private static bool RemoveMAC(CipherSuite cipherSuite, Record record, UInt64 seqNum, KeyedHashAlgorithm hasher)
{
BulkCipherAlgorithmType cipherType = cipherSuite.BulkCipherAlgorithm.Type;
bool verified = true;
if (cipherType == BulkCipherAlgorithmType.Stream || cipherType == BulkCipherAlgorithmType.Block) {
int MACLength = cipherSuite.MACAlgorithm.HashSize;
if (record.Fragment.Length < MACLength) {
verified = false;
} else {
// Allocate a fragment without the MAC value
byte[] newFragment = new byte[record.Fragment.Length - MACLength];
Buffer.BlockCopy(record.Fragment, 0, newFragment, 0, newFragment.Length);
// Calculate the MAC again for new fragment
byte[] oldFragment = record.Fragment;
record.Fragment = newFragment;
GenerateMAC(cipherSuite, record, seqNum, hasher);
// Compare our MAC value with theirs
verified = true;
for (int i=1; i<=MACLength; i++) {
if (oldFragment[oldFragment.Length-i] != record.Fragment[record.Fragment.Length-i]) {
verified = false;
}
}
// Replace fragment with the one without MAC value
record.Fragment = newFragment;
}
}
return verified;
}