[pgsqlclient-checkins] pgsqlclient_10/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls CipherSu
Status: Inactive
Brought to you by:
carlosga_fb
Menu
▾
▴
[pgsqlclient-checkins] pgsqlclient_10/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls CipherSuite.cs,1.2,1.3 TlsCipherSuite.cs,1.7,1.8 TlsCipherSuiteFactory.cs,1.4,1.5 TlsSocket.cs,1.9,1.10 TlsSslCipherSuite.cs,1.7,1.8
Update of /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls
In directory sc8-pr-cvs1:/tmp/cvs-serv2483
Modified Files:
CipherSuite.cs TlsCipherSuite.cs TlsCipherSuiteFactory.cs
TlsSocket.cs TlsSslCipherSuite.cs
Log Message:
Added partial implementation of SSL3 protocol
Index: CipherSuite.cs
===================================================================
RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls/CipherSuite.cs,v
retrieving revision 1.2
retrieving revision 1.3
diff -C2 -d -r1.2 -r1.3
*** CipherSuite.cs 21 Oct 2003 23:07:19 -0000 1.2
--- CipherSuite.cs 24 Oct 2003 09:39:21 -0000 1.3
***************
*** 180,183 ****
--- 180,189 ----
#region METHODS
+ public void InitializeCipher()
+ {
+ createEncryptionCipher();
+ createDecryptionCipher();
+ }
+
public RSACryptoServiceProvider CreateRSA(X509Certificate certificate)
{
***************
*** 216,225 ****
}
- public void InitializeCipher()
- {
- createEncryptionCipher();
- createDecryptionCipher();
- }
-
public void UpdateClientCipherIV(byte[] iv)
{
--- 222,225 ----
***************
*** 246,264 ****
}
! #endregion
! #region ABSTRACT_METHODS
! public abstract byte[] GenerateClientRecordMAC(TlsContentType contentType, byte[] fragment);
! public abstract byte[] GenerateServerRecordMAC(TlsContentType contentType, byte[] fragment);
! public abstract byte[] EncryptRecord(byte[] fragment, byte[] mac);
! public abstract void DecryptRecord(byte[] fragment, ref byte[] dcrFragment, ref byte[] dcrMAC);
! public abstract void CreateMasterSecret(byte[] preMasterSecret);
! public abstract void CreateKeys();
#endregion
--- 246,320 ----
}
! public byte[] EncryptRecord(byte[] fragment, byte[] mac)
! {
! // Encryption ( fragment + mac [+ padding + padding_length] )
! MemoryStream ms = new MemoryStream();
! CryptoStream cs = new CryptoStream(ms, this.EncryptionCipher, CryptoStreamMode.Write);
! cs.Write(fragment, 0, fragment.Length);
! cs.Write(mac, 0, mac.Length);
! if (this.CipherMode == CipherMode.CBC)
! {
! // Calculate padding_length
! int fragmentLength = fragment.Length + mac.Length + 1;
! int paddingLength = (((fragmentLength/this.BlockSize)*this.BlockSize) + this.BlockSize) - fragmentLength;
! // Write padding length byte
! cs.WriteByte((byte)paddingLength);
! }
! //cs.FlushFinalBlock();
! cs.Close();
! return ms.ToArray();
! }
! public void DecryptRecord(byte[] fragment, ref byte[] dcrFragment, ref byte[] dcrMAC)
! {
! int fragmentSize = 0;
! int paddingLength = 0;
! // Decrypt message fragment ( fragment + mac [+ padding + padding_length] )
! byte[] buffer = new byte[fragment.Length];
! this.DecryptionCipher.TransformBlock(fragment, 0, fragment.Length, buffer, 0);
! // Calculate fragment size
! if (this.CipherMode == CipherMode.CBC)
! {
! // Calculate padding_length
! paddingLength = buffer[buffer.Length - 1];
! for (int i = (buffer.Length - 1); i > (buffer.Length - (paddingLength + 1)); i--)
! {
! if (buffer[i] != paddingLength)
! {
! paddingLength = 0;
! break;
! }
! }
! fragmentSize = (buffer.Length - (paddingLength + 1)) - HashSize;
! }
! else
! {
! fragmentSize = buffer.Length - HashSize;
! }
!
! dcrFragment = new byte[fragmentSize];
! dcrMAC = new byte[HashSize];
!
! Buffer.BlockCopy(buffer, 0, dcrFragment, 0, dcrFragment.Length);
! Buffer.BlockCopy(buffer, dcrFragment.Length, dcrMAC, 0, dcrMAC.Length);
! }
!
! #endregion
!
! #region ABSTRACT_METHODS
!
! public abstract byte[] ComputeClientRecordMAC(TlsContentType contentType, byte[] fragment);
!
! public abstract byte[] ComputeServerRecordMAC(TlsContentType contentType, byte[] fragment);
!
! public abstract void ComputeMasterSecret(byte[] preMasterSecret);
!
! public abstract void ComputeKeys();
#endregion
Index: TlsCipherSuite.cs
===================================================================
RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls/TlsCipherSuite.cs,v
retrieving revision 1.7
retrieving revision 1.8
diff -C2 -d -r1.7 -r1.8
*** TlsCipherSuite.cs 21 Oct 2003 20:04:09 -0000 1.7
--- TlsCipherSuite.cs 24 Oct 2003 09:39:21 -0000 1.8
***************
*** 50,120 ****
#endregion
- #region METHODS
-
- public override byte[] EncryptRecord(byte[] fragment, byte[] mac)
- {
- // Encryption ( fragment + mac [+ padding + padding_length] )
- MemoryStream ms = new MemoryStream();
- CryptoStream cs = new CryptoStream(ms, this.EncryptionCipher, CryptoStreamMode.Write);
-
- cs.Write(fragment, 0, fragment.Length);
- cs.Write(mac, 0, mac.Length);
- if (this.CipherMode == CipherMode.CBC)
- {
- // Calculate padding_length
- int fragmentLength = fragment.Length + mac.Length + 1;
- int paddingLength = (((fragmentLength/this.BlockSize)*this.BlockSize) + this.BlockSize) - fragmentLength;
-
- // Write padding length byte
- cs.WriteByte((byte)paddingLength);
- }
- //cs.FlushFinalBlock();
- cs.Close();
-
- return ms.ToArray();
- }
-
- public override void DecryptRecord(byte[] fragment, ref byte[] dcrFragment, ref byte[] dcrMAC)
- {
- int fragmentSize = 0;
- int paddingLength = 0;
-
- // Decrypt message fragment ( fragment + mac [+ padding + padding_length] )
- byte[] buffer = new byte[fragment.Length];
- this.DecryptionCipher.TransformBlock(fragment, 0, fragment.Length, buffer, 0);
-
- // Calculate fragment size
- if (this.CipherMode == CipherMode.CBC)
- {
- // Calculate padding_length
- paddingLength = buffer[buffer.Length - 1];
- for (int i = (buffer.Length - 1); i > (buffer.Length - (paddingLength + 1)); i--)
- {
- if (buffer[i] != paddingLength)
- {
- paddingLength = 0;
- break;
- }
- }
-
- fragmentSize = (buffer.Length - (paddingLength + 1)) - HashSize;
- }
- else
- {
- fragmentSize = buffer.Length - HashSize;
- }
-
- dcrFragment = new byte[fragmentSize];
- dcrMAC = new byte[HashSize];
-
- Buffer.BlockCopy(buffer, 0, dcrFragment, 0, dcrFragment.Length);
- Buffer.BlockCopy(buffer, dcrFragment.Length, dcrMAC, 0, dcrMAC.Length);
- }
-
- #endregion
-
#region MAC_GENERATION_METHOD
! public override byte[] GenerateServerRecordMAC(TlsContentType contentType, byte[] fragment)
{
TlsStream data = new TlsStream();
--- 50,56 ----
#endregion
#region MAC_GENERATION_METHOD
! public override byte[] ComputeServerRecordMAC(TlsContentType contentType, byte[] fragment)
{
TlsStream data = new TlsStream();
***************
*** 134,138 ****
}
! public override byte[] GenerateClientRecordMAC(TlsContentType contentType, byte[] fragment)
{
TlsStream data = new TlsStream();
--- 70,74 ----
}
! public override byte[] ComputeClientRecordMAC(TlsContentType contentType, byte[] fragment)
{
TlsStream data = new TlsStream();
***************
*** 156,160 ****
#region KEY_GENERATION_METODS
! public override void CreateMasterSecret(byte[] preMasterSecret)
{
// Create master secret
--- 92,96 ----
#region KEY_GENERATION_METODS
! public override void ComputeMasterSecret(byte[] preMasterSecret)
{
// Create master secret
***************
*** 164,168 ****
}
! public override void CreateKeys()
{
// Create keyblock
--- 100,104 ----
}
! public override void ComputeKeys()
{
// Create keyblock
Index: TlsCipherSuiteFactory.cs
===================================================================
RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls/TlsCipherSuiteFactory.cs,v
retrieving revision 1.4
retrieving revision 1.5
diff -C2 -d -r1.4 -r1.5
*** TlsCipherSuiteFactory.cs 21 Oct 2003 23:07:19 -0000 1.4
--- TlsCipherSuiteFactory.cs 24 Oct 2003 09:39:21 -0000 1.5
***************
*** 120,125 ****
// Supported ciphers
! // scs.Add((0x00 << 0x08) | 0x0A, "SSL_RSA_WITH_3DES_EDE_CBC_SHA", "3DES", "SHA", false, true, 24, 24, 168, 8, 8);
! // scs.Add((0x00 << 0x08) | 0x09, "SSL_RSA_WITH_DES_CBC_SHA", "DES", "SHA", false, true, 8, 8, 56, 8, 8);
scs.Add((0x00 << 0x08) | 0x05, "SSL_RSA_WITH_RC4_128_SHA", "RC4", "SHA", false, false, 16, 16, 128, 0, 0);
scs.Add((0x00 << 0x08) | 0x04, "SSL_RSA_WITH_RC4_128_MD5", "RC4", "MD5", false, false, 16, 16, 128, 0, 0);
--- 120,125 ----
// Supported ciphers
! scs.Add((0x00 << 0x08) | 0x0A, "SSL_RSA_WITH_3DES_EDE_CBC_SHA", "3DES", "SHA", false, true, 24, 24, 168, 8, 8);
! scs.Add((0x00 << 0x08) | 0x09, "SSL_RSA_WITH_DES_CBC_SHA", "DES", "SHA", false, true, 8, 8, 56, 8, 8);
scs.Add((0x00 << 0x08) | 0x05, "SSL_RSA_WITH_RC4_128_SHA", "RC4", "SHA", false, false, 16, 16, 128, 0, 0);
scs.Add((0x00 << 0x08) | 0x04, "SSL_RSA_WITH_RC4_128_MD5", "RC4", "MD5", false, false, 16, 16, 128, 0, 0);
Index: TlsSocket.cs
===================================================================
RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls/TlsSocket.cs,v
retrieving revision 1.9
retrieving revision 1.10
diff -C2 -d -r1.9 -r1.10
*** TlsSocket.cs 22 Oct 2003 11:47:44 -0000 1.9
--- TlsSocket.cs 24 Oct 2003 09:39:21 -0000 1.10
***************
*** 269,273 ****
{
// Calculate message MAC
! byte[] mac = this.session.Context.Cipher.GenerateClientRecordMAC(contentType, fragment);
// Encrypt the message
--- 269,273 ----
{
// Calculate message MAC
! byte[] mac = this.session.Context.Cipher.ComputeClientRecordMAC(contentType, fragment);
// Encrypt the message
***************
*** 307,311 ****
// Check MAC code
! byte[] mac = this.session.Context.Cipher.GenerateServerRecordMAC(contentType, dcrFragment);
// Check that the mac is correct
--- 307,311 ----
// Check MAC code
! byte[] mac = this.session.Context.Cipher.ComputeServerRecordMAC(contentType, dcrFragment);
// Check that the mac is correct
Index: TlsSslCipherSuite.cs
===================================================================
RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls/TlsSslCipherSuite.cs,v
retrieving revision 1.7
retrieving revision 1.8
diff -C2 -d -r1.7 -r1.8
*** TlsSslCipherSuite.cs 22 Oct 2003 11:47:44 -0000 1.7
--- TlsSslCipherSuite.cs 24 Oct 2003 09:39:21 -0000 1.8
***************
*** 72,142 ****
#endregion
- #region METHODS
-
- public override byte[] EncryptRecord(byte[] fragment, byte[] mac)
- {
- // Encryption ( fragment + mac [+ padding + padding_length] )
- MemoryStream ms = new MemoryStream();
- CryptoStream cs = new CryptoStream(ms, this.EncryptionCipher, CryptoStreamMode.Write);
-
- cs.Write(fragment, 0, fragment.Length);
- cs.Write(mac, 0, mac.Length);
- if (this.CipherMode == CipherMode.CBC)
- {
- // Calculate padding_length
- int fragmentLength = fragment.Length + mac.Length + 1;
- int paddingLength = (((fragmentLength/this.BlockSize)*8) + this.BlockSize) - fragmentLength;
-
- // Write padding length byte
- cs.WriteByte((byte)paddingLength);
- }
- //cs.FlushFinalBlock();
- cs.Close();
-
- return ms.ToArray();
- }
-
- public override void DecryptRecord(byte[] fragment, ref byte[] dcrFragment, ref byte[] dcrMAC)
- {
- int fragmentSize = 0;
- int paddingLength = 0;
-
- // Decrypt message fragment ( fragment + mac [+ padding + padding_length] )
- byte[] buffer = new byte[fragment.Length];
- this.DecryptionCipher.TransformBlock(fragment, 0, fragment.Length, buffer, 0);
-
- // Calculate fragment size
- if (this.CipherMode == CipherMode.CBC)
- {
- // Calculate padding_length
- paddingLength = buffer[buffer.Length - 1];
- for (int i = (buffer.Length - 1); i > (buffer.Length - (paddingLength + 1)); i--)
- {
- if (buffer[i] != paddingLength)
- {
- paddingLength = 0;
- break;
- }
- }
-
- fragmentSize = (buffer.Length - (paddingLength + 1)) - HashSize;
- }
- else
- {
- fragmentSize = buffer.Length - HashSize;
- }
-
- dcrFragment = new byte[fragmentSize];
- dcrMAC = new byte[HashSize];
-
- Buffer.BlockCopy(buffer, 0, dcrFragment, 0, dcrFragment.Length);
- Buffer.BlockCopy(buffer, dcrFragment.Length, dcrMAC, 0, dcrMAC.Length);
- }
-
- #endregion
-
#region MAC_GENERATION_METHOD
! public override byte[] GenerateServerRecordMAC(TlsContentType contentType, byte[] fragment)
{
HashAlgorithm hash = HashAlgorithm.Create(this.HashName);
--- 72,78 ----
#endregion
#region MAC_GENERATION_METHOD
! public override byte[] ComputeServerRecordMAC(TlsContentType contentType, byte[] fragment)
{
HashAlgorithm hash = HashAlgorithm.Create(this.HashName);
***************
*** 158,169 ****
block.Write(blockHash);
! hash.TransformFinalBlock(block.ToArray(), 0, (int)block.Length);
block.Reset();
! return hash.Hash;
}
! public override byte[] GenerateClientRecordMAC(TlsContentType contentType, byte[] fragment)
{
HashAlgorithm hash = HashAlgorithm.Create(this.HashName);
--- 94,105 ----
block.Write(blockHash);
! blockHash = hash.ComputeHash(block.ToArray(), 0, (int)block.Length);
block.Reset();
! return blockHash;
}
! public override byte[] ComputeClientRecordMAC(TlsContentType contentType, byte[] fragment)
{
HashAlgorithm hash = HashAlgorithm.Create(this.HashName);
***************
*** 185,193 ****
block.Write(blockHash);
! hash.TransformFinalBlock(block.ToArray(), 0, (int)block.Length);
block.Reset();
! return hash.Hash;
}
--- 121,129 ----
block.Write(blockHash);
! blockHash = hash.ComputeHash(block.ToArray(), 0, (int)block.Length);
block.Reset();
! return blockHash;
}
***************
*** 219,223 ****
#region KEY_GENERATION_METODS
! public override void CreateMasterSecret(byte[] preMasterSecret)
{
TlsStream masterSecret = new TlsStream();
--- 155,159 ----
#region KEY_GENERATION_METODS
! public override void ComputeMasterSecret(byte[] preMasterSecret)
{
TlsStream masterSecret = new TlsStream();
***************
*** 230,234 ****
}
! public override void CreateKeys()
{
// Compute KeyBlock
--- 166,170 ----
}
! public override void ComputeKeys()
{
// Compute KeyBlock
|
