-/* Transport Security Layer (TLS)
- * Copyright (c) 2003 Carlos Guzmán Álvarez
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without restriction,
- * including without limitation the rights to use, copy, modify, merge,
- * publish, distribute, sublicense, and/or sell copies of the Software,
- * and to permit persons to whom the Software is furnished to do so,
- * subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be included
- * in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
- * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- */
+// Transport Security Layer (TLS)
+// Copyright (c) 2003-2004 Carlos Guzman Alvarez
+// Copyright (C) 2006 Novell, Inc (http://www.novell.com)
+//
+// Permission is hereby granted, free of charge, to any person obtaining
+// a copy of this software and associated documentation files (the
+// "Software"), to deal in the Software without restriction, including
+// without limitation the rights to use, copy, modify, merge, publish,
+// distribute, sublicense, and/or sell copies of the Software, and to
+// permit persons to whom the Software is furnished to do so, subject to
+// the following conditions:
+//
+// The above copyright notice and this permission notice shall be
+// included in all copies or substantial portions of the Software.
+//
+// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+// NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+// LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+// OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+//
using System;
using System.Security.Cryptography;
+using Mono.Security.Cryptography;
+
namespace Mono.Security.Protocol.Tls.Handshake.Client
{
- internal class TlsClientFinished : TlsHandshakeMessage
+ internal class TlsClientFinished : HandshakeMessage
{
- #region CONSTRUCTORS
+ #region Constructors
- public TlsClientFinished(TlsSession session)
- : base(session, TlsHandshakeType.Finished, TlsContentType.Handshake)
+ public TlsClientFinished(Context context)
+ : base(context, HandshakeType.Finished)
{
}
#endregion
- #region METHODS
+ #region Methods
- public override void UpdateSession()
+ public override void Update()
{
- base.UpdateSession();
+ base.Update();
this.Reset();
}
#endregion
- #region PROTECTED_METHODS
-
- private byte[] computeSslHash(string hashName, byte[] hashes, int sender)
- {
- HashAlgorithm hash = HashAlgorithm.Create(hashName);
- TlsStream block = new TlsStream();
- TlsSslCipherSuite cipher = (TlsSslCipherSuite)this.Session.Context.Cipher;
- byte[] pad1 = null;
- byte[] pad2 = null;
-
- cipher.GeneratePad(hashName, ref pad1, ref pad2);
-
- block.Write(hashes);
- block.Write(sender);
- block.Write(this.Session.Context.MasterSecret);
- block.Write(cipher.Pad1);
-
- byte[] blockHash = hash.ComputeHash(block.ToArray(), 0, (int)block.Length);
-
- block.Reset();
+ #region Protected Methods
- block.Write(this.Session.Context.MasterSecret);
- block.Write(cipher.Pad2);
- block.Write(blockHash);
-
- blockHash = hash.ComputeHash(block.ToArray(), 0, (int)block.Length);
-
- block.Reset();
-
- return blockHash;
- }
+ static private byte[] Ssl3Marker = new byte [4] { 0x43, 0x4c, 0x4e, 0x54 };
protected override void ProcessAsSsl3()
{
- this.Write(computeSslHash("MD5", Session.Context.HandshakeHashes.Messages, 0x434C4E54));
- this.Write(computeSslHash("SHA1", Session.Context.HandshakeHashes.Messages, 0x434C4E54));
-
- Session.Context.HandshakeHashes.Reset();
+ // Compute handshake messages hashes
+ HashAlgorithm hash = new SslHandshakeHash(this.Context.MasterSecret);
+
+ byte[] data = this.Context.HandshakeMessages.ToArray ();
+ hash.TransformBlock (data, 0, data.Length, data, 0);
+ hash.TransformBlock (Ssl3Marker, 0, Ssl3Marker.Length, Ssl3Marker, 0);
+ // hack to avoid memory allocation
+ hash.TransformFinalBlock (CipherSuite.EmptyArray, 0, 0);
+
+ this.Write (hash.Hash);
}
protected override void ProcessAsTls1()
{
- // Get hashes of handshake messages
- TlsStream hashes = new TlsStream();
-
- hashes.Write(Session.Context.HandshakeHashes.GetMD5Hash());
- hashes.Write(Session.Context.HandshakeHashes.GetSHAHash());
+ // Compute handshake messages hash
+ HashAlgorithm hash = new MD5SHA1();
- // Write message contents
- Write(Session.Context.Cipher.PRF(Session.Context.MasterSecret, "client finished", hashes.ToArray(), 12));
+ // note: we could call HashAlgorithm.ComputeHash(Stream) but that would allocate (on Mono)
+ // a 4096 bytes buffer to process the hash - which is bigger than HandshakeMessages
+ byte[] data = this.Context.HandshakeMessages.ToArray ();
+ byte[] digest = hash.ComputeHash (data, 0, data.Length);
- // Reset data
- hashes.Reset();
- Session.Context.HandshakeHashes.Reset();
+ // Write message
+ Write(this.Context.Write.Cipher.PRF(this.Context.MasterSecret, "client finished", digest, 12));
}
#endregion