protected HandshakeSession(SecurityParameters securityParameters, ILogger logger)
{
this.logger = logger;
_pluginManager = new CipherSuitePluginManager(this.logger);
_state = HandshakeState.Initial;
_minVersion = securityParameters.MinimumVersion;
_maxVersion = securityParameters.MaximumVersion;
_supportedCipherSuites = securityParameters.CipherSuiteIDs.ToArray();
_supportedCompressions = securityParameters.CompressionIDs.ToArray();
_availableCertificates = new List<X509CertificateCollection>(securityParameters.AvailableCertificates);
_availablePrivateKeys = new List<CertificatePrivateKey>(securityParameters.AvailablePrivateKeys);
_clientCertificates = new X509CertificateCollection();
_serverCertificates = new X509CertificateCollection();
// Initialize the default ClientHello version, to
// be as compatible as possible based on maxVersion
_version = _minVersion;
_cipherSuite = new CipherSuite(_version);
}
public KeyBlock(CipherSuite cipherSuite, byte[] masterSecret, byte[] seed)
{
DeriveBytes deriveBytes = cipherSuite.PseudoRandomFunction.CreateDeriveBytes(masterSecret, "key expansion", seed);
ClientWriteMACKey = deriveBytes.GetBytes(cipherSuite.MACAlgorithm.HashSize);
ServerWriteMACKey = deriveBytes.GetBytes(cipherSuite.MACAlgorithm.HashSize);
ClientWriteKey = deriveBytes.GetBytes(cipherSuite.BulkCipherAlgorithm.KeySize);
ServerWriteKey = deriveBytes.GetBytes(cipherSuite.BulkCipherAlgorithm.KeySize);
ClientWriteIV = deriveBytes.GetBytes(cipherSuite.BulkCipherAlgorithm.FixedIVLength);
ServerWriteIV = deriveBytes.GetBytes(cipherSuite.BulkCipherAlgorithm.FixedIVLength);
}
protected static byte[] GenerateMasterSecret(ProtocolVersion version, CipherSuite cipherSuite, ConnectionState connectionState)
{
byte[] seed = new byte[64];
Array.Copy(connectionState.ClientRandom, 0, seed, 0, 32);
Array.Copy(connectionState.ServerRandom, 0, seed, 32, 32);
byte[] masterSecret = cipherSuite.KeyExchangeAlgorithm.GetMasterSecret(cipherSuite.PseudoRandomFunction, seed);
if (masterSecret == null)
{
throw new Exception("Could not generate master secret");
}
return(masterSecret);
}
protected HandshakeSession(SecurityParameters securityParameters)
{
_pluginManager = new CipherSuitePluginManager();
_state = HandshakeState.Initial;
_minVersion = securityParameters.MinimumVersion;
_maxVersion = securityParameters.MaximumVersion;
_supportedCipherSuites = securityParameters.CipherSuiteIDs.ToArray();
_supportedCompressions = securityParameters.CompressionIDs.ToArray();
_availableCertificates = new List <X509CertificateCollection>(securityParameters.AvailableCertificates);
_availablePrivateKeys = new List <CertificatePrivateKey>(securityParameters.AvailablePrivateKeys);
_clientCertificates = new X509CertificateCollection();
_serverCertificates = new X509CertificateCollection();
// Initialize the default ClientHello version, to
// be as compatible as possible based on maxVersion
_version = _minVersion;
_cipherSuite = new CipherSuite(_version);
}
private static int DefaultCertificateSelectionCallback(CipherSuite cipherSuite, X509CertificateCollection[] availableCertificates)
{
// No certificate for anonymous suites
if (cipherSuite.IsAnonymous)
return -1;
for (int i = 0; i < availableCertificates.Length; i++)
{
X509CertificateCollection certs = availableCertificates[i];
if (certs.Count == 0)
continue;
string keyexAlg = cipherSuite.KeyExchangeAlgorithm.CertificateKeyAlgorithm;
string sigAlg = cipherSuite.SignatureAlgorithm.CertificateKeyAlgorithm;
if (keyexAlg != null && !keyexAlg.Equals(certs[0].GetKeyAlgorithm()))
continue;
if (sigAlg != null && !sigAlg.Equals(certs[0].GetKeyAlgorithm()))
continue;
return i;
}
return -1;
}
protected static byte[] GenerateMasterSecret(ProtocolVersion version, CipherSuite cipherSuite, ConnectionState connectionState)
{
byte[] seed = new byte[64];
Array.Copy(connectionState.ClientRandom, 0, seed, 0, 32);
Array.Copy(connectionState.ServerRandom, 0, seed, 32, 32);
byte[] masterSecret = cipherSuite.KeyExchangeAlgorithm.GetMasterSecret(cipherSuite.PseudoRandomFunction, seed);
if (masterSecret == null)
{
throw new Exception("Could not generate master secret");
}
return masterSecret;
}
public CipherSuite GetCipherSuite(ProtocolVersion version, ushort id)
{
CipherSuiteInfo cipherSuiteInfo = null;
foreach (CipherSuitePlugin plugin in _plugins)
{
var supported = new List<ushort>(plugin.SupportedCipherSuites);
if (supported.Contains(id))
{
cipherSuiteInfo = plugin.GetCipherSuiteFromID(id);
break;
}
}
if (cipherSuiteInfo == null)
{
this.logger?.Debug("CipherSuite ID 0x" + id.ToString("x").PadLeft(2, '0') + " not found");
return null;
}
var cipherSuite = new CipherSuite(version, id, cipherSuiteInfo.CipherSuiteName);
if (cipherSuiteInfo.KeyExchangeAlgorithmName == null)
{
cipherSuite.KeyExchangeAlgorithm = new KeyExchangeAlgorithmNull();
}
if (cipherSuiteInfo.SignatureAlgorithmName == null)
{
cipherSuite.SignatureAlgorithm = new SignatureAlgorithmNull();
}
if (cipherSuiteInfo.BulkCipherAlgorithmName == null)
{
cipherSuite.BulkCipherAlgorithm = new BulkCipherAlgorithmNull();
}
if (cipherSuiteInfo.MACAlgorithmName == null)
{
cipherSuite.MACAlgorithm = new MACAlgorithmNull();
}
// These need to be edited in different versions
string prfName = cipherSuiteInfo.PseudoRandomFunctionName;
string macName = cipherSuiteInfo.MACAlgorithmName;
if (version == ProtocolVersion.SSL3_0)
{
if (prfName == null)
{
prfName = "SSLv3";
}
else
{
// PRF selection not supported, but PRF defined, ignore this suite
return null;
}
if (macName == null)
{
macName = null;
}
else if (macName.Equals("MD5"))
{
macName = "SSLv3_MD5";
}
else if (macName.Equals("SHA1"))
{
macName = "SSLv3_SHA1";
}
else
{
// Only MD5 and SHA1 MAC accepted in SSLv3, ignore this suite
return null;
}
}
else
{
if (version.HasSelectablePRF)
{
if (prfName == null)
{
prfName = "TLS_SHA256";
}
}
else
{
if (prfName == null)
{
prfName = "TLSv1";
}
else
{
// PRF selection not supported, but PRF defined, ignore this suite
return null;
}
}
}
foreach (CipherSuitePlugin plugin in _plugins)
{
if (cipherSuite.KeyExchangeAlgorithm == null)
{
cipherSuite.KeyExchangeAlgorithm =
plugin.GetKeyExchangeAlgorithm(cipherSuiteInfo.KeyExchangeAlgorithmName);
}
if (cipherSuite.SignatureAlgorithm == null)
{
cipherSuite.SignatureAlgorithm =
plugin.GetSignatureAlgorithm(cipherSuiteInfo.SignatureAlgorithmName);
}
if (cipherSuite.PseudoRandomFunction == null)
{
cipherSuite.PseudoRandomFunction =
plugin.GetPseudoRandomFunction(prfName);
/* Check that the PRF is valid as per RFC 5246 section 7.4.9 */
if (cipherSuite.PseudoRandomFunction != null && cipherSuite.PseudoRandomFunction.VerifyDataLength < 12)
{
this.logger?.Debug("Invalid PseudoRandomFunction, verify data less than 12, ignored");
cipherSuite.PseudoRandomFunction = null;
}
}
if (cipherSuite.BulkCipherAlgorithm == null)
{
cipherSuite.BulkCipherAlgorithm =
plugin.GetBulkCipherAlgorithm(cipherSuiteInfo.BulkCipherAlgorithmName);
}
if (cipherSuite.MACAlgorithm == null)
{
cipherSuite.MACAlgorithm =
plugin.GetMACAlgorithm(macName);
}
}
if (cipherSuite.KeyExchangeAlgorithm == null || !cipherSuite.KeyExchangeAlgorithm.SupportsProtocolVersion(version))
{
this.logger?.Trace("KeyExchangeAlgorithm '" + cipherSuiteInfo.KeyExchangeAlgorithmName + "' not found");
return null;
}
if (cipherSuite.SignatureAlgorithm == null || !cipherSuite.SignatureAlgorithm.SupportsProtocolVersion(version))
{
this.logger?.Trace("SignatureAlgorithm '" + cipherSuiteInfo.SignatureAlgorithmName + "' not found");
return null;
}
if (cipherSuite.PseudoRandomFunction == null || !cipherSuite.PseudoRandomFunction.SupportsProtocolVersion(version))
{
this.logger?.Trace("PseudoRandomFunction '" + cipherSuiteInfo.PseudoRandomFunctionName + "' not found");
return null;
}
if (cipherSuite.BulkCipherAlgorithm == null || !cipherSuite.BulkCipherAlgorithm.SupportsProtocolVersion(version))
{
this.logger?.Trace("BulkCipherAlgorithm '" + cipherSuiteInfo.BulkCipherAlgorithmName + "' not found");
return null;
}
if (cipherSuite.MACAlgorithm == null || !cipherSuite.MACAlgorithm.SupportsProtocolVersion(version))
{
this.logger?.Trace("MACAlgorithm '" + cipherSuiteInfo.MACAlgorithmName + "' not found");
return null;
}
return cipherSuite;
}
