protected static ReadSupplementalDataMessage ( |
||
input | ||
return | IList |
protected virtual void ProcessClientSupplementalData(DtlsServerProtocol.ServerHandshakeState state, byte[] body) { MemoryStream input = new MemoryStream(body, false); IList clientSupplementalData = TlsProtocol.ReadSupplementalDataMessage(input); state.server.ProcessClientSupplementalData(clientSupplementalData); }
protected virtual void ProcessServerSupplementalData(ClientHandshakeState state, byte[] body) { MemoryStream buf = new MemoryStream(body, false); IList serverSupplementalData = TlsProtocol.ReadSupplementalDataMessage(buf); state.client.ProcessServerSupplementalData(serverSupplementalData); }
protected virtual void ProcessClientSupplementalData(ServerHandshakeState state, byte[] body) { //IL_0002: Unknown result type (might be due to invalid IL or missing references) //IL_0008: Expected O, but got Unknown MemoryStream input = new MemoryStream(body, false); global::System.Collections.IList clientSupplementalData = TlsProtocol.ReadSupplementalDataMessage(input); state.server.ProcessClientSupplementalData(clientSupplementalData); }
protected override void HandleHandshakeMessage(byte type, byte[] data) { MemoryStream memoryStream = new MemoryStream(data); switch (type) { case 1: { short mConnectionState = this.mConnectionState; if (mConnectionState == 0) { this.ReceiveClientHelloMessage(memoryStream); this.mConnectionState = 1; this.SendServerHelloMessage(); this.mConnectionState = 2; this.mRecordStream.NotifyHelloComplete(); IList serverSupplementalData = this.mTlsServer.GetServerSupplementalData(); if (serverSupplementalData != null) { this.SendSupplementalDataMessage(serverSupplementalData); } this.mConnectionState = 3; this.mKeyExchange = this.mTlsServer.GetKeyExchange(); this.mKeyExchange.Init(this.Context); this.mServerCredentials = this.mTlsServer.GetCredentials(); Certificate certificate = null; if (this.mServerCredentials == null) { this.mKeyExchange.SkipServerCredentials(); } else { this.mKeyExchange.ProcessServerCredentials(this.mServerCredentials); certificate = this.mServerCredentials.Certificate; this.SendCertificateMessage(certificate); } this.mConnectionState = 4; if (certificate == null || certificate.IsEmpty) { this.mAllowCertificateStatus = false; } if (this.mAllowCertificateStatus) { CertificateStatus certificateStatus = this.mTlsServer.GetCertificateStatus(); if (certificateStatus != null) { this.SendCertificateStatusMessage(certificateStatus); } } this.mConnectionState = 5; byte[] array = this.mKeyExchange.GenerateServerKeyExchange(); if (array != null) { this.SendServerKeyExchangeMessage(array); } this.mConnectionState = 6; if (this.mServerCredentials != null) { this.mCertificateRequest = this.mTlsServer.GetCertificateRequest(); if (this.mCertificateRequest != null) { this.mKeyExchange.ValidateCertificateRequest(this.mCertificateRequest); this.SendCertificateRequestMessage(this.mCertificateRequest); TlsUtilities.TrackHashAlgorithms(this.mRecordStream.HandshakeHash, this.mCertificateRequest.SupportedSignatureAlgorithms); } } this.mConnectionState = 7; this.SendServerHelloDoneMessage(); this.mConnectionState = 8; this.mRecordStream.HandshakeHash.SealHashAlgorithms(); return; } if (mConnectionState != 16) { throw new TlsFatalAlert(10); } this.RefuseRenegotiation(); return; } case 11: switch (this.mConnectionState) { case 8: case 9: if (this.mConnectionState < 9) { this.mTlsServer.ProcessClientSupplementalData(null); } if (this.mCertificateRequest == null) { throw new TlsFatalAlert(10); } this.ReceiveCertificateMessage(memoryStream); this.mConnectionState = 10; return; default: throw new TlsFatalAlert(10); } break; case 15: { short mConnectionState2 = this.mConnectionState; if (mConnectionState2 != 11) { throw new TlsFatalAlert(10); } if (!this.ExpectCertificateVerifyMessage()) { throw new TlsFatalAlert(10); } this.ReceiveCertificateVerifyMessage(memoryStream); this.mConnectionState = 12; return; } case 16: switch (this.mConnectionState) { case 8: case 9: case 10: if (this.mConnectionState < 9) { this.mTlsServer.ProcessClientSupplementalData(null); } if (this.mConnectionState < 10) { if (this.mCertificateRequest == null) { this.mKeyExchange.SkipClientCredentials(); } else { if (TlsUtilities.IsTlsV12(this.Context)) { throw new TlsFatalAlert(10); } if (TlsUtilities.IsSsl(this.Context)) { if (this.mPeerCertificate == null) { throw new TlsFatalAlert(10); } } else { this.NotifyClientCertificate(Certificate.EmptyChain); } } } this.ReceiveClientKeyExchangeMessage(memoryStream); this.mConnectionState = 11; return; default: throw new TlsFatalAlert(10); } break; case 20: switch (this.mConnectionState) { case 11: case 12: if (this.mConnectionState < 12 && this.ExpectCertificateVerifyMessage()) { throw new TlsFatalAlert(10); } this.ProcessFinishedMessage(memoryStream); this.mConnectionState = 13; if (this.mExpectSessionTicket) { this.SendNewSessionTicketMessage(this.mTlsServer.GetNewSessionTicket()); this.SendChangeCipherSpecMessage(); } this.mConnectionState = 14; this.SendFinishedMessage(); this.mConnectionState = 15; this.mConnectionState = 16; return; default: throw new TlsFatalAlert(10); } break; case 23: { short mConnectionState3 = this.mConnectionState; if (mConnectionState3 == 8) { this.mTlsServer.ProcessClientSupplementalData(TlsProtocol.ReadSupplementalDataMessage(memoryStream)); this.mConnectionState = 9; return; } throw new TlsFatalAlert(10); } } throw new TlsFatalAlert(10); }
protected override void HandleHandshakeMessage(byte type, byte[] data) { //IL_0001: Unknown result type (might be due to invalid IL or missing references) //IL_0007: Expected O, but got Unknown MemoryStream val = new MemoryStream(data); switch (type) { case 1: switch (mConnectionState) { case 0: { ReceiveClientHelloMessage(val); mConnectionState = 1; SendServerHelloMessage(); mConnectionState = 2; mRecordStream.NotifyHelloComplete(); global::System.Collections.IList serverSupplementalData = mTlsServer.GetServerSupplementalData(); if (serverSupplementalData != null) { SendSupplementalDataMessage(serverSupplementalData); } mConnectionState = 3; mKeyExchange = mTlsServer.GetKeyExchange(); mKeyExchange.Init(Context); mServerCredentials = mTlsServer.GetCredentials(); Certificate certificate = null; if (mServerCredentials == null) { mKeyExchange.SkipServerCredentials(); } else { mKeyExchange.ProcessServerCredentials(mServerCredentials); certificate = mServerCredentials.Certificate; SendCertificateMessage(certificate); } mConnectionState = 4; if (certificate == null || certificate.IsEmpty) { mAllowCertificateStatus = false; } if (mAllowCertificateStatus) { CertificateStatus certificateStatus = mTlsServer.GetCertificateStatus(); if (certificateStatus != null) { SendCertificateStatusMessage(certificateStatus); } } mConnectionState = 5; byte[] array = mKeyExchange.GenerateServerKeyExchange(); if (array != null) { SendServerKeyExchangeMessage(array); } mConnectionState = 6; if (mServerCredentials != null) { mCertificateRequest = mTlsServer.GetCertificateRequest(); if (mCertificateRequest != null) { if (TlsUtilities.IsTlsV12(Context) != (mCertificateRequest.SupportedSignatureAlgorithms != null)) { throw new TlsFatalAlert(80); } mKeyExchange.ValidateCertificateRequest(mCertificateRequest); SendCertificateRequestMessage(mCertificateRequest); TlsUtilities.TrackHashAlgorithms(mRecordStream.HandshakeHash, mCertificateRequest.SupportedSignatureAlgorithms); } } mConnectionState = 7; SendServerHelloDoneMessage(); mConnectionState = 8; mRecordStream.HandshakeHash.SealHashAlgorithms(); break; } case 16: RefuseRenegotiation(); break; default: throw new TlsFatalAlert(10); } break; case 23: { short num = mConnectionState; if (num == 8) { mTlsServer.ProcessClientSupplementalData(TlsProtocol.ReadSupplementalDataMessage(val)); mConnectionState = 9; break; } throw new TlsFatalAlert(10); } case 11: switch (mConnectionState) { case 8: case 9: if (mConnectionState < 9) { mTlsServer.ProcessClientSupplementalData(null); } if (mCertificateRequest == null) { throw new TlsFatalAlert(10); } ReceiveCertificateMessage(val); mConnectionState = 10; break; default: throw new TlsFatalAlert(10); } break; case 16: switch (mConnectionState) { case 8: case 9: case 10: if (mConnectionState < 9) { mTlsServer.ProcessClientSupplementalData(null); } if (mConnectionState < 10) { if (mCertificateRequest == null) { mKeyExchange.SkipClientCredentials(); } else { if (TlsUtilities.IsTlsV12(Context)) { throw new TlsFatalAlert(10); } if (TlsUtilities.IsSsl(Context)) { if (mPeerCertificate == null) { throw new TlsFatalAlert(10); } } else { NotifyClientCertificate(Certificate.EmptyChain); } } } ReceiveClientKeyExchangeMessage(val); mConnectionState = 11; break; default: throw new TlsFatalAlert(10); } break; case 15: { short num = mConnectionState; if (num == 11) { if (!ExpectCertificateVerifyMessage()) { throw new TlsFatalAlert(10); } ReceiveCertificateVerifyMessage(val); mConnectionState = 12; break; } throw new TlsFatalAlert(10); } case 20: switch (mConnectionState) { case 11: case 12: if (mConnectionState < 12 && ExpectCertificateVerifyMessage()) { throw new TlsFatalAlert(10); } ProcessFinishedMessage(val); mConnectionState = 13; if (mExpectSessionTicket) { SendNewSessionTicketMessage(mTlsServer.GetNewSessionTicket()); SendChangeCipherSpecMessage(); } mConnectionState = 14; SendFinishedMessage(); mConnectionState = 15; mConnectionState = 16; CompleteHandshake(); break; default: throw new TlsFatalAlert(10); } break; default: throw new TlsFatalAlert(10); } }
protected override void HandleHandshakeMessage(byte type, byte[] data) { //IL_0002: Unknown result type (might be due to invalid IL or missing references) //IL_0008: Expected O, but got Unknown MemoryStream val = new MemoryStream(data, false); if (mResumedSession) { if (type != 20 || mConnectionState != 2) { throw new TlsFatalAlert(10); } ProcessFinishedMessage(val); mConnectionState = 15; SendFinishedMessage(); mConnectionState = 13; mConnectionState = 16; CompleteHandshake(); return; } switch (type) { case 11: switch (mConnectionState) { case 2: case 3: if (mConnectionState == 2) { HandleSupplementalData(null); } mPeerCertificate = Certificate.Parse((Stream)(object)val); TlsProtocol.AssertEmpty(val); if (mPeerCertificate == null || mPeerCertificate.IsEmpty) { mAllowCertificateStatus = false; } mKeyExchange.ProcessServerCertificate(mPeerCertificate); mAuthentication = mTlsClient.GetAuthentication(); mAuthentication.NotifyServerCertificate(mPeerCertificate); mConnectionState = 4; break; default: throw new TlsFatalAlert(10); } break; case 22: { short num = mConnectionState; if (num == 4) { if (!mAllowCertificateStatus) { throw new TlsFatalAlert(10); } mCertificateStatus = CertificateStatus.Parse((Stream)(object)val); TlsProtocol.AssertEmpty(val); mConnectionState = 5; break; } throw new TlsFatalAlert(10); } case 20: switch (mConnectionState) { case 13: case 14: if (mConnectionState == 13 && mExpectSessionTicket) { throw new TlsFatalAlert(10); } ProcessFinishedMessage(val); mConnectionState = 15; mConnectionState = 16; CompleteHandshake(); break; default: throw new TlsFatalAlert(10); } break; case 2: { short num = mConnectionState; if (num == 1) { ReceiveServerHelloMessage(val); mConnectionState = 2; mRecordStream.NotifyHelloComplete(); ApplyMaxFragmentLengthExtension(); if (mResumedSession) { mSecurityParameters.masterSecret = Arrays.Clone(mSessionParameters.MasterSecret); mRecordStream.SetPendingConnectionState(Peer.GetCompression(), Peer.GetCipher()); SendChangeCipherSpecMessage(); break; } InvalidateSession(); if (mSelectedSessionID.Length > 0) { mTlsSession = new TlsSessionImpl(mSelectedSessionID, null); } break; } throw new TlsFatalAlert(10); } case 23: { short num = mConnectionState; if (num == 2) { HandleSupplementalData(TlsProtocol.ReadSupplementalDataMessage(val)); break; } throw new TlsFatalAlert(10); } case 14: switch (mConnectionState) { case 2: case 3: case 4: case 5: case 6: case 7: { if (mConnectionState < 3) { HandleSupplementalData(null); } if (mConnectionState < 4) { mKeyExchange.SkipServerCredentials(); mAuthentication = null; } if (mConnectionState < 6) { mKeyExchange.SkipServerKeyExchange(); } TlsProtocol.AssertEmpty(val); mConnectionState = 8; mRecordStream.HandshakeHash.SealHashAlgorithms(); global::System.Collections.IList clientSupplementalData = mTlsClient.GetClientSupplementalData(); if (clientSupplementalData != null) { SendSupplementalDataMessage(clientSupplementalData); } mConnectionState = 9; TlsCredentials tlsCredentials = null; if (mCertificateRequest == null) { mKeyExchange.SkipClientCredentials(); } else { tlsCredentials = mAuthentication.GetClientCredentials(mCertificateRequest); if (tlsCredentials == null) { mKeyExchange.SkipClientCredentials(); SendCertificateMessage(Certificate.EmptyChain); } else { mKeyExchange.ProcessClientCredentials(tlsCredentials); SendCertificateMessage(tlsCredentials.Certificate); } } mConnectionState = 10; SendClientKeyExchangeMessage(); mConnectionState = 11; TlsHandshakeHash tlsHandshakeHash = mRecordStream.PrepareToFinish(); mSecurityParameters.sessionHash = TlsProtocol.GetCurrentPrfHash(Context, tlsHandshakeHash, null); TlsProtocol.EstablishMasterSecret(Context, mKeyExchange); mRecordStream.SetPendingConnectionState(Peer.GetCompression(), Peer.GetCipher()); if (tlsCredentials != null && tlsCredentials is TlsSignerCredentials) { TlsSignerCredentials tlsSignerCredentials = (TlsSignerCredentials)tlsCredentials; SignatureAndHashAlgorithm signatureAndHashAlgorithm = TlsUtilities.GetSignatureAndHashAlgorithm(Context, tlsSignerCredentials); byte[] hash = ((signatureAndHashAlgorithm != null) ? tlsHandshakeHash.GetFinalHash(signatureAndHashAlgorithm.Hash) : mSecurityParameters.SessionHash); byte[] signature = tlsSignerCredentials.GenerateCertificateSignature(hash); DigitallySigned certificateVerify = new DigitallySigned(signatureAndHashAlgorithm, signature); SendCertificateVerifyMessage(certificateVerify); mConnectionState = 12; } SendChangeCipherSpecMessage(); SendFinishedMessage(); mConnectionState = 13; break; } default: throw new TlsFatalAlert(40); } break; case 12: switch (mConnectionState) { case 2: case 3: case 4: case 5: if (mConnectionState < 3) { HandleSupplementalData(null); } if (mConnectionState < 4) { mKeyExchange.SkipServerCredentials(); mAuthentication = null; } mKeyExchange.ProcessServerKeyExchange((Stream)(object)val); TlsProtocol.AssertEmpty(val); mConnectionState = 6; break; default: throw new TlsFatalAlert(10); } break; case 13: switch (mConnectionState) { case 4: case 5: case 6: if (mConnectionState != 6) { mKeyExchange.SkipServerKeyExchange(); } if (mAuthentication == null) { throw new TlsFatalAlert(40); } mCertificateRequest = CertificateRequest.Parse(Context, (Stream)(object)val); TlsProtocol.AssertEmpty(val); mKeyExchange.ValidateCertificateRequest(mCertificateRequest); TlsUtilities.TrackHashAlgorithms(mRecordStream.HandshakeHash, mCertificateRequest.SupportedSignatureAlgorithms); mConnectionState = 7; break; default: throw new TlsFatalAlert(10); } break; case 4: { short num = mConnectionState; if (num == 13) { if (!mExpectSessionTicket) { throw new TlsFatalAlert(10); } InvalidateSession(); ReceiveNewSessionTicketMessage(val); mConnectionState = 14; break; } throw new TlsFatalAlert(10); } case 0: TlsProtocol.AssertEmpty(val); if (mConnectionState == 16) { RefuseRenegotiation(); } break; default: throw new TlsFatalAlert(10); } }
protected override void HandleHandshakeMessage(byte type, byte[] data) { MemoryStream buf = new MemoryStream(data, false); if (base.mResumedSession) { if ((type != 20) || (base.mConnectionState != 2)) { throw new TlsFatalAlert(10); } this.ProcessFinishedMessage(buf); base.mConnectionState = 15; this.SendFinishedMessage(); base.mConnectionState = 13; base.mConnectionState = 0x10; this.CompleteHandshake(); } else { switch (type) { case 0: TlsProtocol.AssertEmpty(buf); if (base.mConnectionState == 0x10) { this.RefuseRenegotiation(); } return; case 2: if (base.mConnectionState != 1) { throw new TlsFatalAlert(10); } this.ReceiveServerHelloMessage(buf); base.mConnectionState = 2; base.mRecordStream.NotifyHelloComplete(); this.ApplyMaxFragmentLengthExtension(); if (base.mResumedSession) { base.mSecurityParameters.masterSecret = Arrays.Clone(base.mSessionParameters.MasterSecret); base.mRecordStream.SetPendingConnectionState(this.Peer.GetCompression(), this.Peer.GetCipher()); this.SendChangeCipherSpecMessage(); } else { this.InvalidateSession(); if (this.mSelectedSessionID.Length > 0) { base.mTlsSession = new TlsSessionImpl(this.mSelectedSessionID, null); } } return; case 4: if (base.mConnectionState != 13) { throw new TlsFatalAlert(10); } if (!base.mExpectSessionTicket) { throw new TlsFatalAlert(10); } this.InvalidateSession(); this.ReceiveNewSessionTicketMessage(buf); base.mConnectionState = 14; return; case 11: switch (base.mConnectionState) { case 2: case 3: if (base.mConnectionState == 2) { this.HandleSupplementalData(null); } base.mPeerCertificate = Certificate.Parse(buf); TlsProtocol.AssertEmpty(buf); if ((base.mPeerCertificate == null) || base.mPeerCertificate.IsEmpty) { base.mAllowCertificateStatus = false; } this.mKeyExchange.ProcessServerCertificate(base.mPeerCertificate); this.mAuthentication = this.mTlsClient.GetAuthentication(); this.mAuthentication.NotifyServerCertificate(base.mPeerCertificate); base.mConnectionState = 4; return; } throw new TlsFatalAlert(10); case 12: switch (base.mConnectionState) { case 2: case 3: case 4: case 5: if (base.mConnectionState < 3) { this.HandleSupplementalData(null); } if (base.mConnectionState < 4) { this.mKeyExchange.SkipServerCredentials(); this.mAuthentication = null; } this.mKeyExchange.ProcessServerKeyExchange(buf); TlsProtocol.AssertEmpty(buf); base.mConnectionState = 6; return; } throw new TlsFatalAlert(10); case 13: switch (base.mConnectionState) { case 4: case 5: case 6: if (base.mConnectionState != 6) { this.mKeyExchange.SkipServerKeyExchange(); } if (this.mAuthentication == null) { throw new TlsFatalAlert(40); } this.mCertificateRequest = CertificateRequest.Parse(this.Context, buf); TlsProtocol.AssertEmpty(buf); this.mKeyExchange.ValidateCertificateRequest(this.mCertificateRequest); TlsUtilities.TrackHashAlgorithms(base.mRecordStream.HandshakeHash, this.mCertificateRequest.SupportedSignatureAlgorithms); base.mConnectionState = 7; return; } throw new TlsFatalAlert(10); case 14: switch (base.mConnectionState) { case 2: case 3: case 4: case 5: case 6: case 7: { if (base.mConnectionState < 3) { this.HandleSupplementalData(null); } if (base.mConnectionState < 4) { this.mKeyExchange.SkipServerCredentials(); this.mAuthentication = null; } if (base.mConnectionState < 6) { this.mKeyExchange.SkipServerKeyExchange(); } TlsProtocol.AssertEmpty(buf); base.mConnectionState = 8; base.mRecordStream.HandshakeHash.SealHashAlgorithms(); IList clientSupplementalData = this.mTlsClient.GetClientSupplementalData(); if (clientSupplementalData != null) { this.SendSupplementalDataMessage(clientSupplementalData); } base.mConnectionState = 9; TlsCredentials clientCredentials = null; if (this.mCertificateRequest == null) { this.mKeyExchange.SkipClientCredentials(); } else { clientCredentials = this.mAuthentication.GetClientCredentials(this.Context, this.mCertificateRequest); if (clientCredentials == null) { this.mKeyExchange.SkipClientCredentials(); this.SendCertificateMessage(Certificate.EmptyChain); } else { this.mKeyExchange.ProcessClientCredentials(clientCredentials); this.SendCertificateMessage(clientCredentials.Certificate); } } base.mConnectionState = 10; this.SendClientKeyExchangeMessage(); base.mConnectionState = 11; TlsHandshakeHash handshakeHash = base.mRecordStream.PrepareToFinish(); base.mSecurityParameters.sessionHash = TlsProtocol.GetCurrentPrfHash(this.Context, handshakeHash, null); TlsProtocol.EstablishMasterSecret(this.Context, this.mKeyExchange); base.mRecordStream.SetPendingConnectionState(this.Peer.GetCompression(), this.Peer.GetCipher()); if ((clientCredentials != null) && (clientCredentials is TlsSignerCredentials)) { byte[] sessionHash; TlsSignerCredentials signerCredentials = (TlsSignerCredentials)clientCredentials; SignatureAndHashAlgorithm signatureAndHashAlgorithm = TlsUtilities.GetSignatureAndHashAlgorithm(this.Context, signerCredentials); if (signatureAndHashAlgorithm == null) { sessionHash = base.mSecurityParameters.SessionHash; } else { sessionHash = handshakeHash.GetFinalHash(signatureAndHashAlgorithm.Hash); } byte[] signature = signerCredentials.GenerateCertificateSignature(sessionHash); DigitallySigned certificateVerify = new DigitallySigned(signatureAndHashAlgorithm, signature); this.SendCertificateVerifyMessage(certificateVerify); base.mConnectionState = 12; } this.SendChangeCipherSpecMessage(); this.SendFinishedMessage(); base.mConnectionState = 13; return; } } throw new TlsFatalAlert(40); case 20: switch (base.mConnectionState) { case 13: case 14: if ((base.mConnectionState == 13) && base.mExpectSessionTicket) { throw new TlsFatalAlert(10); } this.ProcessFinishedMessage(buf); base.mConnectionState = 15; base.mConnectionState = 0x10; this.CompleteHandshake(); return; } throw new TlsFatalAlert(10); case 0x16: if (base.mConnectionState != 4) { throw new TlsFatalAlert(10); } if (!base.mAllowCertificateStatus) { throw new TlsFatalAlert(10); } this.mCertificateStatus = CertificateStatus.Parse(buf); TlsProtocol.AssertEmpty(buf); base.mConnectionState = 5; return; case 0x17: if (base.mConnectionState != 2) { throw new TlsFatalAlert(10); } this.HandleSupplementalData(TlsProtocol.ReadSupplementalDataMessage(buf)); return; } throw new TlsFatalAlert(10); } }