예제 #1
0
        internal /*virtual*/ BufferSegment DecodeAndVerify(byte type, Stream input, int len)
        {
            BufferSegment buf = TlsUtilities.ReadFullyOptimized(len, input);

            long          seqNo   = mReadSeqNo.NextValue(AlertDescription.unexpected_message);
            BufferSegment decoded = mReadCipher.DecodeCiphertext(seqNo, type, buf.Data, buf.Offset, buf.Count);

            if (buf.Data != decoded.Data)
            {
                BufferPool.Release(buf);
            }

            CheckLength(decoded.Count, mCompressedLimit, AlertDescription.record_overflow);

            /*
             * TODO 5246 6.2.2. Implementation note: Decompression functions are responsible for
             * ensuring that messages cannot cause internal buffer overflows.
             */
            //Stream cOut = mReadCompression.Decompress(mBuffer);
            //if (cOut != mBuffer)
            //{
            //    cOut.Write(decoded, 0, decoded.Length);
            //    cOut.Flush();
            //    decoded = GetBufferContents();
            //}

            /*
             * RFC 5246 6.2.2. If the decompression function encounters a TLSCompressed.fragment that
             * would decompress to a length in excess of 2^14 bytes, it should report a fatal
             * decompression failure error.
             */
            //CheckLength(decoded.Length, mPlaintextLimit, AlertDescription.decompression_failure);

            /*
             * RFC 5246 6.2.1 Implementations MUST NOT send zero-length fragments of Handshake, Alert,
             * or ChangeCipherSpec content types.
             */
            if (decoded.Count < 1 && type != ContentType.application_data)
            {
                throw new TlsFatalAlert(AlertDescription.illegal_parameter);
            }

            return(decoded);
        }