public void ChangeProtocol(short protocol) { SecurityProtocolType securityProtocolType = DecodeProtocolCode(protocol); if ((securityProtocolType & SecurityProtocolFlags) == securityProtocolType || (SecurityProtocolFlags & SecurityProtocolType.Default) == SecurityProtocolType.Default) { SecurityProtocol = securityProtocolType; SupportedCiphers.Clear(); SupportedCiphers = null; SupportedCiphers = CipherSuiteFactory.GetSupportedCiphers(securityProtocolType); return; } throw new TlsException(AlertDescription.ProtocolVersion, "Incorrect protocol version received from server"); }
// --- Handshake Packets ------------------------------------------------------------------------------------- // ----------------------------------------------------------------------------------------------------------- private void ReceiveClientHello(ICertificateProvider certProvider, INetState ns, HttpsReader reader) { HttpsCmsgHello packet = new HttpsCmsgHello(reader); if (packet.SessionID != null) { throw new HttpsException($"provided a sessionID (unsupported)", reader); } if (!SupportedCiphers.Select(packet.Ciphers, out CipherSuiteInfo cipherSelected)) { throw new HttpsException("does not support any of our cipher suites", reader); } CipherSuite = cipherSelected; _ClientRandom = packet.ClientRandom; _ServerRandom = new byte[32]; Randoms.NextBytesUnixTimePrefix(_ServerRandom); HttpsWriter serverHello = new HttpsSmsgHello(ns.Https, CipherSuite.CipherSuite, SessionIdentifier, _ServerRandom); HttpsWriter serverCerts = new HttpsSmsgCertificate(ns.Https, certProvider.HttpsGetCerts()); HttpsWriter serverHelloDone = new HttpsSmsgHelloDone(ns.Https); Send(ns, serverHello); Send(ns, serverCerts); Send(ns, serverHelloDone); }