mcs/class/Mono.Security/Mono.Security.Protocol.Tls.Handshake.Client/TlsServerKeyExchange.cs

   1 /* Transport Security Layer (TLS)
   2  * Copyright (c) 2003-2004 Carlos Guzman Alvarez
   3  *
   4  * Permission is hereby granted, free of charge, to any person
   5  * obtaining a copy of this software and associated documentation
   6  * files (the "Software"), to deal in the Software without restriction,
   7  * including without limitation the rights to use, copy, modify, merge,
   8  * publish, distribute, sublicense, and/or sell copies of the Software,
   9  * and to permit persons to whom the Software is furnished to do so,
  10  * subject to the following conditions:
  11  *
  12  * The above copyright notice and this permission notice shall be included
  13  * in all copies or substantial portions of the Software.
  14  *
  15  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
  16  * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
  17  * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
  18  * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
  19  * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
  20  * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
  21  * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
  22  * DEALINGS IN THE SOFTWARE.
  23  */
  24
  25 using System;
  26 using System.Security.Cryptography;
  27
  28 using Mono.Security.Cryptography;
  29 using Mono.Security.X509;
  30
  31 namespace Mono.Security.Protocol.Tls.Handshake.Client
  32 {
  33         internal class TlsServerKeyExchange : TlsHandshakeMessage
  34         {
  35                 #region Fields
  36
  37                 private RSAParameters   rsaParams;
  38                 private byte[]                  signedParams;
  39
  40                 #endregion
  41
  42                 #region Constructors
  43
  44                 public TlsServerKeyExchange(Context context, byte[] buffer)
  45                         : base(context, TlsHandshakeType.ServerKeyExchange, buffer)
  46                 {
  47                         this.verifySignature();
  48                 }
  49
  50                 #endregion
  51
  52                 #region Methods
  53
  54                 public override void Update()
  55                 {
  56                         base.Update();
  57
  58                         this.Context.ServerSettings.ServerKeyExchange   = true;
  59                         this.Context.ServerSettings.RsaParameters               = this.rsaParams;
  60                         this.Context.ServerSettings.SignedParams                = this.signedParams;
  61                 }
  62
  63                 #endregion
  64
  65                 #region Protected Methods
  66
  67                 protected override void ProcessAsSsl3()
  68                 {
  69                         this.ProcessAsTls1();
  70                 }
  71
  72                 protected override void ProcessAsTls1()
  73                 {
  74                         this.rsaParams = new RSAParameters();
  75
  76                         // Read modulus
  77                         this.rsaParams.Modulus  = this.ReadBytes(this.ReadInt16());
  78
  79                         // Read exponent
  80                         this.rsaParams.Exponent = this.ReadBytes(this.ReadInt16());
  81
  82                         // Read signed params
  83                         this.signedParams               = this.ReadBytes(this.ReadInt16());
  84                 }
  85
  86                 #endregion
  87
  88                 #region Private Methods
  89
  90                 private void verifySignature()
  91                 {
  92                         MD5SHA1 hash = new MD5SHA1();
  93
  94                         // Calculate size of server params
  95                         int size = rsaParams.Modulus.Length + rsaParams.Exponent.Length + 4;
  96
  97                         // Create server params array
  98                         TlsStream stream = new TlsStream();
  99
 100                         stream.Write(this.Context.RandomCS);
 101                         stream.Write(this.ToArray(), 0, size);
 102
 103                         hash.ComputeHash(stream.ToArray());
 104
 105                         stream.Reset();
 106
 107                         bool isValidSignature = hash.VerifySignature(
 108                                 this.Context.Cipher.CertificateRSA(),
 109                                 this.signedParams);
 110
 111                         if (!isValidSignature)
 112                         {
 113                                 throw this.Context.CreateException("Data was not signed with the server certificate.");
 114                         }
 115                 }
 116
 117                 #endregion
 118         }
 119 }