예제 #1
0
        public virtual TlsCipher GetCipher()
        {
            switch (selectedCipherSuite)
            {
            case CipherSuite.TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA:
            case CipherSuite.TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA:
            case CipherSuite.TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA:
                return(cipherFactory.CreateCipher(context, EncryptionAlgorithm.cls_3DES_EDE_CBC, DigestAlgorithm.SHA));

            case CipherSuite.TLS_SRP_SHA_WITH_AES_128_CBC_SHA:
            case CipherSuite.TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA:
            case CipherSuite.TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA:
                return(cipherFactory.CreateCipher(context, EncryptionAlgorithm.AES_128_CBC, DigestAlgorithm.SHA));

            case CipherSuite.TLS_SRP_SHA_WITH_AES_256_CBC_SHA:
            case CipherSuite.TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA:
            case CipherSuite.TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA:
                return(cipherFactory.CreateCipher(context, EncryptionAlgorithm.AES_256_CBC, DigestAlgorithm.SHA));

            default:
                /*
                 * Note: internal error here; the TlsProtocolHandler verifies that the
                 * server-selected cipher suite was in the list of client-offered cipher
                 * suites, so if we now can't produce an implementation, we shouldn't have
                 * offered it!
                 */
                throw new TlsFatalAlert(AlertDescription.internal_error);
            }
        }
예제 #2
0
        public override TlsCipher GetCipher()
        {
            int encryptionAlgorithm = TlsUtilities.GetEncryptionAlgorithm(mSelectedCipherSuite);
            int macAlgorithm        = TlsUtilities.GetMacAlgorithm(mSelectedCipherSuite);

            return(mCipherFactory.CreateCipher(mContext, encryptionAlgorithm, macAlgorithm));
        }
예제 #3
0
        public static TlsCipher AssignCipher(byte[] preMasterSecret, bool client, Version version, HandshakeInfo handshakeInfo)
        {
            int                encryptionAlgorithm = GetEncryptionAlgorithm(handshakeInfo.CipherSuite);
            int                macAlgorithm        = GetMACAlgorithm(handshakeInfo.CipherSuite);
            TlsContext         context             = new DTLSContext(client, version, handshakeInfo);
            SecurityParameters securityParameters  = context.SecurityParameters;

            byte[] seed       = Concat(securityParameters.ClientRandom, securityParameters.ServerRandom);
            string asciiLabel = ExporterLabel.master_secret;

            handshakeInfo.MasterSecret = TlsUtilities.PRF(context, preMasterSecret, asciiLabel, seed, 48);
            //session.Handshake.MasterSecret = TlsUtilities.PRF_legacy(preMasterSecret, asciiLabel, seed, 48);
#if DEBUG
            Console.Write("MasterSecret :");
            WriteToConsole(handshakeInfo.MasterSecret);
#endif

            seed = Concat(securityParameters.ServerRandom, securityParameters.ClientRandom);
            byte[] key_block = TlsUtilities.PRF(context, handshakeInfo.MasterSecret, ExporterLabel.key_expansion, seed, 96);
            //byte[] key_block = TlsUtilities.PRF_legacy(session.Handshake.MasterSecret, ExporterLabel.key_expansion, seed, 96);
#if DEBUG
            Console.Write("Key block :");
            WriteToConsole(key_block);
#endif
            return(CipherFactory.CreateCipher(context, encryptionAlgorithm, macAlgorithm));
        }
예제 #4
0
        public static TlsCipher AssignCipher(byte[] preMasterSecret, bool client, Version version, HandshakeInfo handshakeInfo)
        {
            if (preMasterSecret == null)
            {
                throw new ArgumentNullException(nameof(preMasterSecret));
            }

            if (version == null)
            {
                throw new ArgumentNullException(nameof(version));
            }

            if (handshakeInfo == null)
            {
                throw new ArgumentNullException(nameof(handshakeInfo));
            }

            TlsContext context            = new DTLSContext(client, version, handshakeInfo);
            var        securityParameters = context.SecurityParameters;
            var        seed       = securityParameters.ClientRandom.Concat(securityParameters.ServerRandom).ToArray();
            var        asciiLabel = ExporterLabel.master_secret;

            handshakeInfo.MasterSecret = TlsUtilities.IsTlsV11(context) ?
                                         TlsUtilities.PRF_legacy(preMasterSecret, asciiLabel, seed, 48)
                : TlsUtilities.PRF(context, preMasterSecret, asciiLabel, seed, 48);

            seed = securityParameters.ServerRandom.Concat(securityParameters.ClientRandom).ToArray();
            var key_block = TlsUtilities.IsTlsV11(context) ?
                            TlsUtilities.PRF_legacy(handshakeInfo.MasterSecret, ExporterLabel.key_expansion, seed, 96)
                : TlsUtilities.PRF(context, handshakeInfo.MasterSecret, ExporterLabel.key_expansion, seed, 96);

            return(_CipherFactory
                   .CreateCipher(context, _GetEncryptionAlgorithm(handshakeInfo.CipherSuite), _GetMACAlgorithm(handshakeInfo.CipherSuite)));
        }