public override void ProcessServerKeyExchange(Stream input)
{
SecurityParameters securityParameters = mContext.SecurityParameters;
SignerInputBuffer buf = new SignerInputBuffer();
Stream teeIn = new TeeInputStream(input, buf);
ECDomainParameters curveParams = TlsEccUtilities.ReadECParameters(mNamedCurves, mClientECPointFormats, teeIn);
byte[] point = TlsUtilities.ReadOpaque8(teeIn);
DigitallySigned signedParams = ParseSignature(input);
mSignatureAndHashAlgorithm = signedParams.Algorithm;
ISigner signer = InitVerifyer(mTlsSigner, signedParams.Algorithm, securityParameters);
buf.UpdateSigner(signer);
if (!signer.VerifySignature(signedParams.Signature))
{
throw new TlsFatalAlert(AlertDescription.decrypt_error);
}
mECAgreePublicKey = TlsEccUtilities.ValidateECPublicKey(TlsEccUtilities.DeserializeECPublicKey(
mClientECPointFormats, curveParams, point));
}
/// <exception cref="NGit.Errors.MissingObjectException"></exception>
/// <exception cref="System.IO.IOException"></exception>
public override ObjectStream OpenStream()
{
// If the object was recently unpacked, its available loose.
// The loose format is going to be faster to access than a
// delta applied on top of a base. Use that whenever we can.
//
ObjectId myId = GetObjectId();
WindowCursor wc = new WindowCursor(db);
ObjectLoader ldr = db.OpenObject2(wc, myId.Name, myId);
if (ldr != null)
{
return(ldr.OpenStream());
}
InputStream @in = Open(wc);
@in = new BufferedInputStream(@in, 8192);
// While we inflate the object, also deflate it back as a loose
// object. This will later be cleaned up by a gc pass, but until
// then we will reuse the loose form by the above code path.
//
int myType = GetType();
long mySize = GetSize();
ObjectDirectoryInserter odi = ((ObjectDirectoryInserter)db.NewInserter());
FilePath tmp = odi.NewTempFile();
DeflaterOutputStream dOut = odi.Compress(new FileOutputStream(tmp));
odi.WriteHeader(dOut, myType, mySize);
@in = new TeeInputStream(@in, dOut);
return(new _Filter_195(this, odi, wc, tmp, myId, myType, mySize, @in));
}
public override void ProcessServerKeyExchange(Stream input)
{
SecurityParameters securityParameters = context.SecurityParameters;
SignerInputBuffer buf = null;
Stream teeIn = input;
if (mTlsSigner != null)
{
buf = new SignerInputBuffer();
teeIn = new TeeInputStream(input, buf);
}
byte[] NBytes = TlsUtilities.ReadOpaque16(teeIn);
byte[] gBytes = TlsUtilities.ReadOpaque16(teeIn);
byte[] sBytes = TlsUtilities.ReadOpaque8(teeIn);
byte[] BBytes = TlsUtilities.ReadOpaque16(teeIn);
if (buf != null)
{
DigitallySigned signed_params = DigitallySigned.Parse(context, input);
ISigner signer = InitVerifyer(mTlsSigner, signed_params.Algorithm, securityParameters);
buf.UpdateSigner(signer);
if (!signer.VerifySignature(signed_params.Signature))
{
throw new TlsFatalAlert(AlertDescription.decrypt_error);
}
}
BigInteger N = new BigInteger(1, NBytes);
BigInteger g = new BigInteger(1, gBytes);
// TODO Validate group parameters (see RFC 5054)
// throw new TlsFatalAlert(AlertDescription.insufficient_security);
this.mS = sBytes;
/*
* RFC 5054 2.5.3: The client MUST abort the handshake with an "illegal_parameter" alert if
* B % N = 0.
*/
try
{
this.mB = Srp6Utilities.ValidatePublicValue(N, new BigInteger(1, BBytes));
}
catch (CryptoException e)
{
throw new TlsFatalAlert(AlertDescription.illegal_parameter, e);
}
this.mSrpClient.Init(N, g, TlsUtilities.CreateHash(HashAlgorithm.sha1), context.SecureRandom);
}
public override void ProcessServerKeyExchange(Stream input)
{
SecurityParameters securityParameters = mContext.SecurityParameters;
SignerInputBuffer buf = null;
Stream teeIn = input;
if (mTlsSigner != null)
{
buf = new SignerInputBuffer();
teeIn = new TeeInputStream(input, buf);
}
ServerSrpParams srpParams = ServerSrpParams.Parse(teeIn);
if (buf != null)
{
DigitallySigned signed_params = ParseSignature(input);
ISigner signer = InitVerifyer(mTlsSigner, signed_params.Algorithm, securityParameters);
buf.UpdateSigner(signer);
if (!signer.VerifySignature(signed_params.Signature))
{
throw new TlsFatalAlert(AlertDescription.decrypt_error);
}
}
this.mSrpGroup = new Srp6GroupParameters(srpParams.N, srpParams.G);
if (!mGroupVerifier.Accept(mSrpGroup))
{
throw new TlsFatalAlert(AlertDescription.insufficient_security);
}
this.mSrpSalt = srpParams.S;
/*
* RFC 5054 2.5.3: The client MUST abort the handshake with an "illegal_parameter" alert if
* B % N = 0.
*/
try
{
this.mSrpPeerCredentials = Srp6Utilities.ValidatePublicValue(mSrpGroup.N, srpParams.B);
}
catch (CryptoException e)
{
throw new TlsFatalAlert(AlertDescription.illegal_parameter, e);
}
this.mSrpClient.Init(mSrpGroup, TlsUtilities.CreateHash(HashAlgorithm.sha1), mContext.SecureRandom);
}
public override void ProcessServerKeyExchange(Stream input)
{
SecurityParameters securityParameters = mContext.SecurityParameters;
SignerInputBuffer signerInputBuffer = new SignerInputBuffer();
Stream input2 = new TeeInputStream(input, signerInputBuffer);
ServerDHParams serverDHParams = ServerDHParams.Parse(input2);
DigitallySigned digitallySigned = DigitallySigned.Parse(mContext, input);
ISigner signer = InitVerifyer(mTlsSigner, digitallySigned.Algorithm, securityParameters);
signerInputBuffer.UpdateSigner(signer);
if (!signer.VerifySignature(digitallySigned.Signature))
{
throw new TlsFatalAlert(51);
}
mDHAgreePublicKey = TlsDHUtilities.ValidateDHPublicKey(serverDHParams.PublicKey);
mDHParameters = mDHAgreePublicKey.Parameters;
}
public override void ProcessServerKeyExchange(Stream input)
{
SecurityParameters securityParameters = base.mContext.SecurityParameters;
SignerInputBuffer tee = new SignerInputBuffer();
Stream stream = new TeeInputStream(input, tee);
ServerDHParams @params = ServerDHParams.Parse(stream);
DigitallySigned signed = this.ParseSignature(input);
ISigner s = this.InitVerifyer(base.mTlsSigner, signed.Algorithm, securityParameters);
tee.UpdateSigner(s);
if (!s.VerifySignature(signed.Signature))
{
throw new TlsFatalAlert(0x33);
}
base.mDHAgreePublicKey = TlsDHUtilities.ValidateDHPublicKey(@params.PublicKey);
base.mDHParameters = this.ValidateDHParameters(base.mDHAgreePublicKey.Parameters);
}
public override void ProcessServerKeyExchange(Stream input)
{
SecurityParameters securityParameters = base.mContext.SecurityParameters;
SignerInputBuffer tee = new SignerInputBuffer();
Stream stream = new TeeInputStream(input, tee);
ECDomainParameters parameters2 = TlsEccUtilities.ReadECParameters(base.mNamedCurves, base.mClientECPointFormats, stream);
byte[] encoding = TlsUtilities.ReadOpaque8(stream);
DigitallySigned signed = this.ParseSignature(input);
ISigner s = this.InitVerifyer(base.mTlsSigner, signed.Algorithm, securityParameters);
tee.UpdateSigner(s);
if (!s.VerifySignature(signed.Signature))
{
throw new TlsFatalAlert(0x33);
}
base.mECAgreePublicKey = TlsEccUtilities.ValidateECPublicKey(TlsEccUtilities.DeserializeECPublicKey(base.mClientECPointFormats, parameters2, encoding));
}
public override void ProcessServerKeyExchange(Stream input)
{
SecurityParameters securityParameters = this.mContext.SecurityParameters;
SignerInputBuffer signerInputBuffer = new SignerInputBuffer();
Stream input2 = new TeeInputStream(input, signerInputBuffer);
ECDomainParameters curve_params = TlsEccUtilities.ReadECParameters(this.mNamedCurves, this.mClientECPointFormats, input2);
byte[] encoding = TlsUtilities.ReadOpaque8(input2);
DigitallySigned digitallySigned = DigitallySigned.Parse(this.mContext, input);
ISigner signer = this.InitVerifyer(this.mTlsSigner, digitallySigned.Algorithm, securityParameters);
signerInputBuffer.UpdateSigner(signer);
if (!signer.VerifySignature(digitallySigned.Signature))
{
throw new TlsFatalAlert(51);
}
this.mECAgreePublicKey = TlsEccUtilities.ValidateECPublicKey(TlsEccUtilities.DeserializeECPublicKey(this.mClientECPointFormats, curve_params, encoding));
}
public override void ProcessServerKeyExchange(Stream input)
{
SecurityParameters securityParameters = mContext.SecurityParameters;
SignerInputBuffer buf = new SignerInputBuffer();
Stream teeIn = new TeeInputStream(input, buf);
this.mDHParameters = TlsDHUtilities.ReceiveDHParameters(mDHVerifier, teeIn);
this.mDHAgreePublicKey = new DHPublicKeyParameters(TlsDHUtilities.ReadDHParameter(teeIn), mDHParameters);
DigitallySigned signed_params = ParseSignature(input);
ISigner signer = InitVerifyer(mTlsSigner, signed_params.Algorithm, securityParameters);
buf.UpdateSigner(signer);
if (!signer.VerifySignature(signed_params.Signature))
{
throw new TlsFatalAlert(AlertDescription.decrypt_error);
}
}
public void ReceiveStream(Stream streamFromSender)
{
Console.WriteLine("Receiving stream...");
try
{
Directory.CreateDirectory("receiver");
var teeStream = new TeeInputStream(streamFromSender, File.OpenWrite(@"receiver\received-compressed-file.rar"), true);
DecompressStream(teeStream);
teeStream.Close(); //closes primary and secondary stream (autoClose = true)
}
catch (Exception ex)
{
Console.WriteLine(ex);
}
Console.WriteLine("Copied .RAR locally + extracted .RAR!");
}
public override void ProcessServerKeyExchange(Stream input)
{
SecurityParameters securityParameters = context.SecurityParameters;
SignerInputBuffer buf = new SignerInputBuffer();
Stream teeIn = new TeeInputStream(input, buf);
ServerDHParams dhParams = ServerDHParams.Parse(teeIn);
DigitallySigned signed_params = DigitallySigned.Parse(context, input);
ISigner signer = InitVerifyer(mTlsSigner, signed_params.Algorithm, securityParameters);
buf.UpdateSigner(signer);
if (!signer.VerifySignature(signed_params.Signature))
{
throw new TlsFatalAlert(AlertDescription.decrypt_error);
}
this.mDHAgreeServerPublicKey = TlsDHUtilities.ValidateDHPublicKey(dhParams.PublicKey);
}
public void ReceiveStream(Stream streamFromSender)
{
Console.WriteLine("Forwarding the stream...");
try
{
//PipeStream: http://www.codeproject.com/Articles/16011/PipeStream-a-Memory-Efficient-and-Thread-Safe-Stre
//redirecting the output of one process to the input of another in the command line without using any intermediate data storage.
var pipeToReceiver = new PipeStream();
//setup a pipe between forwarder (this) and receiver - for now the pipe is still empty
//ASYNC
var forwardingTask = Task.Factory.StartNew(() => ForwardStream(pipeToReceiver));
Directory.CreateDirectory("forwarder");
var outputFileStream = File.OpenWrite(@"forwarder\received-compressed-file.rar");
var teeCache = new TeeOutputStream(outputFileStream, pipeToReceiver);
var tee = new TeeInputStream(streamFromSender, teeCache, true);
DecompressStream(tee);
Console.WriteLine("Copied .RAR locally + extracted .RAR!");
//pipeToReceiver cannot be closed because it can still contain data to be processed at the receiver's end
teeCache.Flush(); //flushes both streams
Console.WriteLine("Pipe to receiver flushed...");
tee.Close(); //closes primary and secondary stream (autoClose = true) ; secondary stream => will only close outputFileStream (autoClose = false)
//wait untill all bytes from input are transferred to the receiver
forwardingTask.Wait();
}
catch (Exception ex)
{
Console.WriteLine(ex);
}
Console.WriteLine("Stream successfully forwarded!");
}
public override void ProcessServerKeyExchange(Stream input)
{
SecurityParameters securityParameters = mContext.SecurityParameters;
SignerInputBuffer signerInputBuffer = null;
Stream input2 = input;
if (mTlsSigner != null)
{
signerInputBuffer = new SignerInputBuffer();
input2 = new TeeInputStream(input, signerInputBuffer);
}
ServerSrpParams serverSrpParams = ServerSrpParams.Parse(input2);
if (signerInputBuffer != null)
{
DigitallySigned digitallySigned = ParseSignature(input);
ISigner signer = InitVerifyer(mTlsSigner, digitallySigned.Algorithm, securityParameters);
signerInputBuffer.UpdateSigner(signer);
if (!signer.VerifySignature(digitallySigned.Signature))
{
throw new TlsFatalAlert(51);
}
}
mSrpGroup = new Srp6GroupParameters(serverSrpParams.N, serverSrpParams.G);
if (!mGroupVerifier.Accept(mSrpGroup))
{
throw new TlsFatalAlert(71);
}
mSrpSalt = serverSrpParams.S;
try
{
mSrpPeerCredentials = Srp6Utilities.ValidatePublicValue(mSrpGroup.N, serverSrpParams.B);
}
catch (CryptoException alertCause)
{
throw new TlsFatalAlert(47, alertCause);
}
mSrpClient.Init(mSrpGroup, TlsUtilities.CreateHash(2), mContext.SecureRandom);
}
