public void ProcessServerHelloDone()
{
m_HandshakePhase = HandshakeDataType.ServerHelloDone;
PreMasterSecret pms = new PreMasterSecret();
byte[] keyExchangeData = GenerateKeyExchangeData(pms.GetBytes());
/* Generate Master Secret */
PrfDeriveBytes prf = new PrfDeriveBytes(pms.GetBytes(),
"master secret",
ByteArray.Concat(m_SecurityParameters.ClientRandom,
m_SecurityParameters.ServerRandom));
m_Session.MasterSecret = prf.GetBytes(48);
m_SecurityParameters.MasterSecret = m_Session.MasterSecret;
prf.Dispose();
/* clear pre-master secret from memory */
pms.Dispose();
/* Create handshake messages */
m_ProtocolQueue.Enqueue(CreateClientKeyExchange(keyExchangeData));
m_ProtocolQueue.Enqueue(CreateChangeCipherSpec());
m_ProtocolQueue.Enqueue(CreateFinishedMsg(m_SecurityParameters.MasterSecret));
ParametersReady(m_SecurityParameters);
}
public void ProcessServerHello(SessionID sid,
byte[] serverRandom, ProtocolVersion serverVersion,
TlsCipherSuite chosenSuite, TlsCompressionMethod chosenCompMethod)
{
if (m_HandshakePhase != HandshakeDataType.ClientHello)
{
throw new SslAlertException(AlertLevel.Fatal, AlertDescription.UnexpectedMessage);
}
m_Session.Id = sid;
m_Session.CompressionMethod = chosenCompMethod;
m_Session.IsResumable = false;
if (CipherSuites.IsSupported(chosenSuite))
{
m_Session.CipherSuite = chosenSuite;
m_SecurityParameters.CipherSuite = chosenSuite;
}
else
{
throw new SslAlertException(AlertLevel.Fatal, AlertDescription.HandshakeFailure);
}
/* TODO: Check for wrong version */
if (serverVersion.Major != 3 || serverVersion.Minor != 1)
{
throw new SslAlertException(AlertLevel.Fatal, AlertDescription.HandshakeFailure);
}
m_SecurityParameters.ServerRandom = serverRandom;
m_HandshakePhase = HandshakeDataType.ServerHello;
}
private static Type GetObjectType(HandshakeDataType type)
{
foreach (HandshakeTypeDefinition def in Definitions)
{
if (def.type == type)
{
return(def.HandshakeMessageObjectType);
}
}
return(null);
}
internal IProtocolMessage CreateClientHello()
{
ClientHello chm = new ClientHello();
m_SecurityParameters.ClientRandom = chm.GetClientRandom();
m_SecurityParameters.ChosenVersion = chm.GetClientVersion();
HandshakeProtocolMessage hpm = new HandshakeProtocolMessage(chm);
m_ListOfHandshakeMsgs.Add(hpm);
m_HandshakePhase = HandshakeDataType.ClientHello;
return(hpm);
}
internal IProtocolMessage CreateClientKeyExchange(byte[] encryptedData)
{
if (m_HandshakePhase != HandshakeDataType.ServerHelloDone)
{
throw new SslAlertException(AlertLevel.Fatal, AlertDescription.HandshakeFailure);
}
HandshakeProtocolMessage hpm = new HandshakeProtocolMessage(new ClientKeyExchange(encryptedData));
m_ListOfHandshakeMsgs.Add(hpm);
m_HandshakePhase = HandshakeDataType.ClientKeyExchange;
return(hpm);
}
public void ProcessCertificate(List <X509Certificate> lCertificates)
{
if (m_HandshakePhase != HandshakeDataType.ServerHello)
{
throw new SslAlertException(AlertLevel.Fatal, AlertDescription.UnexpectedMessage);
}
m_Session.Certificate = lCertificates[0];
m_HandshakePhase = HandshakeDataType.Certificate;
/* TODO: Verify Cert */
}
internal IProtocolMessage CreateFinishedMsg(byte[] masterSecret)
{
byte[] data = GetAllHandshakeInBytes();
byte[] md5data = (new MD5Managed()).ComputeHash(data);
byte[] sha1data = (new SHA1Managed()).ComputeHash(data);
PrfDeriveBytes prf = new PrfDeriveBytes(masterSecret,
"client finished", ByteArray.Concat(md5data, sha1data));
byte[] result = prf.GetBytes(12);
prf.Dispose();
HandshakeProtocolMessage hpm = new HandshakeProtocolMessage(new Finished(result));
m_ListOfHandshakeMsgs.Add(hpm);
m_HandshakePhase = HandshakeDataType.Finished;
return(hpm);
}
private static void CreateHandshakeMessages(byte[] buffer, ExtractMessagesResult result)
{
int startOffset = 0;
int endOffset = startOffset + buffer.Length;
while (startOffset < endOffset)
{
HandshakeDataType type = (HandshakeDataType)buffer[startOffset++];
byte[] len = new byte[4];
System.Buffer.BlockCopy(buffer, startOffset, len, 1, 3);
if (BitConverter.IsLittleEndian)
{
Array.Reverse(len);
}
int messageLength = (int)(BitConverter.ToUInt32(len, 0));
startOffset += 3;
byte[] message = new byte[messageLength];
System.Buffer.BlockCopy(buffer, startOffset, message, 0, message.Length);
startOffset += message.Length;
HandshakeProtocolMessage hMsg = null;
try
{
hMsg = new HandshakeProtocolMessage(type, message);
}
catch (Exception)
{
throw new SslAlertException(AlertLevel.Fatal, AlertDescription.DecodeError);
}
result.protocolMessages.Add(hMsg);
if (type != HandshakeDataType.Finished)
{
result.handshakeMessages.Add(hMsg);
}
}
}
public HandshakeTypeDefinition(HandshakeDataType type, Type HandshakeMessageObjType)
{
this.type = type;
this.HandshakeMessageObjectType = HandshakeMessageObjType;
}
public static IHandshakeData FromBytes(HandshakeDataType type, byte[] buffer)
{
IHandshakeData hData = (IHandshakeData)Activator.CreateInstance(GetObjectType(type), buffer);
return(hData);
}
public HandshakeProtocolMessage(HandshakeDataType type, byte[] buffer)
{
hData = HandshakeMessageFactory.FromBytes(type, buffer);
}
