public static UrlAndHash Parse(TlsContext context, Stream input)
{
byte[] array = TlsUtilities.ReadOpaque16(input);
if (array.Length < 1)
{
throw new TlsFatalAlert(47);
}
string url = Strings.FromByteArray(array);
byte[] sha1Hash = null;
switch (TlsUtilities.ReadUint8(input))
{
case 0:
if (TlsUtilities.IsTlsV12(context))
{
throw new TlsFatalAlert(47);
}
break;
case 1:
sha1Hash = TlsUtilities.ReadFully(20, input);
break;
default:
throw new TlsFatalAlert(47);
}
return(new UrlAndHash(url, sha1Hash));
}
public static CertificateRequest Parse(TlsContext context, Stream input)
{
int num = TlsUtilities.ReadUint8(input);
byte[] array = new byte[num];
for (int i = 0; i < num; i++)
{
array[i] = TlsUtilities.ReadUint8(input);
}
IList supportedSignatureAlgorithms = null;
if (TlsUtilities.IsTlsV12(context))
{
supportedSignatureAlgorithms = TlsUtilities.ParseSupportedSignatureAlgorithms(allowAnonymous: false, input);
}
IList list = Platform.CreateArrayList();
byte[] buffer = TlsUtilities.ReadOpaque16(input);
MemoryStream memoryStream = new MemoryStream(buffer, writable: false);
while (memoryStream.Position < memoryStream.Length)
{
byte[] encoding = TlsUtilities.ReadOpaque16(memoryStream);
Asn1Object obj = TlsUtilities.ReadDerObject(encoding);
list.Add(X509Name.GetInstance(obj));
}
return(new CertificateRequest(array, supportedSignatureAlgorithms, list));
}
private void ProcessChangeCipherSpec(byte[] buf, int off, int len)
{
int num = 0;
while (true)
{
if (num < len)
{
byte b = TlsUtilities.ReadUint8(buf, off + num);
if (b != 1)
{
throw new TlsFatalAlert(50);
}
if (mReceivedChangeCipherSpec || mAlertQueue.Available > 0 || mHandshakeQueue.Available > 0)
{
break;
}
mRecordStream.ReceivedReadCipherSpec();
mReceivedChangeCipherSpec = true;
HandleChangeCipherSpecMessage();
num++;
continue;
}
return;
}
throw new TlsFatalAlert(10);
}
public static CertificateUrl parse(TlsContext context, Stream input)
{
byte b = TlsUtilities.ReadUint8(input);
if (!CertChainType.IsValid(b))
{
throw new TlsFatalAlert(50);
}
int num = TlsUtilities.ReadUint16(input);
if (num < 1)
{
throw new TlsFatalAlert(50);
}
byte[] buffer = TlsUtilities.ReadFully(num, input);
MemoryStream memoryStream = new MemoryStream(buffer, writable: false);
IList list = Platform.CreateArrayList();
while (memoryStream.Position < memoryStream.Length)
{
UrlAndHash value = UrlAndHash.Parse(context, memoryStream);
list.Add(value);
}
return(new CertificateUrl(b, list));
}
/**
* Parse a {@link CertificateUrl} from a {@link Stream}.
*
* @param context
* the {@link TlsContext} of the current connection.
* @param input
* the {@link Stream} to parse from.
* @return a {@link CertificateUrl} object.
* @throws IOException
*/
public static CertificateUrl parse(TlsContext context, Stream input)
{
byte type = TlsUtilities.ReadUint8(input);
if (!CertChainType.IsValid(type))
{
throw new TlsFatalAlert(AlertDescription.decode_error);
}
int totalLength = TlsUtilities.ReadUint16(input);
if (totalLength < 1)
{
throw new TlsFatalAlert(AlertDescription.decode_error);
}
byte[] urlAndHashListData = TlsUtilities.ReadFully(totalLength, input);
MemoryStream buf = new MemoryStream(urlAndHashListData, false);
IList url_and_hash_list = Platform.CreateArrayList();
while (buf.Position < buf.Length)
{
UrlAndHash url_and_hash = UrlAndHash.Parse(context, buf);
url_and_hash_list.Add(url_and_hash);
}
return(new CertificateUrl(type, url_and_hash_list));
}
/**
* Parse a {@link CertificateRequest} from a {@link Stream}.
*
* @param context
* the {@link TlsContext} of the current connection.
* @param input
* the {@link Stream} to parse from.
* @return a {@link CertificateRequest} object.
* @throws IOException
*/
public static CertificateRequest Parse(TlsContext context, Stream input)
{
int numTypes = TlsUtilities.ReadUint8(input);
byte[] certificateTypes = new byte[numTypes];
for (int i = 0; i < numTypes; ++i)
{
certificateTypes[i] = TlsUtilities.ReadUint8(input);
}
IList supportedSignatureAlgorithms = null;
if (TlsUtilities.IsTlsV12(context))
{
// TODO Check whether SignatureAlgorithm.anonymous is allowed here
supportedSignatureAlgorithms = TlsUtilities.ParseSupportedSignatureAlgorithms(false, input);
}
IList certificateAuthorities = Platform.CreateArrayList();
byte[] certAuthData = TlsUtilities.ReadOpaque16(input);
MemoryStream bis = new MemoryStream(certAuthData, false);
while (bis.Position < bis.Length)
{
byte[] derEncoding = TlsUtilities.ReadOpaque16(bis);
Asn1Object asn1 = TlsUtilities.ReadDerObject(derEncoding);
// TODO Switch to X500Name when available
certificateAuthorities.Add(X509Name.GetInstance(asn1));
}
return(new CertificateRequest(certificateTypes, supportedSignatureAlgorithms, certificateAuthorities));
}
/**
* Parse a {@link SignatureAndHashAlgorithm} from a {@link Stream}.
*
* @param input the {@link Stream} to parse from.
* @return a {@link SignatureAndHashAlgorithm} object.
* @throws IOException
*/
public static SignatureAndHashAlgorithm Parse(Stream input)
{
byte hash = TlsUtilities.ReadUint8(input);
byte signature = TlsUtilities.ReadUint8(input);
return(new SignatureAndHashAlgorithm(hash, signature));
}
public static byte[] ReadSupportedPointFormatsExtension(byte[] extensionData)
{
if (extensionData == null)
{
throw new ArgumentNullException("extensionData");
}
MemoryStream buf = new MemoryStream(extensionData, false);
byte length = TlsUtilities.ReadUint8(buf);
if (length < 1)
{
throw new TlsFatalAlert(AlertDescription.decode_error);
}
byte[] ecPointFormats = TlsUtilities.ReadUint8Array(length, buf);
TlsProtocol.AssertEmpty(buf);
if (!Arrays.Contains(ecPointFormats, ECPointFormat.uncompressed))
{
/*
* RFC 4492 5.1. If the Supported Point Formats Extension is indeed sent, it MUST
* contain the value 0 (uncompressed) as one of the items in the list of point formats.
*/
throw new TlsFatalAlert(AlertDescription.illegal_parameter);
}
return(ecPointFormats);
}
internal /*virtual*/ void CheckRecordHeader(byte[] recordHeader)
{
byte type = TlsUtilities.ReadUint8(recordHeader, TLS_HEADER_TYPE_OFFSET);
/*
* RFC 5246 6. If a TLS implementation receives an unexpected record type, it MUST send an
* unexpected_message alert.
*/
CheckType(type, AlertDescription.unexpected_message);
if (!mRestrictReadVersion)
{
int version = TlsUtilities.ReadVersionRaw(recordHeader, TLS_HEADER_VERSION_OFFSET);
if ((version & 0xffffff00) != 0x0300)
{
throw new TlsFatalAlert(AlertDescription.illegal_parameter);
}
}
else
{
ProtocolVersion version = TlsUtilities.ReadVersion(recordHeader, TLS_HEADER_VERSION_OFFSET);
if (mReadVersion == null)
{
// Will be set later in 'readRecord'
}
else if (!version.Equals(mReadVersion))
{
throw new TlsFatalAlert(AlertDescription.illegal_parameter);
}
}
int length = TlsUtilities.ReadUint16(recordHeader, TLS_HEADER_LENGTH_OFFSET);
CheckLength(length, mCiphertextLimit, AlertDescription.record_overflow);
}
/**
* Parse a {@link UrlAndHash} from a {@link Stream}.
*
* @param context
* the {@link TlsContext} of the current connection.
* @param input
* the {@link Stream} to parse from.
* @return a {@link UrlAndHash} object.
* @throws IOException
*/
public static UrlAndHash Parse(TlsContext context, Stream input)
{
byte[] urlEncoding = TlsUtilities.ReadOpaque16(input);
if (urlEncoding.Length < 1)
{
throw new TlsFatalAlert(AlertDescription.illegal_parameter);
}
string url = Strings.FromByteArray(urlEncoding);
byte[] sha1Hash = null;
byte padding = TlsUtilities.ReadUint8(input);
switch (padding)
{
case 0:
if (TlsUtilities.IsTlsV12(context))
{
throw new TlsFatalAlert(AlertDescription.illegal_parameter);
}
break;
case 1:
sha1Hash = TlsUtilities.ReadFully(20, input);
break;
default:
throw new TlsFatalAlert(AlertDescription.illegal_parameter);
}
return(new UrlAndHash(url, sha1Hash));
}
/**
* Parse a {@link HeartbeatMessage} from a {@link Stream}.
*
* @param input
* the {@link Stream} to parse from.
* @return a {@link HeartbeatMessage} object.
* @throws IOException
*/
public static HeartbeatMessage Parse(Stream input)
{
byte type = TlsUtilities.ReadUint8(input);
if (!HeartbeatMessageType.IsValid(type))
{
throw new TlsFatalAlert(AlertDescription.illegal_parameter);
}
int payload_length = TlsUtilities.ReadUint16(input);
PayloadBuffer buf = new PayloadBuffer();
Streams.PipeAll(input, buf);
byte[] payload = buf.ToTruncatedByteArray(payload_length);
if (payload == null)
{
/*
* RFC 6520 4. If the payload_length of a received HeartbeatMessage is too large, the
* received HeartbeatMessage MUST be discarded silently.
*/
return(null);
}
TlsUtilities.CheckUint16(buf.Length);
int padding_length = (int)buf.Length - payload.Length;
/*
* RFC 6520 4. The padding of a received HeartbeatMessage message MUST be ignored
*/
return(new HeartbeatMessage(type, payload, padding_length));
}
private void ProcessHandshake()
{
bool flag;
do
{
flag = false;
if (mHandshakeQueue.Available < 4)
{
continue;
}
byte[] array = new byte[4];
mHandshakeQueue.Read(array, 0, 4, 0);
byte b = TlsUtilities.ReadUint8(array, 0);
int num = TlsUtilities.ReadUint24(array, 1);
if (mHandshakeQueue.Available < num + 4)
{
continue;
}
byte[] array2 = mHandshakeQueue.RemoveData(num, 4);
CheckReceivedChangeCipherSpec(mConnectionState == 16 || b == 20);
if (b != 0)
{
TlsContext context = Context;
if (b == 20 && mExpectedVerifyData == null && context.SecurityParameters.MasterSecret != null)
{
mExpectedVerifyData = CreateVerifyData(!context.IsServer);
}
mRecordStream.UpdateHandshakeData(array, 0, 4);
mRecordStream.UpdateHandshakeData(array2, 0, num);
}
HandleHandshakeMessage(b, array2);
flag = true;
}while (flag);
}
protected virtual void ReceiveClientHelloMessage(MemoryStream buf)
{
ProtocolVersion protocolVersion = TlsUtilities.ReadVersion(buf);
mRecordStream.SetWriteVersion(protocolVersion);
if (protocolVersion.IsDtls)
{
throw new TlsFatalAlert(47);
}
byte[] clientRandom = TlsUtilities.ReadFully(32, buf);
byte[] array = TlsUtilities.ReadOpaque8(buf);
if (array.Length > 32)
{
throw new TlsFatalAlert(47);
}
int num = TlsUtilities.ReadUint16(buf);
if (num < 2 || (num & 1) != 0)
{
throw new TlsFatalAlert(50);
}
mOfferedCipherSuites = TlsUtilities.ReadUint16Array(num / 2, buf);
int num2 = TlsUtilities.ReadUint8(buf);
if (num2 < 1)
{
throw new TlsFatalAlert(47);
}
mOfferedCompressionMethods = TlsUtilities.ReadUint8Array(num2, buf);
mClientExtensions = TlsProtocol.ReadExtensions(buf);
mSecurityParameters.extendedMasterSecret = TlsExtensionsUtilities.HasExtendedMasterSecretExtension(mClientExtensions);
ContextAdmin.SetClientVersion(protocolVersion);
mTlsServer.NotifyClientVersion(protocolVersion);
mTlsServer.NotifyFallback(Arrays.Contains(mOfferedCipherSuites, 22016));
mSecurityParameters.clientRandom = clientRandom;
mTlsServer.NotifyOfferedCipherSuites(mOfferedCipherSuites);
mTlsServer.NotifyOfferedCompressionMethods(mOfferedCompressionMethods);
if (Arrays.Contains(mOfferedCipherSuites, 255))
{
mSecureRenegotiation = true;
}
byte[] extensionData = TlsUtilities.GetExtensionData(mClientExtensions, 65281);
if (extensionData != null)
{
mSecureRenegotiation = true;
if (!Arrays.ConstantTimeAreEqual(extensionData, TlsProtocol.CreateRenegotiationInfo(TlsUtilities.EmptyBytes)))
{
throw new TlsFatalAlert(40);
}
}
mTlsServer.NotifySecureRenegotiation(mSecureRenegotiation);
if (mClientExtensions != null)
{
mTlsServer.ProcessClientExtensions(mClientExtensions);
}
}
public static HeartbeatExtension Parse(Stream input)
{
byte b = TlsUtilities.ReadUint8(input);
if (!HeartbeatMode.IsValid(b))
{
throw new TlsFatalAlert(47);
}
return(new HeartbeatExtension(b));
}
/**
* Parse a {@link HeartbeatExtension} from a {@link Stream}.
*
* @param input
* the {@link Stream} to parse from.
* @return a {@link HeartbeatExtension} object.
* @throws IOException
*/
public static HeartbeatExtension Parse(Stream input)
{
byte mode = TlsUtilities.ReadUint8(input);
if (!HeartbeatMode.IsValid(mode))
{
throw new TlsFatalAlert(AlertDescription.illegal_parameter);
}
return(new HeartbeatExtension(mode));
}
private void HandleRetransmittedHandshakeRecord(int epoch, byte[] buf, int off, int len)
{
/*
* TODO Need to handle the case where the previous inbound flight contains
* messages from two epochs.
*/
if (len < 12)
{
return;
}
int fragment_length = TlsUtilities.ReadUint24(buf, off + 9);
if (len != (fragment_length + 12))
{
return;
}
int seq = TlsUtilities.ReadUint16(buf, off + 4);
if (seq >= mNextReceiveSeq)
{
return;
}
byte msg_type = TlsUtilities.ReadUint8(buf, off);
// TODO This is a hack that only works until we try to support renegotiation
int expectedEpoch = msg_type == HandshakeType.finished ? 1 : 0;
if (epoch != expectedEpoch)
{
return;
}
int length = TlsUtilities.ReadUint24(buf, off + 1);
int fragment_offset = TlsUtilities.ReadUint24(buf, off + 6);
if (fragment_offset + fragment_length > length)
{
return;
}
DtlsReassembler reassembler = (DtlsReassembler)mCurrentInboundFlight[seq];
if (reassembler != null)
{
reassembler.ContributeFragment(msg_type, length, buf, off + 12, fragment_offset,
fragment_length);
if (CheckAll(mCurrentInboundFlight))
{
ResendOutboundFlight();
ResetAll(mCurrentInboundFlight);
}
}
}
public static CertificateStatusRequest Parse(Stream input)
{
byte b = TlsUtilities.ReadUint8(input);
byte b2 = b;
if (b2 == 1)
{
object request = OcspStatusRequest.Parse(input);
return(new CertificateStatusRequest(b, request));
}
throw new TlsFatalAlert(50);
}
public static CertificateStatus Parse(Stream input)
{
byte b = TlsUtilities.ReadUint8(input);
byte b2 = b;
if (b2 == 1)
{
byte[] encoding = TlsUtilities.ReadOpaque24(input);
object instance = OcspResponse.GetInstance(TlsUtilities.ReadDerObject(encoding));
return(new CertificateStatus(b, instance));
}
throw new TlsFatalAlert(50);
}
internal /*virtual*/ bool ReadRecord()
{
BufferSegment recordHeader = TlsUtilities.ReadAllOrNothing(TLS_HEADER_SIZE, mInput);
if (recordHeader == BufferSegment.Empty)
{
return(false);
}
byte type = TlsUtilities.ReadUint8(recordHeader.Data, TLS_HEADER_TYPE_OFFSET);
/*
* RFC 5246 6. If a TLS implementation receives an unexpected record type, it MUST send an
* unexpected_message alert.
*/
CheckType(type, AlertDescription.unexpected_message);
if (!mRestrictReadVersion)
{
int version = TlsUtilities.ReadVersionRaw(recordHeader.Data, TLS_HEADER_VERSION_OFFSET);
if ((version & 0xffffff00) != 0x0300)
{
throw new TlsFatalAlert(AlertDescription.illegal_parameter);
}
}
else
{
ProtocolVersion version = TlsUtilities.ReadVersion(recordHeader.Data, TLS_HEADER_VERSION_OFFSET);
if (mReadVersion == null)
{
mReadVersion = version;
}
else if (!version.Equals(mReadVersion))
{
throw new TlsFatalAlert(AlertDescription.illegal_parameter);
}
}
int length = TlsUtilities.ReadUint16(recordHeader.Data, TLS_HEADER_LENGTH_OFFSET);
BufferPool.Release(recordHeader.Data);
CheckLength(length, mCiphertextLimit, AlertDescription.record_overflow);
BufferSegment plaintext = DecodeAndVerify(type, mInput, length);
mHandler.ProcessRecord(type, plaintext.Data, plaintext.Offset, plaintext.Count);
BufferPool.Release(plaintext);
return(true);
}
public static ServerName Parse(Stream input)
{
byte b = TlsUtilities.ReadUint8(input);
if (b == 0)
{
byte[] array = TlsUtilities.ReadOpaque16(input);
if (array.Length < 1)
{
throw new TlsFatalAlert(50);
}
object name = Strings.FromAsciiByteArray(array);
return(new ServerName(b, name));
}
throw new TlsFatalAlert(50);
}
/**
* Parse a {@link CertificateStatusRequest} from a {@link Stream}.
*
* @param input
* the {@link Stream} to parse from.
* @return a {@link CertificateStatusRequest} object.
* @throws IOException
*/
public static CertificateStatusRequest Parse(Stream input)
{
byte status_type = TlsUtilities.ReadUint8(input);
object result;
switch (status_type)
{
case CertificateStatusType.ocsp:
result = OcspStatusRequest.Parse(input);
break;
default:
throw new TlsFatalAlert(AlertDescription.decode_error);
}
return(new CertificateStatusRequest(status_type, result));
}
protected static byte[] PatchClientHelloWithCookie(byte[] clientHelloBody, byte[] cookie)
{
int sessionIDPos = 34;
int sessionIDLength = TlsUtilities.ReadUint8(clientHelloBody, sessionIDPos);
int cookieLengthPos = sessionIDPos + 1 + sessionIDLength;
int cookiePos = cookieLengthPos + 1;
byte[] patched = new byte[clientHelloBody.Length + cookie.Length];
Array.Copy(clientHelloBody, 0, patched, 0, cookieLengthPos);
TlsUtilities.CheckUint8(cookie.Length);
TlsUtilities.WriteUint8((byte)cookie.Length, patched, cookieLengthPos);
Array.Copy(cookie, 0, patched, cookiePos, cookie.Length);
Array.Copy(clientHelloBody, cookiePos, patched, cookiePos + cookie.Length, clientHelloBody.Length - cookiePos);
return(patched);
}
public static byte[] ReadNegotiatedDheGroupsClientExtension(byte[] extensionData)
{
if (extensionData == null)
{
throw new ArgumentNullException("extensionData");
}
MemoryStream memoryStream = new MemoryStream(extensionData, writable: false);
byte b = TlsUtilities.ReadUint8(memoryStream);
if (b < 1)
{
throw new TlsFatalAlert(50);
}
byte[] result = TlsUtilities.ReadUint8Array(b, memoryStream);
TlsProtocol.AssertEmpty(memoryStream);
return(result);
}
private void HandleRetransmittedHandshakeRecord(int epoch, byte[] buf, int off, int len)
{
if (len < 12)
{
return;
}
int num = TlsUtilities.ReadUint24(buf, off + 9);
if (len != num + 12)
{
return;
}
int num2 = TlsUtilities.ReadUint16(buf, off + 4);
if (num2 >= mNextReceiveSeq)
{
return;
}
byte b = TlsUtilities.ReadUint8(buf, off);
int num3 = (b == 20) ? 1 : 0;
if (epoch != num3)
{
return;
}
int num4 = TlsUtilities.ReadUint24(buf, off + 1);
int num5 = TlsUtilities.ReadUint24(buf, off + 6);
if (num5 + num > num4)
{
return;
}
DtlsReassembler dtlsReassembler = (DtlsReassembler)mCurrentInboundFlight[num2];
if (dtlsReassembler != null)
{
dtlsReassembler.ContributeFragment(b, num4, buf, off + 12, num5, num);
if (CheckAll(mCurrentInboundFlight))
{
ResendOutboundFlight();
ResetAll(mCurrentInboundFlight);
}
}
}
internal virtual bool ReadRecord()
{
byte[] recordHeader = TlsUtilities.ReadAllOrNothing(TLS_HEADER_SIZE, mInput);
if (recordHeader == null)
{
return(false);
}
byte type = TlsUtilities.ReadUint8(recordHeader, TLS_HEADER_TYPE_OFFSET);
/*
* RFC 5246 6. If a TLS implementation receives an unexpected record type, it MUST send an
* unexpected_message alert.
*/
CheckType(type, AlertDescription.unexpected_message);
if (!mRestrictReadVersion)
{
int version = TlsUtilities.ReadVersionRaw(recordHeader, TLS_HEADER_VERSION_OFFSET);
if ((version & 0xffffff00) != 0x0300)
{
throw new TlsFatalAlert(AlertDescription.illegal_parameter);
}
}
else
{
ProtocolVersion version = TlsUtilities.ReadVersion(recordHeader, TLS_HEADER_VERSION_OFFSET);
if (mReadVersion == null)
{
mReadVersion = version;
}
else if (!version.Equals(mReadVersion))
{
throw new TlsFatalAlert(AlertDescription.illegal_parameter);
}
}
int length = TlsUtilities.ReadUint16(recordHeader, TLS_HEADER_LENGTH_OFFSET);
byte[] plaintext = DecodeAndVerify(type, mInput, length);
mHandler.ProcessRecord(type, plaintext, 0, plaintext.Length);
return(true);
}
/**
* Parse a {@link CertificateStatus} from a {@link Stream}.
*
* @param input
* the {@link Stream} to parse from.
* @return a {@link CertificateStatus} object.
* @throws IOException
*/
public static CertificateStatus Parse(Stream input)
{
byte status_type = TlsUtilities.ReadUint8(input);
object response;
switch (status_type)
{
case CertificateStatusType.ocsp:
{
byte[] derEncoding = TlsUtilities.ReadOpaque24(input);
response = OcspResponse.GetInstance(TlsUtilities.ReadDerObject(derEncoding));
break;
}
default:
throw new TlsFatalAlert(AlertDescription.decode_error);
}
return(new CertificateStatus(status_type, response));
}
public static byte[] ReadSupportedPointFormatsExtension(byte[] extensionData)
{
if (extensionData == null)
{
throw new ArgumentNullException("extensionData");
}
MemoryStream memoryStream = new MemoryStream(extensionData, writable: false);
byte b = TlsUtilities.ReadUint8(memoryStream);
if (b < 1)
{
throw new TlsFatalAlert(50);
}
byte[] array = TlsUtilities.ReadUint8Array(b, memoryStream);
TlsProtocol.AssertEmpty(memoryStream);
if (!Arrays.Contains(array, 0))
{
throw new TlsFatalAlert(47);
}
return(array);
}
public static byte[] ReadNegotiatedDheGroupsClientExtension(byte[] extensionData)
{
if (extensionData == null)
{
throw new ArgumentNullException("extensionData");
}
MemoryStream buf = new MemoryStream(extensionData, false);
byte length = TlsUtilities.ReadUint8(buf);
if (length < 1)
{
throw new TlsFatalAlert(AlertDescription.decode_error);
}
byte[] dheGroups = TlsUtilities.ReadUint8Array(length, buf);
TlsProtocol.AssertEmpty(buf);
return(dheGroups);
}
public static HeartbeatMessage Parse(Stream input)
{
byte b = TlsUtilities.ReadUint8(input);
if (!HeartbeatMessageType.IsValid(b))
{
throw new TlsFatalAlert(47);
}
int payloadLength = TlsUtilities.ReadUint16(input);
PayloadBuffer payloadBuffer = new PayloadBuffer();
Streams.PipeAll(input, payloadBuffer);
byte[] array = payloadBuffer.ToTruncatedByteArray(payloadLength);
if (array == null)
{
return(null);
}
TlsUtilities.CheckUint16(payloadBuffer.Length);
int paddingLength = (int)payloadBuffer.Length - array.Length;
return(new HeartbeatMessage(b, array, paddingLength));
}
/// <exception cref="IOException"/>
public virtual void Send(byte[] buf, int off, int len)
{
byte contentType = ContentType.application_data;
if (this.mInHandshake || this.mWriteEpoch == this.mRetransmitEpoch)
{
contentType = ContentType.handshake;
byte handshakeType = TlsUtilities.ReadUint8(buf, off);
if (handshakeType == HandshakeType.finished)
{
DtlsEpoch nextEpoch = null;
if (this.mInHandshake)
{
nextEpoch = mPendingEpoch;
}
else if (this.mWriteEpoch == this.mRetransmitEpoch)
{
nextEpoch = mCurrentEpoch;
}
if (nextEpoch == null)
{
// TODO
throw new InvalidOperationException();
}
// Implicitly send change_cipher_spec and change to pending cipher state
// TODO Send change_cipher_spec and finished records in single datagram?
byte[] data = new byte[] { 1 };
SendRecord(ContentType.change_cipher_spec, data, 0, data.Length);
mWriteEpoch = nextEpoch;
}
}
SendRecord(contentType, buf, off, len);
}