public void ChangeCipherSuite(Byte[] data, out ConversationCipherSuite cipherSuite)
{
try
{
var len = new Byte[2];
Array.Copy(data, 3, len, 0, 2);
Array.Reverse(len);
// 1 byte for type
// 2 bytes tls/ssl version
// 2 bytes PDU length
var offset = 5;
len = new Byte[4];
// only 3 bytes are used so offset is 1
Array.Copy(data, offset + 1, len, 1, 3);
Array.Reverse(len);
// Should be server hello message
// 71-72 position of bytes in Server hello message that inform about ciphersuite
len = new Byte[2];
Array.Copy(data, offset + 71, len, 0, 2);
Array.Reverse(len);
var cs = BitConverter.ToInt16(len, 0);
cipherSuite = (ConversationCipherSuite)cs;
}
catch (IndexOutOfRangeException e)
{
PmConsolePrinter.PrintError("PDUDecrypter : Problem when parsing ServerHello : " + e.Message);
cipherSuite = ConversationCipherSuite.TlsNullWithNullNull;
}
}
public static void PrepareDecryptingAlgorithms(String serverPk, ConversationCipherSuite cipherSuite, out KeyDecrypter keyDecrypter, out DataDecrypter dataDecrypter)
{
// TODO For now every key exchange algorithm is either RSA or not supported
var infoMsg = " CipherSuite not implemented yet.";
keyDecrypter = new RsaDecrypter(serverPk);
switch (cipherSuite)
{
case ConversationCipherSuite.TlsRsaExport1024WithRc456Md5:
throw new NotImplementedException(cipherSuite + infoMsg);
case ConversationCipherSuite.TlsRsaWith3DesEdeCbcSha:
throw new NotImplementedException(cipherSuite + infoMsg);
case ConversationCipherSuite.TlsRsaWithAes128CbcSha:
dataDecrypter = new AesDecrypter(CipherMode.Cbc);
dataDecrypter.Digest = new Sha1Digest();
dataDecrypter.KeyLength = 128 / 8;
dataDecrypter.IvLength = 16;
dataDecrypter.MacKeyLength = 20;
break;
case ConversationCipherSuite.TlsRsaWithAes256CbcSha:
dataDecrypter = new AesDecrypter(CipherMode.Cbc);
dataDecrypter.Digest = new Sha1Digest();
dataDecrypter.MacKeyLength = 20;
dataDecrypter.KeyLength = 256 / 8;
dataDecrypter.IvLength = 16;
break;
case ConversationCipherSuite.TlsRsaWithAes128CbcSha256:
dataDecrypter = new AesDecrypter(CipherMode.Cbc);
dataDecrypter.Digest = new Sha256Digest();
dataDecrypter.KeyLength = 128 / 8;
dataDecrypter.IvLength = 16;
dataDecrypter.MacKeyLength = 32;
break;
case ConversationCipherSuite.TlsRsaWithAes256CbcSha256:
dataDecrypter = new AesDecrypter(CipherMode.Cbc);
dataDecrypter.Digest = new Sha256Digest();
dataDecrypter.KeyLength = 256 / 8;
dataDecrypter.IvLength = 16;
dataDecrypter.MacKeyLength = 32;
break;
case ConversationCipherSuite.TlsRsaWithAes128GcmSha256:
dataDecrypter = new AesDecrypter(CipherMode.Gcm);
dataDecrypter.Digest = new Sha256Digest();
dataDecrypter.KeyLength = 128 / 8;
dataDecrypter.IvLength = 16;
dataDecrypter.MacKeyLength = 32;
break;
case ConversationCipherSuite.TlsRsaWithAes256GcmSha384:
dataDecrypter = new AesDecrypter(CipherMode.Gcm);
dataDecrypter.Digest = new Sha384Digest();
dataDecrypter.KeyLength = 256 / 8;
dataDecrypter.IvLength = 16;
dataDecrypter.MacKeyLength = 48;
break;
case ConversationCipherSuite.TlsRsaWithCamellia128CbcSha:
throw new NotImplementedException(cipherSuite + infoMsg);
case ConversationCipherSuite.TlsRsaWithCamellia128CbcSha256:
throw new NotImplementedException(cipherSuite + infoMsg);
case ConversationCipherSuite.TlsRsaWithCamellia256CbcSha:
throw new NotImplementedException(cipherSuite + infoMsg);
case ConversationCipherSuite.TlsRsaWithCamellia256CbcSha256:
throw new NotImplementedException(cipherSuite + infoMsg);
case ConversationCipherSuite.TlsRsaWithDesCbcSha:
throw new NotImplementedException(cipherSuite + infoMsg);
case ConversationCipherSuite.TlsRsaWithEstreamSalsa20Sha1:
throw new NotImplementedException(cipherSuite + infoMsg);
case ConversationCipherSuite.TlsRsaWithIdeaCbcSha:
throw new NotImplementedException(cipherSuite + infoMsg);
case ConversationCipherSuite.TlsRsaWithRc4128Md5:
dataDecrypter = new Rc4Decrypter(CipherMode.Stream);
dataDecrypter.Digest = new MD5Digest();
dataDecrypter.KeyLength = 128 / 8;
dataDecrypter.IvLength = 0;
dataDecrypter.MacKeyLength = 16;
break;
case ConversationCipherSuite.TlsRsaWithRc4128Sha:
dataDecrypter = new Rc4Decrypter(CipherMode.Stream);
dataDecrypter.Digest = new Sha1Digest();
dataDecrypter.KeyLength = 128 / 8;
dataDecrypter.IvLength = 0;
dataDecrypter.MacKeyLength = 20;
break;
case ConversationCipherSuite.TlsRsaWithSalsa20Sha1:
throw new NotImplementedException(cipherSuite + infoMsg);
default:
throw new NotImplementedException(cipherSuite + infoMsg);
}
dataDecrypter.ClientSeq = 0;
dataDecrypter.ServerSeq = 0;
}
