internal /*virtual*/ BufferSegment DecodeAndVerify(byte type, Stream input, int len)
{
BufferSegment buf = TlsUtilities.ReadFullyOptimized(len, input);
long seqNo = mReadSeqNo.NextValue(AlertDescription.unexpected_message);
BufferSegment decoded = mReadCipher.DecodeCiphertext(seqNo, type, buf.Data, buf.Offset, buf.Count);
if (buf.Data != decoded.Data)
{
BufferPool.Release(buf);
}
CheckLength(decoded.Count, mCompressedLimit, AlertDescription.record_overflow);
/*
* TODO 5246 6.2.2. Implementation note: Decompression functions are responsible for
* ensuring that messages cannot cause internal buffer overflows.
*/
//Stream cOut = mReadCompression.Decompress(mBuffer);
//if (cOut != mBuffer)
//{
// cOut.Write(decoded, 0, decoded.Length);
// cOut.Flush();
// decoded = GetBufferContents();
//}
/*
* RFC 5246 6.2.2. If the decompression function encounters a TLSCompressed.fragment that
* would decompress to a length in excess of 2^14 bytes, it should report a fatal
* decompression failure error.
*/
//CheckLength(decoded.Length, mPlaintextLimit, AlertDescription.decompression_failure);
/*
* RFC 5246 6.2.1 Implementations MUST NOT send zero-length fragments of Handshake, Alert,
* or ChangeCipherSpec content types.
*/
if (decoded.Count < 1 && type != ContentType.application_data)
{
throw new TlsFatalAlert(AlertDescription.illegal_parameter);
}
return(decoded);
}