@@ -519,87 +519,11 @@ public byte[] ReceiveRecord(Stream record)
519519
520520 private byte [ ] ReadRecordBuffer ( int contentType , Stream record )
521521 {
522- switch ( contentType )
523- {
524- case 0x80 :
525- return this . ReadClientHelloV2 ( record ) ;
526-
527- default :
528- if ( ! Enum . IsDefined ( typeof ( ContentType ) , ( ContentType ) contentType ) )
529- {
530- throw new TlsException ( AlertDescription . DecodeError ) ;
531- }
532- return this . ReadStandardRecordBuffer ( record ) ;
533- }
534- }
535-
536- private byte [ ] ReadClientHelloV2 ( Stream record )
537- {
538- int msgLength = record . ReadByte ( ) ;
539- // process further only if the whole record is available
540- if ( record . CanSeek && ( msgLength + 1 > record . Length ) )
541- {
542- return null ;
543- }
544-
545- byte [ ] message = new byte [ msgLength ] ;
546- record . Read ( message , 0 , msgLength ) ;
547-
548- int msgType = message [ 0 ] ;
549- if ( msgType != 1 )
550- {
551- throw new TlsException ( AlertDescription . DecodeError ) ;
552- }
553- int protocol = ( message [ 1 ] << 8 | message [ 2 ] ) ;
554- int cipherSpecLength = ( message [ 3 ] << 8 | message [ 4 ] ) ;
555- int sessionIdLength = ( message [ 5 ] << 8 | message [ 6 ] ) ;
556- int challengeLength = ( message [ 7 ] << 8 | message [ 8 ] ) ;
557- int length = ( challengeLength > 32 ) ? 32 : challengeLength ;
558-
559- // Read CipherSpecs
560- byte [ ] cipherSpecV2 = new byte [ cipherSpecLength ] ;
561- Buffer . BlockCopy ( message , 9 , cipherSpecV2 , 0 , cipherSpecLength ) ;
562-
563- // Read session ID
564- byte [ ] sessionId = new byte [ sessionIdLength ] ;
565- Buffer . BlockCopy ( message , 9 + cipherSpecLength , sessionId , 0 , sessionIdLength ) ;
566-
567- // Read challenge ID
568- byte [ ] challenge = new byte [ challengeLength ] ;
569- Buffer . BlockCopy ( message , 9 + cipherSpecLength + sessionIdLength , challenge , 0 , challengeLength ) ;
570-
571- if ( challengeLength < 16 || cipherSpecLength == 0 || ( cipherSpecLength % 3 ) != 0 )
522+ if ( ! Enum . IsDefined ( typeof ( ContentType ) , ( ContentType ) contentType ) )
572523 {
573524 throw new TlsException ( AlertDescription . DecodeError ) ;
574525 }
575526
576- // Updated the Session ID
577- if ( sessionId . Length > 0 )
578- {
579- this . context . SessionId = sessionId ;
580- }
581-
582- // Update the protocol version
583- this . Context . ChangeProtocol ( ( short ) protocol ) ;
584-
585- // Select the Cipher suite
586- this . ProcessCipherSpecV2Buffer ( this . Context . SecurityProtocol , cipherSpecV2 ) ;
587-
588- // Updated the Client Random
589- this . context . ClientRandom = new byte [ 32 ] ; // Always 32
590- // 1. if challenge is bigger than 32 bytes only use the last 32 bytes
591- // 2. right justify (0) challenge in ClientRandom if less than 32
592- Buffer . BlockCopy ( challenge , challenge . Length - length , this . context . ClientRandom , 32 - length , length ) ;
593-
594- // Set
595- this . context . LastHandshakeMsg = HandshakeType . ClientHello ;
596- this . context . ProtocolNegotiated = true ;
597-
598- return message ;
599- }
600-
601- private byte [ ] ReadStandardRecordBuffer ( Stream record )
602- {
603527 byte [ ] header = new byte [ 4 ] ;
604528 if ( record . Read ( header , 0 , 4 ) != 4 )
605529 throw new TlsException ( "buffer underrun" ) ;
@@ -1037,96 +961,5 @@ private bool Compare (byte[] array1, byte[] array2)
1037961 }
1038962
1039963 #endregion
1040-
1041- #region CipherSpecV2 processing
1042-
1043- private void ProcessCipherSpecV2Buffer ( SecurityProtocolType protocol , byte [ ] buffer )
1044- {
1045- TlsStream codes = new TlsStream ( buffer ) ;
1046-
1047- string prefix = ( protocol == SecurityProtocolType . Ssl3 ) ? "SSL_" : "TLS_" ;
1048-
1049- while ( codes . Position < codes . Length )
1050- {
1051- byte check = codes . ReadByte ( ) ;
1052-
1053- if ( check == 0 )
1054- {
1055- // SSL/TLS cipher spec
1056- short code = codes . ReadInt16 ( ) ;
1057- int index = this . Context . SupportedCiphers . IndexOf ( code ) ;
1058- if ( index != - 1 )
1059- {
1060- this . Context . Negotiating . Cipher = this . Context . SupportedCiphers [ index ] ;
1061- break ;
1062- }
1063- }
1064- else
1065- {
1066- byte [ ] tmp = new byte [ 2 ] ;
1067- codes . Read ( tmp , 0 , tmp . Length ) ;
1068-
1069- int tmpCode = ( ( check & 0xff ) << 16 ) | ( ( tmp [ 0 ] & 0xff ) << 8 ) | ( tmp [ 1 ] & 0xff ) ;
1070- CipherSuite cipher = this . MapV2CipherCode ( prefix , tmpCode ) ;
1071-
1072- if ( cipher != null )
1073- {
1074- this . Context . Negotiating . Cipher = cipher ;
1075- break ;
1076- }
1077- }
1078- }
1079-
1080- if ( this . Context . Negotiating == null )
1081- {
1082- throw new TlsException ( AlertDescription . InsuficientSecurity , "Insuficient Security" ) ;
1083- }
1084- }
1085-
1086- private CipherSuite MapV2CipherCode ( string prefix , int code )
1087- {
1088- try
1089- {
1090- switch ( code )
1091- {
1092- case 65664 :
1093- // TLS_RC4_128_WITH_MD5
1094- return this . Context . SupportedCiphers [ prefix + "RSA_WITH_RC4_128_MD5" ] ;
1095-
1096- case 131200 :
1097- // TLS_RC4_128_EXPORT40_WITH_MD5
1098- return this . Context . SupportedCiphers [ prefix + "RSA_EXPORT_WITH_RC4_40_MD5" ] ;
1099-
1100- case 196736 :
1101- // TLS_RC2_CBC_128_CBC_WITH_MD5
1102- return this . Context . SupportedCiphers [ prefix + "RSA_EXPORT_WITH_RC2_CBC_40_MD5" ] ;
1103-
1104- case 262272 :
1105- // TLS_RC2_CBC_128_CBC_EXPORT40_WITH_MD5
1106- return this . Context . SupportedCiphers [ prefix + "RSA_EXPORT_WITH_RC2_CBC_40_MD5" ] ;
1107-
1108- case 327808 :
1109- // TLS_IDEA_128_CBC_WITH_MD5
1110- return null ;
1111-
1112- case 393280 :
1113- // TLS_DES_64_CBC_WITH_MD5
1114- return null ;
1115-
1116- case 458944 :
1117- // TLS_DES_192_EDE3_CBC_WITH_MD5
1118- return null ;
1119-
1120- default :
1121- return null ;
1122- }
1123- }
1124- catch
1125- {
1126- return null ;
1127- }
1128- }
1129-
1130- #endregion
1131964 }
1132965}
0 commit comments