예제 #1
0
 public HandshakeHash()
 {
     hashes     = new IHashAlgorithm [6];
     hashes [0] = new MSC.MD5SHA1();
     hashes [1] = new MSC.SHA1CryptoServiceProvider();
     hashes [2] = new MSC.SHA224Managed();
     hashes [3] = new MSC.SHA256Managed();
     hashes [4] = new MSC.SHA384Managed();
     hashes [5] = new MSC.SHA512Managed();
 }
예제 #2
0
		public HandshakeHash ()
		{
			hashes = new IHashAlgorithm [6];
			hashes [0] = new MSC.MD5SHA1 ();
			hashes [1] = new MSC.SHA1CryptoServiceProvider ();
			hashes [2] = new MSC.SHA224Managed ();
			hashes [3] = new MSC.SHA256Managed ();
			hashes [4] = new MSC.SHA384Managed ();
			hashes [5] = new MSC.SHA512Managed ();
		}
예제 #3
0
		protected override void ProcessAsTls1()
		{
			// Compute handshake messages hash
			HashAlgorithm hash = new MD5SHA1();
			byte[] data = this.Context.HandshakeMessages.ToArray ();
			byte[] digest = hash.ComputeHash (data, 0, data.Length);

			// Write message
			this.Write(this.Context.Current.Cipher.PRF(
				this.Context.MasterSecret, "server finished", digest, 12));
		}
		protected override void ProcessAsTls1()
		{
			// Compute handshake messages hash
			HashAlgorithm hash = new MD5SHA1();
			hash.ComputeHash(
				this.Context.HandshakeMessages.ToArray(),
				0,
				(int)this.Context.HandshakeMessages.Length);

			// Write message
			Write(this.Context.Cipher.PRF(this.Context.MasterSecret, "client finished", hash.Hash, 12));
		}
예제 #5
0
		protected override void ProcessAsTls1()
		{
			// Compute handshake messages hash
			HashAlgorithm hash = new MD5SHA1();

			// note: we could call HashAlgorithm.ComputeHash(Stream) but that would allocate (on Mono)
			// a 4096 bytes buffer to process the hash - which is bigger than HandshakeMessages
			byte[] data = this.Context.HandshakeMessages.ToArray ();
			byte[] digest = hash.ComputeHash (data, 0, data.Length);

			// Write message
			Write(this.Context.Write.Cipher.PRF(this.Context.MasterSecret, "client finished", digest, 12));
		}
예제 #6
0
		protected override void ProcessAsTls1()
		{
			byte[]			clientPRF		= this.ReadBytes((int)this.Length);
			HashAlgorithm	hash			= new MD5SHA1();

			byte[] data = this.Context.HandshakeMessages.ToArray ();
			byte[] digest = hash.ComputeHash (data, 0, data.Length);

			byte[] serverPRF = this.Context.Current.Cipher.PRF(
				this.Context.MasterSecret, "client finished", digest, 12);

			// Check client prf against server prf
			if (!Compare (clientPRF, serverPRF))
			{
				throw new TlsException(AlertDescription.DecryptError, "Decrypt error.");
			}
		}
		protected override void ProcessAsTls1()
		{
			ServerContext context = (ServerContext)this.Context;
			int length = this.ReadInt16 ();
			byte[] signature = this.ReadBytes (length);

			// Verify signature
			MD5SHA1 hash = new MD5SHA1();
			hash.ComputeHash(
				context.HandshakeMessages.ToArray(),
				0,
				(int)context.HandshakeMessages.Length);

			if (!hash.VerifySignature(context.ClientSettings.CertificateRSA, signature))
			{
				throw new TlsException (AlertDescription.HandshakeFailiure, "Handshake Failure.");
			}
		}
예제 #8
0
		protected override void ProcessAsTls1()
		{
			byte[]			serverPRF	= this.ReadBytes((int)Length);
			HashAlgorithm	hash		= new MD5SHA1();

			// note: we could call HashAlgorithm.ComputeHash(Stream) but that would allocate (on Mono)
			// a 4096 bytes buffer to process the hash - which is bigger than HandshakeMessages
			byte[] data = this.Context.HandshakeMessages.ToArray ();
			byte[] digest = hash.ComputeHash (data, 0, data.Length);

			byte[] clientPRF = this.Context.Current.Cipher.PRF(this.Context.MasterSecret, "server finished", digest, 12);

			// Check server prf against client prf
			if (!Compare (clientPRF, serverPRF))
			{
				throw new TlsException("Invalid ServerFinished message received.");
			}
		}
		protected override void ProcessAsTls1()
		{
			byte[]			clientPRF		= this.ReadBytes((int)this.Length);
			HashAlgorithm	hash			= new MD5SHA1();
			bool			decryptError	= false;

			hash.ComputeHash(
				this.Context.HandshakeMessages.ToArray(), 
				0,
				(int)this.Context.HandshakeMessages.Length);

			byte[] serverPRF = this.Context.Cipher.PRF(
				this.Context.MasterSecret, "client finished", hash.Hash, 12);

			// Check client prf against server prf
			if (clientPRF.Length != serverPRF.Length)
			{
				decryptError = true;
			}
			else
			{
				for (int i = 0; i < serverPRF.Length; i++)
				{
					if (clientPRF[i] != serverPRF[i])
					{
						decryptError = true;
						break;
					}
				}
			}

			if (decryptError)
			{
				throw new TlsException(AlertDescription.DecryptError, "Decrypt error.");
			}
		}
예제 #10
0
		protected override void ProcessAsTls1()
		{
			AsymmetricAlgorithm privKey = null;
			ClientContext		context = (ClientContext)this.Context;
			
			privKey = context.SslStream.RaisePrivateKeySelection(
				context.ClientSettings.ClientCertificate,
				context.ClientSettings.TargetHost);

			if (privKey == null)
			{
				throw new TlsException(AlertDescription.UserCancelled, "Client certificate Private Key unavailable.");
			}
			else
			{
				// Compute handshake messages hash
				MD5SHA1 hash = new MD5SHA1();
				hash.ComputeHash(
					context.HandshakeMessages.ToArray(),
					0,
					(int)context.HandshakeMessages.Length);

				// CreateSignature uses ((RSA)privKey).DecryptValue which is not implemented
				// in RSACryptoServiceProvider. Other implementations likely implement DecryptValue
				// so we will try the CreateSignature method.
				byte[] signature = null;
#if !MOONLIGHT
				if (!(privKey is RSACryptoServiceProvider))
#endif
				{
					try
					{
						signature = hash.CreateSignature((RSA)privKey);
					}
					catch (NotImplementedException)
					{ }
				}
				// If DecryptValue is not implemented, then try to export the private
				// key and let the RSAManaged class do the DecryptValue
				if (signature == null)
				{
					// RSAManaged of the selected ClientCertificate 
					// (at this moment the first one)
					RSA rsa = this.getClientCertRSA((RSA)privKey);

					// Write message
					signature = hash.CreateSignature(rsa);
				}
				this.Write((short)signature.Length);
				this.Write(signature, 0, signature.Length);
			}
		}
예제 #11
0
		private void verifySignature()
		{
			MD5SHA1 hash = new MD5SHA1();

			// Calculate size of server params
			int size = rsaParams.Modulus.Length + rsaParams.Exponent.Length + 4;

			// Create server params array
			TlsStream stream = new TlsStream();

			stream.Write(this.Context.RandomCS);
			stream.Write(this.ToArray(), 0, size);

			hash.ComputeHash(stream.ToArray());

			stream.Reset();
			
			bool isValidSignature = hash.VerifySignature(
				this.Context.ServerSettings.CertificateRSA,
				this.signedParams);

			if (!isValidSignature)
			{
				throw new TlsException(
					AlertDescription.DecodeError,
					"Data was not signed with the server certificate.");
			}
		}
		protected override void ProcessAsTls1()
		{
			AsymmetricAlgorithm privKey = null;
			ClientContext		context = (ClientContext)this.Context;
			
			privKey = context.SslStream.RaisePrivateKeySelection(
				context.ClientSettings.ClientCertificate,
				context.ClientSettings.TargetHost);

			if (privKey == null)
			{
				throw new TlsException(AlertDescription.UserCancelled, "Client certificate Private Key unavailable.");
			}
			else
			{
				// Compute handshake messages hash
				MD5SHA1 hash = new MD5SHA1();
				hash.ComputeHash(
					context.HandshakeMessages.ToArray(),
					0,
					(int)context.HandshakeMessages.Length);

				// RSAManaged of the selected ClientCertificate 
				// (at this moment the first one)
				RSA rsa = this.getClientCertRSA((RSA)privKey);

				// Write message
				byte[] signature = hash.CreateSignature(rsa);
				this.Write((short)signature.Length);
				this.Write(signature, 0, signature.Length);
			}
		}
		protected override void ProcessAsTls1()
		{
			byte[]			serverPRF	= this.ReadBytes((int)Length);
			HashAlgorithm	hash		= new MD5SHA1();

			hash.ComputeHash(
				this.Context.HandshakeMessages.ToArray(), 
				0,
				(int)this.Context.HandshakeMessages.Length);

			byte[] clientPRF = this.Context.Cipher.PRF(this.Context.MasterSecret, "server finished", hash.Hash, 12);

			// Check server prf against client prf
			if (clientPRF.Length != serverPRF.Length)
			{
				throw new TlsException("Invalid ServerFinished message received.");
			}
			for (int i = 0; i < serverPRF.Length; i++)
			{
				if (clientPRF[i] != serverPRF[i])
				{
					throw new TlsException(AlertDescription.InsuficientSecurity, "Invalid ServerFinished message received.");
				}
			}
		}
예제 #14
0
		private byte[] createSignature(RSA rsa, byte[] buffer)
		{
			MD5SHA1	hash = new MD5SHA1();

			// Create server params array
			TlsStream stream = new TlsStream();

			stream.Write(this.Context.RandomCS);
			stream.Write(buffer, 0, buffer.Length);

			hash.ComputeHash(stream.ToArray());

			stream.Reset();

			return hash.CreateSignature(rsa);			
		}