public void SetPeerKey(BigEndianAdvancingSpan peerKey, ICertificate certificate, SignatureScheme scheme) { peerKey = peerKey.ReadVector <ushort>(); var decryptedLength = certificate.Decrypt(scheme, peerKey.ToSpan(), peerKey.ToSpan()); peerKey = peerKey.TakeSlice(decryptedLength); _premasterSecret = peerKey.ToArray(); }
public ServerHelloParser(ReadableBuffer buffer, SecurePipeConnection secureConnection) { _originalMessage = buffer.ToSpan(); var span = new BigEndianAdvancingSpan(_originalMessage); span.Read <HandshakeHeader>(); _tlsVersion = span.Read <TlsVersion>(); _serverRandom = span.TakeSlice(TlsConstants.RandomLength).ToSpan(); _sessionId = span.ReadVector <byte>().ToSpan(); _cipherSuite = span.Read <ushort>(); var compression = span.Read <byte>(); //Dump compression if (compression != 0) { Alerts.AlertException.ThrowAlert(Alerts.AlertLevel.Fatal, Alerts.AlertDescription.handshake_failure, "Compression is not supported"); } _supportedGroups = default; if (span.Length == 0) { return; } span = span.ReadVector <ushort>(); while (span.Length > 0) { var extType = span.Read <ExtensionType>(); var extBuffer = span.ReadVector <ushort>(); switch (extType) { case ExtensionType.supported_groups: throw new NotImplementedException(); case ExtensionType.application_layer_protocol_negotiation: throw new NotImplementedException(); case ExtensionType.server_name: throw new NotImplementedException(); case ExtensionType.SessionTicket: throw new NotImplementedException(); case ExtensionType.signature_algorithms: throw new NotImplementedException(); case ExtensionType.renegotiation_info: throw new NotImplementedException(); } } }
public ClientHelloParser(ReadableBuffer buffer, SecurePipeConnection secureConnection) { _originalMessage = buffer.ToSpan(); var span = new BigEndianAdvancingSpan(_originalMessage); span.Read <HandshakeHeader>(); _tlsVersion = span.Read <TlsVersion>(); _clientRandom = span.TakeSlice(TlsConstants.RandomLength).ToSpan(); _sessionId = span.ReadVector <byte>().ToSpan(); _cipherSuite = span.ReadVector <ushort>(); _compressionMethods = span.ReadVector <byte>().ToSpan(); _negotiatedAlpn = ApplicationLayerProtocolType.None; _hostName = null; if (span.Length == 0) { return; } var extensionSpan = new BigEndianAdvancingSpan(span.ReadVector <ushort>().ToSpan()); while (extensionSpan.Length > 0) { var extType = extensionSpan.Read <ExtensionType>(); var extBuffer = extensionSpan.ReadVector <ushort>(); switch (extType) { case ExtensionType.application_layer_protocol_negotiation: _negotiatedAlpn = secureConnection.Listener.AlpnProvider.ProcessExtension(extBuffer); break; case ExtensionType.server_name: _hostName = secureConnection.Listener.HostNameProvider.ProcessHostNameExtension(extBuffer); break; case ExtensionType.signature_algorithms: _signatureAlgos = extBuffer; break; case ExtensionType.supported_groups: _supportedGroups = extBuffer; break; case ExtensionType.SessionTicket: _sessionTicket = extBuffer; break; case ExtensionType.psk_key_exchange_modes: case ExtensionType.pre_shared_key: case ExtensionType.supported_versions: case ExtensionType.key_share: break; } } if (span.Length > 0) { ThrowBytesLeftOver(); } }