public async Task ServerAllowNoEncryption_ClientNoEncryption_ConnectWithNoEncryption()
{
(NetworkStream clientStream, NetworkStream serverStream) = TestHelper.GetConnectedTcpStreams();
using (clientStream)
using (serverStream)
{
using (var client = new SslStream(clientStream, false, TestHelper.AllowAnyServerCertificate, null, EncryptionPolicy.NoEncryption))
using (var server = new SslStream(serverStream, false, TestHelper.AllowAnyServerCertificate, null, EncryptionPolicy.AllowNoEncryption))
{
#pragma warning disable SYSLIB0039 // TLS 1.0 and 1.1 are obsolete
await TestConfiguration.WhenAllOrAnyFailedWithTimeout(
// null encryption is not permitted with Tls13
client.AuthenticateAsClientAsync("localhost", null, SslProtocols.Tls | SslProtocols.Tls11 | SslProtocols.Tls12, false),
server.AuthenticateAsServerAsync(TestConfiguration.ServerCertificate));
#pragma warning restore SYSLIB0039
_log.WriteLine("Client authenticated to server({0}) with encryption cipher: {1} {2}-bit strength",
clientStream.Socket.RemoteEndPoint, client.CipherAlgorithm, client.CipherStrength);
CipherAlgorithmType expected = CipherAlgorithmType.Null;
Assert.Equal(expected, client.CipherAlgorithm);
Assert.Equal(0, client.CipherStrength);
}
}
}
private static int GetCipherSize(CipherAlgorithmType cipher)
{
switch (cipher)
{
case CipherAlgorithmType.None:
case CipherAlgorithmType.Null:
return(0);
case CipherAlgorithmType.Rc2:
Debug.Fail($"RC2 should always include the keysize");
return(0);
case CipherAlgorithmType.Des:
return(56);
case CipherAlgorithmType.Rc4:
Debug.Fail($"RC4 should always include the keysize");
return(0);
case CipherAlgorithmType.TripleDes:
return(168);
case CipherAlgorithmType.Aes128:
return(128);
case CipherAlgorithmType.Aes192:
return(192);
case CipherAlgorithmType.Aes256:
return(256);
default:
throw new ArgumentOutOfRangeException(nameof(cipher));
}
}
public CipherSuite(
short code,
string name,
CipherAlgorithmType cipherAlgorithmType,
HashAlgorithmType hashAlgorithmType,
ExchangeAlgorithmType exchangeAlgorithmType,
bool exportable,
bool blockMode,
byte keyMaterialSize,
byte expandedKeyMaterialSize,
short effectiveKeyBits,
byte ivSize,
byte blockSize)
{
this.code = code;
this.name = name;
this.cipherAlgorithmType = cipherAlgorithmType;
this.hashAlgorithmType = hashAlgorithmType;
this.exchangeAlgorithmType = exchangeAlgorithmType;
this.isExportable = exportable;
if (blockMode)
{
this.cipherMode = CipherMode.CBC;
}
this.keyMaterialSize = keyMaterialSize;
this.expandedKeyMaterialSize = expandedKeyMaterialSize;
this.effectiveKeyBits = effectiveKeyBits;
this.ivSize = ivSize;
this.blockSize = blockSize;
this.keyBlockSize = (int)this.keyMaterialSize + this.HashSize + (int)this.ivSize << 1;
}
public CipherSuite Add(
short code,
string name,
CipherAlgorithmType cipherType,
HashAlgorithmType hashType,
ExchangeAlgorithmType exchangeType,
bool exportable,
bool blockMode,
byte keyMaterialSize,
byte expandedKeyMaterialSize,
short effectiveKeyBytes,
byte ivSize,
byte blockSize)
{
switch (this.protocol)
{
case SecurityProtocolType.Default:
case SecurityProtocolType.Tls:
return((CipherSuite)this.add(new TlsCipherSuite(code, name, cipherType, hashType, exchangeType, exportable, blockMode, keyMaterialSize, expandedKeyMaterialSize, effectiveKeyBytes, ivSize, blockSize)));
case SecurityProtocolType.Ssl3:
return((CipherSuite)this.add(new SslCipherSuite(code, name, cipherType, hashType, exchangeType, exportable, blockMode, keyMaterialSize, expandedKeyMaterialSize, effectiveKeyBytes, ivSize, blockSize)));
default:
throw new NotSupportedException("Unsupported security protocol type.");
}
}
public async Task ServerNoEncryption_ClientNoEncryption_ConnectWithNoEncryption()
{
using (var serverNoEncryption = new DummyTcpServer(
new IPEndPoint(IPAddress.Loopback, 0), EncryptionPolicy.NoEncryption))
using (var client = new TcpClient())
{
await client.ConnectAsync(serverNoEncryption.RemoteEndPoint.Address, serverNoEncryption.RemoteEndPoint.Port);
using (var sslStream = new SslStream(client.GetStream(), false, AllowAnyServerCertificate, null, EncryptionPolicy.NoEncryption))
{
if (SupportsNullEncryption)
{
await sslStream.AuthenticateAsClientAsync("localhost", null, SslProtocolSupport.DefaultSslProtocols, false);
_log.WriteLine("Client authenticated to server({0}) with encryption cipher: {1} {2}-bit strength",
serverNoEncryption.RemoteEndPoint, sslStream.CipherAlgorithm, sslStream.CipherStrength);
CipherAlgorithmType expected = CipherAlgorithmType.Null;
Assert.Equal(expected, sslStream.CipherAlgorithm);
Assert.Equal(0, sslStream.CipherStrength);
}
else
{
var ae = await Assert.ThrowsAsync <AuthenticationException>(() => sslStream.AuthenticateAsClientAsync("localhost", null, SslProtocolSupport.DefaultSslProtocols, false));
Assert.IsType <PlatformNotSupportedException>(ae.InnerException);
}
}
}
}
public TlsCipherSuite(short code, string name, CipherAlgorithmType cipherAlgorithmType, HashAlgorithmType hashAlgorithmType,
ExchangeAlgorithmType exchangeAlgorithmType, bool exportable, bool blockMode, byte keyMaterialSize, byte expandedKeyMaterialSize,
short effectiveKeyBytes, byte ivSize, byte blockSize)
: base(
code, name, cipherAlgorithmType, hashAlgorithmType, exchangeAlgorithmType, exportable, blockMode, keyMaterialSize, expandedKeyMaterialSize,
effectiveKeyBytes, ivSize, blockSize)
{
}
internal SafeCipherParametersHandle(CipherAlgorithmType algorithm) :
base(IntPtr.Zero, true)
{
IntPtr ptr = IntPtr.Zero;
Interop.CkmcTypes.GenerateNewParam((int)algorithm, out ptr);
this.SetHandle(ptr);
}
public CipherSuite(
CipherSuiteCode code, CipherAlgorithmType cipherAlgorithmType,
HashAlgorithmType hashAlgorithmType, ExchangeAlgorithmType exchangeAlgorithmType)
{
Code = code;
Name = code.ToString();
CipherAlgorithmType = cipherAlgorithmType;
HashAlgorithmType = hashAlgorithmType;
ExchangeAlgorithmType = exchangeAlgorithmType;
}
protected void OnRemoteConnectionAuthenticated(SslProtocols protocol, System.Security.Cryptography.X509Certificates.X509Certificate2 remoteCertificate,
CipherAlgorithmType cipherAlgorithmType, int cipherAlgorithmStrength,
HashAlgorithmType hashAlgorithmType, int hashAlgorithmStrength,
ExchangeAlgorithmType exchangeAlgorithmType, int exchangeAlgorithmStrength)
{
if (RemoteConnectionAuthenticated != null)
{
RemoteConnectionAuthenticated(protocol, remoteCertificate, cipherAlgorithmType, cipherAlgorithmStrength,
hashAlgorithmType, hashAlgorithmStrength, exchangeAlgorithmType, exchangeAlgorithmStrength);
}
}
protected void OnLocalConnectionAuthenticated(SslProtocols protocol,
CipherAlgorithmType cipherAlgorithmType, int cipherAlgorithmStrength,
HashAlgorithmType hashAlgorithmType, int hashAlgorithmStrength,
ExchangeAlgorithmType exchangeAlgorithmType, int exchangeAlgorithmStrength)
{
if (LocalConnectionAuthenticated != null)
{
LocalConnectionAuthenticated(protocol, cipherAlgorithmType, cipherAlgorithmStrength, hashAlgorithmType, hashAlgorithmStrength,
exchangeAlgorithmType, exchangeAlgorithmStrength);
}
}
public TlsCipherSuite(
short code, string name, CipherAlgorithmType cipherAlgorithmType,
HashAlgorithmType hashAlgorithmType, ExchangeAlgorithmType exchangeAlgorithmType,
bool exportable, bool blockMode, byte keyMaterialSize,
byte expandedKeyMaterialSize, short effectiveKeyBytes,
byte ivSize, byte blockSize)
:base(code, name, cipherAlgorithmType, hashAlgorithmType,
exchangeAlgorithmType, exportable, blockMode, keyMaterialSize,
expandedKeyMaterialSize, effectiveKeyBytes, ivSize, blockSize)
{
}
public SslCipherSuite(short code, string name, CipherAlgorithmType cipherAlgorithmType, HashAlgorithmType hashAlgorithmType, ExchangeAlgorithmType exchangeAlgorithmType, bool exportable, bool blockMode, byte keyMaterialSize, byte expandedKeyMaterialSize, short effectiveKeyBytes, byte ivSize, byte blockSize) : base(code, name, cipherAlgorithmType, hashAlgorithmType, exchangeAlgorithmType, exportable, blockMode, keyMaterialSize, expandedKeyMaterialSize, effectiveKeyBytes, ivSize, blockSize)
{
int num = (hashAlgorithmType != HashAlgorithmType.Md5) ? 40 : 48;
this.pad1 = new byte[num];
this.pad2 = new byte[num];
for (int i = 0; i < num; i++)
{
this.pad1[i] = 54;
this.pad2[i] = 92;
}
}
public void SspiSelectedCipherSuite(
string process,
SslProtocols sslProtocol,
CipherAlgorithmType cipherAlgorithm,
int cipherStrength,
HashAlgorithmType hashAlgorithm,
int hashStrength,
ExchangeAlgorithmType keyExchangeAlgorithm,
int keyExchangeStrength)
{
WriteEvent(SspiSelectedCipherSuitId,
process, (int)sslProtocol, (int)cipherAlgorithm, cipherStrength,
(int)hashAlgorithm, hashStrength, (int)keyExchangeAlgorithm, keyExchangeStrength);
}
private static TlsMapping Build(
ExchangeAlgorithmType exchange,
CipherAlgorithmType cipher,
int cipherSize,
HashAlgorithmType hash)
{
int hashSize = GetHashSize(hash);
return(new TlsMapping
{
KeyExchangeAlgorithm = exchange,
CipherAlgorithm = cipher,
CipherAlgorithmStrength = cipherSize,
HashAlgorithm = hash,
HashAlgorithmStrength = hashSize,
});
}
internal SecurityPackageContextConnectionInformation(
CipherAlgorithmType algorithmIdentifier,
int cipherStrength,
int exchangeStrength,
HashAlgorithmType hash,
int hashStrength,
int keyExchangeAlgorithm,
SecurityProtocol protocol)
{
AlgorithmIdentifier = algorithmIdentifier;
CipherStrength = cipherStrength;
ExchangeStrength = exchangeStrength;
Hash = hash;
HashStrength = hashStrength;
KeyExchangeAlgorithm = keyExchangeAlgorithm;
Protocol = protocol;
}
internal SecurityPackageContextConnectionInformation (
CipherAlgorithmType algorithmIdentifier,
int cipherStrength,
int exchangeStrength,
HashAlgorithmType hash,
int hashStrength,
int keyExchangeAlgorithm,
SecurityProtocol protocol)
{
AlgorithmIdentifier = algorithmIdentifier;
CipherStrength = cipherStrength;
ExchangeStrength = exchangeStrength;
Hash = hash;
HashStrength = hashStrength;
KeyExchangeAlgorithm = keyExchangeAlgorithm;
Protocol = protocol;
}
public void Add (short code, string name, CipherAlgorithmType cipherType, HashAlgorithmType hashType, ExchangeAlgorithmType exchangeType, bool exportable,
bool blockMode, byte keyMaterialSize, byte expandedKeyMaterialSize, short effectiveKeyBytes, byte ivSize, byte blockSize)
{
switch (protocol)
{
case SecurityProtocolType.Default:
case SecurityProtocolType.Tls:
Add (new TlsCipherSuite (code, name, cipherType, hashType, exchangeType, exportable, blockMode, keyMaterialSize, expandedKeyMaterialSize, effectiveKeyBytes,
ivSize, blockSize));
break;
case SecurityProtocolType.Ssl3:
Add (new SslCipherSuite (code, name, cipherType, hashType, exchangeType, exportable, blockMode, keyMaterialSize, expandedKeyMaterialSize, effectiveKeyBytes,
ivSize, blockSize));
break;
}
}
/// <summary>
/// Gets the length in bits of the fixed part of the initialization vector. This is usually computed
/// from the premaster key. Default is 32 bits.
/// </summary>
static int GetFixedVectorLength(CipherAlgorithmType cipherAlgorithm, TlsCipherType cipherType)
{
if (cipherType == TlsCipherType.Stream)
{
return(0);
}
switch (cipherAlgorithm)
{
case CipherAlgorithmType.Rc4: return(0);
case CipherAlgorithmType.TripleDes: return(32);
case CipherAlgorithmType.Aes128:
case CipherAlgorithmType.Aes192:
case CipherAlgorithmType.Aes256: return(32);
default: return(0);
}
}
public SslCipherSuite(short code, string name, CipherAlgorithmType cipherAlgorithmType, HashAlgorithmType hashAlgorithmType,
ExchangeAlgorithmType exchangeAlgorithmType, bool exportable, bool blockMode, byte keyMaterialSize, byte expandedKeyMaterialSize,
short effectiveKeyBytes, byte ivSize, byte blockSize)
: base(
code, name, cipherAlgorithmType, hashAlgorithmType, exchangeAlgorithmType, exportable, blockMode, keyMaterialSize, expandedKeyMaterialSize,
effectiveKeyBytes, ivSize, blockSize)
{
int padLength = (hashAlgorithmType == HashAlgorithmType.Md5) ? 48 : 40;
// Fill pad arrays
this.pad1 = new byte[padLength];
this.pad2 = new byte[padLength];
/* Pad the key for inner and outer digest */
for (int i = 0; i < padLength; ++i)
{
this.pad1[i] = 0x36;
this.pad2[i] = 0x5C;
}
}
public void ServerAllowNoEncryption_ClientNoEncryption_ConnectWithNoEncryption()
{
using (var serverAllowNoEncryption = new DummyTcpServer(
new IPEndPoint(IPAddress.Loopback, 0), EncryptionPolicy.AllowNoEncryption))
using (var client = new TcpClient())
{
client.Connect(serverAllowNoEncryption.RemoteEndPoint);
using (var sslStream = new SslStream(client.GetStream(), false, AllowAnyServerCertificate, null, EncryptionPolicy.NoEncryption))
{
sslStream.AuthenticateAsClient("localhost", null, TestConfiguration.DefaultSslProtocols, false);
_log.WriteLine("Client({0}) authenticated to server({1}) with encryption cipher: {2} {3}-bit strength",
client.Client.LocalEndPoint, client.Client.RemoteEndPoint,
sslStream.CipherAlgorithm, sslStream.CipherStrength);
CipherAlgorithmType expected = CipherAlgorithmType.Null;
Assert.Equal(expected, sslStream.CipherAlgorithm);
Assert.Equal(0, sslStream.CipherStrength);
}
}
}
public async Task ServerNoEncryption_ClientAllowNoEncryption_ConnectWithNoEncryption()
{
using (var serverNoEncryption = new DummyTcpServer(
new IPEndPoint(IPAddress.Loopback, 0), EncryptionPolicy.NoEncryption))
using (var client = new TcpClient())
{
await client.ConnectAsync(serverNoEncryption.RemoteEndPoint.Address, serverNoEncryption.RemoteEndPoint.Port);
using (var sslStream = new SslStream(client.GetStream(), false, AllowAnyServerCertificate, null, EncryptionPolicy.AllowNoEncryption))
{
await sslStream.AuthenticateAsClientAsync("localhost", null, SslProtocols.Tls | SslProtocols.Tls11 | SslProtocols.Tls12, false);
_log.WriteLine("Client authenticated to server({0}) with encryption cipher: {1} {2}-bit strength",
serverNoEncryption.RemoteEndPoint, sslStream.CipherAlgorithm, sslStream.CipherStrength);
CipherAlgorithmType expected = CipherAlgorithmType.Null;
Assert.Equal(expected, sslStream.CipherAlgorithm);
Assert.Equal(0, sslStream.CipherStrength);
}
}
}
public CipherSuite Add(short code, string name, CipherAlgorithmType cipherType, HashAlgorithmType hashType, ExchangeAlgorithmType exchangeType, bool exportable, bool blockMode, byte keyMaterialSize, byte expandedKeyMaterialSize, short effectiveKeyBytes, byte ivSize, byte blockSize)
{
SecurityProtocolType securityProtocolType = this.protocol;
if (securityProtocolType != SecurityProtocolType.Default)
{
if (securityProtocolType != SecurityProtocolType.Ssl2)
{
if (securityProtocolType == SecurityProtocolType.Ssl3)
{
return(this.add(new SslCipherSuite(code, name, cipherType, hashType, exchangeType, exportable, blockMode, keyMaterialSize, expandedKeyMaterialSize, effectiveKeyBytes, ivSize, blockSize)));
}
if (securityProtocolType == SecurityProtocolType.Tls)
{
goto IL_32;
}
}
throw new NotSupportedException("Unsupported security protocol type.");
}
IL_32:
return(this.add(new TlsCipherSuite(code, name, cipherType, hashType, exchangeType, exportable, blockMode, keyMaterialSize, expandedKeyMaterialSize, effectiveKeyBytes, ivSize, blockSize)));
}
internal unsafe void SspiSelectedCipherSuite(
string process,
SslProtocols sslProtocol,
CipherAlgorithmType cipherAlgorithm,
int cipherStrength,
HashAlgorithmType hashAlgorithm,
int hashStrength,
ExchangeAlgorithmType keyExchangeAlgorithm,
int keyExchangeStrength)
{
if (!s_log.IsEnabled())
{
return;
}
fixed(char *arg1Ptr = process)
{
const int SizeData = 8;
EventData *dataDesc = stackalloc EventSource.EventData[SizeData];
dataDesc[0].DataPointer = (IntPtr)(arg1Ptr);
dataDesc[0].Size = (process.Length + 1) * sizeof(char);
dataDesc[1].DataPointer = (IntPtr)(&sslProtocol);
dataDesc[1].Size = sizeof(int);
dataDesc[2].DataPointer = (IntPtr)(&cipherAlgorithm);
dataDesc[2].Size = sizeof(int);
dataDesc[3].DataPointer = (IntPtr)(&cipherStrength);
dataDesc[3].Size = sizeof(int);
dataDesc[4].DataPointer = (IntPtr)(&hashAlgorithm);
dataDesc[4].Size = sizeof(int);
dataDesc[2].DataPointer = (IntPtr)(&hashStrength);
dataDesc[2].Size = sizeof(int);
dataDesc[3].DataPointer = (IntPtr)(&keyExchangeAlgorithm);
dataDesc[3].Size = sizeof(int);
dataDesc[4].DataPointer = (IntPtr)(&keyExchangeStrength);
dataDesc[4].Size = sizeof(int);
WriteEventCore(SspiSelectedCipherSuitId, SizeData, dataDesc);
}
}
public SslCipherSuite(
short code, string name, CipherAlgorithmType cipherAlgorithmType,
HashAlgorithmType hashAlgorithmType, ExchangeAlgorithmType exchangeAlgorithmType,
bool exportable, bool blockMode, byte keyMaterialSize,
byte expandedKeyMaterialSize, short effectiveKeyBytes,
byte ivSize, byte blockSize) :
base(code, name, cipherAlgorithmType, hashAlgorithmType,
exchangeAlgorithmType, exportable, blockMode, keyMaterialSize,
expandedKeyMaterialSize, effectiveKeyBytes, ivSize, blockSize)
{
int padLength = (hashAlgorithmType == HashAlgorithmType.Md5) ? 48 : 40;
// Fill pad arrays
this.pad1 = new byte[padLength];
this.pad2 = new byte[padLength];
/* Pad the key for inner and outer digest */
for (int i = 0; i < padLength; ++i)
{
this.pad1[i] = 0x36;
this.pad2[i] = 0x5C;
}
}
public CipherSuite(
short code, string name, CipherAlgorithmType cipherAlgorithmType,
HashAlgorithmType hashAlgorithmType, ExchangeAlgorithmType exchangeAlgorithmType,
bool exportable, bool blockMode, byte keyMaterialSize,
byte expandedKeyMaterialSize, short effectiveKeyBits,
byte ivSize, byte blockSize)
{
Code = code;
Name = name;
CipherAlgorithmType = cipherAlgorithmType;
HashAlgorithmType = hashAlgorithmType;
ExchangeAlgorithmType = exchangeAlgorithmType;
IsExportable = exportable;
if (blockMode)
{
CipherMode = CipherMode.CBC;
}
KeyMaterialSize = keyMaterialSize;
ExpandedKeyMaterialSize = expandedKeyMaterialSize;
EffectiveKeyBits = effectiveKeyBits;
IvSize = ivSize;
this.blockSize = blockSize;
KeyBlockSize = (KeyMaterialSize + HashSize + IvSize) << 1;
}
public CipherSuite Add(
short code, string name, CipherAlgorithmType cipherType,
HashAlgorithmType hashType, ExchangeAlgorithmType exchangeType,
bool exportable, bool blockMode, byte keyMaterialSize,
byte expandedKeyMaterialSize, short effectiveKeyBytes,
byte ivSize, byte blockSize)
{
switch (this.protocol)
{
case SecurityProtocolType.Default:
case SecurityProtocolType.Tls:
return this.add(
new TlsCipherSuite(
code, name, cipherType, hashType, exchangeType, exportable,
blockMode, keyMaterialSize, expandedKeyMaterialSize,
effectiveKeyBytes, ivSize, blockSize));
case SecurityProtocolType.Ssl3:
return this.add(
new SslCipherSuite(
code, name, cipherType, hashType, exchangeType, exportable,
blockMode, keyMaterialSize, expandedKeyMaterialSize,
effectiveKeyBytes, ivSize, blockSize));
case SecurityProtocolType.Ssl2:
default:
throw new NotSupportedException("Unsupported security protocol type.");
}
}
internal static TlsMapping DhStatic(CipherAlgorithmType cipher, int cipherSize, HashAlgorithmType hash) => Build(DiffieHellmanStatic, cipher, cipherSize, hash);
internal CipherParameters(CipherAlgorithmType algorithm)
{
this._handle = new SafeCipherParametersHandle(algorithm);
}
internal static TlsMapping Rsa(CipherAlgorithmType cipher, int cipherSize, HashAlgorithmType hash) => Build(ExchangeAlgorithmType.RsaKeyX, cipher, cipherSize, hash);
private void Initialize()
{
if (this.ptr == IntPtr.Zero || isInitialized)
{
return;
}
isInitialized = true;
// marshal the structure
raw = (SSL_CIPHER)Marshal.PtrToStructure(ptr, typeof(SSL_CIPHER));
// start picking the data out
bool isExport = IsExport(raw.algo_strength);
int privateKeyLength = ExportPrivateKeyLength(raw.algo_strength);
int keyLength = ExportKeyLength(raw.algorithms, raw.algo_strength);
// Get the SSL Protocol version
if ((raw.algorithms & SSL_SSLV2) == SSL_SSLV2)
{
sslProtocol = SslProtocols.Ssl2;
}
else if ((raw.algorithms & SSL_SSLV3) == SSL_SSLV3)
{
sslProtocol = SslProtocols.Tls; // SSL3 & TLS are the same here...
}
// set the keyExchange strength
keyExchangeStrength = privateKeyLength;
// Get the Key Exchange cipher and strength
switch (raw.algorithms & SSL_MKEY_MASK)
{
case SSL_kRSA:
keyExchangeAlgorithm = ExchangeAlgorithmType.RsaKeyX;
break;
case SSL_kDHr:
case SSL_kDHd:
case SSL_kEDH:
keyExchangeAlgorithm = ExchangeAlgorithmType.DiffieHellman;
break;
case SSL_kKRB5: /* VRS */
case SSL_KRB5: /* VRS */
keyExchangeAlgorithm = ExchangeAlgorithmType.Kerberos;
break;
case SSL_kFZA:
keyExchangeAlgorithm = ExchangeAlgorithmType.Fortezza;
break;
case SSL_kECDH:
case SSL_kECDHE:
keyExchangeAlgorithm = ExchangeAlgorithmType.ECDiffieHellman;
break;
}
// Get the authentication method
switch (raw.algorithms & SSL_AUTH_MASK)
{
case SSL_aRSA:
authMethod = AuthenticationMethod.Rsa;
break;
case SSL_aDSS:
authMethod = AuthenticationMethod.Dss;
break;
case SSL_aDH:
authMethod = AuthenticationMethod.DiffieHellman;
break;
case SSL_aKRB5: /* VRS */
case SSL_KRB5: /* VRS */
authMethod = AuthenticationMethod.Kerberos;
break;
case SSL_aFZA:
case SSL_aNULL:
authMethod = AuthenticationMethod.None;
break;
case SSL_aECDSA:
authMethod = AuthenticationMethod.ECDsa;
break;
}
// Get the symmetric encryption cipher info
switch (raw.algorithms & SSL_ENC_MASK)
{
case SSL_DES:
cipherAlgorithm = CipherAlgorithmType.Des;
if (isExport && keyLength == 5)
{
cipherStrength = 40;
}
else
{
cipherStrength = 56;
}
break;
case SSL_3DES:
cipherAlgorithm = CipherAlgorithmType.TripleDes;
cipherStrength = 168;
break;
case SSL_RC4:
cipherAlgorithm = CipherAlgorithmType.Rc4;
if (isExport)
{
if (keyLength == 5)
{
cipherStrength = 40;
}
else
{
cipherStrength = 56;
}
}
else
{
if ((raw.algorithm2 & SSL2_CF_8_BYTE_ENC) == SSL2_CF_8_BYTE_ENC)
{
cipherStrength = 64;
}
else
{
cipherStrength = 128;
}
}
break;
case SSL_RC2:
cipherAlgorithm = CipherAlgorithmType.Rc2;
if (isExport)
{
if (keyLength == 5)
{
cipherStrength = 40;
}
else
{
cipherStrength = 56;
}
}
else
{
cipherStrength = 128;
}
break;
case SSL_IDEA:
cipherAlgorithm = CipherAlgorithmType.Idea;
cipherStrength = 128;
break;
case SSL_eFZA:
cipherAlgorithm = CipherAlgorithmType.Fortezza;
break;
case SSL_eNULL:
cipherAlgorithm = CipherAlgorithmType.None;
break;
case SSL_AES:
switch (raw.strength_bits)
{
case 128: cipherAlgorithm = CipherAlgorithmType.Aes128; break;
case 192: cipherAlgorithm = CipherAlgorithmType.Aes192; break;
case 256: cipherAlgorithm = CipherAlgorithmType.Aes256; break;
}
break;
case SSL_CAMELLIA:
switch (raw.strength_bits)
{
case 128: cipherAlgorithm = CipherAlgorithmType.Camellia128; break;
case 256: cipherAlgorithm = CipherAlgorithmType.Camellia256; break;
}
break;
case SSL_SEED:
cipherAlgorithm = CipherAlgorithmType.Seed;
cipherStrength = 128;
break;
}
// Get the MAC info
switch (raw.algorithms & SSL_MAC_MASK)
{
case SSL_MD5:
hashAlgorithm = HashAlgorithmType.Md5;
break;
case SSL_SHA1:
hashAlgorithm = HashAlgorithmType.Sha1;
break;
default:
hashAlgorithm = HashAlgorithmType.None;
break;
}
}
public CipherSuite (
CipherSuiteCode code, CipherAlgorithmType cipherAlgorithmType,
HashAlgorithmType hashAlgorithmType, ExchangeAlgorithmType exchangeAlgorithmType)
{
Code = code;
Name = code.ToString ();
CipherAlgorithmType = cipherAlgorithmType;
HashAlgorithmType = hashAlgorithmType;
ExchangeAlgorithmType = exchangeAlgorithmType;
}
private void Initialize()
{
if (this.ptr == IntPtr.Zero || isInitialized)
{
return;
}
isInitialized = true;
// marshal the structure
raw = (SSL_CIPHER)Marshal.PtrToStructure(ptr, typeof(SSL_CIPHER));
// start picking the data out
bool isExport = IsExport(raw.algo_strength);
int privateKeyLength = ExportPrivateKeyLength(raw.algo_strength);
int keyLength = ExportKeyLength(raw.algorithm_enc, raw.algo_strength);
// Get the SSL Protocol version
if ((raw.algorithm_ssl & SSL_SSLV2) == SSL_SSLV2)
{
sslProtocol = SslProtocols.Ssl2;
}
else if ((raw.algorithm_ssl & SSL_SSLV3) == SSL_SSLV3)
{
sslProtocol = SslProtocols.Tls; // SSL3 & TLS are the same here...
}
else if ((raw.algorithm_ssl & SSL_TLSV1_2) == SSL_TLSV1_2)
{
sslProtocol = SslProtocols.Tls; // WARNING: TLSV1_2 support not fully implemented
}
// set the keyExchange strength
keyExchangeStrength = privateKeyLength;
// Get the Key Exchange cipher and strength
switch (raw.algorithm_mkey)
{
case SSL_kRSA:
keyExchangeAlgorithm = ExchangeAlgorithmType.RsaKeyX;
break;
case SSL_kDHr:
case SSL_kDHd:
case SSL_kEDH:
keyExchangeAlgorithm = ExchangeAlgorithmType.DiffieHellman;
break;
case SSL_kKRB5:
keyExchangeAlgorithm = ExchangeAlgorithmType.Kerberos;
break;
case SSL_kECDHr:
case SSL_kECDHe:
case SSL_kEECDH:
keyExchangeAlgorithm = ExchangeAlgorithmType.ECDiffieHellman;
break;
case SSL_kPSK:
keyExchangeAlgorithm = ExchangeAlgorithmType.PSK;
break;
case SSL_kGOST:
keyExchangeAlgorithm = ExchangeAlgorithmType.GOST;
break;
case SSL_kSRP:
keyExchangeAlgorithm = ExchangeAlgorithmType.SRP;
break;
}
// Get the authentication method
switch (raw.algorithm_auth)
{
case SSL_aRSA:
authMethod = AuthenticationMethod.Rsa;
break;
case SSL_aDSS:
authMethod = AuthenticationMethod.Dss;
break;
case SSL_aDH:
authMethod = AuthenticationMethod.DiffieHellman;
break;
case SSL_aKRB5: /* VRS */
authMethod = AuthenticationMethod.Kerberos;
break;
case SSL_aNULL:
authMethod = AuthenticationMethod.None;
break;
case SSL_aECDSA:
authMethod = AuthenticationMethod.ECDsa;
break;
case SSL_aPSK:
authMethod = AuthenticationMethod.PSK;
break;
case SSL_aGOST94:
authMethod = AuthenticationMethod.GOST;
break;
case SSL_aGOST01:
authMethod = AuthenticationMethod.GOST;
break;
}
// Get the symmetric encryption cipher info
switch (raw.algorithm_enc)
{
case SSL_DES:
cipherAlgorithm = CipherAlgorithmType.Des;
if (isExport && keyLength == 5)
{
cipherStrength = 40;
}
else
{
cipherStrength = 56;
}
break;
case SSL_3DES:
cipherAlgorithm = CipherAlgorithmType.TripleDes;
cipherStrength = 168;
break;
case SSL_RC4:
cipherAlgorithm = CipherAlgorithmType.Rc4;
if (isExport)
{
if (keyLength == 5)
{
cipherStrength = 40;
}
else
{
cipherStrength = 56;
}
}
else
{
if ((raw.algorithm2 & SSL2_CF_8_BYTE_ENC) == SSL2_CF_8_BYTE_ENC)
{
cipherStrength = 64;
}
else
{
cipherStrength = 128;
}
}
break;
case SSL_RC2:
cipherAlgorithm = CipherAlgorithmType.Rc2;
if (isExport)
{
if (keyLength == 5)
{
cipherStrength = 40;
}
else
{
cipherStrength = 56;
}
}
else
{
cipherStrength = 128;
}
break;
case SSL_IDEA:
cipherAlgorithm = CipherAlgorithmType.Idea;
cipherStrength = 128;
break;
case SSL_eNULL:
cipherAlgorithm = CipherAlgorithmType.None;
break;
case SSL_AES128:
cipherAlgorithm = CipherAlgorithmType.Aes128;
cipherStrength = 128;
break;
case SSL_AES256:
cipherAlgorithm = CipherAlgorithmType.Aes256;
cipherStrength = 256;
break;
case SSL_AES128GCM:
cipherAlgorithm = CipherAlgorithmType.Aes128GCM;
cipherStrength = 128;
break;
case SSL_AES256GCM:
cipherAlgorithm = CipherAlgorithmType.Aes256GCM;
cipherStrength = 256;
break;
/*
* switch (raw.strength_bits)
* {
* case 128: cipherAlgorithm = CipherAlgorithmType.Aes128; break;
* case 192: cipherAlgorithm = CipherAlgorithmType.Aes192; break;
* case 256: cipherAlgorithm = CipherAlgorithmType.Aes256; break;
* }
*/
case SSL_CAMELLIA128:
cipherAlgorithm = CipherAlgorithmType.Seed;
cipherStrength = 128;
break;
case SSL_CAMELLIA256:
cipherAlgorithm = CipherAlgorithmType.Seed;
cipherStrength = 128;
break;
/*
* switch (raw.strength_bits)
* {
* case 128: cipherAlgorithm = CipherAlgorithmType.Camellia128; break;
* case 256: cipherAlgorithm = CipherAlgorithmType.Camellia256; break;
* }
*/
case SSL_eGOST2814789CNT:
cipherAlgorithm = CipherAlgorithmType.eGOST2814789CNT;
cipherStrength = 128; // ???
break;
case SSL_SEED:
cipherAlgorithm = CipherAlgorithmType.Seed;
cipherStrength = 128;
break;
}
// Get the MAC info
switch (raw.algorithm_mac)
{
case SSL_MD5:
hashAlgorithm = HashAlgorithmType.Md5;
break;
case SSL_SHA1:
hashAlgorithm = HashAlgorithmType.Sha1;
break;
case SSL_GOST94:
hashAlgorithm = HashAlgorithmType.Gost94;
break;
case SSL_GOST89MAC:
hashAlgorithm = HashAlgorithmType.Gost89MAC;
break;
case SSL_SHA256:
hashAlgorithm = HashAlgorithmType.Sha256;
break;
case SSL_SHA384:
hashAlgorithm = HashAlgorithmType.Sha384;
break;
default:
hashAlgorithm = HashAlgorithmType.None;
break;
}
}
public TlsCipherSuite11 (
CipherSuiteCode code, CipherAlgorithmType cipherAlgorithmType,
HashAlgorithmType hashAlgorithmType, ExchangeAlgorithmType exchangeAlgorithmType)
: base (code, cipherAlgorithmType, hashAlgorithmType, exchangeAlgorithmType)
{
}
public TlsCipherSuite12(
CipherSuiteCode code, CipherAlgorithmType cipherAlgorithmType,
HashAlgorithmType hashAlgorithmType, ExchangeAlgorithmType exchangeAlgorithmType)
: base(code, cipherAlgorithmType, hashAlgorithmType, exchangeAlgorithmType)
{
}
private void Initialize()
{
if (this.ptr == IntPtr.Zero || isInitialized)
{
return;
}
isInitialized = true;
// marshal the structure
raw = (SSL_CIPHER)Marshal.PtrToStructure(ptr, typeof(SSL_CIPHER));
// start picking the data out
bool isExport = IsExport(raw.algo_strength);
int privateKeyLength = ExportPrivateKeyLength(raw.algo_strength);
int keyLength = ExportKeyLength(raw.algorithm_enc, raw.algo_strength);
// Get the SSL Protocol version
if ((raw.algorithm_ssl & SSL_SSLV2) == SSL_SSLV2)
{
sslProtocol = SslProtocols.Ssl2;
}
else if ((raw.algorithm_ssl & SSL_SSLV3) == SSL_SSLV3)
{
sslProtocol = SslProtocols.Tls; // SSL3 & TLS are the same here...
}
else if ((raw.algorithm_ssl & SSL_TLSV1_2) == SSL_TLSV1_2)
{
sslProtocol = SslProtocols.Tls; // WARNING: TLSV1_2 support not fully implemented
}
// set the keyExchange strength
keyExchangeStrength = privateKeyLength;
// Get the Key Exchange cipher and strength
switch (raw.algorithm_mkey)
{
case SSL_kRSA:
keyExchangeAlgorithm = ExchangeAlgorithmType.RsaKeyX;
break;
case SSL_kDHr:
case SSL_kDHd:
case SSL_kEDH:
keyExchangeAlgorithm = ExchangeAlgorithmType.DiffieHellman;
break;
case SSL_kKRB5:
keyExchangeAlgorithm = ExchangeAlgorithmType.Kerberos;
break;
case SSL_kECDHr:
case SSL_kECDHe:
case SSL_kEECDH:
keyExchangeAlgorithm = ExchangeAlgorithmType.ECDiffieHellman;
break;
case SSL_kPSK:
keyExchangeAlgorithm = ExchangeAlgorithmType.PSK;
break;
case SSL_kGOST:
keyExchangeAlgorithm = ExchangeAlgorithmType.GOST;
break;
case SSL_kSRP:
keyExchangeAlgorithm = ExchangeAlgorithmType.SRP;
break;
}
// Get the authentication method
switch (raw.algorithm_auth)
{
case SSL_aRSA:
authMethod = AuthenticationMethod.Rsa;
break;
case SSL_aDSS:
authMethod = AuthenticationMethod.Dss;
break;
case SSL_aDH:
authMethod = AuthenticationMethod.DiffieHellman;
break;
case SSL_aKRB5: /* VRS */
authMethod = AuthenticationMethod.Kerberos;
break;
case SSL_aNULL:
authMethod = AuthenticationMethod.None;
break;
case SSL_aECDSA:
authMethod = AuthenticationMethod.ECDsa;
break;
case SSL_aPSK:
authMethod = AuthenticationMethod.PSK;
break;
case SSL_aGOST94:
authMethod = AuthenticationMethod.GOST;
break;
case SSL_aGOST01:
authMethod = AuthenticationMethod.GOST;
break;
}
// Get the symmetric encryption cipher info
switch (raw.algorithm_enc)
{
case SSL_DES:
cipherAlgorithm = CipherAlgorithmType.Des;
if (isExport && keyLength == 5)
{
cipherStrength = 40;
}
else
{
cipherStrength = 56;
}
break;
case SSL_3DES:
cipherAlgorithm = CipherAlgorithmType.TripleDes;
cipherStrength = 168;
break;
case SSL_RC4:
cipherAlgorithm = CipherAlgorithmType.Rc4;
if (isExport)
{
if (keyLength == 5)
{
cipherStrength = 40;
}
else
{
cipherStrength = 56;
}
}
else
{
if ((raw.algorithm2 & SSL2_CF_8_BYTE_ENC) == SSL2_CF_8_BYTE_ENC)
{
cipherStrength = 64;
}
else
{
cipherStrength = 128;
}
}
break;
case SSL_RC2:
cipherAlgorithm = CipherAlgorithmType.Rc2;
if (isExport)
{
if (keyLength == 5)
{
cipherStrength = 40;
}
else
{
cipherStrength = 56;
}
}
else
{
cipherStrength = 128;
}
break;
case SSL_IDEA:
cipherAlgorithm = CipherAlgorithmType.Idea;
cipherStrength = 128;
break;
case SSL_eNULL:
cipherAlgorithm = CipherAlgorithmType.None;
break;
case SSL_AES128:
cipherAlgorithm = CipherAlgorithmType.Aes128;
cipherStrength = 128;
break;
case SSL_AES256:
cipherAlgorithm = CipherAlgorithmType.Aes256;
cipherStrength = 256;
break;
case SSL_AES128GCM:
cipherAlgorithm = CipherAlgorithmType.Aes128GCM;
cipherStrength = 128;
break;
case SSL_AES256GCM:
cipherAlgorithm = CipherAlgorithmType.Aes256GCM;
cipherStrength = 256;
break;
/*
switch (raw.strength_bits)
{
case 128: cipherAlgorithm = CipherAlgorithmType.Aes128; break;
case 192: cipherAlgorithm = CipherAlgorithmType.Aes192; break;
case 256: cipherAlgorithm = CipherAlgorithmType.Aes256; break;
}
*/
case SSL_CAMELLIA128:
cipherAlgorithm = CipherAlgorithmType.Seed;
cipherStrength = 128;
break;
case SSL_CAMELLIA256:
cipherAlgorithm = CipherAlgorithmType.Seed;
cipherStrength = 128;
break;
/*
switch (raw.strength_bits)
{
case 128: cipherAlgorithm = CipherAlgorithmType.Camellia128; break;
case 256: cipherAlgorithm = CipherAlgorithmType.Camellia256; break;
}
*/
case SSL_eGOST2814789CNT:
cipherAlgorithm = CipherAlgorithmType.eGOST2814789CNT;
cipherStrength = 128; // ???
break;
case SSL_SEED:
cipherAlgorithm = CipherAlgorithmType.Seed;
cipherStrength = 128;
break;
}
// Get the MAC info
switch (raw.algorithm_mac)
{
case SSL_MD5:
hashAlgorithm = HashAlgorithmType.Md5;
break;
case SSL_SHA1:
hashAlgorithm = HashAlgorithmType.Sha1;
break;
case SSL_GOST94:
hashAlgorithm = HashAlgorithmType.Gost94;
break;
case SSL_GOST89MAC:
hashAlgorithm = HashAlgorithmType.Gost89MAC;
break;
case SSL_SHA256:
hashAlgorithm = HashAlgorithmType.Sha256;
break;
case SSL_SHA384:
hashAlgorithm = HashAlgorithmType.Sha384;
break;
default:
hashAlgorithm = HashAlgorithmType.None;
break;
}
}
internal static TlsMapping DhEphem(CipherAlgorithmType cipher, int cipherSize, HashAlgorithmType hash) => Build(ExchangeAlgorithmType.DiffieHellman, cipher, cipherSize, hash);
internal AesCipherParameters(CipherAlgorithmType algorithm) : base(algorithm)
{
}
private void Initialize()
{
if (this.ptr == IntPtr.Zero || isInitialized)
{
return;
}
isInitialized = true;
// marshal the structure
raw = (SSL_CIPHER)Marshal.PtrToStructure(ptr, typeof(SSL_CIPHER));
// start picking the data out
bool isExport = IsExport(raw.algo_strength);
int privateKeyLength = ExportPrivateKeyLength(raw.algo_strength);
int keyLength = ExportKeyLength(raw.algorithms, raw.algo_strength);
// Get the SSL Protocol version
if ((raw.algorithms & SSL_SSLV2) == SSL_SSLV2)
{
sslProtocol = SslProtocols.Ssl2;
}
else if ((raw.algorithms & SSL_SSLV3) == SSL_SSLV3)
{
sslProtocol = SslProtocols.Tls; // SSL3 & TLS are the same here...
}
// set the keyExchange strength
keyExchangeStrength = privateKeyLength;
// Get the Key Exchange cipher and strength
switch (raw.algorithms & SSL_MKEY_MASK)
{
case SSL_kRSA:
keyExchangeAlgorithm = ExchangeAlgorithmType.RsaKeyX;
break;
case SSL_kDHr:
case SSL_kDHd:
case SSL_kEDH:
keyExchangeAlgorithm = ExchangeAlgorithmType.DiffieHellman;
break;
case SSL_kKRB5: /* VRS */
case SSL_KRB5: /* VRS */
keyExchangeAlgorithm = ExchangeAlgorithmType.Kerberos;
break;
case SSL_kFZA:
keyExchangeAlgorithm = ExchangeAlgorithmType.Fortezza;
break;
case SSL_kECDH:
case SSL_kECDHE:
keyExchangeAlgorithm = ExchangeAlgorithmType.ECDiffieHellman;
break;
}
// Get the authentication method
switch (raw.algorithms & SSL_AUTH_MASK)
{
case SSL_aRSA:
authMethod = AuthenticationMethod.Rsa;
break;
case SSL_aDSS:
authMethod = AuthenticationMethod.Dss;
break;
case SSL_aDH:
authMethod = AuthenticationMethod.DiffieHellman;
break;
case SSL_aKRB5: /* VRS */
case SSL_KRB5: /* VRS */
authMethod = AuthenticationMethod.Kerberos;
break;
case SSL_aFZA:
case SSL_aNULL:
authMethod = AuthenticationMethod.None;
break;
case SSL_aECDSA:
authMethod = AuthenticationMethod.ECDsa;
break;
}
// Get the symmetric encryption cipher info
switch (raw.algorithms & SSL_ENC_MASK)
{
case SSL_DES:
cipherAlgorithm = CipherAlgorithmType.Des;
if (isExport && keyLength == 5)
{
cipherStrength = 40;
}
else
{
cipherStrength = 56;
}
break;
case SSL_3DES:
cipherAlgorithm = CipherAlgorithmType.TripleDes;
cipherStrength = 168;
break;
case SSL_RC4:
cipherAlgorithm = CipherAlgorithmType.Rc4;
if (isExport)
{
if (keyLength == 5)
{
cipherStrength = 40;
}
else
{
cipherStrength = 56;
}
}
else
{
if ((raw.algorithm2 & SSL2_CF_8_BYTE_ENC) == SSL2_CF_8_BYTE_ENC)
{
cipherStrength = 64;
}
else
{
cipherStrength = 128;
}
}
break;
case SSL_RC2:
cipherAlgorithm = CipherAlgorithmType.Rc2;
if (isExport)
{
if (keyLength == 5)
{
cipherStrength = 40;
}
else
{
cipherStrength = 56;
}
}
else
{
cipherStrength = 128;
}
break;
case SSL_IDEA:
cipherAlgorithm = CipherAlgorithmType.Idea;
cipherStrength = 128;
break;
case SSL_eFZA:
cipherAlgorithm = CipherAlgorithmType.Fortezza;
break;
case SSL_eNULL:
cipherAlgorithm = CipherAlgorithmType.None;
break;
case SSL_AES:
switch (raw.strength_bits)
{
case 128: cipherAlgorithm = CipherAlgorithmType.Aes128; break;
case 192: cipherAlgorithm = CipherAlgorithmType.Aes192; break;
case 256: cipherAlgorithm = CipherAlgorithmType.Aes256; break;
}
break;
case SSL_CAMELLIA:
switch (raw.strength_bits)
{
case 128: cipherAlgorithm = CipherAlgorithmType.Camellia128; break;
case 256: cipherAlgorithm = CipherAlgorithmType.Camellia256; break;
}
break;
case SSL_SEED:
cipherAlgorithm = CipherAlgorithmType.Seed;
cipherStrength = 128;
break;
}
// Get the MAC info
switch (raw.algorithms & SSL_MAC_MASK)
{
case SSL_MD5:
hashAlgorithm = HashAlgorithmType.Md5;
break;
case SSL_SHA1:
hashAlgorithm = HashAlgorithmType.Sha1;
break;
default:
hashAlgorithm = HashAlgorithmType.None;
break;
}
}
internal unsafe void SspiSelectedCipherSuite(
string process,
SslProtocols sslProtocol,
CipherAlgorithmType cipherAlgorithm,
int cipherStrength,
HashAlgorithmType hashAlgorithm,
int hashStrength,
ExchangeAlgorithmType keyExchangeAlgorithm,
int keyExchangeStrength)
{
if (!s_log.IsEnabled())
{
return;
}
fixed (char* arg1Ptr = process)
{
const int SizeData = 8;
EventData* dataDesc = stackalloc EventSource.EventData[SizeData];
dataDesc[0].DataPointer = (IntPtr)(arg1Ptr);
dataDesc[0].Size = (process.Length + 1) * sizeof(char);
dataDesc[1].DataPointer = (IntPtr)(&sslProtocol);
dataDesc[1].Size = sizeof(int);
dataDesc[2].DataPointer = (IntPtr)(&cipherAlgorithm);
dataDesc[2].Size = sizeof(int);
dataDesc[3].DataPointer = (IntPtr)(&cipherStrength);
dataDesc[3].Size = sizeof(int);
dataDesc[4].DataPointer = (IntPtr)(&hashAlgorithm);
dataDesc[4].Size = sizeof(int);
dataDesc[2].DataPointer = (IntPtr)(&hashStrength);
dataDesc[2].Size = sizeof(int);
dataDesc[3].DataPointer = (IntPtr)(&keyExchangeAlgorithm);
dataDesc[3].Size = sizeof(int);
dataDesc[4].DataPointer = (IntPtr)(&keyExchangeStrength);
dataDesc[4].Size = sizeof(int);
WriteEventCore(SspiSelectedCipherSuitId, SizeData, dataDesc);
}
}
public CipherSuite(
short code, string name, CipherAlgorithmType cipherAlgorithmType,
HashAlgorithmType hashAlgorithmType, ExchangeAlgorithmType exchangeAlgorithmType,
bool exportable, bool blockMode, byte keyMaterialSize,
byte expandedKeyMaterialSize, short effectiveKeyBits,
byte ivSize, byte blockSize)
{
this.code = code;
this.name = name;
this.cipherAlgorithmType = cipherAlgorithmType;
this.hashAlgorithmType = hashAlgorithmType;
this.exchangeAlgorithmType = exchangeAlgorithmType;
this.isExportable = exportable;
if (blockMode)
{
this.cipherMode = CipherMode.CBC;
}
this.keyMaterialSize = keyMaterialSize;
this.expandedKeyMaterialSize= expandedKeyMaterialSize;
this.effectiveKeyBits = effectiveKeyBits;
this.ivSize = ivSize;
this.blockSize = blockSize;
this.keyBlockSize = (this.keyMaterialSize + this.HashSize + this.ivSize) << 1;
}
