
ClientCertificate = GenerateClientCertificate ();
if (ClientCertificate != null)
outgoing.Add (Context.EncodeHandshakeRecord (ClientCertificate));
// Send Client Key Exchange
ClientKeyExchange = GenerateClientKeyExchange ();
outgoing.Add (Context.EncodeHandshakeRecord (ClientKeyExchange));
CertificateVerify = GenerateCertificateVerify ();
if (CertificateVerify != null)
outgoing.Add (Context.EncodeHandshakeRecord (CertificateVerify));
// Now initialize session cipher with the generated keys
Session.PendingCrypto.InitializeCipher ();
SendChangeCipherSpec (outgoing);
outgoing.Add (Context.EncodeHandshakeRecord (GenerateFinished ()));
return Context.CreateNegotiationHandler (NegotiationState.ServerFinished);
}
protected override NegotiationHandler GenerateOutput (TlsMultiBuffer outgoing)
{
StartHandshake ();
Resolve ();
#if INSTRUMENTATION
if (Renegotiating && Context.HasInstrument (HandshakeInstrumentType.SendBlobBeforeRenegotiatingHello)) {
var blob = Instrumentation.GetTextBuffer (HandshakeInstrumentType.SendBlobBeforeRenegotiatingHello);
outgoing.Add (Context.EncodeRecord (ContentType.ApplicationData, blob));
}
#endif
outgoing.Add (Context.EncodeHandshakeRecord (GenerateClientHello ()));
canSendAlert = true;
return Context.CreateNegotiationHandler (NegotiationState.ServerHello);
}
public SecurityStatus GenerateNextToken (TlsBuffer incoming, TlsMultiBuffer outgoing)
{
try {
CheckValid ();
return _GenerateNextToken (incoming, outgoing);
} catch (TlsException ex) {
var alert = OnError (ex);
if (alert != null)
outgoing.Add (alert);
Clear ();
return SecurityStatus.ContextExpired;
} catch {
Clear ();
throw;
}
}
protected override NegotiationHandler GenerateOutput (TlsMultiBuffer outgoing)
{
SendChangeCipherSpec (outgoing);
SwitchToNewCipher ();
outgoing.Add (Context.EncodeHandshakeRecord (GenerateFinished ()));
FinishHandshake ();
#if INSTRUMENTATION
if (Session.IsRenegotiated && Context.HasInstrumentationEventSink) {
Context.InstrumentationEventSink.RenegotiationCompleted (Context);
} else if (!Session.IsRenegotiated && Context.HasInstrument (HandshakeInstrumentType.RequestServerRenegotiation)) {
Session.IsRenegotiated = true;
if (Context.HasInstrument (HandshakeInstrumentType.SendBlobBeforeHelloRequest)) {
var blob = Instrumentation.GetTextBuffer (HandshakeInstrumentType.SendBlobBeforeHelloRequest);
outgoing.Add (Context.EncodeRecord (ContentType.ApplicationData, blob));
}
outgoing.Add (Context.EncodeHandshakeRecord (new TlsHelloRequest ()));
if (Context.HasInstrument (HandshakeInstrumentType.SendBlobAfterHelloRequest)) {
var blob = Instrumentation.GetTextBuffer (HandshakeInstrumentType.SendBlobAfterHelloRequest);
outgoing.Add (Context.EncodeRecord (ContentType.ApplicationData, blob));
}
if (Context.HasInstrument (HandshakeInstrumentType.SendDuplicateHelloRequest))
outgoing.Add (Context.EncodeHandshakeRecord (new TlsHelloRequest ()));
}
#endif
return Context.CreateNegotiationHandler (NegotiationState.RenegotiatingServerConnection);
}
protected override NegotiationHandler GenerateOutput(TlsMultiBuffer outgoing)
{
StartHandshake();
outgoing.Add(Context.EncodeHandshakeRecord(GenerateClientHello()));
return(Context.CreateNegotiationHandler(NegotiationState.ServerHello));
}
protected override NegotiationHandler GenerateOutput (TlsMultiBuffer outgoing)
{
StartHandshake ();
Resolve ();
outgoing.Add (Context.EncodeHandshakeRecord (GenerateClientHello ()));
canSendAlert = true;
return Context.CreateNegotiationHandler (NegotiationState.ServerHello);
}
public SecurityStatus GenerateNextToken (TlsBuffer incoming, TlsMultiBuffer outgoing)
{
try {
CheckValid ();
return _GenerateNextToken (incoming, outgoing);
} catch (TlsException ex) {
OnError (ex);
if (negotiationHandler != null && negotiationHandler.CanSendAlert) {
var alert = CreateAlert (ex.Alert);
outgoing.Add (alert);
}
Clear ();
return SecurityStatus.ContextExpired;
} catch {
Clear ();
throw;
}
}
SecurityStatus EncodeHandshakeRecord (HandshakeMessage message, TlsMultiBuffer output)
{
var bytes = EncodeHandshakeRecord (message);
output.Add (bytes);
return message.Type == HandshakeType.Finished ? SecurityStatus.OK : SecurityStatus.ContinueNeeded;
}
protected override NegotiationHandler GenerateOutput (TlsMultiBuffer outgoing)
{
Resolve ();
outgoing.Add (Context.EncodeHandshakeRecord (GenerateServerHello ()));
ServerCertificate = GenerateServerCertificate ();
if (ServerCertificate != null)
outgoing.Add (Context.EncodeHandshakeRecord (ServerCertificate));
ServerKeyExchange = GenerateServerKeyExchange ();
if (ServerKeyExchange != null)
outgoing.Add (Context.EncodeHandshakeRecord (ServerKeyExchange));
CertificateRequest = GenerateCertificateRequest ();
if (CertificateRequest != null)
outgoing.Add (Context.EncodeHandshakeRecord (CertificateRequest));
outgoing.Add (Context.EncodeHandshakeRecord (new TlsServerHelloDone ()));
return Context.CreateNegotiationHandler (NegotiationState.ClientKeyExchange);
}
protected void SendChangeCipherSpec (TlsMultiBuffer messages)
{
// send the chnage cipher spec.
messages.Add (Context.EncodeRecord (ContentType.ChangeCipherSpec, new BufferOffsetSize (new byte[] { 1 })));
Session.PendingCrypto.WriteSequenceNumber = 0;
Session.PendingWrite = true;
}
protected override NegotiationHandler GenerateOutput (TlsMultiBuffer outgoing)
{
SendChangeCipherSpec (outgoing);
SwitchToNewCipher ();
outgoing.Add (Context.EncodeHandshakeRecord (GenerateFinished ()));
FinishHandshake ();
#if INSTRUMENTATION
if (!Session.IsRenegotiated && (Settings.RequestRenegotiation ?? false)) {
// FIXME: HACK to force renegotiation!
Session.IsRenegotiated = true;
outgoing.Add (Context.EncodeHandshakeRecord (new TlsHelloRequest ()));
}
#endif
return Context.CreateNegotiationHandler (NegotiationState.RenegotiatingServerConnection);
}
