class/Mono.Security/Mono.Security.Protocol.Tls.Handshake.Server/TlsClientCertificateVerify.cs

   1 // Transport Security Layer (TLS)
   2 // Copyright (c) 2003-2004 Carlos Guzman Alvarez
   3
   4 //
   5 // Permission is hereby granted, free of charge, to any person obtaining
   6 // a copy of this software and associated documentation files (the
   7 // "Software"), to deal in the Software without restriction, including
   8 // without limitation the rights to use, copy, modify, merge, publish,
   9 // distribute, sublicense, and/or sell copies of the Software, and to
  10 // permit persons to whom the Software is furnished to do so, subject to
  11 // the following conditions:
  12 //
  13 // The above copyright notice and this permission notice shall be
  14 // included in all copies or substantial portions of the Software.
  15 //
  16 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
  17 // EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
  18 // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
  19 // NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
  20 // LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
  21 // OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
  22 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
  23 //
  24
  25 using System;
  26 using System.Security.Cryptography.X509Certificates;
  27
  28 using System.Security.Cryptography;
  29 using Mono.Security.Cryptography;
  30
  31 namespace Mono.Security.Protocol.Tls.Handshake.Server
  32 {
  33         internal class TlsClientCertificateVerify : HandshakeMessage
  34         {
  35                 #region Constructors
  36
  37                 public TlsClientCertificateVerify(Context context, byte[] buffer)
  38                         : base(context, HandshakeType.CertificateVerify, buffer)
  39                 {
  40                 }
  41
  42                 #endregion
  43
  44                 #region Protected Methods
  45
  46                 protected override void ProcessAsSsl3()
  47                 {
  48                         ServerContext context = (ServerContext)this.Context;
  49                         int length = this.ReadInt16 ();
  50                         byte[] signature = this.ReadBytes (length);
  51
  52                         // Verify signature
  53                         SslHandshakeHash hash = new SslHandshakeHash(context.MasterSecret);
  54                         hash.TransformFinalBlock(
  55                                 context.HandshakeMessages.ToArray(),
  56                                 0,
  57                                 (int)context.HandshakeMessages.Length);
  58
  59                         if (!hash.VerifySignature(context.ClientSettings.CertificateRSA, signature))
  60                         {
  61                                 throw new TlsException(AlertDescription.HandshakeFailiure, "Handshake Failure.");
  62                         }
  63                 }
  64
  65                 protected override void ProcessAsTls1()
  66                 {
  67                         ServerContext context = (ServerContext)this.Context;
  68                         int length = this.ReadInt16 ();
  69                         byte[] signature = this.ReadBytes (length);
  70
  71                         // Verify signature
  72                         MD5SHA1 hash = new MD5SHA1();
  73                         hash.ComputeHash(
  74                                 context.HandshakeMessages.ToArray(),
  75                                 0,
  76                                 (int)context.HandshakeMessages.Length);
  77
  78                         if (!hash.VerifySignature(context.ClientSettings.CertificateRSA, signature))
  79                         {
  80                                 throw new TlsException (AlertDescription.HandshakeFailiure, "Handshake Failure.");
  81                         }
  82                 }
  83
  84                 #endregion
  85         }
  86 }