public void SetCipherSuite(CipherSuite suite, AsymmetricAlgorithm signAlgo) { CipherSuiteInfo info = SupportedCipherSuites.GetSuiteInfo(suite); if (info == null) { throw new NotSupportedException(); } _bulk_cipher = info.BulkCipherAlgorithm; _cipherType = info.CipherType; _enc_key_length = info.EncKeyLength; _block_length = info.BlockLength; _fixed_iv_length = info.FixedIVLength; _record_iv_length = info.RecordIVLength; _mac = info.MACAlgorithm; _mac_length = info.MACLength; _mac_key_length = info.MACKeyLength; _keyExchange = info.KeyExchangeAlgorithm; // TODO: TLS1.2spec ? switch (_prfType) { case PRFAlgorithm.MD5_AND_SHA1: _prf = new MD5_AND_SHA1(); break; case PRFAlgorithm.SSL3: _prf = new SSL3_PRF(this); break; default: throw new NotSupportedException(); } switch (_keyExchange) { case KeyExchangeAlgorithm.ECDHE_ECDSA: _keyExchanger = new ECDHE_ECDSA((openCrypto.EllipticCurve.Signature.ECDSA)signAlgo); break; case KeyExchangeAlgorithm.DHE_DSS: _keyExchanger = new DHE_DSS((DSACryptoServiceProvider)signAlgo); break; case KeyExchangeAlgorithm.RSA: _keyExchanger = new KeyExchange.RSA((RSACryptoServiceProvider)signAlgo); break; default: throw new NotImplementedException(); } }
public CipherSuiteSelector(X509Certificate cert) { KeyExchangeAlgorithm[] keyExchanges; string algo_oid = cert.GetKeyAlgorithm(); if (algo_oid == "1.2.840.10045.2.1") { keyExchanges = new KeyExchangeAlgorithm[] { KeyExchangeAlgorithm.DH_anon, KeyExchangeAlgorithm.ECDH_anon, KeyExchangeAlgorithm.ECDH_ECDSA, KeyExchangeAlgorithm.ECDHE_ECDSA }; } else if (algo_oid == "1.2.840.10040.4.1") { keyExchanges = new KeyExchangeAlgorithm[] { KeyExchangeAlgorithm.DH_anon, KeyExchangeAlgorithm.DH_DSS, KeyExchangeAlgorithm.DHE_DSS, KeyExchangeAlgorithm.ECDH_anon }; } else if (algo_oid == "1.2.840.113549.1.1.1") { keyExchanges = new KeyExchangeAlgorithm[] { KeyExchangeAlgorithm.DH_anon, KeyExchangeAlgorithm.DH_RSA, KeyExchangeAlgorithm.DHE_RSA, KeyExchangeAlgorithm.ECDH_anon, KeyExchangeAlgorithm.ECDH_RSA, KeyExchangeAlgorithm.ECDHE_RSA, KeyExchangeAlgorithm.RSA }; } else { throw new NotSupportedException(); } _supports = SupportedCipherSuites.FilterKeyExchange(keyExchanges); }
void ProcessHandshake() { ClientHello clientHello = _recordLayer.Read() as ClientHello; if (clientHello == null) { throw new Exception(); } Console.WriteLine("[TLSServer] Receive ClientHello Version: {0}", clientHello.Version); Console.WriteLine("[TLSServer] CipherSuites"); for (int i = 0; i < clientHello.CipherSuites.Length; i++) { Console.WriteLine(" {0}", clientHello.CipherSuites[i]); } CipherSuite selected = _selector.Select(clientHello.CipherSuites); Console.WriteLine("[TLSServer] CipherSuite Selected. {0}", selected); if (selected == CipherSuite.NONE) { // Alertを送るべき? throw new Exception(); } CipherSuiteInfo selectedInfo = SupportedCipherSuites.GetSuiteInfo(selected); _sparams.SetVersion(clientHello.Version); _sparams.SetCipherSuite(selected, _signAlgo); _sparams.ClientRandom = clientHello.Random; _recordLayer.ProtocolVersion = clientHello.Version; byte[] serverRandom = new byte[RandomData.Size]; Extension[] serverExtensions = null; if (selectedInfo.IsECC) { serverExtensions = new Extension[] { new Extension(ExtensionType.EcPointFormats, new byte[] { 1, 0 }) } } ; RandomData.CreateRandomData(serverRandom, 0); _sparams.ServerRandom = serverRandom; ServerHello serverHello = new ServerHello(clientHello.Version, serverRandom, Utility.EmptyByteArray, selected, CompressionMethod.Null, serverExtensions); _recordLayer.Write(serverHello); Certificate serverCert = new Certificate(_certs); _recordLayer.Write(serverCert); if (Utility.IsNeedServerKeyExchangeMessage(_states.SecurityParameters.KeyExchangeAlgorithm)) { ServerKeyExchange serverExchange = new ServerKeyExchange(_sparams); _recordLayer.Write(serverExchange); } _recordLayer.Write(new ServerHelloDone()); TLSMessage msg = _recordLayer.Read(); ClientKeyExchange clientExchange = (ClientKeyExchange)msg; clientExchange.ComputeServerMasterSecret(_sparams); Console.WriteLine("MasterSecret"); Utility.Dump(_sparams.MasterSecret); _sparams.ComputeKeyBlock(); ChangeCipherSpec changeCipherSpec = (ChangeCipherSpec)_recordLayer.Read(); _recordLayer.EnableReceiveCipher(_sparams.CreateServerDecryptor(), _sparams.CreateClientWriteHMAC()); Finished finished = (Finished)_recordLayer.Read(); Console.WriteLine("VerifyData"); Utility.Dump(finished.VerifyData); Console.WriteLine("Computed VerifyData"); byte[] verifyData = _sparams.ComputeFinishedVerifyData(false); Utility.Dump(verifyData); if (!Utility.Equals(finished.VerifyData, 0, verifyData, 0, verifyData.Length)) { throw new Exception(); } _recordLayer.Write(ChangeCipherSpec.Instance); _recordLayer.EnableSendCipher(_sparams.CreateServerEncryptor(), _sparams.CreateServerWriteHMAC()); _recordLayer.ComputeHandshakeHash(true); verifyData = _sparams.ComputeFinishedVerifyData(true); Console.WriteLine("Finished VerifyData"); Utility.Dump(verifyData); finished = new Finished(_recordLayer.ProtocolVersion, verifyData); _recordLayer.Write(finished); }