protected override Result Fragment_ClientFinished(Fragments.Finished frag) { if ((!_params.ClientCertificateRequire && State == TLSSessionState.Client_ChangeCipherSpec) || (_params.ClientCertificateRequire && State == TLSSessionState.Client_CertificateVerify)) { var clientVerify = frag.Data; var clientHello_serverfinish = GetHandshakeMessages(true); // without this finished itself var verified = (_params.Cipher as Ciphers.CipherSuiteBase13).VerifyClientFinished(clientVerify, clientHello_serverfinish); if (verified) { State = TLSSessionState.Client_Finished; var clientHello_clientfinish = GetHandshakeMessages(); (_params.Cipher as Ciphers.CipherSuiteBase13).Calculate_ResumptionSecret(clientHello_clientfinish); //// NewSessionTicket? may not needed //var fragmentBytes = new TLS.Fragment.HandshakeFragment(HandshakeType.NewSessionTicket, TLS.Handshake.NewSessionTicket.Random(0)).GetBytes(); //// encrypt //(_params.Cipher as Ciphers.CipherSuiteBase13).GetPlainTextForEncryption(fragmentBytes, RecordType.Handshake, out byte[] plain, out byte[] aad); //var encrypted = (_params.Cipher as Ciphers.CipherSuiteBase13).BulkEncrypt(plain, null, aad); //return new Result(new TLSRecord[] { new TLSRecord(RecordType.ApplicationData, encrypted) }); return(null); } else { return(Result.FatalAlert(AlertDescription.illegal_parameter, $"ClientFinished verify data check failed")); } } else { return(Result.FatalAlert(AlertDescription.unexpected_message, $"State [{State}] check failed on Client_Finished message")); } }
protected virtual Result Fragment_ClientFinished(Fragments.Finished frag) { if (State == TLSSessionState.Client_ChangeCipherSpec) { var clienthello_changecipher = GetHandshakeMessages(true); // without this finished itself var myVerify = _params.Cipher.GetVerifyData("client finished", clienthello_changecipher); if (!Utils.BytesEqual(myVerify, frag.VerifyData)) { return(Result.FatalAlert(AlertDescription.bad_record_mac, $"unmatched VerifyData in Client_EncryptedHandshake message")); } var clientfinishedMessage = new byte[] { 0x14, 0x00, 0x00, 0x0C }.Concat(frag.VerifyData).ToArray(); var macseed = Utils.GetMacSeed(_receiveSeqNum, (byte)RecordType.Handshake, clientfinishedMessage); var myMac = _params.Cipher.ClientMessageAuthCode(macseed); if (!Utils.BytesEqual(myMac, frag.Mac)) { return(Result.FatalAlert(AlertDescription.bad_record_mac, $"unmatched MAC in Client_EncryptedHandshake message")); } // received Encrypted messages seq num _receiveSeqNum++; State = TLSSessionState.Client_Finished; // changeCipherSpec, server encryptedhandshake return(ChangeCipherSpecAndFinished()); } else { return(Result.FatalAlert(AlertDescription.unexpected_message, $"State [{State}] check failed on Client_ApplicationData message")); } }