public TlsStreamCipher(TlsClientContext context, IStreamCipher encryptCipher,
IStreamCipher decryptCipher, IDigest writeDigest, IDigest readDigest, int cipherKeySize)
{
this.context = context;
this.encryptCipher = encryptCipher;
this.decryptCipher = decryptCipher;
int prfSize = (2 * cipherKeySize) + writeDigest.GetDigestSize()
+ readDigest.GetDigestSize();
SecurityParameters securityParameters = context.SecurityParameters;
byte[] keyBlock = TlsUtilities.PRF(securityParameters.masterSecret, "key expansion",
TlsUtilities.Concat(securityParameters.serverRandom, securityParameters.clientRandom),
prfSize);
int offset = 0;
// Init MACs
writeMac = CreateTlsMac(writeDigest, keyBlock, ref offset);
readMac = CreateTlsMac(readDigest, keyBlock, ref offset);
// Build keys
KeyParameter encryptKey = CreateKeyParameter(keyBlock, ref offset, cipherKeySize);
KeyParameter decryptKey = CreateKeyParameter(keyBlock, ref offset, cipherKeySize);
if (offset != prfSize)
{
throw new TlsFatalAlert(AlertDescription.internal_error);
}
// Init Ciphers
encryptCipher.Init(true, encryptKey);
decryptCipher.Init(false, decryptKey);
}
internal override void Init(byte[] ms, byte[] cr, byte[] sr)
{
int prfSize = (2 * cipherKeySize) + (2 * writeDigest.GetDigestSize())
+ (2 * encryptCipher.GetBlockSize());
byte[] key_block = new byte[prfSize];
byte[] random = new byte[cr.Length + sr.Length];
Array.Copy(cr, 0, random, sr.Length, cr.Length);
Array.Copy(sr, 0, random, 0, sr.Length);
TlsUtilities.PRF(ms, TlsUtilities.ToByteArray("key expansion"), random, key_block);
int offset = 0;
// Init MACs
writeMac = new TlsMac(writeDigest, key_block, offset, writeDigest
.GetDigestSize());
offset += writeDigest.GetDigestSize();
readMac = new TlsMac(readDigest, key_block, offset, readDigest
.GetDigestSize());
offset += readDigest.GetDigestSize();
// Init Ciphers
this.initCipher(true, encryptCipher, key_block, cipherKeySize, offset,
offset + (cipherKeySize * 2));
offset += cipherKeySize;
this.initCipher(false, decryptCipher, key_block, cipherKeySize, offset,
offset + cipherKeySize + decryptCipher.GetBlockSize());
}
protected virtual TlsMac CreateTlsMac(IDigest digest, byte[] buf, ref int off)
{
int len = digest.GetDigestSize();
TlsMac mac = new TlsMac(digest, buf, off, len);
off += len;
return mac;
}
public TlsStreamCipher(TlsClientContext context, IStreamCipher encryptCipher,
IStreamCipher decryptCipher, IDigest writeDigest, IDigest readDigest, int cipherKeySize)
{
this.context = context;
this.encryptCipher = encryptCipher;
this.decryptCipher = decryptCipher;
int prfSize = (2 * cipherKeySize) + writeDigest.GetDigestSize()
+ readDigest.GetDigestSize();
SecurityParameters securityParameters = context.SecurityParameters;
byte[] keyBlock = TlsUtilities.PRF(securityParameters.masterSecret, "key expansion",
TlsUtilities.Concat(securityParameters.serverRandom, securityParameters.clientRandom),
prfSize);
int offset = 0;
// Init MACs
writeMac = CreateTlsMac(writeDigest, keyBlock, ref offset);
readMac = CreateTlsMac(readDigest, keyBlock, ref offset);
// Build keys
KeyParameter encryptKey = CreateKeyParameter(keyBlock, ref offset, cipherKeySize);
KeyParameter decryptKey = CreateKeyParameter(keyBlock, ref offset, cipherKeySize);
if (offset != prfSize)
throw new TlsFatalAlert(AlertDescription.internal_error);
// Init Ciphers
encryptCipher.Init(true, encryptKey);
decryptCipher.Init(false, decryptKey);
}
internal override void Init(byte[] ms, byte[] cr, byte[] sr)
{
int prfSize = (2 * cipherKeySize) + (2 * writeDigest.GetDigestSize())
+ (2 * encryptCipher.GetBlockSize());
byte[] key_block = new byte[prfSize];
byte[] random = new byte[cr.Length + sr.Length];
Array.Copy(cr, 0, random, sr.Length, cr.Length);
Array.Copy(sr, 0, random, 0, sr.Length);
TlsUtilities.PRF(ms, TlsUtilities.ToByteArray("key expansion"), random, key_block);
int offset = 0;
// Init MACs
writeMac = new TlsMac(writeDigest, key_block, offset, writeDigest
.GetDigestSize());
offset += writeDigest.GetDigestSize();
readMac = new TlsMac(readDigest, key_block, offset, readDigest
.GetDigestSize());
offset += readDigest.GetDigestSize();
// Init Ciphers
this.initCipher(true, encryptCipher, key_block, cipherKeySize, offset,
offset + (cipherKeySize * 2));
offset += cipherKeySize;
this.initCipher(false, decryptCipher, key_block, cipherKeySize, offset,
offset + cipherKeySize + decryptCipher.GetBlockSize());
}
public TlsNullCipher(TlsContext context, IDigest clientWriteDigest, IDigest serverWriteDigest)
{
if ((clientWriteDigest == null) != (serverWriteDigest == null))
{
throw new TlsFatalAlert(80);
}
this.context = context;
TlsMac mac = null;
TlsMac mac2 = null;
if (clientWriteDigest != null)
{
int size = clientWriteDigest.GetDigestSize() + serverWriteDigest.GetDigestSize();
byte[] key = TlsUtilities.CalculateKeyBlock(context, size);
int keyOff = 0;
mac = new TlsMac(context, clientWriteDigest, key, keyOff, clientWriteDigest.GetDigestSize());
keyOff += clientWriteDigest.GetDigestSize();
mac2 = new TlsMac(context, serverWriteDigest, key, keyOff, serverWriteDigest.GetDigestSize());
keyOff += serverWriteDigest.GetDigestSize();
if (keyOff != size)
{
throw new TlsFatalAlert(80);
}
}
if (context.IsServer)
{
this.writeMac = mac2;
this.readMac = mac;
}
else
{
this.writeMac = mac;
this.readMac = mac2;
}
}
public TlsNullCipher(TlsContext context, IDigest clientWriteDigest, IDigest serverWriteDigest)
{
if (clientWriteDigest == null != (serverWriteDigest == null))
{
throw new TlsFatalAlert(80);
}
this.context = context;
TlsMac tlsMac = null;
TlsMac tlsMac2 = null;
if (clientWriteDigest != null)
{
int num = clientWriteDigest.GetDigestSize() + serverWriteDigest.GetDigestSize();
byte[] key = TlsUtilities.CalculateKeyBlock(context, num);
int num2 = 0;
tlsMac = new TlsMac(context, clientWriteDigest, key, num2, clientWriteDigest.GetDigestSize());
num2 += clientWriteDigest.GetDigestSize();
tlsMac2 = new TlsMac(context, serverWriteDigest, key, num2, serverWriteDigest.GetDigestSize());
num2 += serverWriteDigest.GetDigestSize();
if (num2 != num)
{
throw new TlsFatalAlert(80);
}
}
if (context.IsServer)
{
writeMac = tlsMac2;
readMac = tlsMac;
}
else
{
writeMac = tlsMac;
readMac = tlsMac2;
}
}
private static TlsMac CreateTlsMac(IDigest digest, byte[] buf, ref int off)
{
int len = digest.GetDigestSize();
TlsMac mac = new TlsMac(digest, buf, off, len);
off += len;
return mac;
}
private static TlsMac CreateTlsMac(IDigest digest, byte[] buf, ref int off)
{
int len = digest.GetDigestSize();
TlsMac mac = new TlsMac(digest, buf, off, len);
off += len;
return(mac);
}
protected virtual TlsMac CreateTlsMac(IDigest digest, byte[] buf, ref int off)
{
int len = digest.GetDigestSize();
TlsMac mac = new TlsMac(digest, buf, off, len);
off += len;
return(mac);
}
public TlsStreamCipher(TlsContext context, IStreamCipher clientWriteCipher, IStreamCipher serverWriteCipher, IDigest clientWriteDigest, IDigest serverWriteDigest, int cipherKeySize, bool usesNonce)
{
bool isServer = context.IsServer;
this.context = context;
this.usesNonce = usesNonce;
encryptCipher = clientWriteCipher;
decryptCipher = serverWriteCipher;
int num = 2 * cipherKeySize + clientWriteDigest.GetDigestSize() + serverWriteDigest.GetDigestSize();
byte[] key = TlsUtilities.CalculateKeyBlock(context, num);
int num2 = 0;
TlsMac tlsMac = new TlsMac(context, clientWriteDigest, key, num2, clientWriteDigest.GetDigestSize());
num2 += clientWriteDigest.GetDigestSize();
TlsMac tlsMac2 = new TlsMac(context, serverWriteDigest, key, num2, serverWriteDigest.GetDigestSize());
num2 += serverWriteDigest.GetDigestSize();
KeyParameter keyParameter = new KeyParameter(key, num2, cipherKeySize);
num2 += cipherKeySize;
KeyParameter keyParameter2 = new KeyParameter(key, num2, cipherKeySize);
num2 += cipherKeySize;
if (num2 != num)
{
throw new TlsFatalAlert(80);
}
ICipherParameters parameters;
ICipherParameters parameters2;
if (isServer)
{
writeMac = tlsMac2;
readMac = tlsMac;
encryptCipher = serverWriteCipher;
decryptCipher = clientWriteCipher;
parameters = keyParameter2;
parameters2 = keyParameter;
}
else
{
writeMac = tlsMac;
readMac = tlsMac2;
encryptCipher = clientWriteCipher;
decryptCipher = serverWriteCipher;
parameters = keyParameter;
parameters2 = keyParameter2;
}
if (usesNonce)
{
byte[] iv = new byte[8];
parameters = new ParametersWithIV(parameters, iv);
parameters2 = new ParametersWithIV(parameters2, iv);
}
encryptCipher.Init(forEncryption: true, parameters);
decryptCipher.Init(forEncryption: false, parameters2);
}
public TlsStreamCipher(TlsContext context, IStreamCipher clientWriteCipher, IStreamCipher serverWriteCipher, IDigest clientWriteDigest, IDigest serverWriteDigest, int cipherKeySize, bool usesNonce)
{
ICipherParameters parameters;
ICipherParameters parameters2;
bool isServer = context.IsServer;
this.context = context;
this.usesNonce = usesNonce;
this.encryptCipher = clientWriteCipher;
this.decryptCipher = serverWriteCipher;
int size = ((2 * cipherKeySize) + clientWriteDigest.GetDigestSize()) + serverWriteDigest.GetDigestSize();
byte[] key = TlsUtilities.CalculateKeyBlock(context, size);
int keyOff = 0;
TlsMac mac = new TlsMac(context, clientWriteDigest, key, keyOff, clientWriteDigest.GetDigestSize());
keyOff += clientWriteDigest.GetDigestSize();
TlsMac mac2 = new TlsMac(context, serverWriteDigest, key, keyOff, serverWriteDigest.GetDigestSize());
keyOff += serverWriteDigest.GetDigestSize();
KeyParameter parameter = new KeyParameter(key, keyOff, cipherKeySize);
keyOff += cipherKeySize;
KeyParameter parameter2 = new KeyParameter(key, keyOff, cipherKeySize);
keyOff += cipherKeySize;
if (keyOff != size)
{
throw new TlsFatalAlert(80);
}
if (isServer)
{
this.writeMac = mac2;
this.readMac = mac;
this.encryptCipher = serverWriteCipher;
this.decryptCipher = clientWriteCipher;
parameters = parameter2;
parameters2 = parameter;
}
else
{
this.writeMac = mac;
this.readMac = mac2;
this.encryptCipher = clientWriteCipher;
this.decryptCipher = serverWriteCipher;
parameters = parameter;
parameters2 = parameter2;
}
if (usesNonce)
{
byte[] iv = new byte[8];
parameters = new ParametersWithIV(parameters, iv);
parameters2 = new ParametersWithIV(parameters2, iv);
}
this.encryptCipher.Init(true, parameters);
this.decryptCipher.Init(false, parameters2);
}
public TlsBlockCipher(TlsClientContext context, IBlockCipher encryptCipher,
IBlockCipher decryptCipher, IDigest writeDigest, IDigest readDigest, int cipherKeySize)
{
this.context = context;
this.randomData = new byte[256];
context.SecureRandom.NextBytes(randomData);
this.encryptCipher = encryptCipher;
this.decryptCipher = decryptCipher;
int prfSize = (2 * cipherKeySize) + writeDigest.GetDigestSize()
+ readDigest.GetDigestSize() + encryptCipher.GetBlockSize()
+ decryptCipher.GetBlockSize();
SecurityParameters securityParameters = context.SecurityParameters;
byte[] keyBlock = TlsUtilities.PRF(securityParameters.masterSecret, "key expansion",
TlsUtilities.Concat(securityParameters.serverRandom, securityParameters.clientRandom),
prfSize);
int offset = 0;
// Init MACs
wMac = CreateTlsMac(writeDigest, keyBlock, ref offset);
rMac = CreateTlsMac(readDigest, keyBlock, ref offset);
// Build keys
KeyParameter encryptKey = CreateKeyParameter(keyBlock, ref offset, cipherKeySize);
KeyParameter decryptKey = CreateKeyParameter(keyBlock, ref offset, cipherKeySize);
// Add IVs
ParametersWithIV encryptParams = CreateParametersWithIV(encryptKey,
keyBlock, ref offset, encryptCipher.GetBlockSize());
ParametersWithIV decryptParams = CreateParametersWithIV(decryptKey,
keyBlock, ref offset, decryptCipher.GetBlockSize());
if (offset != prfSize)
{
throw new TlsFatalAlert(AlertDescription.internal_error);
}
// Init Ciphers
encryptCipher.Init(true, encryptParams);
decryptCipher.Init(false, decryptParams);
}
/// <exception cref="IOException"></exception>
public TlsNullCipher(TlsContext context, IDigest clientWriteDigest, IDigest serverWriteDigest)
{
if ((clientWriteDigest == null) != (serverWriteDigest == null))
{
throw new TlsFatalAlert(AlertDescription.internal_error);
}
this.context = context;
TlsMac clientWriteMac = null, serverWriteMac = null;
if (clientWriteDigest != null)
{
int key_block_size = clientWriteDigest.GetDigestSize()
+ serverWriteDigest.GetDigestSize();
byte[] key_block = TlsUtilities.CalculateKeyBlock(context, key_block_size);
int offset = 0;
clientWriteMac = new TlsMac(context, clientWriteDigest, key_block, offset,
clientWriteDigest.GetDigestSize());
offset += clientWriteDigest.GetDigestSize();
serverWriteMac = new TlsMac(context, serverWriteDigest, key_block, offset,
serverWriteDigest.GetDigestSize());
offset += serverWriteDigest.GetDigestSize();
if (offset != key_block_size)
{
throw new TlsFatalAlert(AlertDescription.internal_error);
}
}
if (context.IsServer)
{
writeMac = serverWriteMac;
readMac = clientWriteMac;
}
else
{
writeMac = clientWriteMac;
readMac = serverWriteMac;
}
}
public TlsBlockCipher(TlsClientContext context, IBlockCipher encryptCipher,
IBlockCipher decryptCipher, IDigest writeDigest, IDigest readDigest, int cipherKeySize)
{
this.context = context;
this.randomData = new byte[256];
context.SecureRandom.NextBytes(randomData);
this.encryptCipher = encryptCipher;
this.decryptCipher = decryptCipher;
int prfSize = (2 * cipherKeySize) + writeDigest.GetDigestSize()
+ readDigest.GetDigestSize() + encryptCipher.GetBlockSize()
+ decryptCipher.GetBlockSize();
SecurityParameters securityParameters = context.SecurityParameters;
byte[] keyBlock = TlsUtilities.PRF(securityParameters.masterSecret, "key expansion",
TlsUtilities.Concat(securityParameters.serverRandom, securityParameters.clientRandom),
prfSize);
int offset = 0;
// Init MACs
wMac = CreateTlsMac(writeDigest, keyBlock, ref offset);
rMac = CreateTlsMac(readDigest, keyBlock, ref offset);
// Build keys
KeyParameter encryptKey = CreateKeyParameter(keyBlock, ref offset, cipherKeySize);
KeyParameter decryptKey = CreateKeyParameter(keyBlock, ref offset, cipherKeySize);
// Add IVs
ParametersWithIV encryptParams = CreateParametersWithIV(encryptKey,
keyBlock, ref offset, encryptCipher.GetBlockSize());
ParametersWithIV decryptParams = CreateParametersWithIV(decryptKey,
keyBlock, ref offset, decryptCipher.GetBlockSize());
if (offset != prfSize)
throw new TlsFatalAlert(AlertDescription.internal_error);
// Init Ciphers
encryptCipher.Init(true, encryptParams);
decryptCipher.Init(false, decryptParams);
}
/// <exception cref="IOException"></exception>
public TlsNullCipher(TlsContext context, IDigest clientWriteDigest, IDigest serverWriteDigest)
{
if ((clientWriteDigest == null) != (serverWriteDigest == null))
throw new TlsFatalAlert(AlertDescription.internal_error);
this.context = context;
TlsMac clientWriteMac = null, serverWriteMac = null;
if (clientWriteDigest != null)
{
int key_block_size = clientWriteDigest.GetDigestSize()
+ serverWriteDigest.GetDigestSize();
byte[] key_block = TlsUtilities.CalculateKeyBlock(context, key_block_size);
int offset = 0;
clientWriteMac = new TlsMac(context, clientWriteDigest, key_block, offset,
clientWriteDigest.GetDigestSize());
offset += clientWriteDigest.GetDigestSize();
serverWriteMac = new TlsMac(context, serverWriteDigest, key_block, offset,
serverWriteDigest.GetDigestSize());
offset += serverWriteDigest.GetDigestSize();
if (offset != key_block_size)
{
throw new TlsFatalAlert(AlertDescription.internal_error);
}
}
if (context.IsServer)
{
writeMac = serverWriteMac;
readMac = clientWriteMac;
}
else
{
writeMac = clientWriteMac;
readMac = serverWriteMac;
}
}
internal TlsBlockCipher(TlsProtocolHandler handler, IBlockCipher encryptCipher,
IBlockCipher decryptCipher, IDigest writeDigest, IDigest readDigest, int cipherKeySize,
SecurityParameters securityParameters)
{
this.handler = handler;
this.encryptCipher = encryptCipher;
this.decryptCipher = decryptCipher;
int prfSize = (2 * cipherKeySize) + writeDigest.GetDigestSize()
+ readDigest.GetDigestSize() + encryptCipher.GetBlockSize()
+ decryptCipher.GetBlockSize();
byte[] keyBlock = TlsUtilities.PRF(securityParameters.masterSecret, "key expansion",
TlsUtilities.Concat(securityParameters.serverRandom, securityParameters.clientRandom),
prfSize);
int offset = 0;
// Init MACs
writeMac = CreateTlsMac(writeDigest, keyBlock, ref offset);
readMac = CreateTlsMac(readDigest, keyBlock, ref offset);
// Build keys
KeyParameter encryptKey = CreateKeyParameter(keyBlock, ref offset, cipherKeySize);
KeyParameter decryptKey = CreateKeyParameter(keyBlock, ref offset, cipherKeySize);
// Add IVs
ParametersWithIV encryptParams = CreateParametersWithIV(encryptKey,
keyBlock, ref offset, encryptCipher.GetBlockSize());
ParametersWithIV decryptParams = CreateParametersWithIV(decryptKey,
keyBlock, ref offset, decryptCipher.GetBlockSize());
if (offset != prfSize)
{
handler.FailWithError(TlsProtocolHandler.AL_fatal, TlsProtocolHandler.AP_internal_error);
}
// Init Ciphers
encryptCipher.Init(true, encryptParams);
decryptCipher.Init(false, decryptParams);
}
internal TlsBlockCipher(TlsProtocolHandler handler, IBlockCipher encryptCipher,
IBlockCipher decryptCipher, IDigest writeDigest, IDigest readDigest, int cipherKeySize,
SecurityParameters securityParameters)
{
this.handler = handler;
this.encryptCipher = encryptCipher;
this.decryptCipher = decryptCipher;
int prfSize = (2 * cipherKeySize) + writeDigest.GetDigestSize()
+ readDigest.GetDigestSize() + encryptCipher.GetBlockSize()
+ decryptCipher.GetBlockSize();
byte[] keyBlock = TlsUtilities.PRF(securityParameters.masterSecret, "key expansion",
TlsUtilities.Concat(securityParameters.serverRandom, securityParameters.clientRandom),
prfSize);
int offset = 0;
// Init MACs
writeMac = CreateTlsMac(writeDigest, keyBlock, ref offset);
readMac = CreateTlsMac(readDigest, keyBlock, ref offset);
// Build keys
KeyParameter encryptKey = CreateKeyParameter(keyBlock, ref offset, cipherKeySize);
KeyParameter decryptKey = CreateKeyParameter(keyBlock, ref offset, cipherKeySize);
// Add IVs
ParametersWithIV encryptParams = CreateParametersWithIV(encryptKey,
keyBlock, ref offset, encryptCipher.GetBlockSize());
ParametersWithIV decryptParams = CreateParametersWithIV(decryptKey,
keyBlock, ref offset, decryptCipher.GetBlockSize());
if (offset != prfSize)
handler.FailWithError(TlsProtocolHandler.AL_fatal, TlsProtocolHandler.AP_internal_error);
// Init Ciphers
encryptCipher.Init(true, encryptParams);
decryptCipher.Init(false, decryptParams);
}
internal override void Init(TlsProtocolHandler handler, byte[] ms, byte[] cr, byte[] sr)
{
this.handler = handler;
int prfSize = (2 * cipherKeySize) + writeDigest.GetDigestSize() + readDigest.GetDigestSize()
+ encryptCipher.GetBlockSize() + decryptCipher.GetBlockSize();
byte[] keyBlock = new byte[prfSize];
byte[] random = new byte[cr.Length + sr.Length];
Array.Copy(cr, 0, random, sr.Length, cr.Length);
Array.Copy(sr, 0, random, 0, sr.Length);
TlsUtilities.PRF(ms, "key expansion", random, keyBlock);
int offset = 0;
// Init MACs
writeMac = CreateTlsMac(writeDigest, keyBlock, ref offset);
readMac = CreateTlsMac(readDigest, keyBlock, ref offset);
// Build keys
KeyParameter encryptKey = CreateKeyParameter(keyBlock, ref offset, cipherKeySize);
KeyParameter decryptKey = CreateKeyParameter(keyBlock, ref offset, cipherKeySize);
// Add IVs
ParametersWithIV encryptParams = CreateParametersWithIV(encryptKey,
keyBlock, ref offset, encryptCipher.GetBlockSize());
ParametersWithIV decryptParams = CreateParametersWithIV(decryptKey,
keyBlock, ref offset, decryptCipher.GetBlockSize());
if (offset != prfSize)
{
handler.FailWithError(TlsProtocolHandler.AL_fatal, TlsProtocolHandler.AP_internal_error);
}
// Init Ciphers
encryptCipher.Init(true, encryptParams);
decryptCipher.Init(false, decryptParams);
}
/// <exception cref="IOException"></exception>
public TlsBlockCipher(TlsContext context, IBlockCipher clientWriteCipher, IBlockCipher serverWriteCipher,
IDigest clientWriteDigest, IDigest serverWriteDigest, int cipherKeySize)
{
this.context = context;
this.randomData = new byte[256];
context.NonceRandomGenerator.NextBytes(randomData);
this.useExplicitIV = TlsUtilities.IsTlsV11(context);
this.encryptThenMac = context.SecurityParameters.encryptThenMac;
int key_block_size = (2 * cipherKeySize) + clientWriteDigest.GetDigestSize()
+ serverWriteDigest.GetDigestSize();
// From TLS 1.1 onwards, block ciphers don't need client_write_IV
if (!useExplicitIV)
{
key_block_size += clientWriteCipher.GetBlockSize() + serverWriteCipher.GetBlockSize();
}
byte[] key_block = TlsUtilities.CalculateKeyBlock(context, key_block_size);
int offset = 0;
TlsMac clientWriteMac = new TlsMac(context, clientWriteDigest, key_block, offset,
clientWriteDigest.GetDigestSize());
offset += clientWriteDigest.GetDigestSize();
TlsMac serverWriteMac = new TlsMac(context, serverWriteDigest, key_block, offset,
serverWriteDigest.GetDigestSize());
offset += serverWriteDigest.GetDigestSize();
KeyParameter client_write_key = new KeyParameter(key_block, offset, cipherKeySize);
offset += cipherKeySize;
KeyParameter server_write_key = new KeyParameter(key_block, offset, cipherKeySize);
offset += cipherKeySize;
byte[] client_write_IV, server_write_IV;
if (useExplicitIV)
{
client_write_IV = new byte[clientWriteCipher.GetBlockSize()];
server_write_IV = new byte[serverWriteCipher.GetBlockSize()];
}
else
{
client_write_IV = Arrays.CopyOfRange(key_block, offset, offset + clientWriteCipher.GetBlockSize());
offset += clientWriteCipher.GetBlockSize();
server_write_IV = Arrays.CopyOfRange(key_block, offset, offset + serverWriteCipher.GetBlockSize());
offset += serverWriteCipher.GetBlockSize();
}
if (offset != key_block_size)
{
throw new TlsFatalAlert(AlertDescription.internal_error);
}
ICipherParameters encryptParams, decryptParams;
if (context.IsServer)
{
this.mWriteMac = serverWriteMac;
this.mReadMac = clientWriteMac;
this.encryptCipher = serverWriteCipher;
this.decryptCipher = clientWriteCipher;
encryptParams = new ParametersWithIV(server_write_key, server_write_IV);
decryptParams = new ParametersWithIV(client_write_key, client_write_IV);
}
else
{
this.mWriteMac = clientWriteMac;
this.mReadMac = serverWriteMac;
this.encryptCipher = clientWriteCipher;
this.decryptCipher = serverWriteCipher;
encryptParams = new ParametersWithIV(client_write_key, client_write_IV);
decryptParams = new ParametersWithIV(server_write_key, server_write_IV);
}
this.encryptCipher.Init(true, encryptParams);
this.decryptCipher.Init(false, decryptParams);
}
public TlsBlockCipher(TlsContext context, IBlockCipher clientWriteCipher, IBlockCipher serverWriteCipher, IDigest clientWriteDigest, IDigest serverWriteDigest, int cipherKeySize)
{
this.context = context;
this.randomData = new byte[256];
context.NonceRandomGenerator.NextBytes(this.randomData);
this.useExplicitIV = TlsUtilities.IsTlsV11(context);
this.encryptThenMac = context.SecurityParameters.encryptThenMac;
int num = 2 * cipherKeySize + clientWriteDigest.GetDigestSize() + serverWriteDigest.GetDigestSize();
if (!this.useExplicitIV)
{
num += clientWriteCipher.GetBlockSize() + serverWriteCipher.GetBlockSize();
}
byte[] array = TlsUtilities.CalculateKeyBlock(context, num);
int num2 = 0;
TlsMac tlsMac = new TlsMac(context, clientWriteDigest, array, num2, clientWriteDigest.GetDigestSize());
num2 += clientWriteDigest.GetDigestSize();
TlsMac tlsMac2 = new TlsMac(context, serverWriteDigest, array, num2, serverWriteDigest.GetDigestSize());
num2 += serverWriteDigest.GetDigestSize();
KeyParameter parameters = new KeyParameter(array, num2, cipherKeySize);
num2 += cipherKeySize;
KeyParameter parameters2 = new KeyParameter(array, num2, cipherKeySize);
num2 += cipherKeySize;
byte[] iv;
byte[] iv2;
if (this.useExplicitIV)
{
iv = new byte[clientWriteCipher.GetBlockSize()];
iv2 = new byte[serverWriteCipher.GetBlockSize()];
}
else
{
iv = Arrays.CopyOfRange(array, num2, num2 + clientWriteCipher.GetBlockSize());
num2 += clientWriteCipher.GetBlockSize();
iv2 = Arrays.CopyOfRange(array, num2, num2 + serverWriteCipher.GetBlockSize());
num2 += serverWriteCipher.GetBlockSize();
}
if (num2 != num)
{
throw new TlsFatalAlert(80);
}
ICipherParameters parameters3;
ICipherParameters parameters4;
if (context.IsServer)
{
this.mWriteMac = tlsMac2;
this.mReadMac = tlsMac;
this.encryptCipher = serverWriteCipher;
this.decryptCipher = clientWriteCipher;
parameters3 = new ParametersWithIV(parameters2, iv2);
parameters4 = new ParametersWithIV(parameters, iv);
}
else
{
this.mWriteMac = tlsMac;
this.mReadMac = tlsMac2;
this.encryptCipher = clientWriteCipher;
this.decryptCipher = serverWriteCipher;
parameters3 = new ParametersWithIV(parameters, iv);
parameters4 = new ParametersWithIV(parameters2, iv2);
}
this.encryptCipher.Init(true, parameters3);
this.decryptCipher.Init(false, parameters4);
}
public TlsBlockCipher(TlsContext context, IBlockCipher clientWriteCipher, IBlockCipher serverWriteCipher, IDigest clientWriteDigest, IDigest serverWriteDigest, int cipherKeySize)
{
byte[] buffer2;
byte[] buffer3;
ICipherParameters parameters;
ICipherParameters parameters2;
this.context = context;
this.randomData = new byte[0x100];
context.NonceRandomGenerator.NextBytes(this.randomData);
this.useExplicitIV = TlsUtilities.IsTlsV11(context);
this.encryptThenMac = context.SecurityParameters.encryptThenMac;
int size = ((2 * cipherKeySize) + clientWriteDigest.GetDigestSize()) + serverWriteDigest.GetDigestSize();
if (!this.useExplicitIV)
{
size += clientWriteCipher.GetBlockSize() + serverWriteCipher.GetBlockSize();
}
byte[] key = TlsUtilities.CalculateKeyBlock(context, size);
int keyOff = 0;
TlsMac mac = new TlsMac(context, clientWriteDigest, key, keyOff, clientWriteDigest.GetDigestSize());
keyOff += clientWriteDigest.GetDigestSize();
TlsMac mac2 = new TlsMac(context, serverWriteDigest, key, keyOff, serverWriteDigest.GetDigestSize());
keyOff += serverWriteDigest.GetDigestSize();
KeyParameter parameter = new KeyParameter(key, keyOff, cipherKeySize);
keyOff += cipherKeySize;
KeyParameter parameter2 = new KeyParameter(key, keyOff, cipherKeySize);
keyOff += cipherKeySize;
if (this.useExplicitIV)
{
buffer2 = new byte[clientWriteCipher.GetBlockSize()];
buffer3 = new byte[serverWriteCipher.GetBlockSize()];
}
else
{
buffer2 = Arrays.CopyOfRange(key, keyOff, keyOff + clientWriteCipher.GetBlockSize());
keyOff += clientWriteCipher.GetBlockSize();
buffer3 = Arrays.CopyOfRange(key, keyOff, keyOff + serverWriteCipher.GetBlockSize());
keyOff += serverWriteCipher.GetBlockSize();
}
if (keyOff != size)
{
throw new TlsFatalAlert(80);
}
if (context.IsServer)
{
this.mWriteMac = mac2;
this.mReadMac = mac;
this.encryptCipher = serverWriteCipher;
this.decryptCipher = clientWriteCipher;
parameters = new ParametersWithIV(parameter2, buffer3);
parameters2 = new ParametersWithIV(parameter, buffer2);
}
else
{
this.mWriteMac = mac;
this.mReadMac = mac2;
this.encryptCipher = clientWriteCipher;
this.decryptCipher = serverWriteCipher;
parameters = new ParametersWithIV(parameter, buffer2);
parameters2 = new ParametersWithIV(parameter2, buffer3);
}
this.encryptCipher.Init(true, parameters);
this.decryptCipher.Init(false, parameters2);
}
public TlsNullCipher(TlsContext context)
{
this.context = context;
this.writeMac = null;
this.readMac = null;
}
/// <exception cref="IOException"></exception>
public TlsStreamCipher(TlsContext context, IStreamCipher clientWriteCipher,
IStreamCipher serverWriteCipher, IDigest clientWriteDigest, IDigest serverWriteDigest,
int cipherKeySize, bool usesNonce)
{
bool isServer = context.IsServer;
this.context = context;
this.usesNonce = usesNonce;
this.encryptCipher = clientWriteCipher;
this.decryptCipher = serverWriteCipher;
int key_block_size = (2 * cipherKeySize) + clientWriteDigest.GetDigestSize()
+ serverWriteDigest.GetDigestSize();
byte[] key_block = TlsUtilities.CalculateKeyBlock(context, key_block_size);
int offset = 0;
// Init MACs
TlsMac clientWriteMac = new TlsMac(context, clientWriteDigest, key_block, offset,
clientWriteDigest.GetDigestSize());
offset += clientWriteDigest.GetDigestSize();
TlsMac serverWriteMac = new TlsMac(context, serverWriteDigest, key_block, offset,
serverWriteDigest.GetDigestSize());
offset += serverWriteDigest.GetDigestSize();
// Build keys
KeyParameter clientWriteKey = new KeyParameter(key_block, offset, cipherKeySize);
offset += cipherKeySize;
KeyParameter serverWriteKey = new KeyParameter(key_block, offset, cipherKeySize);
offset += cipherKeySize;
if (offset != key_block_size)
{
throw new TlsFatalAlert(AlertDescription.internal_error);
}
ICipherParameters encryptParams, decryptParams;
if (isServer)
{
this.writeMac = serverWriteMac;
this.readMac = clientWriteMac;
this.encryptCipher = serverWriteCipher;
this.decryptCipher = clientWriteCipher;
encryptParams = serverWriteKey;
decryptParams = clientWriteKey;
}
else
{
this.writeMac = clientWriteMac;
this.readMac = serverWriteMac;
this.encryptCipher = clientWriteCipher;
this.decryptCipher = serverWriteCipher;
encryptParams = clientWriteKey;
decryptParams = serverWriteKey;
}
if (usesNonce)
{
byte[] dummyNonce = new byte[8];
encryptParams = new ParametersWithIV(encryptParams, dummyNonce);
decryptParams = new ParametersWithIV(decryptParams, dummyNonce);
}
this.encryptCipher.Init(true, encryptParams);
this.decryptCipher.Init(false, decryptParams);
}
/// <exception cref="IOException"></exception>
public TlsBlockCipher(TlsContext context, IBlockCipher clientWriteCipher, IBlockCipher serverWriteCipher,
IDigest clientWriteDigest, IDigest serverWriteDigest, int cipherKeySize)
{
this.context = context;
this.randomData = new byte[256];
context.NonceRandomGenerator.NextBytes(randomData);
this.useExplicitIV = TlsUtilities.IsTlsV11(context);
this.encryptThenMac = context.SecurityParameters.encryptThenMac;
int key_block_size = (2 * cipherKeySize) + clientWriteDigest.GetDigestSize()
+ serverWriteDigest.GetDigestSize();
// From TLS 1.1 onwards, block ciphers don't need client_write_IV
if (!useExplicitIV)
{
key_block_size += clientWriteCipher.GetBlockSize() + serverWriteCipher.GetBlockSize();
}
byte[] key_block = TlsUtilities.CalculateKeyBlock(context, key_block_size);
int offset = 0;
TlsMac clientWriteMac = new TlsMac(context, clientWriteDigest, key_block, offset,
clientWriteDigest.GetDigestSize());
offset += clientWriteDigest.GetDigestSize();
TlsMac serverWriteMac = new TlsMac(context, serverWriteDigest, key_block, offset,
serverWriteDigest.GetDigestSize());
offset += serverWriteDigest.GetDigestSize();
KeyParameter client_write_key = new KeyParameter(key_block, offset, cipherKeySize);
offset += cipherKeySize;
KeyParameter server_write_key = new KeyParameter(key_block, offset, cipherKeySize);
offset += cipherKeySize;
byte[] client_write_IV, server_write_IV;
if (useExplicitIV)
{
client_write_IV = new byte[clientWriteCipher.GetBlockSize()];
server_write_IV = new byte[serverWriteCipher.GetBlockSize()];
}
else
{
client_write_IV = Arrays.CopyOfRange(key_block, offset, offset + clientWriteCipher.GetBlockSize());
offset += clientWriteCipher.GetBlockSize();
server_write_IV = Arrays.CopyOfRange(key_block, offset, offset + serverWriteCipher.GetBlockSize());
offset += serverWriteCipher.GetBlockSize();
}
if (offset != key_block_size)
{
throw new TlsFatalAlert(AlertDescription.internal_error);
}
ICipherParameters encryptParams, decryptParams;
if (context.IsServer)
{
this.mWriteMac = serverWriteMac;
this.mReadMac = clientWriteMac;
this.encryptCipher = serverWriteCipher;
this.decryptCipher = clientWriteCipher;
encryptParams = new ParametersWithIV(server_write_key, server_write_IV);
decryptParams = new ParametersWithIV(client_write_key, client_write_IV);
}
else
{
this.mWriteMac = clientWriteMac;
this.mReadMac = serverWriteMac;
this.encryptCipher = clientWriteCipher;
this.decryptCipher = serverWriteCipher;
encryptParams = new ParametersWithIV(client_write_key, client_write_IV);
decryptParams = new ParametersWithIV(server_write_key, server_write_IV);
}
this.encryptCipher.Init(true, encryptParams);
this.decryptCipher.Init(false, decryptParams);
}
/// <exception cref="IOException"></exception>
public TlsStreamCipher(TlsContext context, IStreamCipher clientWriteCipher,
IStreamCipher serverWriteCipher, IDigest clientWriteDigest, IDigest serverWriteDigest,
int cipherKeySize, bool usesNonce)
{
bool isServer = context.IsServer;
this.context = context;
this.usesNonce = usesNonce;
this.encryptCipher = clientWriteCipher;
this.decryptCipher = serverWriteCipher;
int key_block_size = (2 * cipherKeySize) + clientWriteDigest.GetDigestSize()
+ serverWriteDigest.GetDigestSize();
byte[] key_block = TlsUtilities.CalculateKeyBlock(context, key_block_size);
int offset = 0;
// Init MACs
TlsMac clientWriteMac = new TlsMac(context, clientWriteDigest, key_block, offset,
clientWriteDigest.GetDigestSize());
offset += clientWriteDigest.GetDigestSize();
TlsMac serverWriteMac = new TlsMac(context, serverWriteDigest, key_block, offset,
serverWriteDigest.GetDigestSize());
offset += serverWriteDigest.GetDigestSize();
// Build keys
KeyParameter clientWriteKey = new KeyParameter(key_block, offset, cipherKeySize);
offset += cipherKeySize;
KeyParameter serverWriteKey = new KeyParameter(key_block, offset, cipherKeySize);
offset += cipherKeySize;
if (offset != key_block_size)
{
throw new TlsFatalAlert(AlertDescription.internal_error);
}
ICipherParameters encryptParams, decryptParams;
if (isServer)
{
this.writeMac = serverWriteMac;
this.readMac = clientWriteMac;
this.encryptCipher = serverWriteCipher;
this.decryptCipher = clientWriteCipher;
encryptParams = serverWriteKey;
decryptParams = clientWriteKey;
}
else
{
this.writeMac = clientWriteMac;
this.readMac = serverWriteMac;
this.encryptCipher = clientWriteCipher;
this.decryptCipher = serverWriteCipher;
encryptParams = clientWriteKey;
decryptParams = serverWriteKey;
}
if (usesNonce)
{
byte[] dummyNonce = new byte[8];
encryptParams = new ParametersWithIV(encryptParams, dummyNonce);
decryptParams = new ParametersWithIV(decryptParams, dummyNonce);
}
this.encryptCipher.Init(true, encryptParams);
this.decryptCipher.Init(false, decryptParams);
}
public TlsNullCipher(TlsContext context)
{
this.context = context;
this.writeMac = null;
this.readMac = null;
}
