protected virtual byte[] GenerateServerHello(DtlsServerProtocol.ServerHandshakeState state)
{
SecurityParameters securityParameters = state.serverContext.SecurityParameters;
MemoryStream memoryStream = new MemoryStream();
ProtocolVersion serverVersion = state.server.GetServerVersion();
if (!serverVersion.IsEqualOrEarlierVersionOf(state.serverContext.ClientVersion))
{
throw new TlsFatalAlert(80);
}
state.serverContext.SetServerVersion(serverVersion);
TlsUtilities.WriteVersion(state.serverContext.ServerVersion, memoryStream);
memoryStream.Write(securityParameters.ServerRandom, 0, securityParameters.ServerRandom.Length);
TlsUtilities.WriteOpaque8(TlsUtilities.EmptyBytes, memoryStream);
int selectedCipherSuite = state.server.GetSelectedCipherSuite();
if (!Arrays.Contains(state.offeredCipherSuites, selectedCipherSuite) || selectedCipherSuite == 0 || CipherSuite.IsScsv(selectedCipherSuite) || !TlsUtilities.IsValidCipherSuiteForVersion(selectedCipherSuite, state.serverContext.ServerVersion))
{
throw new TlsFatalAlert(80);
}
DtlsProtocol.ValidateSelectedCipherSuite(selectedCipherSuite, 80);
securityParameters.cipherSuite = selectedCipherSuite;
byte selectedCompressionMethod = state.server.GetSelectedCompressionMethod();
if (!Arrays.Contains(state.offeredCompressionMethods, selectedCompressionMethod))
{
throw new TlsFatalAlert(80);
}
securityParameters.compressionAlgorithm = selectedCompressionMethod;
TlsUtilities.WriteUint16(selectedCipherSuite, memoryStream);
TlsUtilities.WriteUint8(selectedCompressionMethod, memoryStream);
state.serverExtensions = state.server.GetServerExtensions();
if (state.secure_renegotiation)
{
byte[] extensionData = TlsUtilities.GetExtensionData(state.serverExtensions, 65281);
bool flag = null == extensionData;
if (flag)
{
state.serverExtensions = TlsExtensionsUtilities.EnsureExtensionsInitialised(state.serverExtensions);
state.serverExtensions[65281] = TlsProtocol.CreateRenegotiationInfo(TlsUtilities.EmptyBytes);
}
}
if (securityParameters.extendedMasterSecret)
{
state.serverExtensions = TlsExtensionsUtilities.EnsureExtensionsInitialised(state.serverExtensions);
TlsExtensionsUtilities.AddExtendedMasterSecretExtension(state.serverExtensions);
}
if (state.serverExtensions != null)
{
securityParameters.encryptThenMac = TlsExtensionsUtilities.HasEncryptThenMacExtension(state.serverExtensions);
securityParameters.maxFragmentLength = DtlsProtocol.EvaluateMaxFragmentLengthExtension(state.resumedSession, state.clientExtensions, state.serverExtensions, 80);
securityParameters.truncatedHMac = TlsExtensionsUtilities.HasTruncatedHMacExtension(state.serverExtensions);
state.allowCertificateStatus = (!state.resumedSession && TlsUtilities.HasExpectedEmptyExtensionData(state.serverExtensions, 5, 80));
state.expectSessionTicket = (!state.resumedSession && TlsUtilities.HasExpectedEmptyExtensionData(state.serverExtensions, 35, 80));
TlsProtocol.WriteExtensions(memoryStream, state.serverExtensions);
}
securityParameters.prfAlgorithm = TlsProtocol.GetPrfAlgorithm(state.serverContext, securityParameters.CipherSuite);
securityParameters.verifyDataLength = 12;
return(memoryStream.ToArray());
}