summary refs log tree commit diff
path: root/crypto/src/tls/Ssl3Utilities.cs
blob: 594bdefbcf3d86238fbc3985eb2a0baec037b882 (plain) (blame) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69

using System;
using System.IO;

using Org.BouncyCastle.Tls.Crypto;
using Org.BouncyCastle.Utilities;
using Org.BouncyCastle.Utilities.IO;

namespace Org.BouncyCastle.Tls
{
    internal abstract class Ssl3Utilities
    {
        private static readonly byte[] SSL_CLIENT = {0x43, 0x4C, 0x4E, 0x54};
        private static readonly byte[] SSL_SERVER = {0x53, 0x52, 0x56, 0x52};

        private const byte IPAD_BYTE = (byte)0x36;
        private const byte OPAD_BYTE = (byte)0x5C;

        private static readonly byte[] IPAD = GenPad(IPAD_BYTE, 48);
        private static readonly byte[] OPAD = GenPad(OPAD_BYTE, 48);

        internal static byte[] CalculateVerifyData(TlsHandshakeHash handshakeHash, bool isServer)
        {
            TlsHash prf = handshakeHash.ForkPrfHash();
            byte[] sslSender = isServer ? SSL_SERVER : SSL_CLIENT;
            prf.Update(sslSender, 0, sslSender.Length);
            return prf.CalculateHash();
        }

        internal static void CompleteCombinedHash(TlsContext context, TlsHash md5, TlsHash sha1)
        {
            TlsSecret masterSecret = context.SecurityParameters.MasterSecret;
            byte[] master_secret = context.Crypto.AdoptSecret(masterSecret).Extract();

            CompleteHash(master_secret, md5, 48);
            CompleteHash(master_secret, sha1, 40);
        }

        private static void CompleteHash(byte[] master_secret, TlsHash hash, int padLength)
        {
            hash.Update(master_secret, 0, master_secret.Length);
            hash.Update(IPAD, 0, padLength);

            byte[] tmp = hash.CalculateHash();

            hash.Update(master_secret, 0, master_secret.Length);
            hash.Update(OPAD, 0, padLength);
            hash.Update(tmp, 0, tmp.Length);
        }

        private static byte[] GenPad(byte b, int count)
        {
            byte[] padding = new byte[count];
            Arrays.Fill(padding, b);
            return padding;
        }

        /// <exception cref="IOException"/>
        internal static byte[] ReadEncryptedPms(Stream input)
        {
            return Streams.ReadAll(input);
        }

        /// <exception cref="IOException"/>
        internal static void WriteEncryptedPms(byte[] encryptedPms, Stream output)
        {
            output.Write(encryptedPms, 0, encryptedPms.Length);
        }
    }
}
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-09-20 00:46:54 +0000