bool CompareBuffer(IBufferOffsetSize actual, out string message) { if (Expected.Size != actual.Size) { message = string.Format( "Blobs differ in size: expected {0}, got {1}.", Expected.Size, actual.Size); return(false); } for (int i = 0; i < Expected.Size; i++) { var e = Expected.Buffer [Expected.Offset + i]; var a = actual.Buffer [actual.Offset + i]; if (e == a) { continue; } message = string.Format( "Blobs differ at element {0}: expected {1:2x}, got {2:2x}.", i, e, a); return(false); } message = null; return(true); }
public void Add (HandshakeMessage message, IBufferOffsetSize buffer) { if (message is TlsHelloRequest) throw new InvalidOperationException (); for (int i = 0; i < hashes.Length; i++) hashes [i].TransformBlock (buffer.Buffer, buffer.Offset, buffer.Size); }
public void WriteOutput(string name, IBufferOffsetSize buffer) { var array = new byte [buffer.Size]; Buffer.BlockCopy(buffer.Buffer, buffer.Offset, array, 0, buffer.Size); WriteOutput(name, array); }
internal static int InitializeSecurityContext(SSPIInterface secModule, SafeFreeCredentials credentials, ref SafeDeleteContext safeContext, string targetName, ContextFlags inFlags, Endianness endianness, SecurityBuffer[] inputBuffers, SecurityBuffer outputBuffer, ref ContextFlags outFlags) { if (endianness != Endianness.Native) { throw new NotSupportedException(); } SetCredentials(secModule, credentials); SecurityBuffer inputBuffer = null; if (inputBuffers != null) { if (inputBuffers.Length != 2 || inputBuffers [1].type != BufferType.Empty) { throw new NotSupportedException(); } inputBuffer = inputBuffers [0]; } var incoming = GetInputBuffer(inputBuffer); IBufferOffsetSize outgoing = null; var retval = (int)safeContext.Context.GenerateNextToken(incoming, out outgoing); UpdateOutput(outgoing, outputBuffer); return(retval); }
protected override int DecryptRecord(DisposeContext d, IBufferOffsetSize input, IBufferOffsetSize output) { if ((input.Size % BlockSize) != 0) { return(-1); } int ivSize; ICryptoTransform cipher; if (!Cipher.HasFixedIV) { var IV = new byte [BlockSize]; Buffer.BlockCopy(input.Buffer, input.Offset, IV, 0, BlockSize); ivSize = BlockSize; DecryptionAlgorithm.IV = IV; cipher = d.Add(DecryptionAlgorithm.CreateDecryptor()); } else { ivSize = 0; cipher = decryptionCipher; } var ret = cipher.TransformBlock(input.Buffer, input.Offset + ivSize, input.Size - ivSize, output.Buffer, output.Offset); if (ret <= 0 || ret != input.Size - ivSize) { return(-1); } return(ret); }
protected override void EncryptRecord(DisposeContext d, IBufferOffsetSize input) { ICryptoTransform cipher; if (!Cipher.HasFixedIV) { EncryptionAlgorithm.GenerateIV(); cipher = d.Add(EncryptionAlgorithm.CreateEncryptor()); } else { cipher = encryptionCipher; } if (!Cipher.HasFixedIV) { Buffer.BlockCopy(EncryptionAlgorithm.IV, 0, input.Buffer, input.Offset, BlockSize); } var ret = cipher.TransformBlock(input.Buffer, input.Offset + HeaderSize, input.Size - HeaderSize, input.Buffer, input.Offset + HeaderSize); if (ret <= 0 || ret != input.Size - HeaderSize) { throw new InvalidOperationException(); } if (Cipher.HasFixedIV) { var IV = new byte [BlockSize]; Buffer.BlockCopy(input.Buffer, input.Offset + input.Size - BlockSize, IV, 0, BlockSize); EncryptionAlgorithm.IV = IV; } }
public IBufferOffsetSize Encrypt(ContentType contentType, IBufferOffsetSize data) { var output = new BufferOffsetSize(GetEncryptedSize(data.Size)); var ret = Encrypt(contentType, data, output); output.TruncateTo(ret); return(output); }
public IBufferOffsetSize Decrypt(ContentType contentType, IBufferOffsetSize input) { var output = new BufferOffsetSize(input.Size); var ret = Decrypt(contentType, input, output); output.TruncateTo(ret); return(output); }
protected void CheckOutput(TestContext ctx, string name, IBufferOffsetSize buffer) { var array = new byte [buffer.Size]; Buffer.BlockCopy(buffer.Buffer, buffer.Offset, array, 0, buffer.Size); var data = GetField(name); ctx.Assert(array, Is.EqualTo(data), "output"); }
protected override int Decrypt(DisposeContext d, ContentType contentType, IBufferOffsetSize input, IBufferOffsetSize output) { var implicitNonce = IsClient ? ServerWriteIV : ClientWriteIV; var writeKey = IsClient ? ServerWriteKey : ClientWriteKey; #if DEBUG_FULL if (Cipher.EnableDebugging) { DebugHelper.WriteLine("FIXED IV", implicitNonce); DebugHelper.WriteLine("WRITE KEY", writeKey); DebugHelper.WriteLine("SEQUENCE: {0}", ReadSequenceNumber); } #endif var length = input.Size - ExplicitNonceSize; var aad = new TlsBuffer(13); aad.Write(ReadSequenceNumber); aad.Write((byte)contentType); aad.Write((short)Protocol); aad.Write((short)(length - MacSize)); #if DEBUG_FULL if (Cipher.EnableDebugging) { DebugHelper.WriteFull("TAG", aad); } #endif var gcm = new GcmBlockCipher(new AesEngine()); var key = new KeyParameter(writeKey.Buffer); var nonce = d.CreateBuffer(ImplicitNonceSize + ExplicitNonceSize); Buffer.BlockCopy(implicitNonce.Buffer, 0, nonce.Buffer, 0, ImplicitNonceSize); Buffer.BlockCopy(input.Buffer, input.Offset, nonce.Buffer, ImplicitNonceSize, ExplicitNonceSize); #if DEBUG_FULL if (Cipher.EnableDebugging) { DebugHelper.WriteLine("NONCE", nonce); } #endif var parameters = new AeadParameters(key, 128, nonce.Buffer, aad.Buffer); gcm.Init(false, parameters); int ret; try { ret = gcm.ProcessBytes(input.Buffer, input.Offset + ExplicitNonceSize, length, output.Buffer, output.Offset); ret += gcm.DoFinal(output.Buffer, output.Offset + ret); } catch (CryptoException ex) { throw new TlsException(AlertDescription.BadRecordMAC, ex.Message); } return(ret); }
protected void WriteAndCheckOutput(TestContext ctx, string name, IBufferOffsetSize buffer) { if (generator != null) { generator.WriteOutput(name, buffer); return; } CheckOutput(ctx, name, buffer); }
protected void WriteOutput(string name, IBufferOffsetSize buffer) { if (generator != null) { generator.WriteOutput(name, buffer); return; } CheckOutput(name, buffer); }
protected override void Clear() { var disposable = innerBuffer as IDisposable; if (disposable != null) { disposable.Dispose(); } innerBuffer = null; Position = 0; }
protected byte[] ComputeRecordMAC(ContentType contentType, IBufferOffsetSize fragment) { if (IsServer) { return(ComputeClientRecordMAC(contentType, fragment)); } else { return(ComputeServerRecordMAC(contentType, fragment)); } }
public void Add(HandshakeMessage message, IBufferOffsetSize buffer) { if (message is TlsHelloRequest) { throw new InvalidOperationException(); } for (int i = 0; i < hashes.Length; i++) { hashes [i].TransformBlock(buffer.Buffer, buffer.Offset, buffer.Size); } }
internal byte[] EncodeRecord(ContentType contentType, IBufferOffsetSize buffer) { int fragmentSize = MAX_FRAGMENT_SIZE; #if INSTRUMENTATION if (HasInstrument(HandshakeInstrumentType.FragmentHandshakeMessages)) { fragmentSize = 512; } #endif return(EncodeRecord_internal(contentType, buffer, fragmentSize)); }
static byte[] ComputeRecordMAC (TlsProtocolCode protocol, HMac hmac, ulong seqnum, ContentType contentType, IBufferOffsetSize fragment) { var header = new TlsBuffer (13); header.Write (seqnum); header.Write ((byte)contentType); header.Write ((short)protocol); header.Write ((short)fragment.Size); hmac.Reset (); hmac.TransformBlock (header.Buffer, 0, header.Size); hmac.TransformBlock (fragment.Buffer, fragment.Offset, fragment.Size); return hmac.TransformFinalBlock (); }
internal byte[] EncodeRecord(ContentType contentType, IBufferOffsetSize buffer) { CheckValid(); var protocol = HasNegotiatedProtocol ? NegotiatedProtocol : Configuration.RequestedProtocol; var output = new TlsStream(); EncodeRecord(protocol, contentType, Session != null ? Session.Write : null, buffer, output); output.Finish(); var result = new byte [output.Size]; Buffer.BlockCopy(output.Buffer, output.Offset, result, 0, output.Size); return(result); }
static void UpdateOutput(IBufferOffsetSize buffer, SecurityBuffer outputBuffer) { if (buffer != null) { outputBuffer.token = buffer.Buffer; outputBuffer.offset = buffer.Offset; outputBuffer.size = buffer.Size; outputBuffer.type = BufferType.Token; } else { outputBuffer.token = null; outputBuffer.size = outputBuffer.offset = 0; outputBuffer.type = BufferType.Empty; } }
protected override int Encrypt(DisposeContext d, ContentType contentType, IBufferOffsetSize input, IBufferOffsetSize output) { // Calculate message MAC byte[] mac = null; if (IsServer) { mac = ComputeServerRecordMAC(contentType, input); } else { mac = ComputeClientRecordMAC(contentType, input); } #if DEBUG_FULL if (Cipher.EnableDebugging) { DebugHelper.WriteLine("RECORD MAC", mac); } #endif int plen; byte padLen; int totalLength = GetEncryptedSize(input.Size, out plen, out padLen); var totalOutput = new BufferOffsetSize(output.Buffer, output.Offset, totalLength); var outputWriter = new TlsBuffer(totalOutput); outputWriter.Position += HeaderSize; outputWriter.Write(input.Buffer, input.Offset, input.Size); outputWriter.Write(mac); for (int i = 0; i <= padLen; i++) { outputWriter.Write(padLen); } // Encrypt the message EncryptRecord(d, totalOutput); return(totalLength); }
protected override void EncryptRecord(DisposeContext d, IBufferOffsetSize buffer) { ICryptoTransform cipher; if (!Cipher.HasFixedIV) { EncryptionAlgorithm.GenerateIV(); cipher = d.Add(EncryptionAlgorithm.CreateEncryptor()); } else { cipher = encryptionCipher; } if (!Cipher.HasFixedIV) { Buffer.BlockCopy(EncryptionAlgorithm.IV, 0, buffer.Buffer, buffer.Offset, BlockSize); } cipher.TransformBlock(buffer.Buffer, buffer.Offset + HeaderSize, buffer.Size - HeaderSize, buffer.Buffer, buffer.Offset + HeaderSize); }
public static bool Compare(IBufferOffsetSize buffer1, IBufferOffsetSize buffer2) { if (buffer1 == null || buffer2 == null) { return(false); } if (buffer1.Size != buffer2.Size) { return(false); } for (int i = 0; i < buffer1.Size; i++) { if (buffer1.Buffer [buffer1.Offset + i] != buffer2.Buffer [buffer2.Offset + i]) { return(false); } } return(true); }
bool CompareBuffer (IBufferOffsetSize actual, out string message) { if (Expected.Size != actual.Size) { message = string.Format ( "Blobs differ in size: expected {0}, got {1}.", Expected.Size, actual.Size); return false; } for (int i = 0; i < Expected.Size; i++) { var e = Expected.Buffer [Expected.Offset + i]; var a = actual.Buffer [actual.Offset + i]; if (e == a) continue; message = string.Format ( "Blobs differ at element {0}: expected {1:2x}, got {2:2x}.", i, e, a); return false; } message = null; return true; }
public int Decrypt(ContentType contentType, IBufferOffsetSize input, IBufferOffsetSize output) { if (output == null || output == input || output.Buffer == input.Buffer) { throw new TlsException(AlertDescription.InternalError, "In-place decryption is not supported."); } if (output.Size < input.Size) { throw new TlsException(AlertDescription.InternalError, "Output buffer overflow."); } using (var d = new DisposeContext()) { var ret = Decrypt(d, contentType, input, output); // Update sequence number ReadSequenceNumber++; if (ret < 0) { throw new TlsException(AlertDescription.BadRecordMAC); } return(ret); } }
protected override int DecryptRecord (DisposeContext d, IBufferOffsetSize input, IBufferOffsetSize output) { if ((input.Size % BlockSize) != 0) return -1; int ivSize; ICryptoTransform cipher; if (!Cipher.HasFixedIV) { var IV = new byte [BlockSize]; Buffer.BlockCopy (input.Buffer, input.Offset, IV, 0, BlockSize); ivSize = BlockSize; DecryptionAlgorithm.IV = IV; cipher = d.Add (DecryptionAlgorithm.CreateDecryptor ()); } else { ivSize = 0; cipher = decryptionCipher; } var ret = cipher.TransformBlock (input.Buffer, input.Offset + ivSize, input.Size - ivSize, output.Buffer, output.Offset); if (ret <= 0 || ret != input.Size - ivSize) return -1; if (Cipher.HasFixedIV) { var IV = new byte [BlockSize]; Buffer.BlockCopy (input.Buffer, input.Offset + input.Size - BlockSize, IV, 0, BlockSize); DecryptionAlgorithm.IV = IV; } return ret; }
public int Decrypt(IBufferOffsetSize input, IBufferOffsetSize output) { crypto.ReadSequenceNumber = 0; return(crypto.Decrypt(ContentType.ApplicationData, input, output)); }
public IBufferOffsetSize Encrypt (ContentType contentType, IBufferOffsetSize data) { var output = new BufferOffsetSize (GetEncryptedSize (data.Size)); var ret = Encrypt (contentType, data, output); output.TruncateTo (ret); return output; }
public static void EncodeRecord (TlsProtocolCode protocol, ContentType contentType, CryptoParameters crypto, IBufferOffsetSize buffer, TlsStream output) { EncodeRecord_internal (protocol, contentType, crypto, buffer, output); }
public void EncryptRecord(ContentType contentType, IBufferOffsetSize input, TlsStream output) { crypto.WriteSequenceNumber = 0; TlsContext.EncodeRecord(Parameters.Protocol, ContentType.ApplicationData, crypto, input, output); }
public static void WriteBuffer(string message, IBufferOffsetSize buffer) { DebugHelper.WriteBuffer(message, buffer.Buffer, buffer.Offset, buffer.Size); }
protected override int Decrypt (DisposeContext d, ContentType contentType, IBufferOffsetSize input, IBufferOffsetSize output) { if ((input.Size % BlockSize) != 0) return -1; if (input.Size < MinExtraEncryptedBytes) return -1; var plen = DecryptRecord (d, input, output); if (plen <= 0) return -1; var padlen = output.Buffer [output.Offset + plen - 1]; #if DEBUG_FULL if (Cipher.EnableDebugging) { DebugHelper.WriteLine ("DECRYPT: {0} {1} {2}", input.Size, plen, padlen); DebugHelper.WriteBuffer ("DECRYPTED", output.Buffer, output.Offset, plen); } #endif /* * VERY IMPORTANT: * * The Compiler and JIT *** MUST NOT *** optimize the following block of code. * * It is essential that the dummy checks and dummy calls be kept in place. * Also do not put any debugging code into that region as it would mess up with * the timing. * */ #region The following block of code *** MUST NOT *** be optimized in any way if (MacSize + padlen + 1 > plen) { // Invalid padding: plaintext is not long enough. // First run a loop as if there were 256 bytes of padding, with a dummy check. int ok = -1; for (int i = 0; i < 256; i++) { if (output.Buffer [i % output.Size] != padlen) ok--; } // Now assume there's no padding, compute the MAC over the entire buffer. var first = new BufferOffsetSize (output.Buffer, output.Offset, plen - MacSize); var invalidMac = ComputeRecordMAC (contentType, first); // Constant-time compare - this will always fail, TlsBuffer.ConstantTimeCompare() will return a negative value on error. ok += TlsBuffer.ConstantTimeCompare (invalidMac, 0, invalidMac.Length, output.Buffer, output.Offset + plen - MacSize, MacSize); return ok; } else { int ok = 0; var resultLength = plen - padlen - MacSize - 1; for (int i = 0; i < padlen; i++) { if (output.Buffer [output.Offset + resultLength + MacSize + i] != padlen) ok--; } var dummyOk = ok; var dummyLen = 256 - padlen - 1; for (int i = 0; i < dummyLen; i++) { if (output.Buffer [i % output.Size] != padlen) dummyOk--; } if (ok < 0) { // Now assume there's no padding, compute the MAC over the entire buffer. var first = new BufferOffsetSize (output.Buffer, output.Offset, plen - MacSize); var invalidMac = ComputeRecordMAC (contentType, first); // Constant-time compare - this will always fail, TlsBuffer.ConstantTimeCompare() will return a negative value on error. ok += TlsBuffer.ConstantTimeCompare (invalidMac, 0, invalidMac.Length, output.Buffer, output.Offset + plen - MacSize, MacSize); return ok; } else { var first = new BufferOffsetSize (output.Buffer, output.Offset, resultLength); var checkMac = ComputeRecordMAC (contentType, first); var L1 = 13 + plen - MacSize; var L2 = 13 + plen - padlen - 1 - MacSize; var additional = ((L1 - 55) / 64) - ((L2 - 55) / 64); if (additional > 0) { var algorithm = HMac.CreateHash (Cipher.HashAlgorithmType); for (int i = 0; i < additional; i++) algorithm.TransformBlock (input.Buffer, input.Offset, BlockSize, null, 0); } ok += TlsBuffer.ConstantTimeCompare (checkMac, 0, checkMac.Length, output.Buffer, output.Offset + resultLength, MacSize); if (ok == 0) ok = resultLength; return ok; } } #endregion }
static internal void EncodeRecord(TlsProtocolCode protocol, ContentType contentType, CryptoParameters crypto, IBufferOffsetSize buffer, TlsStream output) { var maxExtraBytes = crypto != null ? crypto.MaxExtraEncryptedBytes : 0; var offset = buffer.Offset; var remaining = buffer.Size; do { BufferOffsetSize fragment; var encryptedSize = crypto != null?crypto.GetEncryptedSize(remaining) : remaining; if (encryptedSize <= MAX_FRAGMENT_SIZE) { fragment = new BufferOffsetSize(buffer.Buffer, offset, remaining); } else { fragment = new BufferOffsetSize(buffer.Buffer, offset, MAX_FRAGMENT_SIZE - maxExtraBytes); encryptedSize = crypto != null?crypto.GetEncryptedSize(fragment.Size) : fragment.Size; } // Write tls message output.Write((byte)contentType); output.Write((short)protocol); output.Write((short)encryptedSize); if (crypto != null) { output.MakeRoom(encryptedSize); var ret = crypto.Encrypt(contentType, fragment, output.GetRemaining()); output.Position += ret; } else { output.Write(fragment.Buffer, fragment.Offset, fragment.Size); } offset += fragment.Size; remaining -= fragment.Size; } while (remaining > 0); }
byte[] EncodeRecord_internal (ContentType contentType, IBufferOffsetSize buffer, int fragmentSize = MAX_FRAGMENT_SIZE) { CheckValid (); var protocol = HasNegotiatedProtocol ? NegotiatedProtocol : Configuration.RequestedProtocol; var output = new TlsStream (); EncodeRecord_internal (protocol, contentType, Session != null ? Session.Write : null, buffer, output, fragmentSize); output.Finish (); var result = new byte [output.Size]; Buffer.BlockCopy (output.Buffer, output.Offset, result, 0, output.Size); return result; }
public static BOSWrapper Wrap(IBufferOffsetSize bos) { return(bos != null ? new BOSWrapper(bos.Buffer, bos.Offset, bos.Size) : null); }
protected override void EncryptRecord (DisposeContext d, IBufferOffsetSize input) { ICryptoTransform cipher; if (!Cipher.HasFixedIV) { EncryptionAlgorithm.GenerateIV (); cipher = d.Add (EncryptionAlgorithm.CreateEncryptor ()); } else { cipher = encryptionCipher; } if (!Cipher.HasFixedIV) Buffer.BlockCopy (EncryptionAlgorithm.IV, 0, input.Buffer, input.Offset, BlockSize); var ret = cipher.TransformBlock (input.Buffer, input.Offset + HeaderSize, input.Size - HeaderSize, input.Buffer, input.Offset + HeaderSize); if (ret <= 0 || ret != input.Size - HeaderSize) throw new InvalidOperationException (); if (Cipher.HasFixedIV) { var IV = new byte [BlockSize]; Buffer.BlockCopy (input.Buffer, input.Offset + input.Size - BlockSize, IV, 0, BlockSize); EncryptionAlgorithm.IV = IV; } }
static void UpdateOutput (IBufferOffsetSize buffer, SecurityBuffer outputBuffer) { if (buffer != null) { outputBuffer.token = buffer.Buffer; outputBuffer.offset = buffer.Offset; outputBuffer.size = buffer.Size; outputBuffer.type = BufferType.Token; } else { outputBuffer.token = null; outputBuffer.size = outputBuffer.offset = 0; outputBuffer.type = BufferType.Empty; } }
public static void WriteLine(string message, IBufferOffsetSize buffer) { Initialize(); DebugHelper.WriteLine(String.Format("{0} ({1} bytes)", message, buffer.Size)); DebugHelper.WriteBuffer(buffer); }
public static void WriteBuffer(IBufferOffsetSize buffer) { WriteBuffer(buffer.Buffer, buffer.Offset, buffer.Size); }
public static void WriteBuffer (string message, IBufferOffsetSize buffer) { DebugHelper.WriteBuffer (message, buffer.Buffer, buffer.Offset, buffer.Size); }
internal byte[] EncodeRecord (ContentType contentType, IBufferOffsetSize buffer) { int fragmentSize = MAX_FRAGMENT_SIZE; #if INSTRUMENTATION if (HasInstrument (HandshakeInstrumentType.FragmentHandshakeMessages)) fragmentSize = 512; #endif return EncodeRecord_internal (contentType, buffer, fragmentSize); }
public static BOSWrapper Wrap (IBufferOffsetSize bos) { return bos != null ? new BOSWrapper (bos.Buffer, bos.Offset, bos.Size) : null; }
byte[] ComputeClientRecordMAC (ContentType contentType, IBufferOffsetSize fragment) { var seqnum = IsClient ? WriteSequenceNumber : ReadSequenceNumber; return ComputeRecordMAC (Protocol, ClientHMac, seqnum, contentType, fragment); }
public IsEqualBlob (IBufferOffsetSize expected) { Expected = expected; }
protected abstract void EncryptRecord (DisposeContext d, IBufferOffsetSize buffer);
internal byte[] EncodeRecord (ContentType contentType, IBufferOffsetSize buffer) { CheckValid (); var protocol = HasNegotiatedProtocol ? NegotiatedProtocol : Configuration.RequestedProtocol; int fragmentSize = MAX_FRAGMENT_SIZE; #if INSTRUMENTATION if (HasInstrument (HandshakeInstrumentType.FragmentHandshakeMessages)) fragmentSize = 512; #endif var output = new TlsStream (); EncodeRecord_internal (protocol, contentType, Session != null ? Session.Write : null, buffer, output, fragmentSize); output.Finish (); var result = new byte [output.Size]; Buffer.BlockCopy (output.Buffer, output.Offset, result, 0, output.Size); return result; }
protected abstract int Decrypt(DisposeContext d, ContentType contentType, IBufferOffsetSize input, IBufferOffsetSize output);
static void EncodeRecord_internal (TlsProtocolCode protocol, ContentType contentType, CryptoParameters crypto, IBufferOffsetSize buffer, TlsStream output, int fragmentSize = MAX_FRAGMENT_SIZE) { var maxExtraBytes = crypto != null ? crypto.MaxExtraEncryptedBytes : 0; var offset = buffer.Offset; var remaining = buffer.Size; #if !INSTRUMENTATION fragmentSize = MAX_FRAGMENT_SIZE; #endif do { BufferOffsetSize fragment; var encryptedSize = crypto != null ? crypto.GetEncryptedSize (remaining) : remaining; if (encryptedSize <= fragmentSize) fragment = new BufferOffsetSize (buffer.Buffer, offset, remaining); else { fragment = new BufferOffsetSize (buffer.Buffer, offset, fragmentSize - maxExtraBytes); encryptedSize = crypto != null ? crypto.GetEncryptedSize (fragment.Size) : fragment.Size; } // Write tls message output.Write ((byte)contentType); output.Write ((short)protocol); output.Write ((short)encryptedSize); if (crypto != null) { output.MakeRoom (encryptedSize); var ret = crypto.Encrypt (contentType, fragment, output.GetRemaining ()); output.Position += ret; } else { output.Write (fragment.Buffer, fragment.Offset, fragment.Size); } offset += fragment.Size; remaining -= fragment.Size; } while (remaining > 0); }
public static bool Compare (IBufferOffsetSize buffer1, IBufferOffsetSize buffer2) { if (buffer1 == null || buffer2 == null) return false; if (buffer1.Size != buffer2.Size) return false; for (int i = 0; i < buffer1.Size; i++) { if (buffer1.Buffer [buffer1.Offset + i] != buffer2.Buffer [buffer2.Offset + i]) return false; } return true; }
public IBufferOffsetSize Encrypt(IBufferOffsetSize input) { crypto.WriteSequenceNumber = 0; return(crypto.Encrypt(ContentType.ApplicationData, input)); }
protected override void Clear () { var disposable = innerBuffer as IDisposable; if (disposable != null) disposable.Dispose (); innerBuffer = null; Position = 0; }
public IBufferOffsetSize Decrypt (ContentType contentType, IBufferOffsetSize input) { var output = new BufferOffsetSize (input.Size); var ret = Decrypt (contentType, input, output); output.TruncateTo (ret); return output; }
protected override int Encrypt (DisposeContext d, ContentType contentType, IBufferOffsetSize input, IBufferOffsetSize output) { // Calculate message MAC byte[] mac = null; if (IsServer) mac = ComputeServerRecordMAC (contentType, input); else mac = ComputeClientRecordMAC (contentType, input); #if DEBUG_FULL if (Cipher.EnableDebugging) DebugHelper.WriteLine ("RECORD MAC", mac); #endif int plen; byte padLen; int totalLength = GetEncryptedSize (input.Size, out plen, out padLen); var totalOutput = new BufferOffsetSize (output.Buffer, output.Offset, totalLength); var outputWriter = new TlsBuffer (totalOutput); outputWriter.Position += HeaderSize; outputWriter.Write (input.Buffer, input.Offset, input.Size); outputWriter.Write (mac); for (int i = 0; i <= padLen; i++) outputWriter.Write (padLen); // Encrypt the message EncryptRecord (d, totalOutput); return totalLength; }
protected override int Decrypt (DisposeContext d, ContentType contentType, IBufferOffsetSize input, IBufferOffsetSize output) { var implicitNonce = IsClient ? ServerWriteIV : ClientWriteIV; var writeKey = IsClient ? ServerWriteKey : ClientWriteKey; #if DEBUG_FULL if (Cipher.EnableDebugging) { DebugHelper.WriteLine ("FIXED IV", implicitNonce); DebugHelper.WriteLine ("WRITE KEY", writeKey); DebugHelper.WriteLine ("SEQUENCE: {0}", ReadSequenceNumber); } #endif var length = input.Size - ExplicitNonceSize; var aad = new TlsBuffer (13); aad.Write (ReadSequenceNumber); aad.Write ((byte)contentType); aad.Write ((short)Protocol); aad.Write ((short)(length - MacSize)); #if DEBUG_FULL if (Cipher.EnableDebugging) DebugHelper.WriteFull ("TAG", aad); #endif var gcm = new GcmBlockCipher (new AesEngine ()); var key = new KeyParameter (writeKey.Buffer); var nonce = d.CreateBuffer (ImplicitNonceSize + ExplicitNonceSize); Buffer.BlockCopy (implicitNonce.Buffer, 0, nonce.Buffer, 0, ImplicitNonceSize); Buffer.BlockCopy (input.Buffer, input.Offset, nonce.Buffer, ImplicitNonceSize, ExplicitNonceSize); #if DEBUG_FULL if (Cipher.EnableDebugging) DebugHelper.WriteLine ("NONCE", nonce); #endif var parameters = new AeadParameters (key, 128, nonce.Buffer, aad.Buffer); gcm.Init (false, parameters); int ret; try { ret = gcm.ProcessBytes (input.Buffer, input.Offset + ExplicitNonceSize, length, output.Buffer, output.Offset); ret += gcm.DoFinal (output.Buffer, output.Offset + ret); } catch (CryptoException ex) { throw new TlsException (AlertDescription.BadRecordMAC, ex.Message); } return ret; }
protected byte[] ComputeRecordMAC (ContentType contentType, IBufferOffsetSize fragment) { if (IsServer) return ComputeClientRecordMAC (contentType, fragment); else return ComputeServerRecordMAC (contentType, fragment); }
public void Write (IBufferOffsetSize buffer) { Write (buffer.Buffer, buffer.Offset, buffer.Size); }
protected abstract int Decrypt (DisposeContext d, ContentType contentType, IBufferOffsetSize input, IBufferOffsetSize output);
protected void SetBuffer (byte[] buffer, int offset, int size) { innerBuffer = new BufferOffsetSize (buffer, offset, size); }
public int Decrypt (ContentType contentType, IBufferOffsetSize input, IBufferOffsetSize output) { if (output == null || output == input || output.Buffer == input.Buffer) throw new TlsException (AlertDescription.InternalError, "In-place decryption is not supported."); if (output.Size < input.Size) throw new TlsException (AlertDescription.InternalError, "Output buffer overflow."); using (var d = new DisposeContext ()) { var ret = Decrypt (d, contentType, input, output); // Update sequence number ReadSequenceNumber++; if (ret < 0) throw new TlsException (AlertDescription.BadRecordMAC); return ret; } }
public TlsBuffer (IBufferOffsetSize bos) { innerBuffer = bos; Position = bos.Offset; }
protected abstract int DecryptRecord (DisposeContext d, IBufferOffsetSize input, IBufferOffsetSize output);