protected override void ProcessAsSsl3()
{
AsymmetricAlgorithm privKey = null;
ClientContext context = (ClientContext)this.Context;
privKey = context.SslStream.RaisePrivateKeySelection(
context.ClientSettings.ClientCertificate,
context.ClientSettings.TargetHost);
if (privKey == null)
{
throw new TlsException(AlertDescription.UserCancelled, "Client certificate Private Key unavailable.");
}
else
{
SslHandshakeHash hash = new SslHandshakeHash(context.MasterSecret);
hash.TransformFinalBlock(
context.HandshakeMessages.ToArray(),
0,
(int)context.HandshakeMessages.Length);
// RSAManaged of the selected ClientCertificate
// (at this moment the first one)
RSA rsa = this.getClientCertRSA((RSA)privKey);
// Write message
byte[] signature = hash.CreateSignature(rsa);
this.Write((short)signature.Length);
this.Write(signature, 0, signature.Length);
}
}
protected override void ProcessAsSsl3()
{
// Compute handshake messages hashes
HashAlgorithm hash = new SslHandshakeHash(this.Context.MasterSecret);
TlsStream data = new TlsStream();
data.Write(this.Context.HandshakeMessages.ToArray());
data.Write((int)0x53525652);
hash.TransformFinalBlock(data.ToArray(), 0, (int)data.Length);
data.Reset();
byte[] serverHash = this.ReadBytes((int)Length);
byte[] clientHash = hash.Hash;
// Check server prf against client prf
if (clientHash.Length != serverHash.Length)
{
#warning Review that selected alert is correct
throw new TlsException(AlertDescription.InsuficientSecurity, "Invalid ServerFinished message received.");
}
for (int i = 0; i < serverHash.Length; i++)
{
if (clientHash[i] != serverHash[i])
{
throw new TlsException(AlertDescription.InsuficientSecurity, "Invalid ServerFinished message received.");
}
}
}
protected override void ProcessAsSsl3()
{
AsymmetricAlgorithm asymmetricAlgorithm = null;
ClientContext clientContext = (ClientContext)base.Context;
asymmetricAlgorithm = clientContext.SslStream.RaisePrivateKeySelection(clientContext.ClientSettings.ClientCertificate, clientContext.ClientSettings.TargetHost);
if (asymmetricAlgorithm == null)
{
throw new TlsException(AlertDescription.UserCancelled, "Client certificate Private Key unavailable.");
}
SslHandshakeHash sslHandshakeHash = new SslHandshakeHash(clientContext.MasterSecret);
sslHandshakeHash.TransformFinalBlock(clientContext.HandshakeMessages.ToArray(), 0, (int)clientContext.HandshakeMessages.Length);
byte[] array = null;
if (!(asymmetricAlgorithm is RSACryptoServiceProvider))
{
try
{
array = sslHandshakeHash.CreateSignature((RSA)asymmetricAlgorithm);
}
catch (NotImplementedException)
{
}
}
if (array == null)
{
RSA clientCertRSA = this.getClientCertRSA((RSA)asymmetricAlgorithm);
array = sslHandshakeHash.CreateSignature(clientCertRSA);
}
base.Write((short)array.Length);
this.Write(array, 0, array.Length);
}
protected override void ProcessAsSsl3()
{
HashAlgorithm hashAlgorithm = new SslHandshakeHash(base.Context.MasterSecret);
byte[] array = base.Context.HandshakeMessages.ToArray();
hashAlgorithm.TransformBlock(array, 0, array.Length, array, 0);
hashAlgorithm.TransformBlock(Ssl3Marker, 0, Ssl3Marker.Length, Ssl3Marker, 0);
hashAlgorithm.TransformFinalBlock(CipherSuite.EmptyArray, 0, 0);
Write(hashAlgorithm.Hash);
}
protected override void ProcessAsSsl3()
{
// Compute handshake messages hashes
HashAlgorithm hash = new SslHandshakeHash(this.Context.MasterSecret);
byte[] data = this.Context.HandshakeMessages.ToArray ();
hash.TransformBlock (data, 0, data.Length, data, 0);
hash.TransformBlock (Ssl3Marker, 0, Ssl3Marker.Length, Ssl3Marker, 0);
// hack to avoid memory allocation
hash.TransformFinalBlock (CipherSuite.EmptyArray, 0, 0);
this.Write (hash.Hash);
}
protected override void ProcessAsSsl3()
{
ServerContext context = (ServerContext)this.Context;
byte[] rgbSignature = this.ReadBytes((int)this.ReadInt16());
SslHandshakeHash sslHandshakeHash = new SslHandshakeHash(context.MasterSecret);
sslHandshakeHash.TransformFinalBlock(context.HandshakeMessages.ToArray(), 0, (int)context.HandshakeMessages.Length);
if (!sslHandshakeHash.VerifySignature((RSA)context.ClientSettings.CertificateRSA, rgbSignature))
{
throw new TlsException(AlertDescription.HandshakeFailiure, "Handshake Failure.");
}
}
protected override void ProcessAsSsl3()
{
// Compute handshake messages hashes
HashAlgorithm hash = new SslHandshakeHash(this.Context.MasterSecret);
byte[] data = this.Context.HandshakeMessages.ToArray();
hash.TransformBlock(data, 0, data.Length, data, 0);
hash.TransformBlock(Ssl3Marker, 0, Ssl3Marker.Length, Ssl3Marker, 0);
// hack to avoid memory allocation
hash.TransformFinalBlock(CipherSuite.EmptyArray, 0, 0);
this.Write(hash.Hash);
}
protected override void ProcessAsSsl3()
{
AsymmetricAlgorithm privKey = null;
ClientContext context = (ClientContext)this.Context;
privKey = context.SslStream.RaisePrivateKeySelection(
context.ClientSettings.ClientCertificate,
context.ClientSettings.TargetHost);
if (privKey == null)
{
throw new TlsException(AlertDescription.UserCancelled, "Client certificate Private Key unavailable.");
}
else
{
SslHandshakeHash hash = new SslHandshakeHash(context.MasterSecret);
hash.TransformFinalBlock(
context.HandshakeMessages.ToArray(),
0,
(int)context.HandshakeMessages.Length);
// CreateSignature uses ((RSA)privKey).DecryptValue which is not implemented
// in RSACryptoServiceProvider. Other implementations likely implement DecryptValue
// so we will try the CreateSignature method.
byte[] signature = null;
#if !MOONLIGHT
if (!(privKey is RSACryptoServiceProvider))
#endif
{
try
{
signature = hash.CreateSignature((RSA)privKey);
}
catch (NotImplementedException)
{ }
}
// If DecryptValue is not implemented, then try to export the private
// key and let the RSAManaged class do the DecryptValue
if (signature == null)
{
// RSAManaged of the selected ClientCertificate
// (at this moment the first one)
RSA rsa = this.getClientCertRSA((RSA)privKey);
// Write message
signature = hash.CreateSignature(rsa);
}
this.Write((short)signature.Length);
this.Write(signature, 0, signature.Length);
}
}
protected override void ProcessAsSsl3()
{
AsymmetricAlgorithm privKey = null;
ClientContext context = (ClientContext)this.Context;
privKey = context.SslStream.RaisePrivateKeySelection(
context.ClientSettings.ClientCertificate,
context.ClientSettings.TargetHost);
if (privKey == null)
{
throw new TlsException(AlertDescription.UserCancelled, "Client certificate Private Key unavailable.");
}
else
{
SslHandshakeHash hash = new SslHandshakeHash(context.MasterSecret);
hash.TransformFinalBlock(
context.HandshakeMessages.ToArray(),
0,
(int)context.HandshakeMessages.Length);
// CreateSignature uses ((RSA)privKey).DecryptValue which is not implemented
// in RSACryptoServiceProvider. Other implementations likely implement DecryptValue
// so we will try the CreateSignature method.
byte[] signature = null;
#if !MOONLIGHT
if (!(privKey is RSACryptoServiceProvider))
#endif
{
try
{
signature = hash.CreateSignature((RSA)privKey);
}
catch (NotImplementedException)
{ }
}
// If DecryptValue is not implemented, then try to export the private
// key and let the RSAManaged class do the DecryptValue
if (signature == null)
{
// RSAManaged of the selected ClientCertificate
// (at this moment the first one)
RSA rsa = this.getClientCertRSA((RSA)privKey);
// Write message
signature = hash.CreateSignature(rsa);
}
this.Write((short)signature.Length);
this.Write(signature, 0, signature.Length);
}
}
protected override void ProcessAsSsl3()
{
HashAlgorithm hashAlgorithm = new SslHandshakeHash(base.Context.MasterSecret);
byte[] array = base.Context.HandshakeMessages.ToArray();
hashAlgorithm.TransformBlock(array, 0, array.Length, array, 0);
hashAlgorithm.TransformBlock(Ssl3Marker, 0, Ssl3Marker.Length, Ssl3Marker, 0);
hashAlgorithm.TransformFinalBlock(CipherSuite.EmptyArray, 0, 0);
byte[] buffer = ReadBytes((int)Length);
byte[] hash = hashAlgorithm.Hash;
if (!HandshakeMessage.Compare(hash, buffer))
{
throw new TlsException(AlertDescription.InsuficientSecurity, "Invalid ServerFinished message received.");
}
}
protected override void ProcessAsSsl3()
{
HashAlgorithm hashAlgorithm = new SslHandshakeHash(base.Context.MasterSecret);
TlsStream tlsStream = new TlsStream();
tlsStream.Write(base.Context.HandshakeMessages.ToArray());
tlsStream.Write(1129074260);
hashAlgorithm.TransformFinalBlock(tlsStream.ToArray(), 0, (int)tlsStream.Length);
tlsStream.Reset();
byte[] buffer = base.ReadBytes((int)this.Length);
byte[] hash = hashAlgorithm.Hash;
if (!HandshakeMessage.Compare(buffer, hash))
{
throw new TlsException(AlertDescription.DecryptError, "Decrypt error.");
}
}
protected override void ProcessAsSsl3()
{
// Compute handshake messages hashes
HashAlgorithm hash = new SslHandshakeHash(this.Context.MasterSecret);
TlsStream data = new TlsStream();
data.Write(this.Context.HandshakeMessages.ToArray());
data.Write((int)0x53525652);
hash.TransformFinalBlock(data.ToArray(), 0, (int)data.Length);
this.Write(hash.Hash);
data.Reset();
}
protected override void ProcessAsSsl3()
{
ServerContext context = (ServerContext)this.Context;
byte[] signature = this.ReadBytes((int)this.Length);
// Verify signature
SslHandshakeHash hash = new SslHandshakeHash(context.MasterSecret);
hash.TransformFinalBlock(
context.HandshakeMessages.ToArray(),
0,
(int)context.HandshakeMessages.Length);
if (!hash.VerifySignature(context.ClientSettings.CertificateRSA, signature))
{
throw new TlsException(AlertDescription.HandshakeFailiure, "Handshake Failiure.");
}
}
protected override void ProcessAsSsl3()
{
var context = (ServerContext)Context;
int length = ReadInt16();
var signature = ReadBytes(length);
// Verify signature
var hash = new SslHandshakeHash(context.MasterSecret);
hash.TransformFinalBlock(
context.HandshakeMessages.ToArray(),
0,
(int)context.HandshakeMessages.Length);
if (!hash.VerifySignature(context.ClientSettings.CertificateRSA, signature))
{
throw new TlsException(AlertDescription.HandshakeFailiure, "Handshake Failure.");
}
}
protected override void ProcessAsSsl3()
{
// Compute handshake messages hashes
HashAlgorithm hash = new SslHandshakeHash(this.Context.MasterSecret);
byte[] data = this.Context.HandshakeMessages.ToArray();
hash.TransformBlock(data, 0, data.Length, data, 0);
hash.TransformBlock(Ssl3Marker, 0, Ssl3Marker.Length, Ssl3Marker, 0);
// hack to avoid memory allocation
hash.TransformFinalBlock(CipherSuite.EmptyArray, 0, 0);
byte[] serverHash = this.ReadBytes((int)Length);
byte[] clientHash = hash.Hash;
// Check server prf against client prf
if (!Compare(clientHash, serverHash))
{
throw new TlsException(AlertDescription.InsuficientSecurity, "Invalid ServerFinished message received.");
}
}
protected override void ProcessAsSsl3()
{
// Compute handshake messages hashes
HashAlgorithm hash = new SslHandshakeHash(this.Context.MasterSecret);
byte[] data = this.Context.HandshakeMessages.ToArray ();
hash.TransformBlock (data, 0, data.Length, data, 0);
hash.TransformBlock (Ssl3Marker, 0, Ssl3Marker.Length, Ssl3Marker, 0);
// hack to avoid memory allocation
hash.TransformFinalBlock (CipherSuite.EmptyArray, 0, 0);
byte[] serverHash = this.ReadBytes((int)Length);
byte[] clientHash = hash.Hash;
// Check server prf against client prf
if (!Compare (clientHash, serverHash))
{
#warning Review that selected alert is correct
throw new TlsException(AlertDescription.InsuficientSecurity, "Invalid ServerFinished message received.");
}
}
protected override void ProcessAsSsl3()
{
bool decryptError = false;
// Compute handshake messages hashes
HashAlgorithm hash = new SslHandshakeHash(this.Context.MasterSecret);
TlsStream data = new TlsStream();
data.Write(this.Context.HandshakeMessages.ToArray());
data.Write((int)0x434C4E54);
hash.TransformFinalBlock(data.ToArray(), 0, (int)data.Length);
data.Reset();
byte[] clientHash = this.ReadBytes((int)Length);
byte[] serverHash = hash.Hash;
// Check client prf against server prf
if (clientHash.Length != serverHash.Length)
{
decryptError = true;
}
else
{
for (int i = 0; i < clientHash.Length; i++)
{
if (clientHash[i] != serverHash[i])
{
decryptError = true;
break;
}
}
}
if (decryptError)
{
throw new TlsException(AlertDescription.DecryptError, "Decrypt error.");
}
}
protected override void ProcessAsSsl3()
{
// Compute handshake messages hashes
HashAlgorithm hash = new SslHandshakeHash(this.Context.MasterSecret);
TlsStream data = new TlsStream();
data.Write(this.Context.HandshakeMessages.ToArray());
data.Write((int)0x434C4E54);
hash.TransformFinalBlock(data.ToArray(), 0, (int)data.Length);
data.Reset();
byte[] clientHash = this.ReadBytes((int)Length);
byte[] serverHash = hash.Hash;
// Check client prf against server prf
if (!Compare (clientHash, serverHash))
{
throw new TlsException(AlertDescription.DecryptError, "Decrypt error.");
}
}
protected override void ProcessAsSsl3()
{
// Compute handshake messages hashes
HashAlgorithm hash = new SslHandshakeHash(this.Context.MasterSecret);
TlsStream data = new TlsStream();
data.Write(this.Context.HandshakeMessages.ToArray());
data.Write((int)0x434C4E54);
hash.TransformFinalBlock(data.ToArray(), 0, (int)data.Length);
data.Reset();
byte[] clientHash = this.ReadBytes((int)Length);
byte[] serverHash = hash.Hash;
// Check client prf against server prf
if (!Compare(clientHash, serverHash))
{
throw new TlsException(AlertDescription.DecryptError, "Decrypt error.");
}
}
