public ClientHandshakeSession(SecurityParameters securityParameters)
: base(securityParameters)
{
if (securityParameters.ServerCertificateValidationCallback != null) {
_certificateValidationCallback = securityParameters.ServerCertificateValidationCallback;
} else {
_certificateValidationCallback = new ServerCertificateValidationCallback(DefaultCertificateValidationCallback);
}
if (securityParameters.ClientCertificateSelectionCallback != null) {
_certificateSelectionCallback = securityParameters.ClientCertificateSelectionCallback;
} else {
_certificateSelectionCallback = new ClientCertificateSelectionCallback(DefaultCertificateSelectionCallback);
}
HandshakeClientHello clientHello = new HandshakeClientHello(_maxVersion);
clientHello.CipherSuites.AddRange(_supportedCipherSuites);
clientHello.CompressionMethods.AddRange(_supportedCompressions);
clientHello.Extensions.Add(new HelloSignatureAlgorithmsExtension(_pluginManager.GetSupportedSignatureAndHashAlgorithms()));
OutputMessage(clientHello);
_connectionState.ClientRandom = clientHello.Random.GetBytes();
}
public static HandshakeMessage GetInstance(ProtocolVersion version, byte[] data)
{
HandshakeMessage ret = null;
switch ((HandshakeMessageType) data[0]) {
case HandshakeMessageType.HelloRequest:
ret = new HandshakeMessage(HandshakeMessageType.HelloRequest, version);
break;
case HandshakeMessageType.ClientHello:
ret = new HandshakeClientHello();
break;
case HandshakeMessageType.ServerHello:
ret = new HandshakeServerHello();
break;
case HandshakeMessageType.HelloVerifyRequest:
ret = new HandshakeMessage(HandshakeMessageType.HelloVerifyRequest, version);
break;
case HandshakeMessageType.NewSessionTicket:
ret = new HandshakeMessage(HandshakeMessageType.NewSessionTicket, version);
break;
case HandshakeMessageType.Certificate:
ret = new HandshakeCertificate(version);
break;
case HandshakeMessageType.ServerKeyExchange:
ret = new HandshakeMessage(HandshakeMessageType.ServerKeyExchange, version);
break;
case HandshakeMessageType.CertificateRequest:
ret = new HandshakeCertificateRequest(version);
break;
case HandshakeMessageType.ServerHelloDone:
ret = new HandshakeMessage(HandshakeMessageType.ServerHelloDone, version);
break;
case HandshakeMessageType.CertificateVerify:
ret = new HandshakeMessage(HandshakeMessageType.CertificateVerify, version);
break;
case HandshakeMessageType.ClientKeyExchange:
ret = new HandshakeMessage(HandshakeMessageType.ClientKeyExchange, version);
break;
case HandshakeMessageType.Finished:
ret = new HandshakeMessage(HandshakeMessageType.Finished, version);
break;
}
if (ret != null) {
ret.Decode(data);
return ret;
}
return null;
}
// Messages received by the server
protected virtual void ProcessClientHello(HandshakeClientHello clientHello)
{
InvalidMessageReceived();
}
public static HandshakeMessage GetInstance(ProtocolVersion version, byte[] data)
{
HandshakeMessage ret = null;
switch ((HandshakeMessageType)data[0])
{
case HandshakeMessageType.HelloRequest:
ret = new HandshakeMessage(HandshakeMessageType.HelloRequest, version);
break;
case HandshakeMessageType.ClientHello:
ret = new HandshakeClientHello();
break;
case HandshakeMessageType.ServerHello:
ret = new HandshakeServerHello();
break;
case HandshakeMessageType.HelloVerifyRequest:
ret = new HandshakeMessage(HandshakeMessageType.HelloVerifyRequest, version);
break;
case HandshakeMessageType.NewSessionTicket:
ret = new HandshakeMessage(HandshakeMessageType.NewSessionTicket, version);
break;
case HandshakeMessageType.Certificate:
ret = new HandshakeCertificate(version);
break;
case HandshakeMessageType.ServerKeyExchange:
ret = new HandshakeMessage(HandshakeMessageType.ServerKeyExchange, version);
break;
case HandshakeMessageType.CertificateRequest:
ret = new HandshakeCertificateRequest(version);
break;
case HandshakeMessageType.ServerHelloDone:
ret = new HandshakeMessage(HandshakeMessageType.ServerHelloDone, version);
break;
case HandshakeMessageType.CertificateVerify:
ret = new HandshakeMessage(HandshakeMessageType.CertificateVerify, version);
break;
case HandshakeMessageType.ClientKeyExchange:
ret = new HandshakeMessage(HandshakeMessageType.ClientKeyExchange, version);
break;
case HandshakeMessageType.Finished:
ret = new HandshakeMessage(HandshakeMessageType.Finished, version);
break;
}
if (ret != null)
{
ret.Decode(data);
return(ret);
}
return(null);
}
public void SendClientHello(Stream stream)
{
HandshakeClientHello hello = new HandshakeClientHello(VERSION);
_clientRandom = hello.Random.GetBytes();
hello.CipherSuites.Add(CIPHER_SUITE);
hello.CompressionMethods.Add(0);
Record record = new Record(22, VERSION);
record.Fragment = hello.Encode();
_recordHandler.ProcessOutputRecord(record);
SendRecord(stream, record);
}
protected override void ProcessClientHello(HandshakeClientHello clientHello)
{
if (_state == HandshakeState.Finished) {
throw new AlertException(AlertDescription.NoRenegotiation,
"Renegotiation not supported");
} else if (_state != HandshakeState.Initial) {
throw new AlertException(AlertDescription.UnexpectedMessage,
"Client hello received at the wrong time");
}
// Find the compressions that match our supported compressions
List<Byte> matchedCompressions = new List<Byte>();
foreach (Byte id in _supportedCompressions) {
if (clientHello.CompressionMethods.Contains(id)) {
matchedCompressions.Add(id);
}
}
if (matchedCompressions.Count == 0) {
throw new AlertException(AlertDescription.HandshakeFailure,
"None of the compression methods offered by client is accepted");
}
_clientVersion = clientHello.ClientVersion;
_cipherSuite = SelectCipherSuite(_pluginManager, _clientVersion, _minVersion, _maxVersion, clientHello.CipherSuites, new List<UInt16>(_supportedCipherSuites), _certificateSelectionCallback, _availableCertificates);
_version = _cipherSuite.ProtocolVersion;
// Select the certificate and private key we are going to send
int certificateIndex = _certificateSelectionCallback(_cipherSuite, _availableCertificates.ToArray());
if (certificateIndex >= 0 && certificateIndex < _availableCertificates.Count) {
_serverCertificates.AddRange(_availableCertificates[certificateIndex]);
_selectedPrivateKey = _availablePrivateKeys[certificateIndex];
}
// TODO: Create the server hello message correctly
HandshakeServerHello serverHello = new HandshakeServerHello(_version);
serverHello.CipherSuite = _cipherSuite.CipherSuiteID;
serverHello.CompressionMethod = matchedCompressions[0];
OutputMessage(serverHello);
// Initialize the handshake randoms and cipher suite
_connectionState.ClientRandom = clientHello.Random.GetBytes();
_connectionState.ServerRandom = serverHello.Random.GetBytes();
// TODO: If we resumed our session, set state to SendChangeCipherSpec and return
// Send certificate if required and valid
if (!_cipherSuite.IsAnonymous) {
if (_serverCertificates.Count == 0) {
throw new AlertException(AlertDescription.HandshakeFailure,
"Certificate required but not selected");
}
string keyexAlg = _cipherSuite.KeyExchangeAlgorithm.CertificateKeyAlgorithm;
string signAlg = _cipherSuite.SignatureAlgorithm.CertificateKeyAlgorithm;
X509Certificate cert = _serverCertificates[0];
if (keyexAlg != null && !keyexAlg.Equals(cert.GetKeyAlgorithm())) {
throw new AlertException(AlertDescription.HandshakeFailure,
"Selected certificate type " + cert.GetKeyAlgorithm() + " doesn't match key exchange type " + keyexAlg);
}
if (signAlg != null && !signAlg.Equals(cert.GetKeyAlgorithm())) {
throw new AlertException(AlertDescription.HandshakeFailure,
"Selected certificate type " + cert.GetKeyAlgorithm() + " doesn't match signature type " + signAlg);
}
HandshakeCertificate certificate = new HandshakeCertificate(_version);
certificate.CertificateList.AddRange(_serverCertificates);
OutputMessage(certificate);
}
byte[] serverKeys = _cipherSuite.KeyExchangeAlgorithm.GetServerKeys(_maxVersion);
if (serverKeys != null) {
// Generate the signature for server keys
byte[] dataToSign = new byte[_connectionState.ClientRandom.Length + _connectionState.ServerRandom.Length + serverKeys.Length];
Buffer.BlockCopy(_connectionState.ClientRandom, 0, dataToSign, 0, _connectionState.ClientRandom.Length);
Buffer.BlockCopy(_connectionState.ServerRandom, 0, dataToSign, _connectionState.ClientRandom.Length, _connectionState.ServerRandom.Length);
Buffer.BlockCopy(serverKeys, 0, dataToSign, _connectionState.ClientRandom.Length + _connectionState.ServerRandom.Length, serverKeys.Length);
byte[] signature = GenerateSignature(_selectedPrivateKey, dataToSign);
// Combine the server keys with the signature
byte[] signedKeys = new byte[serverKeys.Length + signature.Length];
Buffer.BlockCopy(serverKeys, 0, signedKeys, 0, serverKeys.Length);
Buffer.BlockCopy(signature, 0, signedKeys, serverKeys.Length, signature.Length);
HandshakeMessage keyex = new HandshakeMessage(HandshakeMessageType.ServerKeyExchange, _version, signedKeys);
OutputMessage(keyex);
}
// Send certificate request if needed
if (!_cipherSuite.IsAnonymous && _certificateRequest != null) {
OutputMessage(_certificateRequest);
_certificateRequestSent = true;
}
HandshakeMessage serverHelloDone = new HandshakeMessage(HandshakeMessageType.ServerHelloDone, _version);
OutputMessage(serverHelloDone);
// Wait for client certificate or client key exchange
_state = HandshakeState.ReceivedClientHello;
}
