protected virtual void SendFinishedMessage() { byte[] array = this.CreateVerifyData(this.Context.IsServer); TlsProtocol.HandshakeMessage handshakeMessage = new TlsProtocol.HandshakeMessage(20, array.Length); handshakeMessage.Write(array, 0, array.Length); handshakeMessage.WriteToRecordStream(this); }
protected virtual void SendNewSessionTicketMessage(NewSessionTicket newSessionTicket) { if (newSessionTicket == null) { throw new TlsFatalAlert(80); } TlsProtocol.HandshakeMessage handshakeMessage = new TlsProtocol.HandshakeMessage(4); newSessionTicket.Encode(handshakeMessage); handshakeMessage.WriteToRecordStream(this); }
protected virtual void SendClientHelloMessage() { base.mRecordStream.SetWriteVersion(this.mTlsClient.ClientHelloRecordLayerVersion); ProtocolVersion clientVersion = this.mTlsClient.ClientVersion; if (clientVersion.IsDtls) { throw new TlsFatalAlert(80); } this.ContextAdmin.SetClientVersion(clientVersion); byte[] emptyBytes = TlsUtilities.EmptyBytes; if (base.mTlsSession != null) { emptyBytes = base.mTlsSession.SessionID; if ((emptyBytes == null) || (emptyBytes.Length > 0x20)) { emptyBytes = TlsUtilities.EmptyBytes; } } bool isFallback = this.mTlsClient.IsFallback; base.mOfferedCipherSuites = this.mTlsClient.GetCipherSuites(); base.mOfferedCompressionMethods = this.mTlsClient.GetCompressionMethods(); if (((emptyBytes.Length > 0) && (base.mSessionParameters != null)) && (!Arrays.Contains(base.mOfferedCipherSuites, base.mSessionParameters.CipherSuite) || !Arrays.Contains(base.mOfferedCompressionMethods, base.mSessionParameters.CompressionAlgorithm))) { emptyBytes = TlsUtilities.EmptyBytes; } base.mClientExtensions = this.mTlsClient.GetClientExtensions(); TlsProtocol.HandshakeMessage output = new TlsProtocol.HandshakeMessage(1); TlsUtilities.WriteVersion(clientVersion, output); output.Write(base.mSecurityParameters.ClientRandom); TlsUtilities.WriteOpaque8(emptyBytes, output); byte[] extensionData = TlsUtilities.GetExtensionData(base.mClientExtensions, 0xff01); bool flag2 = null == extensionData; bool flag3 = !Arrays.Contains(base.mOfferedCipherSuites, 0xff); if (flag2 && flag3) { base.mOfferedCipherSuites = Arrays.Append(base.mOfferedCipherSuites, 0xff); } if (isFallback && !Arrays.Contains(base.mOfferedCipherSuites, 0x5600)) { base.mOfferedCipherSuites = Arrays.Append(base.mOfferedCipherSuites, 0x5600); } TlsUtilities.WriteUint16ArrayWithUint16Length(base.mOfferedCipherSuites, output); TlsUtilities.WriteUint8ArrayWithUint8Length(base.mOfferedCompressionMethods, output); if (base.mClientExtensions != null) { TlsProtocol.WriteExtensions(output, base.mClientExtensions); } output.WriteToRecordStream(this); }
protected virtual void SendClientHelloMessage() { this.mRecordStream.SetWriteVersion(this.mTlsClient.ClientHelloRecordLayerVersion); ProtocolVersion clientVersion = this.mTlsClient.ClientVersion; if (clientVersion.IsDtls) { throw new TlsFatalAlert(80); } this.ContextAdmin.SetClientVersion(clientVersion); byte[] array = TlsUtilities.EmptyBytes; if (this.mTlsSession != null) { array = this.mTlsSession.SessionID; if (array == null || array.Length > 32) { array = TlsUtilities.EmptyBytes; } } bool isFallback = this.mTlsClient.IsFallback; this.mOfferedCipherSuites = this.mTlsClient.GetCipherSuites(); this.mOfferedCompressionMethods = this.mTlsClient.GetCompressionMethods(); if (array.Length > 0 && this.mSessionParameters != null && (!Arrays.Contains(this.mOfferedCipherSuites, this.mSessionParameters.CipherSuite) || !Arrays.Contains(this.mOfferedCompressionMethods, this.mSessionParameters.CompressionAlgorithm))) { array = TlsUtilities.EmptyBytes; } this.mClientExtensions = this.mTlsClient.GetClientExtensions(); TlsProtocol.HandshakeMessage handshakeMessage = new TlsProtocol.HandshakeMessage(1); TlsUtilities.WriteVersion(clientVersion, handshakeMessage); handshakeMessage.Write(this.mSecurityParameters.ClientRandom); TlsUtilities.WriteOpaque8(array, handshakeMessage); byte[] extensionData = TlsUtilities.GetExtensionData(this.mClientExtensions, 65281); bool flag = null == extensionData; bool flag2 = !Arrays.Contains(this.mOfferedCipherSuites, 255); if (flag && flag2) { this.mOfferedCipherSuites = Arrays.Append(this.mOfferedCipherSuites, 255); } if (isFallback && !Arrays.Contains(this.mOfferedCipherSuites, 22016)) { this.mOfferedCipherSuites = Arrays.Append(this.mOfferedCipherSuites, 22016); } TlsUtilities.WriteUint16ArrayWithUint16Length(this.mOfferedCipherSuites, handshakeMessage); TlsUtilities.WriteUint8ArrayWithUint8Length(this.mOfferedCompressionMethods, handshakeMessage); if (this.mClientExtensions != null) { TlsProtocol.WriteExtensions(handshakeMessage, this.mClientExtensions); } handshakeMessage.WriteToRecordStream(this); }
protected virtual void SendCertificateMessage(Certificate certificate) { if (certificate == null) { certificate = Certificate.EmptyChain; } if (certificate.IsEmpty) { TlsContext context = this.Context; if (!context.IsServer) { ProtocolVersion serverVersion = this.Context.ServerVersion; if (serverVersion.IsSsl) { string message = serverVersion.ToString() + " client didn't provide credentials"; this.RaiseWarning(41, message); return; } } } TlsProtocol.HandshakeMessage handshakeMessage = new TlsProtocol.HandshakeMessage(11); certificate.Encode(handshakeMessage); handshakeMessage.WriteToRecordStream(this); }
protected virtual void SendServerKeyExchangeMessage(byte[] serverKeyExchange) { TlsProtocol.HandshakeMessage handshakeMessage = new TlsProtocol.HandshakeMessage(12, serverKeyExchange.Length); handshakeMessage.Write(serverKeyExchange); handshakeMessage.WriteToRecordStream(this); }
protected virtual void SendServerHelloMessage() { TlsProtocol.HandshakeMessage handshakeMessage = new TlsProtocol.HandshakeMessage(2); ProtocolVersion serverVersion = this.mTlsServer.GetServerVersion(); if (!serverVersion.IsEqualOrEarlierVersionOf(this.Context.ClientVersion)) { throw new TlsFatalAlert(80); } this.mRecordStream.ReadVersion = serverVersion; this.mRecordStream.SetWriteVersion(serverVersion); this.mRecordStream.SetRestrictReadVersion(true); this.ContextAdmin.SetServerVersion(serverVersion); TlsUtilities.WriteVersion(serverVersion, handshakeMessage); handshakeMessage.Write(this.mSecurityParameters.serverRandom); TlsUtilities.WriteOpaque8(TlsUtilities.EmptyBytes, handshakeMessage); int selectedCipherSuite = this.mTlsServer.GetSelectedCipherSuite(); if (!Arrays.Contains(this.mOfferedCipherSuites, selectedCipherSuite) || selectedCipherSuite == 0 || CipherSuite.IsScsv(selectedCipherSuite) || !TlsUtilities.IsValidCipherSuiteForVersion(selectedCipherSuite, this.Context.ServerVersion)) { throw new TlsFatalAlert(80); } this.mSecurityParameters.cipherSuite = selectedCipherSuite; byte selectedCompressionMethod = this.mTlsServer.GetSelectedCompressionMethod(); if (!Arrays.Contains(this.mOfferedCompressionMethods, selectedCompressionMethod)) { throw new TlsFatalAlert(80); } this.mSecurityParameters.compressionAlgorithm = selectedCompressionMethod; TlsUtilities.WriteUint16(selectedCipherSuite, handshakeMessage); TlsUtilities.WriteUint8(selectedCompressionMethod, handshakeMessage); this.mServerExtensions = this.mTlsServer.GetServerExtensions(); if (this.mSecureRenegotiation) { byte[] extensionData = TlsUtilities.GetExtensionData(this.mServerExtensions, 65281); bool flag = null == extensionData; if (flag) { this.mServerExtensions = TlsExtensionsUtilities.EnsureExtensionsInitialised(this.mServerExtensions); this.mServerExtensions[65281] = TlsProtocol.CreateRenegotiationInfo(TlsUtilities.EmptyBytes); } } if (this.mSecurityParameters.extendedMasterSecret) { this.mServerExtensions = TlsExtensionsUtilities.EnsureExtensionsInitialised(this.mServerExtensions); TlsExtensionsUtilities.AddExtendedMasterSecretExtension(this.mServerExtensions); } if (this.mServerExtensions != null) { this.mSecurityParameters.encryptThenMac = TlsExtensionsUtilities.HasEncryptThenMacExtension(this.mServerExtensions); this.mSecurityParameters.maxFragmentLength = this.ProcessMaxFragmentLengthExtension(this.mClientExtensions, this.mServerExtensions, 80); this.mSecurityParameters.truncatedHMac = TlsExtensionsUtilities.HasTruncatedHMacExtension(this.mServerExtensions); this.mAllowCertificateStatus = (!this.mResumedSession && TlsUtilities.HasExpectedEmptyExtensionData(this.mServerExtensions, 5, 80)); this.mExpectSessionTicket = (!this.mResumedSession && TlsUtilities.HasExpectedEmptyExtensionData(this.mServerExtensions, 35, 80)); TlsProtocol.WriteExtensions(handshakeMessage, this.mServerExtensions); } this.mSecurityParameters.prfAlgorithm = TlsProtocol.GetPrfAlgorithm(this.Context, this.mSecurityParameters.CipherSuite); this.mSecurityParameters.verifyDataLength = 12; this.ApplyMaxFragmentLengthExtension(); handshakeMessage.WriteToRecordStream(this); }
protected virtual void SendCertificateStatusMessage(CertificateStatus certificateStatus) { TlsProtocol.HandshakeMessage handshakeMessage = new TlsProtocol.HandshakeMessage(22); certificateStatus.Encode(handshakeMessage); handshakeMessage.WriteToRecordStream(this); }
protected virtual void SendCertificateRequestMessage(CertificateRequest certificateRequest) { TlsProtocol.HandshakeMessage handshakeMessage = new TlsProtocol.HandshakeMessage(13); certificateRequest.Encode(handshakeMessage); handshakeMessage.WriteToRecordStream(this); }
protected virtual void SendSupplementalDataMessage(IList supplementalData) { TlsProtocol.HandshakeMessage handshakeMessage = new TlsProtocol.HandshakeMessage(23); TlsProtocol.WriteSupplementalData(handshakeMessage, supplementalData); handshakeMessage.WriteToRecordStream(this); }
protected virtual void SendClientKeyExchangeMessage() { TlsProtocol.HandshakeMessage output = new TlsProtocol.HandshakeMessage(0x10); this.mKeyExchange.GenerateClientKeyExchange(output); output.WriteToRecordStream(this); }
protected virtual void SendCertificateVerifyMessage(DigitallySigned certificateVerify) { TlsProtocol.HandshakeMessage output = new TlsProtocol.HandshakeMessage(15); certificateVerify.Encode(output); output.WriteToRecordStream(this); }
protected virtual void SendClientKeyExchangeMessage() { TlsProtocol.HandshakeMessage handshakeMessage = new TlsProtocol.HandshakeMessage(16); this.mKeyExchange.GenerateClientKeyExchange(handshakeMessage); handshakeMessage.WriteToRecordStream(this); }