Result ChangeCipherSpecAndFinished()
{
if (State == TLSSessionState.Client_Finished)
{
var clienthello_clientfinish = GetHandshakeMessages();
var finishedVerify = _params.Cipher.GetVerifyData("server finished", clienthello_clientfinish);
var finishedMessage = new byte[] { 0x14, 0x00, 0x00, 0x0C }.Concat(finishedVerify).ToArray();
var macSeed = Utils.GetMacSeed(_sendSeqNum, (byte)RecordType.Handshake, finishedMessage);
var myMac = _params.Cipher.ServerMessageAuthCode(macSeed);
var finished = new List <byte>();
finished.AddRange(finishedMessage);
finished.AddRange(myMac);
var serverIv = Utils.Random(16);
var encryptedFinished = _params.Cipher.BulkEncrypt(finished.ToArray(), serverIv);
var serverFinishFragment = new Handshakes.EncryptedFragment(serverIv.Concat(encryptedFinished).ToArray());
var changeCipherRecord = new Records.ChangeCipherSpec();
var serverFinishRecord = new Records.Handshake(new[] { serverFinishFragment });
_sendSeqNum++;
State = TLSSessionState.Server_Finished;
return(new PacketResult(new Records.TLSRecord[] { changeCipherRecord, serverFinishRecord }));
}
else
{
return(Result.FatalAlert(AlertDescription.unexpected_message, $"State [{State}] check failed on ChangeCipherSpecAndFinished"));
}
}
protected override Result Record_ChangeCipherSpec(Records.ChangeCipherSpec rec)
{
if (State == TLSSessionState.Server_Finished)
{
State = TLSSessionState.Client_ChangeCipherSpec;
return(null);
}
else
{
return(Result.FatalAlert(AlertDescription.unexpected_message, $"State [{State}] check failed on Client_ChangeCipherSpec message"));
}
}
protected virtual Result Record_ChangeCipherSpec(Records.ChangeCipherSpec rec)
{
if (State == TLSSessionState.Client_Key_Exchange)
{
State = TLSSessionState.Client_ChangeCipherSpec;
return(null);
}
else
{
return(Result.FatalAlert(AlertDescription.unexpected_message, $"State [{State}] check failed on Client_ChangeCipherSpec message"));
}
}
