| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116 |
- // Transport Security Layer (TLS)
- // Copyright (c) 2003-2004 Carlos Guzman Alvarez
- // Copyright (C) 2006 Novell, Inc (http://www.novell.com)
- //
- // Permission is hereby granted, free of charge, to any person obtaining
- // a copy of this software and associated documentation files (the
- // "Software"), to deal in the Software without restriction, including
- // without limitation the rights to use, copy, modify, merge, publish,
- // distribute, sublicense, and/or sell copies of the Software, and to
- // permit persons to whom the Software is furnished to do so, subject to
- // the following conditions:
- //
- // The above copyright notice and this permission notice shall be
- // included in all copies or substantial portions of the Software.
- //
- // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- // EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
- // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- // NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
- // LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
- // OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
- // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
- //
- using System;
- using System.IO;
- using System.Security.Cryptography;
- using System.Security.Cryptography.X509Certificates;
- namespace Mono.Security.Protocol.Tls.Handshake.Server
- {
- internal class TlsClientKeyExchange : HandshakeMessage
- {
- #region Constructors
- public TlsClientKeyExchange(Context context, byte[] buffer) :
- base(context,
- HandshakeType.ClientKeyExchange,
- buffer)
- {
- }
- #endregion
- #region Protected Methods
- protected override void ProcessAsSsl3()
- {
- AsymmetricAlgorithm privKey = null;
- ServerContext context = (ServerContext)this.Context;
- // Select the private key information
- privKey = context.SslStream.RaisePrivateKeySelection(
- new X509Certificate(context.ServerSettings.Certificates[0].RawData),
- null);
- if (privKey == null)
- {
- throw new TlsException(AlertDescription.UserCancelled, "Server certificate Private Key unavailable.");
- }
- // Read client premaster secret
- byte[] clientSecret = this.ReadBytes((int)this.Length);
- // Decrypt premaster secret
- RSAPKCS1KeyExchangeDeformatter deformatter = new RSAPKCS1KeyExchangeDeformatter(privKey);
- byte[] preMasterSecret = deformatter.DecryptKeyExchange(clientSecret);
- // Create master secret
- this.Context.Negotiating.Cipher.ComputeMasterSecret(preMasterSecret);
- // Create keys
- this.Context.Negotiating.Cipher.ComputeKeys ();
- // Initialize Cipher Suite
- this.Context.Negotiating.Cipher.InitializeCipher ();
- }
- protected override void ProcessAsTls1()
- {
- AsymmetricAlgorithm privKey = null;
- ServerContext context = (ServerContext)this.Context;
- // Select the private key information
- // Select the private key information
- privKey = context.SslStream.RaisePrivateKeySelection(
- new X509Certificate(context.ServerSettings.Certificates[0].RawData),
- null);
- if (privKey == null)
- {
- throw new TlsException(AlertDescription.UserCancelled, "Server certificate Private Key unavailable.");
- }
- // Read client premaster secret
- byte[] clientSecret = this.ReadBytes(this.ReadInt16());
- // Decrypt premaster secret
- RSAPKCS1KeyExchangeDeformatter deformatter = new RSAPKCS1KeyExchangeDeformatter(privKey);
- byte[] preMasterSecret = deformatter.DecryptKeyExchange(clientSecret);
- // Create master secret
- this.Context.Negotiating.Cipher.ComputeMasterSecret(preMasterSecret);
- // Create keys
- this.Context.Negotiating.Cipher.ComputeKeys();
- // Initialize Cipher Suite
- this.Context.Negotiating.Cipher.InitializeCipher();
- }
- #endregion
- }
- }
|
