예제 #1
0
        protected override Result Fragment_ClientFinished(Fragments.Finished frag)
        {
            if ((!_params.ClientCertificateRequire && State == TLSSessionState.Client_ChangeCipherSpec) || (_params.ClientCertificateRequire && State == TLSSessionState.Client_CertificateVerify))
            {
                var clientVerify             = frag.Data;
                var clientHello_serverfinish = GetHandshakeMessages(true);  // without this finished itself
                var verified = (_params.Cipher as Ciphers.CipherSuiteBase13).VerifyClientFinished(clientVerify, clientHello_serverfinish);
                if (verified)
                {
                    State = TLSSessionState.Client_Finished;

                    var clientHello_clientfinish = GetHandshakeMessages();
                    (_params.Cipher as Ciphers.CipherSuiteBase13).Calculate_ResumptionSecret(clientHello_clientfinish);

                    //// NewSessionTicket? may not needed
                    //var fragmentBytes = new TLS.Fragment.HandshakeFragment(HandshakeType.NewSessionTicket, TLS.Handshake.NewSessionTicket.Random(0)).GetBytes();
                    //// encrypt
                    //(_params.Cipher as Ciphers.CipherSuiteBase13).GetPlainTextForEncryption(fragmentBytes, RecordType.Handshake, out byte[] plain, out byte[] aad);
                    //var encrypted = (_params.Cipher as Ciphers.CipherSuiteBase13).BulkEncrypt(plain, null, aad);
                    //return new Result(new TLSRecord[] {  new TLSRecord(RecordType.ApplicationData, encrypted) });

                    return(null);
                }
                else
                {
                    return(Result.FatalAlert(AlertDescription.illegal_parameter, $"ClientFinished verify data check failed"));
                }
            }
            else
            {
                return(Result.FatalAlert(AlertDescription.unexpected_message, $"State [{State}] check failed on Client_Finished message"));
            }
        }
예제 #2
0
        protected virtual Result Fragment_ClientFinished(Fragments.Finished frag)
        {
            if (State == TLSSessionState.Client_ChangeCipherSpec)
            {
                var clienthello_changecipher = GetHandshakeMessages(true); // without this finished itself
                var myVerify = _params.Cipher.GetVerifyData("client finished", clienthello_changecipher);
                if (!Utils.BytesEqual(myVerify, frag.VerifyData))
                {
                    return(Result.FatalAlert(AlertDescription.bad_record_mac, $"unmatched VerifyData in Client_EncryptedHandshake message"));
                }

                var clientfinishedMessage = new byte[] { 0x14, 0x00, 0x00, 0x0C }.Concat(frag.VerifyData).ToArray();
                var macseed = Utils.GetMacSeed(_receiveSeqNum, (byte)RecordType.Handshake, clientfinishedMessage);
                var myMac = _params.Cipher.ClientMessageAuthCode(macseed);
                if (!Utils.BytesEqual(myMac, frag.Mac))
                {
                    return(Result.FatalAlert(AlertDescription.bad_record_mac, $"unmatched MAC in Client_EncryptedHandshake message"));
                }
                // received Encrypted messages seq num
                _receiveSeqNum++;
                State = TLSSessionState.Client_Finished;
                // changeCipherSpec, server encryptedhandshake
                return(ChangeCipherSpecAndFinished());
            }
            else
            {
                return(Result.FatalAlert(AlertDescription.unexpected_message, $"State [{State}] check failed on Client_ApplicationData message"));
            }
        }