mcs/class/Mono.Security/Mono.Security.Protocol.Tls.Handshake.Client/TlsServerFinished.cs

   1 // Transport Security Layer (TLS)
   2 // Copyright (c) 2003-2004 Carlos Guzman Alvarez
   3
   4 //
   5 // Permission is hereby granted, free of charge, to any person obtaining
   6 // a copy of this software and associated documentation files (the
   7 // "Software"), to deal in the Software without restriction, including
   8 // without limitation the rights to use, copy, modify, merge, publish,
   9 // distribute, sublicense, and/or sell copies of the Software, and to
  10 // permit persons to whom the Software is furnished to do so, subject to
  11 // the following conditions:
  12 //
  13 // The above copyright notice and this permission notice shall be
  14 // included in all copies or substantial portions of the Software.
  15 //
  16 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
  17 // EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
  18 // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
  19 // NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
  20 // LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
  21 // OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
  22 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
  23 //
  24
  25 using System;
  26 using System.Security.Cryptography;
  27
  28 using Mono.Security.Cryptography;
  29
  30 namespace Mono.Security.Protocol.Tls.Handshake.Client
  31 {
  32         internal class TlsServerFinished : HandshakeMessage
  33         {
  34                 #region Constructors
  35
  36                 public TlsServerFinished(Context context, byte[] buffer)
  37                         : base(context, HandshakeType.Finished, buffer)
  38                 {
  39                 }
  40
  41                 #endregion
  42
  43                 #region Methods
  44
  45                 public override void Update()
  46                 {
  47                         base.Update();
  48
  49                         // Reset Hahdshake messages information
  50                         this.Context.HandshakeMessages.Reset();
  51
  52                         // Hahdshake is finished
  53                         this.Context.HandshakeState = HandshakeState.Finished;
  54                 }
  55
  56                 #endregion
  57
  58                 #region Protected Methods
  59
  60                 protected override void ProcessAsSsl3()
  61                 {
  62                         // Compute handshake messages hashes
  63                         HashAlgorithm hash = new SslHandshakeHash(this.Context.MasterSecret);
  64
  65                         TlsStream data = new TlsStream();
  66                         data.Write(this.Context.HandshakeMessages.ToArray());
  67                         data.Write((int)0x53525652);
  68
  69                         hash.TransformFinalBlock(data.ToArray(), 0, (int)data.Length);
  70
  71                         data.Reset();
  72
  73                         byte[] serverHash       = this.ReadBytes((int)Length);
  74                         byte[] clientHash       = hash.Hash;
  75
  76                         // Check server prf against client prf
  77                         if (clientHash.Length != serverHash.Length)
  78                         {
  79 #warning Review that selected alert is correct
  80                                 throw new TlsException(AlertDescription.InsuficientSecurity, "Invalid ServerFinished message received.");
  81                         }
  82                         for (int i = 0; i < serverHash.Length; i++)
  83                         {
  84                                 if (clientHash[i] != serverHash[i])
  85                                 {
  86                                         throw new TlsException(AlertDescription.InsuficientSecurity, "Invalid ServerFinished message received.");
  87                                 }
  88                         }
  89                 }
  90
  91                 protected override void ProcessAsTls1()
  92                 {
  93                         byte[]                  serverPRF       = this.ReadBytes((int)Length);
  94                         HashAlgorithm   hash            = new MD5SHA1();
  95
  96                         hash.ComputeHash(
  97                                 this.Context.HandshakeMessages.ToArray(),
  98                                 0,
  99                                 (int)this.Context.HandshakeMessages.Length);
 100
 101                         byte[] clientPRF = this.Context.Cipher.PRF(this.Context.MasterSecret, "server finished", hash.Hash, 12);
 102
 103                         // Check server prf against client prf
 104                         if (clientPRF.Length != serverPRF.Length)
 105                         {
 106                                 throw new TlsException("Invalid ServerFinished message received.");
 107                         }
 108                         for (int i = 0; i < serverPRF.Length; i++)
 109                         {
 110                                 if (clientPRF[i] != serverPRF[i])
 111                                 {
 112                                         throw new TlsException(AlertDescription.InsuficientSecurity, "Invalid ServerFinished message received.");
 113                                 }
 114                         }
 115                 }
 116
 117                 #endregion
 118         }
 119 }