public void ChangeCipherSuite(Byte[] data, out ConversationCipherSuite cipherSuite) { try { var len = new Byte[2]; Array.Copy(data, 3, len, 0, 2); Array.Reverse(len); // 1 byte for type // 2 bytes tls/ssl version // 2 bytes PDU length var offset = 5; len = new Byte[4]; // only 3 bytes are used so offset is 1 Array.Copy(data, offset + 1, len, 1, 3); Array.Reverse(len); // Should be server hello message // 71-72 position of bytes in Server hello message that inform about ciphersuite len = new Byte[2]; Array.Copy(data, offset + 71, len, 0, 2); Array.Reverse(len); var cs = BitConverter.ToInt16(len, 0); cipherSuite = (ConversationCipherSuite)cs; } catch (IndexOutOfRangeException e) { PmConsolePrinter.PrintError("PDUDecrypter : Problem when parsing ServerHello : " + e.Message); cipherSuite = ConversationCipherSuite.TlsNullWithNullNull; } }
public static void PrepareDecryptingAlgorithms(String serverPk, ConversationCipherSuite cipherSuite, out KeyDecrypter keyDecrypter, out DataDecrypter dataDecrypter) { // TODO For now every key exchange algorithm is either RSA or not supported var infoMsg = " CipherSuite not implemented yet."; keyDecrypter = new RsaDecrypter(serverPk); switch (cipherSuite) { case ConversationCipherSuite.TlsRsaExport1024WithRc456Md5: throw new NotImplementedException(cipherSuite + infoMsg); case ConversationCipherSuite.TlsRsaWith3DesEdeCbcSha: throw new NotImplementedException(cipherSuite + infoMsg); case ConversationCipherSuite.TlsRsaWithAes128CbcSha: dataDecrypter = new AesDecrypter(CipherMode.Cbc); dataDecrypter.Digest = new Sha1Digest(); dataDecrypter.KeyLength = 128 / 8; dataDecrypter.IvLength = 16; dataDecrypter.MacKeyLength = 20; break; case ConversationCipherSuite.TlsRsaWithAes256CbcSha: dataDecrypter = new AesDecrypter(CipherMode.Cbc); dataDecrypter.Digest = new Sha1Digest(); dataDecrypter.MacKeyLength = 20; dataDecrypter.KeyLength = 256 / 8; dataDecrypter.IvLength = 16; break; case ConversationCipherSuite.TlsRsaWithAes128CbcSha256: dataDecrypter = new AesDecrypter(CipherMode.Cbc); dataDecrypter.Digest = new Sha256Digest(); dataDecrypter.KeyLength = 128 / 8; dataDecrypter.IvLength = 16; dataDecrypter.MacKeyLength = 32; break; case ConversationCipherSuite.TlsRsaWithAes256CbcSha256: dataDecrypter = new AesDecrypter(CipherMode.Cbc); dataDecrypter.Digest = new Sha256Digest(); dataDecrypter.KeyLength = 256 / 8; dataDecrypter.IvLength = 16; dataDecrypter.MacKeyLength = 32; break; case ConversationCipherSuite.TlsRsaWithAes128GcmSha256: dataDecrypter = new AesDecrypter(CipherMode.Gcm); dataDecrypter.Digest = new Sha256Digest(); dataDecrypter.KeyLength = 128 / 8; dataDecrypter.IvLength = 16; dataDecrypter.MacKeyLength = 32; break; case ConversationCipherSuite.TlsRsaWithAes256GcmSha384: dataDecrypter = new AesDecrypter(CipherMode.Gcm); dataDecrypter.Digest = new Sha384Digest(); dataDecrypter.KeyLength = 256 / 8; dataDecrypter.IvLength = 16; dataDecrypter.MacKeyLength = 48; break; case ConversationCipherSuite.TlsRsaWithCamellia128CbcSha: throw new NotImplementedException(cipherSuite + infoMsg); case ConversationCipherSuite.TlsRsaWithCamellia128CbcSha256: throw new NotImplementedException(cipherSuite + infoMsg); case ConversationCipherSuite.TlsRsaWithCamellia256CbcSha: throw new NotImplementedException(cipherSuite + infoMsg); case ConversationCipherSuite.TlsRsaWithCamellia256CbcSha256: throw new NotImplementedException(cipherSuite + infoMsg); case ConversationCipherSuite.TlsRsaWithDesCbcSha: throw new NotImplementedException(cipherSuite + infoMsg); case ConversationCipherSuite.TlsRsaWithEstreamSalsa20Sha1: throw new NotImplementedException(cipherSuite + infoMsg); case ConversationCipherSuite.TlsRsaWithIdeaCbcSha: throw new NotImplementedException(cipherSuite + infoMsg); case ConversationCipherSuite.TlsRsaWithRc4128Md5: dataDecrypter = new Rc4Decrypter(CipherMode.Stream); dataDecrypter.Digest = new MD5Digest(); dataDecrypter.KeyLength = 128 / 8; dataDecrypter.IvLength = 0; dataDecrypter.MacKeyLength = 16; break; case ConversationCipherSuite.TlsRsaWithRc4128Sha: dataDecrypter = new Rc4Decrypter(CipherMode.Stream); dataDecrypter.Digest = new Sha1Digest(); dataDecrypter.KeyLength = 128 / 8; dataDecrypter.IvLength = 0; dataDecrypter.MacKeyLength = 20; break; case ConversationCipherSuite.TlsRsaWithSalsa20Sha1: throw new NotImplementedException(cipherSuite + infoMsg); default: throw new NotImplementedException(cipherSuite + infoMsg); } dataDecrypter.ClientSeq = 0; dataDecrypter.ServerSeq = 0; }