An implementation of all high level protocols in TLS 1.0.
Пример #1
0
        void StartAuthentication(object state)
        {
            var result = state as AuthenticateResult;

            m_TlsHandler = new TlsProtocolHandler(m_InnerStream);

            try
            {
                m_TlsHandler.Connect(new LegacyTlsClient(new AlwaysValidVerifyer()));
                m_SecureStream = m_TlsHandler.Stream;
            }
            catch (Exception e)
            {
                result.Exception = e;
            }
            finally
            {
                result.IsCompleted = true;

                var callback = result.Callback;

                if (callback != null)
                    callback(result);
            }
        }
Пример #2
0
 internal static void CheckVersion(byte[] readVersion, TlsProtocolHandler handler)
 {
     if ((readVersion[0] != 3) || (readVersion[1] != 1))
     {
         handler.FailWithError(TlsProtocolHandler.AL_fatal, TlsProtocolHandler.AP_protocol_version);
     }
 }
Пример #3
0
        internal static TlsCipherSuite GetCipherSuite(
			int					number,
			TlsProtocolHandler	handler)
        {
            switch (number)
            {
                case TLS_RSA_WITH_3DES_EDE_CBC_SHA:
                    return new TlsBlockCipherCipherSuite(new CbcBlockCipher(new DesEdeEngine()), new CbcBlockCipher(new DesEdeEngine()), new Sha1Digest(), new Sha1Digest(), 24, TlsCipherSuite.KE_RSA);

                case TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA:
                    return new TlsBlockCipherCipherSuite(new CbcBlockCipher(new DesEdeEngine()), new CbcBlockCipher(new DesEdeEngine()), new Sha1Digest(), new Sha1Digest(), 24, TlsCipherSuite.KE_DHE_RSA);

                case TLS_RSA_WITH_AES_128_CBC_SHA:
                    return new TlsBlockCipherCipherSuite(new CbcBlockCipher(new AesFastEngine()), new CbcBlockCipher(new AesFastEngine()), new Sha1Digest(), new Sha1Digest(), 16, TlsCipherSuite.KE_RSA);

                case TLS_DHE_RSA_WITH_AES_128_CBC_SHA:
                    return new TlsBlockCipherCipherSuite(new CbcBlockCipher(new AesFastEngine()), new CbcBlockCipher(new AesFastEngine()), new Sha1Digest(), new Sha1Digest(), 16, TlsCipherSuite.KE_DHE_RSA);

                case TLS_RSA_WITH_AES_256_CBC_SHA:
                    return new TlsBlockCipherCipherSuite(new CbcBlockCipher(new AesFastEngine()), new CbcBlockCipher(new AesFastEngine()), new Sha1Digest(), new Sha1Digest(), 32, TlsCipherSuite.KE_RSA);

                case TLS_DHE_RSA_WITH_AES_256_CBC_SHA:
                    return new TlsBlockCipherCipherSuite(new CbcBlockCipher(new AesFastEngine()), new CbcBlockCipher(new AesFastEngine()), new Sha1Digest(), new Sha1Digest(), 32, TlsCipherSuite.KE_DHE_RSA);

                default:
                    handler.FailWithError(TlsProtocolHandler.AL_fatal, TlsProtocolHandler.AP_handshake_failure);

                    /*
                    * Unreachable Code, failWithError will always throw an exception!
                    */
                    return null;
            }
        }
Пример #4
0
        protected override void HandleConnectionReady()
        {
            var stream = this.GetStream();

            var handler = new TlsProtocolHandler(stream);
            handler.Connect(tlsClient);

            this.secureStream = handler.Stream;
        }
Пример #5
0
 internal static void CheckVersion(Stream inStr, TlsProtocolHandler handler)
 {
     int i1 = inStr.ReadByte();
     int i2 = inStr.ReadByte();
     if ((i1 != 3) || (i2 != 1))
     {
         handler.FailWithError(TlsProtocolHandler.AL_fatal, TlsProtocolHandler.AP_protocol_version);
     }
 }
Пример #6
0
		/// <summary>
		/// Connect to the server and wrap the socket in a TLS handler.
		/// </summary>
		public void Connect(string ipAddress, int port, int sendTimeout, int receiveTimeout)
		{
			_tcpClient = new TcpClient { SendTimeout = sendTimeout, ReceiveTimeout = receiveTimeout };
			_tcpClient.Connect(ipAddress, port);

			_tlsProtocolHandler = new TlsProtocolHandler(_tcpClient.GetStream());
			_tlsProtocolHandler.Connect(this);

			_hasConnected = true;
		}
Пример #7
0
        internal override byte[] DecodeCiphertext(
			short				type,
			byte[]				plaintext,
			int					offset,
			int					len,
			TlsProtocolHandler	handler)
        {
            byte[] result = new byte[len];
            Array.Copy(plaintext, offset, result, 0, len);
            return result;
        }
Пример #8
0
		internal RecordStream(
			TlsProtocolHandler	handler,
			Stream				inStr,
			Stream				outStr)
		{
			this.handler = handler;
			this.inStr = inStr;
			this.outStr = outStr;
			this.hash = new CombinedHash();
			this.readCipher = new TlsNullCipher();
			this.writeCipher = this.readCipher;
		}
Пример #9
0
		internal RecordStream(
			TlsProtocolHandler	handler,
			Stream				inStr,
			Stream				outStr)
		{
			this.handler = handler;
			this.inStr = inStr;
			this.outStr = outStr;
			hash1 = new CombinedHash();
			hash2 = new CombinedHash();
			this.readSuite = new TlsNullCipherSuite();
			this.writeSuite = this.readSuite;
		}
		internal static TlsCipherSuite GetCipherSuite(
			int					number,
			TlsProtocolHandler	handler)
		{
			switch (number)
			{
				case TLS_RSA_WITH_3DES_EDE_CBC_SHA:
					return createDesEdeCipherSuite(24, TlsCipherSuite.KE_RSA);

				case TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA:
					return createDesEdeCipherSuite(24, TlsCipherSuite.KE_DHE_DSS);

				case TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA:
					return createDesEdeCipherSuite(24, TlsCipherSuite.KE_DHE_RSA);

				case TLS_RSA_WITH_AES_128_CBC_SHA:
					return createAesCipherSuite(16, TlsCipherSuite.KE_RSA);

				case TLS_DHE_DSS_WITH_AES_128_CBC_SHA:
					return createAesCipherSuite(16, TlsCipherSuite.KE_DHE_DSS);

				case TLS_DHE_RSA_WITH_AES_128_CBC_SHA:
					return createAesCipherSuite(16, TlsCipherSuite.KE_DHE_RSA);

				case TLS_RSA_WITH_AES_256_CBC_SHA:
					return createAesCipherSuite(32, TlsCipherSuite.KE_RSA);

				case TLS_DHE_DSS_WITH_AES_256_CBC_SHA:
					return createAesCipherSuite(32, TlsCipherSuite.KE_DHE_DSS);

				case TLS_DHE_RSA_WITH_AES_256_CBC_SHA:
					return createAesCipherSuite(32, TlsCipherSuite.KE_DHE_RSA);

				default:
					handler.FailWithError(TlsProtocolHandler.AL_fatal, TlsProtocolHandler.AP_handshake_failure);

					/*
					* Unreachable Code, failWithError will always throw an exception!
					*/
					return null;
			}
		}
Пример #11
0
		internal TlsBlockCipher(TlsProtocolHandler handler, IBlockCipher encryptCipher,
			IBlockCipher decryptCipher, IDigest writeDigest, IDigest readDigest, int cipherKeySize,
			SecurityParameters securityParameters)
		{
			this.handler = handler;
			this.encryptCipher = encryptCipher;
			this.decryptCipher = decryptCipher;
			
			int prfSize = (2 * cipherKeySize) + writeDigest.GetDigestSize()
				+ readDigest.GetDigestSize() + encryptCipher.GetBlockSize()
				+ decryptCipher.GetBlockSize();

			byte[] keyBlock = TlsUtilities.PRF(securityParameters.masterSecret, "key expansion",
				TlsUtilities.Concat(securityParameters.serverRandom, securityParameters.clientRandom),
				prfSize);

			int offset = 0;

			// Init MACs
			writeMac = CreateTlsMac(writeDigest, keyBlock, ref offset);
			readMac = CreateTlsMac(readDigest, keyBlock, ref offset);

			// Build keys
			KeyParameter encryptKey = CreateKeyParameter(keyBlock, ref offset, cipherKeySize);
			KeyParameter decryptKey = CreateKeyParameter(keyBlock, ref offset, cipherKeySize);

			// Add IVs
			ParametersWithIV encryptParams = CreateParametersWithIV(encryptKey,
				keyBlock, ref offset, encryptCipher.GetBlockSize());
			ParametersWithIV decryptParams = CreateParametersWithIV(decryptKey,
				keyBlock, ref offset, decryptCipher.GetBlockSize());

			if (offset != prfSize)
				handler.FailWithError(TlsProtocolHandler.AL_fatal, TlsProtocolHandler.AP_internal_error);

			// Init Ciphers
			encryptCipher.Init(true, encryptParams);
			decryptCipher.Init(false, decryptParams);
		}
Пример #12
0
		internal TlsSrpKeyExchange(TlsProtocolHandler handler, ICertificateVerifyer verifyer,
			TlsKeyExchangeAlgorithm keyExchange)
		{
			switch (keyExchange)
			{
				case TlsKeyExchangeAlgorithm.KE_SRP:
					this.tlsSigner = null;
					break;
				case TlsKeyExchangeAlgorithm.KE_SRP_RSA:
					this.tlsSigner = new TlsRsaSigner();
					break;
				case TlsKeyExchangeAlgorithm.KE_SRP_DSS:
					this.tlsSigner = new TlsDssSigner();
					break;
				default:
					throw new ArgumentException("unsupported key exchange algorithm", "keyExchange");
			}

			this.handler = handler;
			this.verifyer = verifyer;
			this.keyExchange = keyExchange;
		}
Пример #13
0
		internal static void CheckVersion(Stream inStr, TlsProtocolHandler handler)
		{
			int i1 = inStr.ReadByte();
			int i2 = inStr.ReadByte();
			if ((i1 != 3) || (i2 != 1))
			{
				throw new TlsFatalAlert(AlertDescription.protocol_version);
			}
		}
Пример #14
0
		internal TlsStream(
			TlsProtocolHandler handler)
		{
			this.handler = handler;
		}
Пример #15
0
 public static Stream Connect(NetworkStream ns, bool verifyCertificates)
 {
     var handler = new TlsProtocolHandler(ns);
     handler.Connect(new TlsClient(verifyCertificates));
     return handler.Stream;
 }
Пример #16
0
		public void Init(TlsProtocolHandler handler)
		{
			this.handler = handler;
		}
Пример #17
0
		internal static void CheckVersion(byte[] readVersion, TlsProtocolHandler handler)
		{
			if ((readVersion[0] != 3) || (readVersion[1] != 1))
			{
				throw new TlsFatalAlert(AlertDescription.protocol_version);
			}
		}
Пример #18
0
		internal abstract byte[] DecodeCiphertext(short type, byte[] plaintext, int offset, int len, TlsProtocolHandler handler);
		internal override byte[] DecodeCiphertext(
			short				type,
			byte[]				ciphertext,
			int					offset,
			int					len,
			TlsProtocolHandler	handler)
		{
			int blocksize = decryptCipher.GetBlockSize();
			bool decrypterror = false;

			/*
			* Decrypt all the ciphertext using the blockcipher
			*/
			for (int i = 0; i < len; i += blocksize)
			{
				decryptCipher.ProcessBlock(ciphertext, i + offset, ciphertext, i
					+ offset);
			}

			/*
			* Check if padding is correct
			*/
			int paddingsize = ciphertext[offset + len - 1];
			if (offset + len - 1 - paddingsize < 0)
			{
				/*
				* This would lead to a negative array index, so this padding
				* must be incorrect!
				*/
				decrypterror = true;
				paddingsize = 0;
			}
			else
			{
				/*
				* Now, check all the padding-bytes.
				*/
				for (int i = 0; i <= paddingsize; i++)
				{
					if (ciphertext[offset + len - 1 - i] != paddingsize)
					{
						/* Wrong padding */
						decrypterror = true;
					}
				}
			}

			/*
			* We now don't care if padding verification has failed or not,
			* we will calculate the mac to give an attacker no kind of timing
			* profile he can use to find out if mac verification failed or
			* padding verification failed.
			*/
			int plaintextlength = len - readMac.Size - paddingsize - 1;
			byte[] calculatedMac = readMac.CalculateMac(type, ciphertext, offset,
				plaintextlength);

			/*
			* Check all bytes in the mac.
			*/
			for (int i = 0; i < calculatedMac.Length; i++)
			{
				if (ciphertext[offset + plaintextlength + i] != calculatedMac[i])
				{
					decrypterror = true;
				}
			}

			/*
			* Now, it is safe to fail.
			*/
			if (decrypterror)
			{
				handler.FailWithError(TlsProtocolHandler.AL_fatal,
					TlsProtocolHandler.AP_bad_record_mac);
			}
			byte[] plaintext = new byte[plaintextlength];
			Array.Copy(ciphertext, offset, plaintext, 0, plaintextlength);
			return plaintext;

		}
Пример #20
0
		public SslStream(Stream stream) {
			handler = new TlsProtocolHandler(stream);
		}