[pgsqlclient-checkins] pgsqlclient_10/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls.Handshake/Mono.Security.Protocol.Tls.Handshake.Client TlsClientCertificate.cs,1.8,1.9 TlsClientCertificateVerify.cs,1.8,1.9 TlsServerKeyExchange.cs,1.9,1.10

[<car...@us...>]

Update of /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls.Handshake/Mono.Security.Protocol.Tls.Handshake.Client
In directory sc8-pr-cvs1:/tmp/cvs-serv4208

Modified Files:
	TlsClientCertificate.cs TlsClientCertificateVerify.cs 
	TlsServerKeyExchange.cs 
Log Message:
Added changes to signatures handling code (not finished)

Index: TlsClientCertificate.cs
===================================================================
RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls.Handshake/Mono.Security.Protocol.Tls.Handshake.Client/TlsClientCertificate.cs,v
retrieving revision 1.8
retrieving revision 1.9
diff -C2 -d -r1.8 -r1.9
*** TlsClientCertificate.cs	3 Nov 2003 12:35:56 -0000	1.8
--- TlsClientCertificate.cs	3 Nov 2003 16:21:25 -0000	1.9
***************
*** 59,64 ****
  		protected override void ProcessAsTls1()
  		{
- 			#warning "Send only the appropiate type of certificate"
- 
  			if (Session.Settings.Certificates == null ||
  				Session.Settings.Certificates.Count == 0)
--- 59,62 ----

Index: TlsClientCertificateVerify.cs
===================================================================
RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls.Handshake/Mono.Security.Protocol.Tls.Handshake.Client/TlsClientCertificateVerify.cs,v
retrieving revision 1.8
retrieving revision 1.9
diff -C2 -d -r1.8 -r1.9
*** TlsClientCertificateVerify.cs	3 Nov 2003 12:35:56 -0000	1.8
--- TlsClientCertificateVerify.cs	3 Nov 2003 16:21:25 -0000	1.9
***************
*** 63,67 ****
  			foreach (X509Certificate cert in Session.Settings.Certificates)
  			{
! 				HashAlgorithm			hash = new MD5SHA1CryptoServiceProvider();
  				X509.X509Certificate	c	 = new X509.X509Certificate(cert.GetRawCertData());
  				RSA						rsa	 = c.RSA;
--- 63,67 ----
  			foreach (X509Certificate cert in Session.Settings.Certificates)
  			{
! 				MD5SHA1CryptoServiceProvider hash = new MD5SHA1CryptoServiceProvider();
  				X509.X509Certificate	c	 = new X509.X509Certificate(cert.GetRawCertData());
  				RSA						rsa	 = c.RSA;
***************
*** 80,108 ****
  
  				// Write the signature
! 				RSAPKCS1SignatureFormatter sf = new RSAPKCS1SignatureFormatter(rsa);				
! 				switch (c.SignatureAlgorithm) 
! 				{
! 					// MD2 with RSA encryption 
! 					case "1.2.840.113549.1.1.2":
! 						// maybe someone installed MD2 ?
! 						sf.SetHashAlgorithm("MD2");
! 						break;
! 					
! 					// MD5 with RSA encryption 
! 					case "1.2.840.113549.1.1.4":
! 						sf.SetHashAlgorithm("MD5");
! 						break;
! 					
! 					// SHA-1 with RSA Encryption 
! 					case "1.2.840.113549.1.1.5":
! 						sf.SetHashAlgorithm("SHA1");
! 						break;
! 					
! 					default:
! 						throw this.Session.CreateException("Unsupported hash algorithm: " + c.SignatureAlgorithm);
! 				}
! 
! 				#warning "Seems that for this we need the private key"
! 				Write(sf.CreateSignature(hash.Hash));
  			}
  		}
--- 80,84 ----
  
  				// Write the signature
! 				Write(hash.CreateSignature(rsa));
  			}
  		}

Index: TlsServerKeyExchange.cs
===================================================================
RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls.Handshake/Mono.Security.Protocol.Tls.Handshake.Client/TlsServerKeyExchange.cs,v
retrieving revision 1.9
retrieving revision 1.10
diff -C2 -d -r1.9 -r1.10
*** TlsServerKeyExchange.cs	3 Nov 2003 10:33:50 -0000	1.9
--- TlsServerKeyExchange.cs	3 Nov 2003 16:21:25 -0000	1.10
***************
*** 90,94 ****
  		private void verifySignature()
  		{
! 			HashAlgorithm hash = new MD5SHA1CryptoServiceProvider();
  
  			// Create server params array
--- 90,94 ----
  		private void verifySignature()
  		{
! 			MD5SHA1CryptoServiceProvider hash = new MD5SHA1CryptoServiceProvider();
  
  			// Create server params array
***************
*** 106,114 ****
  
  			// Verify Signature
- 			RSA rsa = new RSACryptoServiceProvider(rsaParams.Modulus.Length << 3);
- 			rsa.ImportParameters(rsaParams);
- 			
  			X509Certificate certificate = this.Session.Context.ServerSettings.ServerCertificates[0];
! 			certificate.CheckSignature(hash.Hash, "SHA1", this.signedParams);
  		}
  
--- 106,116 ----
  
  			// Verify Signature
  			X509Certificate certificate = this.Session.Context.ServerSettings.ServerCertificates[0];
! 
! 			RSACryptoServiceProvider rsa = new RSACryptoServiceProvider(rsaParams.Modulus.Length << 3);
! 			rsa.ImportParameters(rsaParams);
! 
! 			byte[] sign = hash.CreateSignature(rsa);
! 			hash.VerifySignature(rsa, this.signedParams);
  		}