protected virtual void CompleteHandshake() { try { while (this.mConnectionState != 16) { bool arg_0A_0 = this.mClosed; this.SafeReadRecord(); } this.mRecordStream.FinaliseHandshake(); this.mSplitApplicationDataRecords = !TlsUtilities.IsTlsV11(this.Context); if (!this.mAppDataReady) { this.mAppDataReady = true; this.mTlsStream = new TlsStream(this); } if (this.mTlsSession != null) { if (this.mSessionParameters == null) { this.mSessionParameters = new SessionParameters.Builder().SetCipherSuite(this.mSecurityParameters.CipherSuite).SetCompressionAlgorithm(this.mSecurityParameters.CompressionAlgorithm).SetMasterSecret(this.mSecurityParameters.MasterSecret).SetPeerCertificate(this.mPeerCertificate).SetPskIdentity(this.mSecurityParameters.PskIdentity).SetSrpIdentity(this.mSecurityParameters.SrpIdentity).SetServerExtensions(this.mServerExtensions).Build(); this.mTlsSession = new TlsSessionImpl(this.mTlsSession.SessionID, this.mSessionParameters); } this.ContextAdmin.SetResumableSession(this.mTlsSession); } this.Peer.NotifyHandshakeComplete(); } finally { this.CleanupHandshake(); } }
protected virtual void CompleteHandshake() { try { mRecordStream.FinaliseHandshake(); mSplitApplicationDataRecords = !TlsUtilities.IsTlsV11(Context); if (!mAppDataReady) { mAppDataReady = true; if (mBlocking) { mTlsStream = new TlsStream(this); } } if (mTlsSession != null) { if (mSessionParameters == null) { mSessionParameters = new SessionParameters.Builder().SetCipherSuite(mSecurityParameters.CipherSuite).SetCompressionAlgorithm(mSecurityParameters.CompressionAlgorithm).SetMasterSecret(mSecurityParameters.MasterSecret) .SetPeerCertificate(mPeerCertificate) .SetPskIdentity(mSecurityParameters.PskIdentity) .SetSrpIdentity(mSecurityParameters.SrpIdentity) .SetServerExtensions(mServerExtensions) .Build(); mTlsSession = new TlsSessionImpl(mTlsSession.SessionID, mSessionParameters); } ContextAdmin.SetResumableSession(mTlsSession); } Peer.NotifyHandshakeComplete(); } finally { CleanupHandshake(); } }
protected virtual void CompleteHandshake() { try { /* * We will now read data, until we have completed the handshake. */ while (this.mConnectionState != CS_END) { if (this.mClosed) { // TODO What kind of exception/alert? } SafeReadRecord(); } this.mRecordStream.FinaliseHandshake(); this.mSplitApplicationDataRecords = !TlsUtilities.IsTlsV11(Context); /* * If this was an initial handshake, we are now ready to send and receive application data. */ if (!mAppDataReady) { this.mAppDataReady = true; this.mTlsStream = new TlsStream(this); } if (this.mTlsSession != null) { if (this.mSessionParameters == null) { this.mSessionParameters = new SessionParameters.Builder() .SetCipherSuite(this.mSecurityParameters.CipherSuite) .SetCompressionAlgorithm(this.mSecurityParameters.CompressionAlgorithm) .SetMasterSecret(this.mSecurityParameters.MasterSecret) .SetPeerCertificate(this.mPeerCertificate) .SetPskIdentity(this.mSecurityParameters.PskIdentity) .SetSrpIdentity(this.mSecurityParameters.SrpIdentity) // TODO Consider filtering extensions that aren't relevant to resumed sessions .SetServerExtensions(this.mServerExtensions) .Build(); this.mTlsSession = new TlsSessionImpl(this.mTlsSession.SessionID, this.mSessionParameters); } ContextAdmin.SetResumableSession(this.mTlsSession); } Peer.NotifyHandshakeComplete(); } finally { CleanupHandshake(); } }
public virtual void Connect(TlsClient tlsClient) { if (tlsClient == null) throw new ArgumentNullException("tlsClient"); if (this.tlsClient != null) throw new InvalidOperationException("Connect can only be called once"); /* * Send Client hello * * First, generate some random data. */ this.securityParameters = new SecurityParameters(); this.securityParameters.clientRandom = CreateRandomBlock(tlsClient.ShouldUseGmtUnixTime(), random, ExporterLabel.client_random); this.tlsClientContext = new TlsClientContextImpl(random, securityParameters); this.tlsClient = tlsClient; this.tlsClient.Init(tlsClientContext); MemoryStream outStr = new MemoryStream(); TlsUtilities.WriteVersion(outStr); outStr.Write(securityParameters.clientRandom, 0, 32); /* * Length of Session id */ TlsUtilities.WriteUint8(0, outStr); this.offeredCipherSuites = this.tlsClient.GetCipherSuites(); // Int32 -> byte[] this.clientExtensions = this.tlsClient.GetClientExtensions(); // Cipher Suites (and SCSV) { /* * RFC 5746 3.4. * The client MUST include either an empty "renegotiation_info" * extension, or the TLS_EMPTY_RENEGOTIATION_INFO_SCSV signaling * cipher suite value in the ClientHello. Including both is NOT * RECOMMENDED. */ bool noRenegExt = clientExtensions == null || !clientExtensions.Contains(ExtensionType.renegotiation_info); int count = offeredCipherSuites.Length; if (noRenegExt) { // Note: 1 extra slot for TLS_EMPTY_RENEGOTIATION_INFO_SCSV ++count; } TlsUtilities.WriteUint16(2 * count, outStr); for (int i = 0; i < offeredCipherSuites.Length; ++i) { TlsUtilities.WriteUint16((int)offeredCipherSuites[i], outStr); } if (noRenegExt) { TlsUtilities.WriteUint16((int)CipherSuite.TLS_EMPTY_RENEGOTIATION_INFO_SCSV, outStr); } } /* * Compression methods, just the null method. */ this.offeredCompressionMethods = tlsClient.GetCompressionMethods(); { TlsUtilities.WriteUint8((byte)offeredCompressionMethods.Length, outStr); for (int i = 0; i < offeredCompressionMethods.Length; ++i) { TlsUtilities.WriteUint8(offeredCompressionMethods[i], outStr); } } // Extensions if (clientExtensions != null) { MemoryStream ext = new MemoryStream(); foreach (int extType in clientExtensions.Keys) { WriteExtension(ext, extType, (byte[])clientExtensions[extType]); } TlsUtilities.WriteOpaque16(ext.ToArray(), outStr); } MemoryStream bos = new MemoryStream(); TlsUtilities.WriteUint8((byte)HandshakeType.client_hello, bos); TlsUtilities.WriteUint24((int)outStr.Length, bos); byte[] outBytes = outStr.ToArray(); bos.Write(outBytes, 0, outBytes.Length); byte[] message = bos.ToArray(); SafeWriteMessage(ContentType.handshake, message, 0, message.Length); connection_state = CS_CLIENT_HELLO_SEND; /* * We will now read data, until we have completed the handshake. */ while (connection_state != CS_DONE) { SafeReadData(); } this.tlsStream = new TlsStream(this); }
// public void Connect(ICertificateVerifyer verifyer, Certificate clientCertificate, // AsymmetricKeyParameter clientPrivateKey) // { // DefaultTlsClient client = new DefaultTlsClient(verifyer); // client.EnableClientAuthentication(clientCertificate, clientPrivateKey); // // this.Connect(client); // } // TODO Make public internal virtual void Connect(TlsClient tlsClient) { if (tlsClient == null) throw new ArgumentNullException("tlsClient"); if (this.tlsClient != null) throw new InvalidOperationException("Connect can only be called once"); this.tlsClient = tlsClient; this.tlsClient.Init(this); /* * Send Client hello * * First, generate some random data. */ securityParameters = new SecurityParameters(); securityParameters.clientRandom = new byte[32]; random.NextBytes(securityParameters.clientRandom, 4, 28); TlsUtilities.WriteGmtUnixTime(securityParameters.clientRandom, 0); MemoryStream outStr = new MemoryStream(); TlsUtilities.WriteVersion(outStr); outStr.Write(securityParameters.clientRandom, 0, 32); /* * Length of Session id */ TlsUtilities.WriteUint8((short)0, outStr); /* * Cipher suites */ this.offeredCipherSuites = this.tlsClient.GetCipherSuites(); // Note: 1 extra slot for TLS_EMPTY_RENEGOTIATION_INFO_SCSV TlsUtilities.WriteUint16(2 * (offeredCipherSuites.Length + 1), outStr); for (int i = 0; i < offeredCipherSuites.Length; ++i) { TlsUtilities.WriteUint16(offeredCipherSuites[i], outStr); } // RFC 5746 3.3 // Note: If renegotiation added, remove this (and extra slot above) TlsUtilities.WriteUint16(TLS_EMPTY_RENEGOTIATION_INFO_SCSV, outStr); /* * Compression methods, just the null method. */ byte[] compressionMethods = new byte[]{0x00}; TlsUtilities.WriteOpaque8(compressionMethods, outStr); /* * Extensions */ // Int32 -> byte[] Hashtable clientExtensions = this.tlsClient.GenerateClientExtensions(); // RFC 5746 3.4 // Note: If renegotiation is implemented, need to use this instead of TLS_EMPTY_RENEGOTIATION_INFO_SCSV // { // if (clientExtensions == null) // clientExtensions = new Hashtable(); // // clientExtensions[EXT_RenegotiationInfo] = CreateRenegotiationInfo(emptybuf); // } this.extendedClientHello = clientExtensions != null && clientExtensions.Count > 0; if (extendedClientHello) { MemoryStream ext = new MemoryStream(); foreach (int extType in clientExtensions.Keys) { byte[] extValue = (byte[])clientExtensions[extType]; TlsUtilities.WriteUint16(extType, ext); TlsUtilities.WriteOpaque16(extValue, ext); } TlsUtilities.WriteOpaque16(ext.ToArray(), outStr); } MemoryStream bos = new MemoryStream(); TlsUtilities.WriteUint8(HP_CLIENT_HELLO, bos); TlsUtilities.WriteUint24((int) outStr.Length, bos); byte[] outBytes = outStr.ToArray(); bos.Write(outBytes, 0, outBytes.Length); byte[] message = bos.ToArray(); rs.WriteMessage(RL_HANDSHAKE, message, 0, message.Length); connection_state = CS_CLIENT_HELLO_SEND; /* * We will now read data, until we have completed the handshake. */ while (connection_state != CS_DONE) { // TODO Should we send fatal alerts in the event of an exception // (see readApplicationData) rs.ReadData(); } this.tlsStream = new TlsStream(this); }
// public void Connect(ICertificateVerifyer verifyer, Certificate clientCertificate, // AsymmetricKeyParameter clientPrivateKey) // { // DefaultTlsClient client = new DefaultTlsClient(verifyer); // client.EnableClientAuthentication(clientCertificate, clientPrivateKey); // // this.Connect(client); // } // TODO Make public internal virtual void Connect(TlsClient tlsClient) { if (tlsClient == null) { throw new ArgumentNullException("tlsClient"); } if (this.tlsClient != null) { throw new InvalidOperationException("Connect can only be called once"); } this.tlsClient = tlsClient; this.tlsClient.Init(this); /* * Send Client hello * * First, generate some random data. */ securityParameters = new SecurityParameters(); securityParameters.clientRandom = new byte[32]; random.NextBytes(securityParameters.clientRandom, 4, 28); TlsUtilities.WriteGmtUnixTime(securityParameters.clientRandom, 0); MemoryStream outStr = new MemoryStream(); TlsUtilities.WriteVersion(outStr); outStr.Write(securityParameters.clientRandom, 0, 32); /* * Length of Session id */ TlsUtilities.WriteUint8((short)0, outStr); /* * Cipher suites */ this.offeredCipherSuites = this.tlsClient.GetCipherSuites(); // Note: 1 extra slot for TLS_EMPTY_RENEGOTIATION_INFO_SCSV TlsUtilities.WriteUint16(2 * (offeredCipherSuites.Length + 1), outStr); for (int i = 0; i < offeredCipherSuites.Length; ++i) { TlsUtilities.WriteUint16(offeredCipherSuites[i], outStr); } // RFC 5746 3.3 // Note: If renegotiation added, remove this (and extra slot above) TlsUtilities.WriteUint16(TLS_EMPTY_RENEGOTIATION_INFO_SCSV, outStr); /* * Compression methods, just the null method. */ byte[] compressionMethods = new byte[] { 0x00 }; TlsUtilities.WriteOpaque8(compressionMethods, outStr); /* * Extensions */ // Int32 -> byte[] Hashtable clientExtensions = this.tlsClient.GenerateClientExtensions(); // RFC 5746 3.4 // Note: If renegotiation is implemented, need to use this instead of TLS_EMPTY_RENEGOTIATION_INFO_SCSV // { // if (clientExtensions == null) // clientExtensions = new Hashtable(); // // clientExtensions[EXT_RenegotiationInfo] = CreateRenegotiationInfo(emptybuf); // } this.extendedClientHello = clientExtensions != null && clientExtensions.Count > 0; if (extendedClientHello) { MemoryStream ext = new MemoryStream(); foreach (int extType in clientExtensions.Keys) { byte[] extValue = (byte[])clientExtensions[extType]; TlsUtilities.WriteUint16(extType, ext); TlsUtilities.WriteOpaque16(extValue, ext); } TlsUtilities.WriteOpaque16(ext.ToArray(), outStr); } MemoryStream bos = new MemoryStream(); TlsUtilities.WriteUint8(HP_CLIENT_HELLO, bos); TlsUtilities.WriteUint24((int)outStr.Length, bos); byte[] outBytes = outStr.ToArray(); bos.Write(outBytes, 0, outBytes.Length); byte[] message = bos.ToArray(); rs.WriteMessage(RL_HANDSHAKE, message, 0, message.Length); connection_state = CS_CLIENT_HELLO_SEND; /* * We will now read data, until we have completed the handshake. */ while (connection_state != CS_DONE) { // TODO Should we send fatal alerts in the event of an exception // (see readApplicationData) rs.ReadData(); } this.tlsStream = new TlsStream(this); }
public virtual void Connect(TlsClient tlsClient) { if (tlsClient == null) { throw new ArgumentNullException("tlsClient"); } if (this.tlsClient != null) { throw new InvalidOperationException("Connect can only be called once"); } /* * Send Client hello * * First, generate some random data. */ this.securityParameters = new SecurityParameters(); this.securityParameters.clientRandom = new byte[32]; random.NextBytes(securityParameters.clientRandom, 4, 28); TlsUtilities.WriteGmtUnixTime(securityParameters.clientRandom, 0); this.tlsClientContext = new TlsClientContextImpl(random, securityParameters); this.tlsClient = tlsClient; this.tlsClient.Init(tlsClientContext); MemoryStream outStr = new MemoryStream(); TlsUtilities.WriteVersion(outStr); outStr.Write(securityParameters.clientRandom, 0, 32); /* * Length of Session id */ TlsUtilities.WriteUint8(0, outStr); this.offeredCipherSuites = this.tlsClient.GetCipherSuites(); // ExtensionType -> byte[] this.clientExtensions = this.tlsClient.GetClientExtensions(); // Cipher Suites (and SCSV) { /* * RFC 5746 3.4. * The client MUST include either an empty "renegotiation_info" * extension, or the TLS_EMPTY_RENEGOTIATION_INFO_SCSV signaling * cipher suite value in the ClientHello. Including both is NOT * RECOMMENDED. */ bool noRenegExt = clientExtensions == null || !clientExtensions.Contains(ExtensionType.renegotiation_info); int count = offeredCipherSuites.Length; if (noRenegExt) { // Note: 1 extra slot for TLS_EMPTY_RENEGOTIATION_INFO_SCSV ++count; } TlsUtilities.WriteUint16(2 * count, outStr); for (int i = 0; i < offeredCipherSuites.Length; ++i) { TlsUtilities.WriteUint16((int)offeredCipherSuites[i], outStr); } if (noRenegExt) { TlsUtilities.WriteUint16((int)CipherSuite.TLS_EMPTY_RENEGOTIATION_INFO_SCSV, outStr); } } /* * Compression methods, just the null method. */ this.offeredCompressionMethods = tlsClient.GetCompressionMethods(); { TlsUtilities.WriteUint8((byte)offeredCompressionMethods.Length, outStr); for (int i = 0; i < offeredCompressionMethods.Length; ++i) { TlsUtilities.WriteUint8((byte)offeredCompressionMethods[i], outStr); } } // Extensions if (clientExtensions != null) { MemoryStream ext = new MemoryStream(); foreach (ExtensionType extType in clientExtensions.Keys) { WriteExtension(ext, extType, (byte[])clientExtensions[extType]); } TlsUtilities.WriteOpaque16(ext.ToArray(), outStr); } MemoryStream bos = new MemoryStream(); TlsUtilities.WriteUint8((byte)HandshakeType.client_hello, bos); TlsUtilities.WriteUint24((int)outStr.Length, bos); byte[] outBytes = outStr.ToArray(); bos.Write(outBytes, 0, outBytes.Length); byte[] message = bos.ToArray(); SafeWriteMessage(ContentType.handshake, message, 0, message.Length); connection_state = CS_CLIENT_HELLO_SEND; /* * We will now read data, until we have completed the handshake. */ while (connection_state != CS_DONE) { SafeReadData(); } this.tlsStream = new TlsStream(this); }
protected virtual void CompleteHandshake() { try { this.mRecordStream.FinaliseHandshake(); this.mAppDataSplitEnabled = !TlsUtilities.IsTlsV11(Context); /* * If this was an initial handshake, we are now ready to send and receive application data. */ if (!mAppDataReady) { this.mAppDataReady = true; if (mBlocking) { this.mTlsStream = new TlsStream(this); } } if (this.mTlsSession != null) { if (this.mSessionParameters == null) { this.mSessionParameters = new SessionParameters.Builder() .SetCipherSuite(this.mSecurityParameters.CipherSuite) .SetCompressionAlgorithm(this.mSecurityParameters.CompressionAlgorithm) .SetMasterSecret(this.mSecurityParameters.MasterSecret) .SetPeerCertificate(this.mPeerCertificate) .SetPskIdentity(this.mSecurityParameters.PskIdentity) .SetSrpIdentity(this.mSecurityParameters.SrpIdentity) // TODO Consider filtering extensions that aren't relevant to resumed sessions .SetServerExtensions(this.mServerExtensions) .Build(); this.mTlsSession = new TlsSessionImpl(this.mTlsSession.SessionID, this.mSessionParameters); } ContextAdmin.SetResumableSession(this.mTlsSession); } Peer.NotifyHandshakeComplete(); } finally { CleanupHandshake(); } }