Exemplos de TlsServer.RequiresExtendedMasterSecret em C# (CSharp)

Linguagem de programação: C# (CSharp)

Classe / Tipo: TlsServer

Método / Função: RequiresExtendedMasterSecret

Exemplos em hotexamples.com: 1

TlsServer.RequiresExtendedMasterSecret em C# (CSharp) - 1 exemplos encontrados. Esses são os exemplos do mundo real mais bem avaliados de TlsServer.RequiresExtendedMasterSecret em C# (CSharp) extraídos de projetos de código aberto. Você pode avaliar os exemplos para nos ajudar a melhorar a qualidade deles.

Métodos Frequentes

Exibir Ocultar

ShouldUseGmtUnixTime(5)

Init(4)

GetCertificateRequest(2)

NotifyClientVersion(2)

ProcessClientSupplementalData(2)

ProcessClientExtensions(2)

NotifySecureRenegotiation(2)

NotifyOfferedCompressionMethods(2)

NotifyOfferedCipherSuites(2)

NotifyFallback(2)

NotifyCloseHandle(2)

NotifyClientCertificate(2)

GetCertificateStatus(2)

GetServerVersion(2)

GetServerSupplementalData(2)

GetServerExtensions(2)

GetSelectedCompressionMethod(2)

GetSelectedCipherSuite(2)

GetNewSessionTicket(2)

GetKeyExchange(2)

GetCredentials(2)

RequiresExtendedMasterSecret(1)

TryGetClient(1)

Métodos Frequentes

ShouldUseGmtUnixTime (5)

Init (4)

GetCertificateRequest (2)

NotifyClientVersion (2)

ProcessClientSupplementalData (2)

ProcessClientExtensions (2)

NotifySecureRenegotiation (2)

NotifyOfferedCompressionMethods (2)

NotifyOfferedCipherSuites (2)

NotifyFallback (2)

Métodos Frequentes

NotifyCloseHandle (2)

NotifyClientCertificate (2)

GetCertificateStatus (2)

GetServerVersion (2)

GetServerSupplementalData (2)

GetServerExtensions (2)

GetSelectedCompressionMethod (2)

GetSelectedCipherSuite (2)

GetNewSessionTicket (2)

GetKeyExchange (2)

GetCredentials (2)

RequiresExtendedMasterSecret (1)

TryGetClient (1)

Métodos Frequentes

GetCredentials (2)

RequiresExtendedMasterSecret (1)

TryGetClient (1)

Exemplo n.º 1

0

Exibir arquivo

Arquivo: TlsServerProtocol.cs Projeto: jimsch/bc-csharp

protected virtual void ReceiveClientHelloMessage(MemoryStream buf) { ProtocolVersion client_version = TlsUtilities.ReadVersion(buf); mRecordStream.SetWriteVersion(client_version); if (client_version.IsDtls) { throw new TlsFatalAlert(AlertDescription.illegal_parameter); } byte[] client_random = TlsUtilities.ReadFully(32, buf); /* * TODO RFC 5077 3.4. If a ticket is presented by the client, the server MUST NOT attempt to * use the Session ID in the ClientHello for stateful session resumption. */ byte[] sessionID = TlsUtilities.ReadOpaque8(buf); if (sessionID.Length > 32) { throw new TlsFatalAlert(AlertDescription.illegal_parameter); } /* * TODO RFC 5246 7.4.1.2. If the session_id field is not empty (implying a session * resumption request), this vector MUST include at least the cipher_suite from that * session. */ int cipher_suites_length = TlsUtilities.ReadUint16(buf); if (cipher_suites_length < 2 || (cipher_suites_length & 1) != 0) { throw new TlsFatalAlert(AlertDescription.decode_error); } this.mOfferedCipherSuites = TlsUtilities.ReadUint16Array(cipher_suites_length / 2, buf); /* * TODO RFC 5246 7.4.1.2. If the session_id field is not empty (implying a session * resumption request), it MUST include the compression_method from that session. */ int compression_methods_length = TlsUtilities.ReadUint8(buf); if (compression_methods_length < 1) { throw new TlsFatalAlert(AlertDescription.illegal_parameter); } this.mOfferedCompressionMethods = TlsUtilities.ReadUint8Array(compression_methods_length, buf); /* * TODO RFC 3546 2.3 If [...] the older session is resumed, then the server MUST ignore * extensions appearing in the client hello, and Send a server hello containing no * extensions. */ this.mClientExtensions = ReadExtensions(buf); /* * TODO[resumption] Check RFC 7627 5.4. for required behaviour */ /* * RFC 7627 4. Clients and servers SHOULD NOT accept handshakes that do not use the extended * master secret [..]. (and see 5.2, 5.3) */ this.mSecurityParameters.extendedMasterSecret = TlsExtensionsUtilities.HasExtendedMasterSecretExtension(mClientExtensions); if (!mSecurityParameters.IsExtendedMasterSecret && mTlsServer.RequiresExtendedMasterSecret()) { throw new TlsFatalAlert(AlertDescription.handshake_failure); } ContextAdmin.SetClientVersion(client_version); mTlsServer.NotifyClientVersion(client_version); mTlsServer.NotifyFallback(Arrays.Contains(mOfferedCipherSuites, CipherSuite.TLS_FALLBACK_SCSV)); mSecurityParameters.clientRandom = client_random; mTlsServer.NotifyOfferedCipherSuites(mOfferedCipherSuites); mTlsServer.NotifyOfferedCompressionMethods(mOfferedCompressionMethods); /* * RFC 5746 3.6. Server Behavior: Initial Handshake */ { /* * RFC 5746 3.4. The client MUST include either an empty "renegotiation_info" extension, * or the TLS_EMPTY_RENEGOTIATION_INFO_SCSV signaling cipher suite value in the * ClientHello. Including both is NOT RECOMMENDED. */ /* * When a ClientHello is received, the server MUST check if it includes the * TLS_EMPTY_RENEGOTIATION_INFO_SCSV SCSV. If it does, set the secure_renegotiation flag * to TRUE. */ if (Arrays.Contains(mOfferedCipherSuites, CipherSuite.TLS_EMPTY_RENEGOTIATION_INFO_SCSV)) { this.mSecureRenegotiation = true; } /* * The server MUST check if the "renegotiation_info" extension is included in the * ClientHello. */ byte[] renegExtData = TlsUtilities.GetExtensionData(mClientExtensions, ExtensionType.renegotiation_info); if (renegExtData != null) { /* * If the extension is present, set secure_renegotiation flag to TRUE. The * server MUST then verify that the length of the "renegotiated_connection" * field is zero, and if it is not, MUST abort the handshake. */ this.mSecureRenegotiation = true; if (!Arrays.ConstantTimeAreEqual(renegExtData, CreateRenegotiationInfo(TlsUtilities.EmptyBytes))) { throw new TlsFatalAlert(AlertDescription.handshake_failure); } } } mTlsServer.NotifySecureRenegotiation(this.mSecureRenegotiation); if (mClientExtensions != null) { // NOTE: Validates the padding extension data, if present TlsExtensionsUtilities.GetPaddingExtension(mClientExtensions); mTlsServer.ProcessClientExtensions(mClientExtensions); } }