search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
2010-04-06 Jb Evain <jbevain@novell.com>
[mcs.git] / class / Mono.Security / Mono.Security.Protocol.Tls.Handshake.Client / TlsServerKeyExchange.cs
blobd6c8e5130290339e88bb5b0c19ae2467d90c47e0
1 // Transport Security Layer (TLS)
2 // Copyright (c) 2003-2004 Carlos Guzman Alvarez
3
4 //
5 // Permission is hereby granted, free of charge, to any person obtaining
6 // a copy of this software and associated documentation files (the
7 // "Software"), to deal in the Software without restriction, including
8 // without limitation the rights to use, copy, modify, merge, publish,
9 // distribute, sublicense, and/or sell copies of the Software, and to
10 // permit persons to whom the Software is furnished to do so, subject to
11 // the following conditions:
12 //
13 // The above copyright notice and this permission notice shall be
14 // included in all copies or substantial portions of the Software.
15 //
16 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
17 // EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
18 // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
19 // NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
20 // LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
21 // OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
22 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
23 //
24
25 using System;
26 using System.Security.Cryptography;
27
28 using Mono.Security.Cryptography;
29 using Mono.Security.X509;
30
31 namespace Mono.Security.Protocol.Tls.Handshake.Client
32 {
33 internal class TlsServerKeyExchange : HandshakeMessage
34 {
35 #region Fields
36
37 private RSAParameters rsaParams;
38 private byte[] signedParams;
39
40 #endregion
41
42 #region Constructors
43
44 public TlsServerKeyExchange(Context context, byte[] buffer)
45 : base(context, HandshakeType.ServerKeyExchange, buffer)
46 {
47 this.verifySignature();
48 }
49
50 #endregion
51
52 #region Methods
53
54 public override void Update()
55 {
56 base.Update();
57
58 this.Context.ServerSettings.ServerKeyExchange = true;
59 this.Context.ServerSettings.RsaParameters = this.rsaParams;
60 this.Context.ServerSettings.SignedParams = this.signedParams;
61 }
62
63 #endregion
64
65 #region Protected Methods
66
67 protected override void ProcessAsSsl3()
68 {
69 this.ProcessAsTls1();
70 }
71
72 protected override void ProcessAsTls1()
73 {
74 this.rsaParams = new RSAParameters();
75
76 // Read modulus
77 this.rsaParams.Modulus = this.ReadBytes(this.ReadInt16());
78
79 // Read exponent
80 this.rsaParams.Exponent = this.ReadBytes(this.ReadInt16());
81
82 // Read signed params
83 this.signedParams = this.ReadBytes(this.ReadInt16());
84 }
85
86 #endregion
87
88 #region Private Methods
89
90 private void verifySignature()
91 {
92 MD5SHA1 hash = new MD5SHA1();
93
94 // Calculate size of server params
95 int size = rsaParams.Modulus.Length + rsaParams.Exponent.Length + 4;
96
97 // Create server params array
98 TlsStream stream = new TlsStream();
99
100 stream.Write(this.Context.RandomCS);
101 stream.Write(this.ToArray(), 0, size);
102
103 hash.ComputeHash(stream.ToArray());
104
105 stream.Reset();
106
107 bool isValidSignature = hash.VerifySignature(
108 this.Context.ServerSettings.CertificateRSA,
109 this.signedParams);
110
111 if (!isValidSignature)
112 {
113 throw new TlsException(
114 AlertDescription.DecodeError,
115 "Data was not signed with the server certificate.");
116 }
117 }
118
119 #endregion
120 }
121 }
git-svn mirror of mcs