protected virtual Result Record_ApplicationData(Records.ApplicationData rec) { if (State == TLSSessionState.Server_Finished) { var decrypt = _params.Cipher.BulkDecrypt(rec.EncryptedData, rec.IV); var body = decrypt.Take(decrypt.Length - _params.Cipher.GetMacLength()).ToArray(); var mac = decrypt.Skip(body.Length).Take(_params.Cipher.GetMacLength()).ToArray(); var macseed = Utils.GetMacSeed(_receiveSeqNum, (byte)RecordType.ApplicationData, body); var mymac = _params.Cipher.ClientMessageAuthCode(macseed); if (!Utils.BytesEqual(mac, mymac)) { return(Result.FatalAlert(AlertDescription.bad_record_mac, $"unmatched MAC in Client_ApplicationData message")); } _receiveSeqNum++; return(new ApplicationResult(body)); } else { return(Result.FatalAlert(AlertDescription.unexpected_message, $"State [{State}] check failed on Client_ApplicationData message")); } }
protected override Result Record_ApplicationData(Records.ApplicationData rec) { if (State == TLSSessionState.Client_ChangeCipherSpec) { var clientFinish = (_params.Cipher as Ciphers.CipherSuiteBase13).BulkDecrypt_Handshake(rec.Payload, rec.GetHeaderBytes()); var recType = (RecordType)clientFinish.Last(); var recPayload = clientFinish.Take(clientFinish.Length - 1).ToArray(); var decodedRec = Records.TLSRecord.Factory(recType, recPayload); Console.WriteLine($">>>>>>>> RECEIVE encrypted TLS {recType}"); return(Process_Record(decodedRec)); } else if (State == TLSSessionState.Client_Finished) { var appdata = (_params.Cipher as Ciphers.CipherSuiteBase13).BulkDecrypt(rec.Payload, rec.GetHeaderBytes()); var recType = (RecordType)appdata.Last(); var recPayload = appdata.Take(appdata.Length - 1).ToArray(); if (recType == RecordType.ApplicationData) { return(new ApplicationResult(recPayload)); } else { var decodedRec = Records.TLSRecord.Factory(recType, recPayload); Console.WriteLine($">>>>>>>> RECEIVE encrypted TLS {recType}"); return(Process_Record(decodedRec)); } } return(Result.FatalAlert(AlertDescription.unexpected_message, $"State [{State}] check failed on Client_ApplicationData message")); }
public virtual Result GetEncryptedPacket(byte[] rawDataToSend) { if (State == TLSSessionState.Server_Finished) { var macSeed = Utils.GetMacSeed(_sendSeqNum, (byte)RecordType.ApplicationData, rawDataToSend); var myMac = _params.Cipher.ServerMessageAuthCode(macSeed); var serverIv = Utils.Random(16); var message = new List <byte>(); message.AddRange(rawDataToSend); message.AddRange(myMac); var encryptedMsg = _params.Cipher.BulkEncrypt(message.ToArray(), serverIv); var appdata = new Records.ApplicationData(serverIv.Concat(encryptedMsg).ToArray()); _sendSeqNum++; return(new PacketResult(new[] { appdata })); } else { return(Result.FatalAlert(AlertDescription.unexpected_message, $"State [{State}] check failed on Server_ApplicationData create")); } }