public static bool VerifySignature(SignatureAndHashAlgorithm type, SecureBuffer data, AsymmetricAlgorithm key, SecureBuffer signature)
{
using (var d = new DisposeContext()) {
var algorithm = d.Add((HashAlgorithm)GetAlgorithm(type.Hash));
algorithm.TransformFinalBlock(data.Buffer, 0, data.Size);
return(VerifySignature(type, algorithm, d.Add(algorithm.Hash), key, signature));
}
}
protected override void EncryptRecord(DisposeContext d, IBufferOffsetSize input)
{
ICryptoTransform cipher;
if (!Cipher.HasFixedIV)
{
EncryptionAlgorithm.GenerateIV();
cipher = d.Add(EncryptionAlgorithm.CreateEncryptor());
}
else
{
cipher = encryptionCipher;
}
if (!Cipher.HasFixedIV)
{
Buffer.BlockCopy(EncryptionAlgorithm.IV, 0, input.Buffer, input.Offset, BlockSize);
}
var ret = cipher.TransformBlock(input.Buffer, input.Offset + HeaderSize, input.Size - HeaderSize, input.Buffer, input.Offset + HeaderSize);
if (ret <= 0 || ret != input.Size - HeaderSize)
{
throw new InvalidOperationException();
}
if (Cipher.HasFixedIV)
{
var IV = new byte [BlockSize];
Buffer.BlockCopy(input.Buffer, input.Offset + input.Size - BlockSize, IV, 0, BlockSize);
EncryptionAlgorithm.IV = IV;
}
}
protected override int DecryptRecord(DisposeContext d, IBufferOffsetSize input, IBufferOffsetSize output)
{
if ((input.Size % BlockSize) != 0)
{
return(-1);
}
int ivSize;
ICryptoTransform cipher;
if (!Cipher.HasFixedIV)
{
var IV = new byte [BlockSize];
Buffer.BlockCopy(input.Buffer, input.Offset, IV, 0, BlockSize);
ivSize = BlockSize;
DecryptionAlgorithm.IV = IV;
cipher = d.Add(DecryptionAlgorithm.CreateDecryptor());
}
else
{
ivSize = 0;
cipher = decryptionCipher;
}
var ret = cipher.TransformBlock(input.Buffer, input.Offset + ivSize, input.Size - ivSize, output.Buffer, output.Offset);
if (ret <= 0 || ret != input.Size - ivSize)
{
return(-1);
}
return(ret);
}
protected override SecureBuffer PRF(DisposeContext d, SecureBuffer secret, string label, SecureBuffer data, int length)
{
/* Secret Length calc exmplain from the RFC2246. Section 5
*
* S1 and S2 are the two halves of the secret and each is the same
* length. S1 is taken from the first half of the secret, S2 from the
* second half. Their length is created by rounding up the length of the
* overall secret divided by two; thus, if the original secret is an odd
* number of bytes long, the last byte of S1 will be the same as the
* first byte of S2.
*/
// split secret in 2
int secretLen = secret.Size >> 1;
// rounding up
if ((secret.Size & 0x1) == 0x1)
{
secretLen++;
}
// Secret 1
var secret1 = d.CreateBuffer(secretLen);
Buffer.BlockCopy(secret.Buffer, 0, secret1.Buffer, 0, secretLen);
// Secret2
var secret2 = d.CreateBuffer(secretLen);
Buffer.BlockCopy(secret.Buffer, (secret.Size - secretLen), secret2.Buffer, 0, secretLen);
// Secret 1 processing
var p_md5 = d.Add(Expand(d, HMac.Create(HashAlgorithmType.Md5, secret1), label, data, length));
// Secret 2 processing
var p_sha = d.Add(Expand(d, HMac.Create(HashAlgorithmType.Sha1, secret2), label, data, length));
// Perfor XOR of both results
var masterSecret = new SecureBuffer(length);
for (int i = 0; i < length; i++)
{
masterSecret.Buffer[i] = (byte)(p_md5.Buffer[i] ^ p_sha.Buffer[i]);
}
return(masterSecret);
}
static byte[] CreateHash (HashAlgorithmType type, SecureBuffer data)
{
if (!HashAlgorithmProvider.IsAlgorithmSupported (type))
throw new TlsException (AlertDescription.IlegalParameter);
using (var d = new DisposeContext ()) {
var algorithm = d.Add (HashAlgorithmProvider.CreateAlgorithm (type));
algorithm.TransformBlock (data.Buffer, 0, data.Size);
return algorithm.GetRunningHash ();
}
}
static byte[] CreateHash(HashAlgorithmType type, SecureBuffer data)
{
if (!HashAlgorithmProvider.IsAlgorithmSupported(type))
{
throw new TlsException(AlertDescription.IlegalParameter);
}
using (var d = new DisposeContext()) {
var algorithm = d.Add(HashAlgorithmProvider.CreateAlgorithm(type));
algorithm.TransformBlock(data.Buffer, 0, data.Size);
return(algorithm.GetRunningHash());
}
}
protected override SecureBuffer PRF (DisposeContext d, SecureBuffer secret, string label, SecureBuffer data, int length)
{
/* Secret Length calc exmplain from the RFC2246. Section 5
*
* S1 and S2 are the two halves of the secret and each is the same
* length. S1 is taken from the first half of the secret, S2 from the
* second half. Their length is created by rounding up the length of the
* overall secret divided by two; thus, if the original secret is an odd
* number of bytes long, the last byte of S1 will be the same as the
* first byte of S2.
*/
// split secret in 2
int secretLen = secret.Size >> 1;
// rounding up
if ((secret.Size & 0x1) == 0x1)
secretLen++;
// Secret 1
var secret1 = d.CreateBuffer (secretLen);
Buffer.BlockCopy (secret.Buffer, 0, secret1.Buffer, 0, secretLen);
// Secret2
var secret2 = d.CreateBuffer (secretLen);
Buffer.BlockCopy (secret.Buffer, (secret.Size - secretLen), secret2.Buffer, 0, secretLen);
// Secret 1 processing
var p_md5 = d.Add (Expand (d, HMac.Create (HashAlgorithmType.Md5, secret1), label, data, length));
// Secret 2 processing
var p_sha = d.Add (Expand (d, HMac.Create (HashAlgorithmType.Sha1, secret2), label, data, length));
// Perfor XOR of both results
var masterSecret = new SecureBuffer (length);
for (int i = 0; i < length; i++)
masterSecret.Buffer[i] = (byte)(p_md5.Buffer[i] ^ p_sha.Buffer[i]);
return masterSecret;
}
protected override void EncryptRecord(DisposeContext d, IBufferOffsetSize buffer)
{
ICryptoTransform cipher;
if (!Cipher.HasFixedIV)
{
EncryptionAlgorithm.GenerateIV();
cipher = d.Add(EncryptionAlgorithm.CreateEncryptor());
}
else
{
cipher = encryptionCipher;
}
if (!Cipher.HasFixedIV)
{
Buffer.BlockCopy(EncryptionAlgorithm.IV, 0, buffer.Buffer, buffer.Offset, BlockSize);
}
cipher.TransformBlock(buffer.Buffer, buffer.Offset + HeaderSize, buffer.Size - HeaderSize, buffer.Buffer, buffer.Offset + HeaderSize);
}
public TlsBuffer ComputeKeyExpansion(DisposeContext d, SecureBuffer masterSecret, SecureBuffer sc, int size)
{
var buffer = d.Add(PRF(d, masterSecret, "key expansion", sc, size));
return(new TlsBuffer(buffer.Buffer));
}
protected override int DecryptRecord (DisposeContext d, IBufferOffsetSize input, IBufferOffsetSize output)
{
if ((input.Size % BlockSize) != 0)
return -1;
int ivSize;
ICryptoTransform cipher;
if (!Cipher.HasFixedIV) {
var IV = new byte [BlockSize];
Buffer.BlockCopy (input.Buffer, input.Offset, IV, 0, BlockSize);
ivSize = BlockSize;
DecryptionAlgorithm.IV = IV;
cipher = d.Add (DecryptionAlgorithm.CreateDecryptor ());
} else {
ivSize = 0;
cipher = decryptionCipher;
}
var ret = cipher.TransformBlock (input.Buffer, input.Offset + ivSize, input.Size - ivSize, output.Buffer, output.Offset);
if (ret <= 0 || ret != input.Size - ivSize)
return -1;
if (Cipher.HasFixedIV) {
var IV = new byte [BlockSize];
Buffer.BlockCopy (input.Buffer, input.Offset + input.Size - BlockSize, IV, 0, BlockSize);
DecryptionAlgorithm.IV = IV;
}
return ret;
}
protected override void EncryptRecord (DisposeContext d, IBufferOffsetSize input)
{
ICryptoTransform cipher;
if (!Cipher.HasFixedIV) {
EncryptionAlgorithm.GenerateIV ();
cipher = d.Add (EncryptionAlgorithm.CreateEncryptor ());
} else {
cipher = encryptionCipher;
}
if (!Cipher.HasFixedIV)
Buffer.BlockCopy (EncryptionAlgorithm.IV, 0, input.Buffer, input.Offset, BlockSize);
var ret = cipher.TransformBlock (input.Buffer, input.Offset + HeaderSize, input.Size - HeaderSize, input.Buffer, input.Offset + HeaderSize);
if (ret <= 0 || ret != input.Size - HeaderSize)
throw new InvalidOperationException ();
if (Cipher.HasFixedIV) {
var IV = new byte [BlockSize];
Buffer.BlockCopy (input.Buffer, input.Offset + input.Size - BlockSize, IV, 0, BlockSize);
EncryptionAlgorithm.IV = IV;
}
}
public TlsBuffer ComputeKeyExpansion (DisposeContext d, SecureBuffer masterSecret, SecureBuffer sc, int size)
{
var buffer = d.Add (PRF (d, masterSecret, "key expansion", sc, size));
return new TlsBuffer (buffer.Buffer);
}
