-/* Transport Security Layer (TLS)
- * Copyright (c) 2003-2004 Carlos Guzman Alvarez
- *
- * Permission is hereby granted, free of charge, to any person
- * obtaining a copy of this software and associated documentation
- * files (the "Software"), to deal in the Software without restriction,
- * including without limitation the rights to use, copy, modify, merge,
- * publish, distribute, sublicense, and/or sell copies of the Software,
- * and to permit persons to whom the Software is furnished to do so,
- * subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be included
- * in all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
- * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
- * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
- * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
- * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
- * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- */
+// Transport Security Layer (TLS)
+// Copyright (c) 2003-2004 Carlos Guzman Alvarez
+// Copyright (C) 2006 Novell, Inc (http://www.novell.com)
+//
+// Permission is hereby granted, free of charge, to any person obtaining
+// a copy of this software and associated documentation files (the
+// "Software"), to deal in the Software without restriction, including
+// without limitation the rights to use, copy, modify, merge, publish,
+// distribute, sublicense, and/or sell copies of the Software, and to
+// permit persons to whom the Software is furnished to do so, subject to
+// the following conditions:
+//
+// The above copyright notice and this permission notice shall be
+// included in all copies or substantial portions of the Software.
+//
+// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+// NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+// LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+// OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+//
using System;
namespace Mono.Security.Protocol.Tls.Handshake.Client
{
- internal class TlsServerHello : TlsHandshakeMessage
+ internal class TlsServerHello : HandshakeMessage
{
#region Fields
#region Constructors
- public TlsServerHello(TlsContext context, byte[] buffer)
- : base(context, TlsHandshakeType.ServerHello, buffer)
+ public TlsServerHello(Context context, byte[] buffer)
+ : base(context, HandshakeType.ServerHello, buffer)
{
}
this.Context.SessionId = this.sessionId;
this.Context.ServerRandom = this.random;
- this.Context.Cipher = this.cipherSuite;
+ this.Context.Negotiating.Cipher = this.cipherSuite;
this.Context.CompressionMethod = this.compressionMethod;
- this.Context.Cipher.Context = this.Context;
+ this.Context.ProtocolNegotiated = true;
+ DebugHelper.WriteLine("Selected Cipher Suite {0}", this.cipherSuite.Name);
+ DebugHelper.WriteLine("Client random", this.Context.ClientRandom);
+ DebugHelper.WriteLine("Server random", this.Context.ServerRandom);
+
// Compute ClientRandom + ServerRandom
- TlsStream random = new TlsStream();
- random.Write(this.Context.ClientRandom);
- random.Write(this.Context.ServerRandom);
- this.Context.RandomCS = random.ToArray();
-
+ int clen = this.Context.ClientRandom.Length;
+ int slen = this.Context.ServerRandom.Length;
+ int rlen = clen + slen;
+ byte[] cs = new byte[rlen];
+ Buffer.BlockCopy (this.Context.ClientRandom, 0, cs, 0, clen);
+ Buffer.BlockCopy (this.Context.ServerRandom, 0, cs, clen, slen);
+ this.Context.RandomCS = cs;
+
// Server Random + Client Random
- random.Reset();
- random.Write(this.Context.ServerRandom);
- random.Write(this.Context.ClientRandom);
-
- this.Context.RandomSC = random.ToArray();
- random.Reset();
+ byte[] sc = new byte[rlen];
+ Buffer.BlockCopy (this.Context.ServerRandom, 0, sc, 0, slen);
+ Buffer.BlockCopy (this.Context.ClientRandom, 0, sc, slen, clen);
+ this.Context.RandomSC = sc;
}
#endregion
// Read random - Unix time + Random bytes
this.random = this.ReadBytes(32);
-
+
// Read Session id
- int length = (int)ReadByte();
+ int length = (int) ReadByte ();
if (length > 0)
{
this.sessionId = this.ReadBytes(length);
+ ClientSessionCache.Add (this.Context.ClientSettings.TargetHost, this.sessionId);
+ this.Context.AbbreviatedHandshake = Compare (this.sessionId, this.Context.SessionId);
+ }
+ else
+ {
+ this.Context.AbbreviatedHandshake = false;
}
// Read cipher suite
if (this.Context.SupportedCiphers.IndexOf(cipherCode) == -1)
{
// The server has sent an invalid ciphersuite
- throw new TlsException("Invalid cipher suite received from server");
+ throw new TlsException(AlertDescription.InsuficientSecurity, "Invalid cipher suite received from server");
}
this.cipherSuite = this.Context.SupportedCiphers[cipherCode];
{
SecurityProtocolType serverProtocol = this.Context.DecodeProtocolCode(protocol);
- if ((serverProtocol & this.Context.SecurityProtocolFlags) == serverProtocol)
+ if ((serverProtocol & this.Context.SecurityProtocolFlags) == serverProtocol ||
+ (this.Context.SecurityProtocolFlags & SecurityProtocolType.Default) == SecurityProtocolType.Default)
{
this.Context.SecurityProtocol = serverProtocol;
this.Context.SupportedCiphers.Clear();
this.Context.SupportedCiphers = null;
- this.Context.SupportedCiphers = TlsCipherSuiteFactory.GetSupportedCiphers(serverProtocol);
+ this.Context.SupportedCiphers = CipherSuiteFactory.GetSupportedCiphers(serverProtocol);
+
+ DebugHelper.WriteLine("Selected protocol {0}", serverProtocol);
}
else
{
- throw this.Context.CreateException("Incorrect protocol version received from server");
+ throw new TlsException(
+ AlertDescription.ProtocolVersion,
+ "Incorrect protocol version received from server");
}
}
#endregion
}
-}
\ No newline at end of file
+}