[pgsqlclient-checkins] pgsqlclient_10/PgSqlClient.Security.Tls/source TlsCipherSuiteCollection.cs,1.

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Update of /cvsroot/pgsqlclient/pgsqlclient_10/PgSqlClient.Security.Tls/source
In directory sc8-pr-cvs1:/tmp/cvs-serv22361

Modified Files:
	TlsCipherSuiteCollection.cs TlsReader.cs TlsWriter.cs 
Log Message:
Simplify a little record encryption/decryption

Index: TlsCipherSuiteCollection.cs
===================================================================
RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/PgSqlClient.Security.Tls/source/TlsCipherSuiteCollection.cs,v
retrieving revision 1.1
retrieving revision 1.2
diff -C2 -d -r1.1 -r1.2
*** TlsCipherSuiteCollection.cs	20 Aug 2003 11:48:20 -0000	1.1
--- TlsCipherSuiteCollection.cs	20 Aug 2003 15:15:50 -0000	1.2
***************
*** 61,64 ****
--- 61,65 ----
  			// scs.Add((0x00 << 0x08) | 0x02, "TLS_RSA_WITH_NULL_SHA", "", "SHA", true, false, 0, 0, 0, 0, 0);
  			// scs.Add((0x00 << 0x08) | 0x03, "TLS_RSA_EXPORT_WITH_RC4_40_MD5", "RC4", "MD5", true, false, 5, 16, 40, 0, 0);
+ 			scs.Add((0x00 << 0x08) | 0x0A, "TLS_RSA_WITH_3DES_EDE_CBC_SHA", "3DES", "SHA", false, true, 24, 24, 168, 8, 8);
  			scs.Add((0x00 << 0x08) | 0x05, "TLS_RSA_WITH_RC4_128_SHA", "RC4", "SHA", false, false, 16, 16, 128, 0, 0);
  			scs.Add((0x00 << 0x08) | 0x04, "TLS_RSA_WITH_RC4_128_MD5", "RC4", "MD5", false, false, 16, 16, 128, 0, 0);			
***************
*** 67,71 ****
  			// scs.Add((0x00 << 0x08) | 0x08, "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA", "DES", "SHA", true, true, 5, 8, 40, 8, 8);
  			scs.Add((0x00 << 0x08) | 0x09, "TLS_RSA_WITH_DES_CBC_SHA", "DES", "SHA", false, true, 8, 8, 56, 8, 8);
- 			scs.Add((0x00 << 0x08) | 0x0A, "TLS_RSA_WITH_3DES_EDE_CBC_SHA", "3DES", "SHA", false, true, 24, 24, 168, 8, 8);
  			
  
--- 68,71 ----

Index: TlsReader.cs
===================================================================
RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/PgSqlClient.Security.Tls/source/TlsReader.cs,v
retrieving revision 1.1
retrieving revision 1.2
diff -C2 -d -r1.1 -r1.2
*** TlsReader.cs	20 Aug 2003 11:48:20 -0000	1.1
--- TlsReader.cs	20 Aug 2003 15:15:50 -0000	1.2
***************
*** 87,91 ****
  				case TlsContentType.ChangeCipherSpec:
  					// Reset sequence numbers
! 					session.State.ReadSequenceNumber	= 0;
  					break;
  
--- 87,91 ----
  				case TlsContentType.ChangeCipherSpec:
  					// Reset sequence numbers
! 					session.State.ReadSequenceNumber = 0;
  					break;
  
***************
*** 312,337 ****
  													state.ServerWriteIV);
  
! 			// Decrypt message fragment
  			if (session.State.Cipher.CipherMode == CipherMode.CBC)
  			{				
! 				// Block Ciphers ( fragment + mac + padding + padding_length )
! 				TlsStreamReader r = new TlsStreamReader(decryptor.TransformFinalBlock(fragment, 0, fragment.Length));
! 
! 				fragmentSize = (r.GetBytes().Length - 1) - session.State.Cipher.HashSize;
! 
! 				dcrFragment = new byte[fragmentSize];
! 				dcrMAC		= new byte[session.State.Cipher.HashSize];
! 
! 				r.Read(dcrFragment, 0, dcrFragment.Length);
! 				r.Read(dcrMAC, 0, dcrMAC.Length);
  			}
  			else
  			{
! 				// Stream Ciphers ( fragment + mac )
! 				fragmentSize = fragment.Length - session.State.Cipher.HashSize;
! 				dcrFragment	= decryptor.TransformFinalBlock(fragment, 0, fragmentSize);
! 				dcrMAC		= decryptor.TransformFinalBlock(fragment, fragmentSize, session.State.Cipher.HashSize);
  			}
  
  			// Check MAC code
  			byte[] mac = encodeRecordMAC(contentType, dcrFragment);
--- 312,333 ----
  													state.ServerWriteIV);
  
! 			// Decrypt message fragment ( fragment + mac [+ padding + padding_length] )			
! 			byte[] buffer = decryptor.TransformFinalBlock(fragment, 0, fragment.Length);
! 
  			if (session.State.Cipher.CipherMode == CipherMode.CBC)
  			{				
! 				fragmentSize = (buffer.Length - 1) - session.State.Cipher.HashSize;
  			}
  			else
  			{
! 				fragmentSize = buffer.Length - session.State.Cipher.HashSize;
  			}
  
+ 			dcrFragment = new byte[fragmentSize];
+ 			dcrMAC		= new byte[session.State.Cipher.HashSize];
+ 
+ 			System.Array.Copy(buffer, 0, dcrFragment, 0, dcrFragment.Length);
+ 			System.Array.Copy(buffer, dcrFragment.Length, dcrMAC, 0, dcrMAC.Length);
+ 
  			// Check MAC code
  			byte[] mac = encodeRecordMAC(contentType, dcrFragment);
***************
*** 352,355 ****
--- 348,354 ----
  			// Update sequence number
  			session.State.ReadSequenceNumber++;
+ 
+ 			// Clear resources
+ 			cipher.Clear();
  
  			return dcrFragment;

Index: TlsWriter.cs
===================================================================
RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/PgSqlClient.Security.Tls/source/TlsWriter.cs,v
retrieving revision 1.1
retrieving revision 1.2
diff -C2 -d -r1.1 -r1.2
*** TlsWriter.cs	20 Aug 2003 11:48:20 -0000	1.1
--- TlsWriter.cs	20 Aug 2003 15:15:50 -0000	1.2
***************
*** 186,196 ****
  			ICryptoTransform	encryptor	= cipher.CreateEncryptor(
  													state.ClientWriteKey,
! 													state.ClientWriteIV);
! 			
! 			// Complete data to encrypt
  			if (session.State.Cipher.CipherMode == CipherMode.CBC)
  			{
- 				// Block Ciphers ( fragment + mac + padding + padding_length )
- 
  				// Calculate padding_length
  				int fragmentLength	= fragment.Length + mac.Length + 1;
--- 186,199 ----
  			ICryptoTransform	encryptor	= cipher.CreateEncryptor(
  													state.ClientWriteKey,
! 													state.ClientWriteIV);			
! 
! 			// Encryption ( fragment + mac [+ padding + padding_length] )
! 			MemoryStream ms = new MemoryStream();
! 			CryptoStream cs = new CryptoStream(ms, encryptor, CryptoStreamMode.Write);
! 
! 			cs.Write(fragment, 0, fragment.Length);
! 			cs.Write(mac, 0, mac.Length);
  			if (session.State.Cipher.CipherMode == CipherMode.CBC)
  			{
  				// Calculate padding_length
  				int fragmentLength	= fragment.Length + mac.Length + 1;
***************
*** 198,225 ****
  				int paddingLength	= (((fragmentLength/blockSize)*8) + blockSize) - fragmentLength;
  
! 				MemoryStream ms = new MemoryStream();
! 				CryptoStream cs = new CryptoStream(ms, encryptor, CryptoStreamMode.Write);
! 
! 				cs.Write(fragment, 0, fragment.Length);
! 				cs.Write(mac, 0, mac.Length);
  				cs.WriteByte((byte)paddingLength);
- 				cs.FlushFinalBlock();
- 				cs.Close();
- 
- 				record.Write(ms.ToArray());
  			}
! 			else
! 			{
! 				// Stream Ciphers ( fragment + mac )
! 				byte[] ecrFragment	= encryptor.TransformFinalBlock(fragment, 0, fragment.Length);
! 				byte[] ecrMAC		= encryptor.TransformFinalBlock(mac, 0, mac.Length);			
  
! 				// Encrypt frament + MAC
! 				record.Write(ecrFragment);
! 				record.Write(ecrMAC);
! 			}
  
  			// Update sequence number
  			session.State.WriteSequenceNumber++;
  
  			return record.GetBytes();
--- 201,217 ----
  				int paddingLength	= (((fragmentLength/blockSize)*8) + blockSize) - fragmentLength;
  
! 				// Write padding length byte
  				cs.WriteByte((byte)paddingLength);
  			}
! 			cs.FlushFinalBlock();
! 			cs.Close();
  
! 			record.Write(ms.ToArray());
  
  			// Update sequence number
  			session.State.WriteSequenceNumber++;
+ 
+ 			// Clear resources
+ 			cipher.Clear();
  
  			return record.GetBytes();

[pgsqlclient-checkins] pgsqlclient_10/PgSqlClient.Security.Tls/source TlsCipherSuiteCollection.cs,1.

[pgsqlclient-checkins] pgsqlclient_10/PgSqlClient.Security.Tls/source TlsCipherSuiteCollection.cs,1.1,1.2 TlsReader.cs,1.1,1.2 TlsWriter.cs,1.1,1.2