[pgsqlclient-checkins] pgsqlclient_10/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls/Mono.Sec
Status: Inactive
Brought to you by:
carlosga_fb
Menu
▾
▴
[pgsqlclient-checkins] pgsqlclient_10/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls.Handshake/Mono.Security.Protocol.Tls.Handshake.Client TlsClientCertificate.cs,1.11,1.12 TlsClientCertificateVerify.cs,1.15,1.16 TlsClientFinished.cs,1.13,1.14 TlsClientHello.cs,1.11,1.12 TlsClientKeyExchange.cs,1.11,1.12 TlsServerCertificate.cs,1.14,1.15 TlsServerCertificateRequest.cs,1.8,1.9 TlsServerFinished.cs,1.13,1.14 TlsServerHello.cs,1.14,1.15 TlsServerHelloDone.cs,1.7,1.8 TlsServerKeyExchange.cs,1.14,1.15
Update of /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls.Handshake/Mono.Security.Protocol.Tls.Handshake.Client
In directory sc8-pr-cvs1:/tmp/cvs-serv14683
Modified Files:
TlsClientCertificate.cs TlsClientCertificateVerify.cs
TlsClientFinished.cs TlsClientHello.cs TlsClientKeyExchange.cs
TlsServerCertificate.cs TlsServerCertificateRequest.cs
TlsServerFinished.cs TlsServerHello.cs TlsServerHelloDone.cs
TlsServerKeyExchange.cs
Log Message:
2003-12-14 Carlos Guzmán Álvarez <car...@te...>
* Changed #region names in all source files.
Index: TlsClientCertificate.cs
===================================================================
RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls.Handshake/Mono.Security.Protocol.Tls.Handshake.Client/TlsClientCertificate.cs,v
retrieving revision 1.11
retrieving revision 1.12
diff -C2 -d -r1.11 -r1.12
*** TlsClientCertificate.cs 25 Nov 2003 12:36:06 -0000 1.11
--- TlsClientCertificate.cs 14 Dec 2003 15:01:54 -0000 1.12
***************
*** 1,82 ****
! /* Transport Security Layer (TLS)
! * Copyright (c) 2003 Carlos Guzmán Álvarez
! *
! * Permission is hereby granted, free of charge, to any person
! * obtaining a copy of this software and associated documentation
! * files (the "Software"), to deal in the Software without restriction,
! * including without limitation the rights to use, copy, modify, merge,
! * publish, distribute, sublicense, and/or sell copies of the Software,
! * and to permit persons to whom the Software is furnished to do so,
! * subject to the following conditions:
! *
! * The above copyright notice and this permission notice shall be included
! * in all copies or substantial portions of the Software.
! *
! * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
! * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
! * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
! * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
! * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
! * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
! * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
! * DEALINGS IN THE SOFTWARE.
! */
!
! using System;
! using Mono.Security.Protocol.Tls;
! using System.Security.Cryptography.X509Certificates;
!
! namespace Mono.Security.Protocol.Tls.Handshake.Client
! {
! internal class TlsClientCertificate : TlsHandshakeMessage
! {
! #region CONSTRUCTORS
!
! public TlsClientCertificate(TlsContext context)
! : base(context, TlsHandshakeType.Certificate)
! {
! }
!
! #endregion
!
! #region METHODS
!
! public override void Update()
! {
! base.Update();
! this.Reset();
! }
!
! #endregion
!
! #region PROTECTED_METHODS
!
! protected override void ProcessAsSsl3()
! {
! this.ProcessAsTls1();
! }
!
! protected override void ProcessAsTls1()
! {
! if (this.Context.ClientSettings.Certificates == null ||
! this.Context.ClientSettings.Certificates.Count == 0)
! {
! throw this.Context.CreateException("Client certificate requested by the server and no client certificate specified.");
! }
!
! // Write client certificates information to a stream
! TlsStream stream = new TlsStream();
! foreach (X509Certificate cert in this.Context.ClientSettings.Certificates)
! {
! stream.WriteInt24(cert.GetRawCertData().Length);
! stream.Write(cert.GetRawCertData());
! }
!
! // Compose the message
! this.WriteInt24((int)stream.Length);
! this.Write(stream.ToArray());
! }
!
! #endregion
! }
! }
--- 1,82 ----
! /* Transport Security Layer (TLS)
! * Copyright (c) 2003 Carlos Guzmán Álvarez
! *
! * Permission is hereby granted, free of charge, to any person
! * obtaining a copy of this software and associated documentation
! * files (the "Software"), to deal in the Software without restriction,
! * including without limitation the rights to use, copy, modify, merge,
! * publish, distribute, sublicense, and/or sell copies of the Software,
! * and to permit persons to whom the Software is furnished to do so,
! * subject to the following conditions:
! *
! * The above copyright notice and this permission notice shall be included
! * in all copies or substantial portions of the Software.
! *
! * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
! * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
! * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
! * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
! * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
! * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
! * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
! * DEALINGS IN THE SOFTWARE.
! */
!
! using System;
! using Mono.Security.Protocol.Tls;
! using System.Security.Cryptography.X509Certificates;
!
! namespace Mono.Security.Protocol.Tls.Handshake.Client
! {
! internal class TlsClientCertificate : TlsHandshakeMessage
! {
! #region Constructors
!
! public TlsClientCertificate(TlsContext context)
! : base(context, TlsHandshakeType.Certificate)
! {
! }
!
! #endregion
!
! #region Methods
!
! public override void Update()
! {
! base.Update();
! this.Reset();
! }
!
! #endregion
!
! #region Protected Methods
!
! protected override void ProcessAsSsl3()
! {
! this.ProcessAsTls1();
! }
!
! protected override void ProcessAsTls1()
! {
! if (this.Context.ClientSettings.Certificates == null ||
! this.Context.ClientSettings.Certificates.Count == 0)
! {
! throw this.Context.CreateException("Client certificate requested by the server and no client certificate specified.");
! }
!
! // Write client certificates information to a stream
! TlsStream stream = new TlsStream();
! foreach (X509Certificate cert in this.Context.ClientSettings.Certificates)
! {
! stream.WriteInt24(cert.GetRawCertData().Length);
! stream.Write(cert.GetRawCertData());
! }
!
! // Compose the message
! this.WriteInt24((int)stream.Length);
! this.Write(stream.ToArray());
! }
!
! #endregion
! }
! }
Index: TlsClientCertificateVerify.cs
===================================================================
RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls.Handshake/Mono.Security.Protocol.Tls.Handshake.Client/TlsClientCertificateVerify.cs,v
retrieving revision 1.15
retrieving revision 1.16
diff -C2 -d -r1.15 -r1.16
*** TlsClientCertificateVerify.cs 9 Dec 2003 19:24:44 -0000 1.15
--- TlsClientCertificateVerify.cs 14 Dec 2003 15:01:54 -0000 1.16
***************
*** 1,76 ****
! /* Transport Security Layer (TLS)
! * Copyright (c) 2003 Carlos Guzmán Álvarez
! *
! * Permission is hereby granted, free of charge, to any person
! * obtaining a copy of this software and associated documentation
! * files (the "Software"), to deal in the Software without restriction,
! * including without limitation the rights to use, copy, modify, merge,
! * publish, distribute, sublicense, and/or sell copies of the Software,
! * and to permit persons to whom the Software is furnished to do so,
! * subject to the following conditions:
! *
! * The above copyright notice and this permission notice shall be included
! * in all copies or substantial portions of the Software.
! *
! * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
! * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
! * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
! * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
! * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
! * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
! * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
! * DEALINGS IN THE SOFTWARE.
! */
!
! using System;
! using System.Security.Cryptography.X509Certificates;
!
! using System.Security.Cryptography;
! using Mono.Security.Cryptography;
!
! namespace Mono.Security.Protocol.Tls.Handshake.Client
! {
! internal class TlsClientCertificateVerify : TlsHandshakeMessage
! {
! #region CONSTRUCTORS
!
! public TlsClientCertificateVerify(TlsContext context)
! : base(context, TlsHandshakeType.Finished)
! {
! }
!
! #endregion
!
! #region METHODS
!
! public override void Update()
! {
! base.Update();
! this.Reset();
! }
!
! #endregion
!
! #region PROTECTED_METHODS
!
! protected override void ProcessAsSsl3()
! {
! throw new NotSupportedException();
! }
!
! protected override void ProcessAsTls1()
! {
! // Compute handshake messages hash
! MD5SHA1 hash = new MD5SHA1();
! hash.ComputeHash(
! this.Context.HandshakeMessages.ToArray(),
! 0,
! (int)this.Context.HandshakeMessages.Length);
!
! // Write message
! Write(hash.CreateSignature(this.Context.Cipher.CreateRSA()));
! }
!
! #endregion
! }
! }
--- 1,76 ----
! /* Transport Security Layer (TLS)
! * Copyright (c) 2003 Carlos Guzmán Álvarez
! *
! * Permission is hereby granted, free of charge, to any person
! * obtaining a copy of this software and associated documentation
! * files (the "Software"), to deal in the Software without restriction,
! * including without limitation the rights to use, copy, modify, merge,
! * publish, distribute, sublicense, and/or sell copies of the Software,
! * and to permit persons to whom the Software is furnished to do so,
! * subject to the following conditions:
! *
! * The above copyright notice and this permission notice shall be included
! * in all copies or substantial portions of the Software.
! *
! * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
! * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
! * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
! * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
! * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
! * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
! * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
! * DEALINGS IN THE SOFTWARE.
! */
!
! using System;
! using System.Security.Cryptography.X509Certificates;
!
! using System.Security.Cryptography;
! using Mono.Security.Cryptography;
!
! namespace Mono.Security.Protocol.Tls.Handshake.Client
! {
! internal class TlsClientCertificateVerify : TlsHandshakeMessage
! {
! #region Constructors
!
! public TlsClientCertificateVerify(TlsContext context)
! : base(context, TlsHandshakeType.Finished)
! {
! }
!
! #endregion
!
! #region Methods
!
! public override void Update()
! {
! base.Update();
! this.Reset();
! }
!
! #endregion
!
! #region Protected Methods
!
! protected override void ProcessAsSsl3()
! {
! throw new NotSupportedException();
! }
!
! protected override void ProcessAsTls1()
! {
! // Compute handshake messages hash
! MD5SHA1 hash = new MD5SHA1();
! hash.ComputeHash(
! this.Context.HandshakeMessages.ToArray(),
! 0,
! (int)this.Context.HandshakeMessages.Length);
!
! // Write message
! Write(hash.CreateSignature(this.Context.Cipher.CertificateRSA()));
! }
!
! #endregion
! }
! }
Index: TlsClientFinished.cs
===================================================================
RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls.Handshake/Mono.Security.Protocol.Tls.Handshake.Client/TlsClientFinished.cs,v
retrieving revision 1.13
retrieving revision 1.14
diff -C2 -d -r1.13 -r1.14
*** TlsClientFinished.cs 25 Nov 2003 12:36:06 -0000 1.13
--- TlsClientFinished.cs 14 Dec 2003 15:01:54 -0000 1.14
***************
*** 1,86 ****
! /* Transport Security Layer (TLS)
! * Copyright (c) 2003 Carlos Guzmán Álvarez
! *
! * Permission is hereby granted, free of charge, to any person
! * obtaining a copy of this software and associated documentation
! * files (the "Software"), to deal in the Software without restriction,
! * including without limitation the rights to use, copy, modify, merge,
! * publish, distribute, sublicense, and/or sell copies of the Software,
! * and to permit persons to whom the Software is furnished to do so,
! * subject to the following conditions:
! *
! * The above copyright notice and this permission notice shall be included
! * in all copies or substantial portions of the Software.
! *
! * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
! * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
! * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
! * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
! * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
! * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
! * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
! * DEALINGS IN THE SOFTWARE.
! */
!
! using System;
! using System.Security.Cryptography;
!
! using Mono.Security.Cryptography;
!
! namespace Mono.Security.Protocol.Tls.Handshake.Client
! {
! internal class TlsClientFinished : TlsHandshakeMessage
! {
! #region CONSTRUCTORS
!
! public TlsClientFinished(TlsContext context)
! : base(context, TlsHandshakeType.Finished)
! {
! }
!
! #endregion
!
! #region METHODS
!
! public override void Update()
! {
! base.Update();
! this.Reset();
! }
!
! #endregion
!
! #region PROTECTED_METHODS
!
! protected override void ProcessAsSsl3()
! {
! // Compute handshake messages hashes
! HashAlgorithm hash = new TlsSslHandshakeHash(this.Context.MasterSecret);
!
! TlsStream data = new TlsStream();
! data.Write(this.Context.HandshakeMessages.ToArray());
! data.Write((int)0x434C4E54);
!
! hash.TransformFinalBlock(data.ToArray(), 0, (int)data.Length);
!
! this.Write(hash.Hash);
!
! data.Reset();
! }
!
! protected override void ProcessAsTls1()
! {
! // Compute handshake messages hash
! HashAlgorithm hash = new MD5SHA1();
! hash.ComputeHash(
! this.Context.HandshakeMessages.ToArray(),
! 0,
! (int)this.Context.HandshakeMessages.Length);
!
! // Write message
! Write(this.Context.Cipher.PRF(this.Context.MasterSecret, "client finished", hash.Hash, 12));
! }
!
! #endregion
! }
! }
--- 1,86 ----
! /* Transport Security Layer (TLS)
! * Copyright (c) 2003 Carlos Guzmán Álvarez
! *
! * Permission is hereby granted, free of charge, to any person
! * obtaining a copy of this software and associated documentation
! * files (the "Software"), to deal in the Software without restriction,
! * including without limitation the rights to use, copy, modify, merge,
! * publish, distribute, sublicense, and/or sell copies of the Software,
! * and to permit persons to whom the Software is furnished to do so,
! * subject to the following conditions:
! *
! * The above copyright notice and this permission notice shall be included
! * in all copies or substantial portions of the Software.
! *
! * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
! * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
! * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
! * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
! * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
! * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
! * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
! * DEALINGS IN THE SOFTWARE.
! */
!
! using System;
! using System.Security.Cryptography;
!
! using Mono.Security.Cryptography;
!
! namespace Mono.Security.Protocol.Tls.Handshake.Client
! {
! internal class TlsClientFinished : TlsHandshakeMessage
! {
! #region Constructors
!
! public TlsClientFinished(TlsContext context)
! : base(context, TlsHandshakeType.Finished)
! {
! }
!
! #endregion
!
! #region Methods
!
! public override void Update()
! {
! base.Update();
! this.Reset();
! }
!
! #endregion
!
! #region Protected Methods
!
! protected override void ProcessAsSsl3()
! {
! // Compute handshake messages hashes
! HashAlgorithm hash = new TlsSslHandshakeHash(this.Context.MasterSecret);
!
! TlsStream data = new TlsStream();
! data.Write(this.Context.HandshakeMessages.ToArray());
! data.Write((int)0x434C4E54);
!
! hash.TransformFinalBlock(data.ToArray(), 0, (int)data.Length);
!
! this.Write(hash.Hash);
!
! data.Reset();
! }
!
! protected override void ProcessAsTls1()
! {
! // Compute handshake messages hash
! HashAlgorithm hash = new MD5SHA1();
! hash.ComputeHash(
! this.Context.HandshakeMessages.ToArray(),
! 0,
! (int)this.Context.HandshakeMessages.Length);
!
! // Write message
! Write(this.Context.Cipher.PRF(this.Context.MasterSecret, "client finished", hash.Hash, 12));
! }
!
! #endregion
! }
! }
Index: TlsClientHello.cs
===================================================================
RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls.Handshake/Mono.Security.Protocol.Tls.Handshake.Client/TlsClientHello.cs,v
retrieving revision 1.11
retrieving revision 1.12
diff -C2 -d -r1.11 -r1.12
*** TlsClientHello.cs 25 Nov 2003 12:36:06 -0000 1.11
--- TlsClientHello.cs 14 Dec 2003 15:01:54 -0000 1.12
***************
*** 1,114 ****
! /* Transport Security Layer (TLS)
! * Copyright (c) 2003 Carlos Guzmán Álvarez
! *
! * Permission is hereby granted, free of charge, to any person
! * obtaining a copy of this software and associated documentation
! * files (the "Software"), to deal in the Software without restriction,
! * including without limitation the rights to use, copy, modify, merge,
! * publish, distribute, sublicense, and/or sell copies of the Software,
! * and to permit persons to whom the Software is furnished to do so,
! * subject to the following conditions:
! *
! * The above copyright notice and this permission notice shall be included
! * in all copies or substantial portions of the Software.
! *
! * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
! * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
! * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
! * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
! * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
! * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
! * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
! * DEALINGS IN THE SOFTWARE.
! */
!
! using System;
! using System.Security.Cryptography;
!
! namespace Mono.Security.Protocol.Tls.Handshake.Client
! {
! internal class TlsClientHello : TlsHandshakeMessage
! {
! #region FIELDS
!
! private byte[] random;
!
! #endregion
!
! #region CONSTRUCTORS
!
! public TlsClientHello(TlsContext context)
! : base(context, TlsHandshakeType.ClientHello)
! {
! }
!
! #endregion
!
! #region METHODS
!
! public override void Update()
! {
! base.Update();
!
! this.Context.ClientRandom = random;
!
! random = null;
! }
!
! #endregion
!
! #region PROTECTED_METHODS
!
! protected override void ProcessAsSsl3()
! {
! this.ProcessAsTls1();
! }
!
! protected override void ProcessAsTls1()
! {
! // Client Version
! this.Write((short)this.Context.Protocol);
!
! // Random bytes - Unix time + Radom bytes [28]
! TlsStream clientRandom = new TlsStream();
! clientRandom.Write(this.Context.GetUnixTime());
! clientRandom.Write(this.Context.GetSecureRandomBytes(28));
! this.random = clientRandom.ToArray();
! clientRandom.Reset();
!
! this.Write(this.random);
!
! // Session id
! // Send the session ID empty
! if (this.Context.SessionId != null)
! {
! this.Write((byte)this.Context.SessionId.Length);
! if (this.Context.SessionId.Length > 0)
! {
! this.Write(this.Context.SessionId);
! }
! }
! else
! {
! this.Write((byte)0);
! }
!
! // Write length of Cipher suites
! this.Write((short)(this.Context.SupportedCiphers.Count*2));
!
! // Write Supported Cipher suites
! for (int i = 0; i < this.Context.SupportedCiphers.Count; i++)
! {
! this.Write((short)this.Context.SupportedCiphers[i].Code);
! }
!
! // Compression methods length
! this.Write((byte)1);
!
! // Compression methods ( 0 = none )
! this.Write((byte)this.Context.CompressionMethod);
! }
!
! #endregion
! }
}
--- 1,114 ----
! /* Transport Security Layer (TLS)
! * Copyright (c) 2003 Carlos Guzmán Álvarez
! *
! * Permission is hereby granted, free of charge, to any person
! * obtaining a copy of this software and associated documentation
! * files (the "Software"), to deal in the Software without restriction,
! * including without limitation the rights to use, copy, modify, merge,
! * publish, distribute, sublicense, and/or sell copies of the Software,
! * and to permit persons to whom the Software is furnished to do so,
! * subject to the following conditions:
! *
! * The above copyright notice and this permission notice shall be included
! * in all copies or substantial portions of the Software.
! *
! * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
! * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
! * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
! * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
! * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
! * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
! * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
! * DEALINGS IN THE SOFTWARE.
! */
!
! using System;
! using System.Security.Cryptography;
!
! namespace Mono.Security.Protocol.Tls.Handshake.Client
! {
! internal class TlsClientHello : TlsHandshakeMessage
! {
! #region Fields
!
! private byte[] random;
!
! #endregion
!
! #region Constructors
!
! public TlsClientHello(TlsContext context)
! : base(context, TlsHandshakeType.ClientHello)
! {
! }
!
! #endregion
!
! #region Methods
!
! public override void Update()
! {
! base.Update();
!
! this.Context.ClientRandom = random;
!
! random = null;
! }
!
! #endregion
!
! #region Protected Methods
!
! protected override void ProcessAsSsl3()
! {
! this.ProcessAsTls1();
! }
!
! protected override void ProcessAsTls1()
! {
! // Client Version
! this.Write((short)this.Context.Protocol);
!
! // Random bytes - Unix time + Radom bytes [28]
! TlsStream clientRandom = new TlsStream();
! clientRandom.Write(this.Context.GetUnixTime());
! clientRandom.Write(this.Context.GetSecureRandomBytes(28));
! this.random = clientRandom.ToArray();
! clientRandom.Reset();
!
! this.Write(this.random);
!
! // Session id
! // Send the session ID empty
! if (this.Context.SessionId != null)
! {
! this.Write((byte)this.Context.SessionId.Length);
! if (this.Context.SessionId.Length > 0)
! {
! this.Write(this.Context.SessionId);
! }
! }
! else
! {
! this.Write((byte)0);
! }
!
! // Write length of Cipher suites
! this.Write((short)(this.Context.SupportedCiphers.Count*2));
!
! // Write Supported Cipher suites
! for (int i = 0; i < this.Context.SupportedCiphers.Count; i++)
! {
! this.Write((short)this.Context.SupportedCiphers[i].Code);
! }
!
! // Compression methods length
! this.Write((byte)1);
!
! // Compression methods ( 0 = none )
! this.Write((byte)this.Context.CompressionMethod);
! }
!
! #endregion
! }
}
Index: TlsClientKeyExchange.cs
===================================================================
RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls.Handshake/Mono.Security.Protocol.Tls.Handshake.Client/TlsClientKeyExchange.cs,v
retrieving revision 1.11
retrieving revision 1.12
diff -C2 -d -r1.11 -r1.12
*** TlsClientKeyExchange.cs 25 Nov 2003 12:36:06 -0000 1.11
--- TlsClientKeyExchange.cs 14 Dec 2003 15:01:54 -0000 1.12
***************
*** 1,98 ****
! /* Transport Security Layer (TLS)
! * Copyright (c) 2003 Carlos Guzmán Álvarez
! *
! * Permission is hereby granted, free of charge, to any person
! * obtaining a copy of this software and associated documentation
! * files (the "Software"), to deal in the Software without restriction,
! * including without limitation the rights to use, copy, modify, merge,
! * publish, distribute, sublicense, and/or sell copies of the Software,
! * and to permit persons to whom the Software is furnished to do so,
! * subject to the following conditions:
! *
! * The above copyright notice and this permission notice shall be included
! * in all copies or substantial portions of the Software.
! *
! * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
! * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
! * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
! * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
! * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
! * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
! * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
! * DEALINGS IN THE SOFTWARE.
! */
!
! using System;
! using System.IO;
! using System.Security.Cryptography;
!
! namespace Mono.Security.Protocol.Tls.Handshake.Client
! {
! internal class TlsClientKeyExchange : TlsHandshakeMessage
! {
! #region CONSTRUCTORS
!
! public TlsClientKeyExchange (TlsContext context) :
! base(context,
! TlsHandshakeType.ClientKeyExchange)
! {
! }
!
! #endregion
!
! #region PROTECTED_METHODS
!
! protected override void ProcessAsSsl3()
! {
! // Compute pre master secret
! byte[] preMasterSecret = this.Context.Cipher.CreatePremasterSecret();
!
! // Create a new RSA key
! RSA rsa = this.Context.Cipher.CreateRSA();
!
! // Encrypt premaster_sercret
! RSAPKCS1KeyExchangeFormatter formatter = new RSAPKCS1KeyExchangeFormatter(rsa);
!
! // Write the preMasterSecret encrypted
! byte[] buffer = formatter.CreateKeyExchange(preMasterSecret);
! this.Write(buffer);
!
! // Create master secret
! this.Context.Cipher.ComputeMasterSecret(preMasterSecret);
!
! // Create keys
! this.Context.Cipher.ComputeKeys();
!
! // Clear resources
! rsa.Clear();
! }
!
! protected override void ProcessAsTls1()
! {
! // Compute pre master secret
! byte[] preMasterSecret = this.Context.Cipher.CreatePremasterSecret();
!
! // Create a new RSA key
! RSA rsa = this.Context.Cipher.CreateRSA();
!
! // Encrypt premaster_sercret
! RSAPKCS1KeyExchangeFormatter formatter = new RSAPKCS1KeyExchangeFormatter(rsa);
!
! // Write the preMasterSecret encrypted
! byte[] buffer = formatter.CreateKeyExchange(preMasterSecret);
! this.Write((short)buffer.Length);
! this.Write(buffer);
!
! // Create master secret
! this.Context.Cipher.ComputeMasterSecret(preMasterSecret);
!
! // Create keys
! this.Context.Cipher.ComputeKeys();
!
! // Clear resources
! rsa.Clear();
! }
!
! #endregion
! }
! }
--- 1,98 ----
! /* Transport Security Layer (TLS)
! * Copyright (c) 2003 Carlos Guzmán Álvarez
! *
! * Permission is hereby granted, free of charge, to any person
! * obtaining a copy of this software and associated documentation
! * files (the "Software"), to deal in the Software without restriction,
! * including without limitation the rights to use, copy, modify, merge,
! * publish, distribute, sublicense, and/or sell copies of the Software,
! * and to permit persons to whom the Software is furnished to do so,
! * subject to the following conditions:
! *
! * The above copyright notice and this permission notice shall be included
! * in all copies or substantial portions of the Software.
! *
! * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
! * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
! * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
! * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
! * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
! * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
! * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
! * DEALINGS IN THE SOFTWARE.
! */
!
! using System;
! using System.IO;
! using System.Security.Cryptography;
!
! namespace Mono.Security.Protocol.Tls.Handshake.Client
! {
! internal class TlsClientKeyExchange : TlsHandshakeMessage
! {
! #region Constructors
!
! public TlsClientKeyExchange (TlsContext context) :
! base(context,
! TlsHandshakeType.ClientKeyExchange)
! {
! }
!
! #endregion
!
! #region Protected Methods
!
! protected override void ProcessAsSsl3()
! {
! // Compute pre master secret
! byte[] preMasterSecret = this.Context.Cipher.CreatePremasterSecret();
!
! // Create a new RSA key
! RSA rsa = this.Context.Cipher.CertificateRSA();
!
! // Encrypt premaster_sercret
! RSAPKCS1KeyExchangeFormatter formatter = new RSAPKCS1KeyExchangeFormatter(rsa);
!
! // Write the preMasterSecret encrypted
! byte[] buffer = formatter.CreateKeyExchange(preMasterSecret);
! this.Write(buffer);
!
! // Create master secret
! this.Context.Cipher.ComputeMasterSecret(preMasterSecret);
!
! // Create keys
! this.Context.Cipher.ComputeKeys();
!
! // Clear resources
! rsa.Clear();
! }
!
! protected override void ProcessAsTls1()
! {
! // Compute pre master secret
! byte[] preMasterSecret = this.Context.Cipher.CreatePremasterSecret();
!
! // Create a new RSA key
! RSA rsa = this.Context.Cipher.CertificateRSA();
!
! // Encrypt premaster_sercret
! RSAPKCS1KeyExchangeFormatter formatter = new RSAPKCS1KeyExchangeFormatter(rsa);
!
! // Write the preMasterSecret encrypted
! byte[] buffer = formatter.CreateKeyExchange(preMasterSecret);
! this.Write((short)buffer.Length);
! this.Write(buffer);
!
! // Create master secret
! this.Context.Cipher.ComputeMasterSecret(preMasterSecret);
!
! // Create keys
! this.Context.Cipher.ComputeKeys();
!
! // Clear resources
! rsa.Clear();
! }
!
! #endregion
! }
! }
Index: TlsServerCertificate.cs
===================================================================
RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls.Handshake/Mono.Security.Protocol.Tls.Handshake.Client/TlsServerCertificate.cs,v
retrieving revision 1.14
retrieving revision 1.15
diff -C2 -d -r1.14 -r1.15
*** TlsServerCertificate.cs 9 Dec 2003 19:21:33 -0000 1.14
--- TlsServerCertificate.cs 14 Dec 2003 15:01:54 -0000 1.15
***************
*** 1,186 ****
! /* Transport Security Layer (TLS)
! * Copyright (c) 2003 Carlos Guzmán Álvarez
! *
! * Permission is hereby granted, free of charge, to any person
! * obtaining a copy of this software and associated documentation
! * files (the "Software"), to deal in the Software without restriction,
! * including without limitation the rights to use, copy, modify, merge,
! * publish, distribute, sublicense, and/or sell copies of the Software,
! * and to permit persons to whom the Software is furnished to do so,
! * subject to the following conditions:
! *
! * The above copyright notice and this permission notice shall be included
! * in all copies or substantial portions of the Software.
! *
! * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
! * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
! * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
! * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
! * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
! * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
! * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
! * DEALINGS IN THE SOFTWARE.
! */
!
! using System;
! using System.Net;
! using System.Collections;
! using System.Text.RegularExpressions;
! using System.Security.Cryptography;
! using X509Cert = System.Security.Cryptography.X509Certificates;
!
! using Mono.Security.Protocol.Tls.Alerts;
! using Mono.Security.X509;
!
! namespace Mono.Security.Protocol.Tls.Handshake.Client
! {
! internal class TlsServerCertificate : TlsHandshakeMessage
! {
! #region FIELDS
!
! private X509CertificateCollection certificates;
!
! #endregion
!
! #region CONSTRUCTORS
!
! public TlsServerCertificate(TlsContext context, byte[] buffer)
! : base(context, TlsHandshakeType.Certificate, buffer)
! {
! }
!
! #endregion
!
! #region METHODS
!
! public override void Update()
! {
! base.Update();
! this.Context.ServerSettings.Certificates = certificates;
! }
!
! #endregion
!
! #region PROTECTED_METHODS
!
! protected override void ProcessAsSsl3()
! {
! this.ProcessAsTls1();
! }
!
! protected override void ProcessAsTls1()
! {
! this.certificates = new X509CertificateCollection();
!
! int readed = 0;
! int length = this.ReadInt24();
!
! while (readed < length)
! {
! // Read certificate length
! int certLength = ReadInt24();
!
! // Increment readed
! readed += 3;
!
! if (certLength > 0)
! {
! // Read certificate
! X509Certificate certificate = new X509Certificate(this.ReadBytes(certLength));
! certificates.Add(certificate);
!
! readed += certLength;
! }
! }
!
! #warning Correct validation needs to be made using a certificate chain
!
! // Restrict validation to the first certificate
! this.validateCertificate(certificates[0]);
! }
!
! #endregion
!
! #region PRIVATE_METHODS
!
! private void validateCertificate(X509Certificate certificate)
! {
! ArrayList errors = new ArrayList();
!
! // 1 step : Validate dates
! if (!certificate.IsCurrent)
! {
! errors.Add(0x800B0101);
! }
!
! // 2 step: Validate CA
!
!
! // 3 step: Validate digital sign
! /*
! if (!certificate.VerifySignature(certificate.RSA))
! {
! throw this.Context.CreateException("Certificate received from the server has invalid signature.");
! }
! */
!
! // 4 step: Validate domain name
! if (!this.checkDomainName(certificate.SubjectName))
! {
! errors.Add(0x800B010F);
! }
!
! if (errors.Count > 0)
! {
! int[] certificateErrors = new int[errors.Count];
!
! for (int i = 0; i < certificateErrors.Length; i++)
! {
! certificateErrors[i] = Convert.ToInt32(errors[i]);
! }
!
! if (!this.Context.SslStream.RaiseServerCertificateValidation(
! new X509Cert.X509Certificate(certificate.RawData),
! new int[]{}))
! {
! throw this.Context.CreateException("Invalid certificate received form server.");
! }
! }
! }
!
! private bool checkDomainName(string subjectName)
! {
! string domainName = String.Empty;
! Regex search = new Regex(@"([\w\s\d]*)\s*=\s*([^,]*)");
!
! MatchCollection elements = search.Matches(subjectName);
!
! foreach (Match element in elements)
! {
! switch (element.Groups[1].Value.Trim().ToUpper())
! {
! case "CN":
! domainName = element.Groups[2].Value;
! break;
! }
! }
!
! if (domainName == String.Empty)
! {
! return false;
! }
! else
! {
! string targetHost = this.Context.ClientSettings.TargetHost;
!
! // Check that the IP is correct
! IPAddress ipHost = Dns.Resolve(targetHost).AddressList[0];
! IPAddress ipDomain = Dns.Resolve(domainName).AddressList[0];
!
! return (ipHost.Address == ipDomain.Address);
! }
! }
!
! #endregion
! }
! }
--- 1,225 ----
! /* Transport Security Layer (TLS)
! * Copyright (c) 2003 Carlos Guzmán Álvarez
! *
! * Permission is hereby granted, free of charge, to any person
! * obtaining a copy of this software and associated documentation
! * files (the "Software"), to deal in the Software without restriction,
! * including without limitation the rights to use, copy, modify, merge,
! * publish, distribute, sublicense, and/or sell copies of the Software,
! * and to permit persons to whom the Software is furnished to do so,
! * subject to the following conditions:
! *
! * The above copyright notice and this permission notice shall be included
! * in all copies or substantial portions of the Software.
! *
! * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
! * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
! * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
! * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
! * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
! * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
! * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
! * DEALINGS IN THE SOFTWARE.
! */
!
! using System;
! using System.Net;
! using System.Collections;
! using System.Text.RegularExpressions;
! using System.Security.Cryptography;
! using X509Cert = System.Security.Cryptography.X509Certificates;
!
! using Mono.Security.Protocol.Tls.Alerts;
! using Mono.Security.X509;
!
! namespace Mono.Security.Protocol.Tls.Handshake.Client
! {
! internal class TlsServerCertificate : TlsHandshakeMessage
! {
! #region Fields
!
! private X509CertificateCollection certificates;
!
! #endregion
!
! #region Constructors
!
! public TlsServerCertificate(TlsContext context, byte[] buffer)
! : base(context, TlsHandshakeType.Certificate, buffer)
! {
! }
!
! #endregion
!
! #region Methods
!
! public override void Update()
! {
! base.Update();
! this.Context.ServerSettings.Certificates = certificates;
! }
!
! #endregion
!
! #region Protected Methods
!
! protected override void ProcessAsSsl3()
! {
! this.ProcessAsTls1();
! }
!
! protected override void ProcessAsTls1()
! {
! this.certificates = new X509CertificateCollection();
!
! int readed = 0;
! int length = this.ReadInt24();
!
! while (readed < length)
! {
! // Read certificate length
! int certLength = ReadInt24();
!
! // Increment readed
! readed += 3;
!
! if (certLength > 0)
! {
! // Read certificate data
! byte[] buffer = this.ReadBytes(certLength);
!
! // Create a new X509 Certificate
! X509Certificate certificate = new X509Certificate(buffer);
! certificates.Add(certificate);
!
! /*
! System.Text.StringBuilder b = new System.Text.StringBuilder();
!
! b.AppendFormat(
! "\r\nCertificate {0} | Issuer name {1} | Self signed {2} ({3} bytes) \r\n",
! certificates.Count,
! certificate.IssuerName,
! certificate.IsSelfSigned,
! buffer.Length);
!
! b.Append("Contents: \r\n");
!
! int byteCount = 0;
! for (int i = 0; i < buffer.Length; i++)
! {
! if (byteCount == 25)
! {
! byteCount = 0;
! b.Append("\r\n");
! }
!
! b.AppendFormat("{0} ", buffer[i].ToString("x2"));
!
! byteCount++;
! }
!
! System.Diagnostics.Trace.Write(b.ToString());
! */
!
! readed += certLength;
! }
! }
!
! #warning Correct validation needs to be made using a certificate chain
!
! // Restrict validation to the first certificate
! this.validateCertificate(certificates[0]);
! }
!
! #endregion
!
! #region Private Methods
!
! private void validateCertificate(X509Certificate certificate)
! {
! ArrayList errors = new ArrayList();
!
! // 1 step : Validate dates
! if (!certificate.IsCurrent)
! {
! errors.Add(0x800B0101);
! }
!
! // 2 step: Validate CA
!
!
! // 3 step: Validate digital sign
! /*
! if (!certificate.VerifySignature(certificate.RSA))
! {
! throw this.Context.CreateException("Certificate received from the server has invalid signature.");
! }
! */
!
! // 4 step: Validate domain name
! if (!this.checkDomainName(certificate.SubjectName))
! {
! errors.Add(0x800B010F);
! }
!
! if (errors.Count > 0)
! {
! int[] certificateErrors = new int[errors.Count];
!
! for (int i = 0; i < certificateErrors.Length; i++)
! {
! certificateErrors[i] = Convert.ToInt32(errors[i]);
! }
!
! if (!this.Context.SslStream.RaiseServerCertificateValidation(
! new X509Cert.X509Certificate(certificate.RawData),
! new int[]{}))
! {
! throw this.Context.CreateException("Invalid certificate received form server.");
! }
! }
! }
!
! private bool checkDomainName(string subjectName)
! {
! string domainName = String.Empty;
! Regex search = new Regex(@"([\w\s\d]*)\s*=\s*([^,]*)");
!
! MatchCollection elements = search.Matches(subjectName);
!
! foreach (Match element in elements)
! {
! switch (element.Groups[1].Value.Trim().ToUpper())
! {
! case "CN":
! domainName = element.Groups[2].Value;
! break;
! }
! }
!
! if (domainName == String.Empty)
! {
! return false;
! }
! else
! {
! string targetHost = this.Context.ClientSettings.TargetHost;
!
! // Check that the IP is correct
! try
! {
! IPAddress ipHost = Dns.Resolve(targetHost).AddressList[0];
! IPAddress ipDomain = Dns.Resolve(domainName).AddressList[0];
!
! return (ipHost.Address == ipDomain.Address);
! }
! catch (Exception)
! {
! return false;
! }
! }
! }
!
! #endregion
! }
! }
Index: TlsServerCertificateRequest.cs
===================================================================
RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls.Handshake/Mono.Security.Protocol.Tls.Handshake.Client/TlsServerCertificateRequest.cs,v
retrieving revision 1.8
retrieving revision 1.9
diff -C2 -d -r1.8 -r1.9
*** TlsServerCertificateRequest.cs 25 Nov 2003 12:36:06 -0000 1.8
--- TlsServerCertificateRequest.cs 14 Dec 2003 15:01:54 -0000 1.9
***************
*** 1,112 ****
! /* Transport Security Layer (TLS)
! * Copyright (c) 2003 Carlos Guzmán Álvarez
! *
! * Permission is hereby granted, free of charge, to any person
! * obtaining a copy of this software and associated documentation
! * files (the "Software"), to deal in the Software without restriction,
! * including without limitation the rights to use, copy, modify, merge,
! * publish, distribute, sublicense, and/or sell copies of the Software,
! * and to permit persons to whom the Software is furnished to do so,
! * subject to the following conditions:
! *
! * The above copyright notice and this permission notice shall be included
! * in all copies or substantial portions of the Software.
! *
! * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
! * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
! * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
! * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
! * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
! * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
! * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
! * DEALINGS IN THE SOFTWARE.
! */
!
! using System;
! using System.Text;
! using Mono.Security;
!
! namespace Mono.Security.Protocol.Tls.Handshake.Client
! {
! internal class TlsServerCertificateRequest : TlsHandshakeMessage
! {
! #region FIELDS
!
! private TlsClientCertificateType[] certificateTypes;
! private string[] distinguisedNames;
!
! #endregion
!
! #region CONSTRUCTORS
!
! public TlsServerCertificateRequest(TlsContext context, byte[] buffer)
! : base(context, TlsHandshakeType.ServerHello, buffer)
! {
! }
!
! #endregion
!
! #region METHODS
!
! public override void Update()
! {
! base.Update();
!
! this.Context.ServerSettings.CertificateTypes = this.certificateTypes;
! this.Context.ServerSettings.DistinguisedNames = this.distinguisedNames;
! this.Context.ServerSettings.CertificateRequest = true;
! }
!
! #endregion
!
! #region PROTECTED_METHODS
!
! protected override void ProcessAsSsl3()
! {
! throw new NotSupportedException();
! }
!
! protected override void ProcessAsTls1()
! {
! // Read requested certificate types
! int typesCount = this.ReadByte();
!
! this.certificateTypes = new TlsClientCertificateType[typesCount];
!
! for (int i = 0; i < typesCount; i++)
! {
! this.certificateTypes[i] = (TlsClientCertificateType)this.ReadByte();
! }
!
! /*
! * Read requested certificate authorities (Distinguised Names)
! *
! * Name ::= SEQUENCE OF RelativeDistinguishedName
! *
! * RelativeDistinguishedName ::= SET OF AttributeValueAssertion
! *
! * AttributeValueAssertion ::= SEQUENCE {
! * attributeType OBJECT IDENTIFIER
! * attributeValue ANY }
! */
! if (this.ReadInt16() != 0)
! {
! ASN1 rdn = new ASN1(this.ReadBytes(this.ReadInt16()));
!
! distinguisedNames = new string[rdn.Count];
!
! #warning "needs testing"
! for (int i = 0; i < rdn.Count; i++)
! {
! // element[0] = attributeType
! // element[1] = attributeValue
! ASN1 element = new ASN1(rdn[i].Value);
!
! distinguisedNames[i] = Encoding.UTF8.GetString(element[1].Value);
! }
! }
! }
!
! #endregion
! }
! }
--- 1,112 ----
! /* Transport Security Layer (TLS)
! * Copyright (c) 2003 Carlos Guzmán Álvarez
! *
! * Permission is hereby granted, free of charge, to any person
! * obtaining a copy of this software and associated documentation
! * files (the "Software"), to deal in the Software without restriction,
! * including without limitation the rights to use, copy, modify, merge,
! * publish, distribute, sublicense, and/or sell copies of the Software,
! * and to permit persons to whom the Software is furnished to do so,
! * subject to the following conditions:
! *
! * The above copyright notice and this permission notice shall be included
! * in all copies or substantial portions of the Software.
! *
! * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
! * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
! * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
! * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
! * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
! * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
! * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
! * DEALINGS IN THE SOFTWARE.
! */
!
! using System;
! using System.Text;
! using Mono.Security;
!
! namespace Mono.Security.Protocol.Tls.Handshake.Client
! {
! internal class TlsServerCertificateRequest : TlsHandshakeMessage
! {
! #region Fields
!
! private TlsClientCertificateType[] certificateTypes;
! private string[] distinguisedNames;
!
! #endregion
!
! #region Constructors
!
! public TlsServerCertificateRequest(TlsContext context, byte[] buffer)
! : base(context, TlsHandshakeType.ServerHello, buffer)
! {
! }
!
! #endregion
!
! #region Methods
!
! public override void Update()
! {
! base.Update();
!
! this.Context.ServerSettings.CertificateTypes = this.certificateTypes;
! this.Context.ServerSettings.DistinguisedNames = this.distinguisedNames;
! this.Context.ServerSettings.CertificateRequest = true;
! }
!
! #endregion
!
! #region Protected Methods
!
! protected override void ProcessAsSsl3()
! {
! throw new NotSupportedException();
! }
!
! protected override void ProcessAsTls1()
! {
! // Read requested certificate types
! int typesCount = this.ReadByte();
!
! this.certificateTypes = new TlsClientCertificateType[typesCount];
!
! for (int i = 0; i < typesCount; i++)
! {
! this.certificateTypes[i] = (TlsClientCertificateType)this.ReadByte();
! }
!
! /*
! * Read requested certificate authorities (Distinguised Names)
! *
! * Name ::= SEQUENCE OF RelativeDistinguishedName
! *
! * RelativeDistinguishedName ::= SET OF AttributeValueAssertion
! *
! * AttributeValueAssertion ::= SEQUENCE {
! * attributeType OBJECT IDENTIFIER
! * attributeValue ANY }
! */
! if (this.ReadInt16() != 0)
! {
! ASN1 rdn = new ASN1(this.ReadBytes(this.ReadInt16()));
!
! distinguisedNames = new string[rdn.Count];
!
! #warning "needs testing"
! for (int i = 0; i < rdn.Count; i++)
! {
! // element[0] = attributeType
! // element[1] = attributeValue
! ASN1 element = new ASN1(rdn[i].Value);
!
! distinguisedNames[i] = Encoding.UTF8.GetString(element[1].Value);
! }
! }
! }
!
! #endregion
! }
! }
Index: TlsServerFinished.cs
===================================================================
RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls.Handshake/Mono.Security.Protocol.Tls.Handshake.Client/TlsServerFinished.cs,v
retrieving revision 1.13
retrieving revision 1.14
diff -C2 -d -r1.13 -r1.14
*** TlsServerFinished.cs 25 Nov 2003 12:36:06 -0000 1.13
--- TlsServerFinished.cs 14 Dec 2003 15:01:54 -0000 1.14
***************
*** 1,118 ****
! /* Transport Security Layer (TLS)
! * Copyright (c) 2003 Carlos Guzmán Álvarez
! *
! * Permission is hereby granted, free of charge, to any person
! * obtaining a copy of this software and associated documentation
! * files (the "Software"), to deal in the Software without restriction,
! * including without limitation the rights to use, copy, modify, merge,
! * publish, distribute, sublicense, and/or sell copies of the Software,
! * and to permit persons to whom the Software is furnished to do so,
! * subject to the following conditions:
! *
! * The above copyright notice and this permission notice shall be included
! * in all copies or substantial portions of the Software.
! *
! * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
! * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
! * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
! * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
! * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
! * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
! * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
! * DEALINGS IN THE SOFTWARE.
! */
!
! using System;
! using System.Security.Cryptography;
!
! using Mono.Security.Cryptography;
!
! namespace Mono.Security.Protocol.Tls.Handshake.Client
! {
! internal class TlsServerFinished : TlsHandshakeMessage
! {
! #region CONSTRUCTORS
!
! public TlsServerFinished(TlsContext context, byte[] buffer)
! : base(context, TlsHandshakeType.ServerHello, buffer)
! {
! }
!
! #endregion
!
! #region METHODS
!
! public override void Update()
! {
! base.Update();
!
! // Reset Hahdshake messages information
! this.Context.HandshakeMessages.Reset();
!
! // Hahdshake is finished
! this.Context.HandshakeFinished = true;
! }
!
! #endregion
!
! #region PROTECTED_METHODS
!
! protected override void ProcessAsSsl3()
! {
! // Compute handshake messages hashes
! HashAlgorithm hash = new TlsSslHandshakeHash(this.Context.MasterSecret);
!
! TlsStream data = new TlsStream();
! data.Write(this.Context.HandshakeMessages.ToArray());
! data.Write((int)0x53525652);
!
! hash.TransformFinalBlock(data.ToArray(), 0, (int)data.Length);
!
! data.Reset();
!
! byte[] serverHash = this.ReadBytes((int)Length);
! byte[] clientHash = hash.Hash;
!
! // Check server prf against client prf
! if (clientHash.Length != serverHash.Length)
! {
! throw new TlsException("Invalid ServerFinished message received.");
! }
! for (int i = 0; i < serverHash.Length; i++)
! {
! if (clientHash[i] != serverHash[i])
! {
! throw new TlsException("Invalid ServerFinished message received.");
! }
! }
! }
!
! protected override void ProcessAsTls1()
! {
! byte[] serverPRF = this.ReadBytes((int)Length);
! HashAlgorithm hash = new MD5SHA1();
!
! hash.ComputeHash(
! this.Context.HandshakeMessages.ToArray(),
! 0,
! (int)this.Context.HandshakeMessages.Length);
!
! byte[] clientPRF = this.Context.Cipher.PRF(this.Context.MasterSecret, "server finished", hash.Hash, 12);
!
! // Check server prf against client prf
! if (clientPRF.Length != serverPRF.Length)
! {
! throw new TlsException("Invalid ServerFinished message received.");
! }
! for (int i = 0; i < serverPRF.Length; i++)
! {
! if (clientPRF[i] != serverPRF[i])
! {
! throw new TlsException("Invalid ServerFinished message received.");
! }
! }
! }
!
! #endregion
! }
! }
--- 1,118 ----
! /* Transport Security Layer (TLS)
! * Copyright (c) 2003 Carlos Guzmán Álvarez
! *
! * Permission is hereby granted, free of charge, to any person
! * obtaining a copy of this software and associated documentation
! * files (the "Software"), to deal in the Software without restriction,
! * including without limitation the rights to use, copy, modify, merge,
! * publish, distribute, sublicense, and/or sell copies of the Software,
! * and to permit persons to whom the Software is furnished to do so,
! * subject to the following conditions:
! *
! * The above copyright notice and this permission notice shall be included
! * in all copies or substantial portions of the Software.
! *
! * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
! * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
! * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
! * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
! * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
! * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
! * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
! * DEALINGS IN THE SOFTWARE.
! */
!
! using System;
! using System.Security.Cryptography;
!
! using Mono.Security.Cryptography;
!
! namespace Mono.Security.Protocol.Tls.Handshake.Client
! {
! internal class TlsServerFinished : TlsHandshakeMessage
! {
! #region Constructors
!
! public TlsServerFinished(TlsContext context, byte[] buffer)
! : base(context, TlsHandshakeType.ServerHello, buffer)
! {
! }
!
! #endregion
!
! #region Methods
!
! public override void Update()
! {
! base.Update();
!
! // Reset Hahdshake messages information
! this.Context.HandshakeMessages.Reset();
!
! // Hahdshake is finished
! this.Context.HandshakeFinished = true;
! }
!
! #endregion
!
! #region Protected Methods
!
! protected override void ProcessAsSsl3()
! {
! // Compute handshake messages hashes
! HashAlgorithm hash = new TlsSslHandshakeHash(this.Context.MasterSecret);
!
! TlsStream data = new TlsStream();
! data.Write(this.Context.HandshakeMessages.ToArray());
! data.Write((int)0x53525652);
!
! hash.TransformFinalBlock(data.ToArray(), 0, (int)data.Length);
!
! data.Reset();
!
! byte[] serverHash = this.ReadBytes((int)Length);
! byte[] clientHash = hash.Hash;
!
! // Check server prf against client prf
! if (clientHash.Length != serverHash.Length)
! {
! throw new TlsException("Invalid ServerFinished message received.");
! }
! for (int i = 0; i < serverHash.Length; i++)
! {
! if (clientHash[i] != serverHash[i])
! {
! throw new TlsException("Invalid ServerFinished message received.");
! }
! }
! }
!
! protected override void ProcessAsTls1()
! {
! byte[] serverPRF = this.ReadBytes((int)Length);
! HashAlgorithm hash = new MD5SHA1();
!
! hash.ComputeHash(
! this.Context.HandshakeMessages.ToArray(),
! 0,
! (int)this.Context.HandshakeMessages.Length);
!
! byte[] clientPRF = this.Context.Cipher.PRF(this.Context.MasterSecret, "server finished", hash.Hash, 12);
!
! // Check server prf against client prf
! if (clientPRF.Length != serverPRF.Length)
! {
! throw new TlsException("Invalid ServerFinished message received.");
! }
! for (int i = 0; i < serverPRF.Length; i++)
! {
! if (clientPRF[i] != serverPRF[i])
! {
! throw new TlsException("Invalid ServerFinished message received.");
! }
! }
! }
!
! #endregion
! }
! }
Index: TlsServerHello.cs
===================================================================
RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls.Handshake/Mono.Security.Protocol.Tls.Handshake.Client/TlsServerHello.cs,v
retrieving revision 1.14
retrieving revision 1.15
diff -C2 -d -r1.14 -r1.15
*** TlsServerHello.cs 25 Nov 2003 12:36:06 -0000 1.14
--- TlsServerHello.cs 14 Dec 2003 15:01:54 -0000 1.15
***************
*** 1,139 ****
! /* Transport Security Layer (TLS)
! * Copyright (c) 2003 Carlos Guzmán Álvarez
! *
! * Permission is hereby granted, free of charge, to any person
! * obtaining a copy of this software and associated documentation
! * files (the "Software"), to deal in the Software without restriction,
! * including without limitation the rights to use, copy, modify, merge,
! * publish, distribute, sublicense, and/or sell copies of the Software,
! * and to permit persons to whom the Software is furnished to do so,
! * subject to the following conditions:
! *
! * The above copyright notice and this permission notice shall be included
! * in all copies or substantial portions of the Software.
! *
! * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
! * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
! * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
! * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
! * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
! * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
! * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
! * DEALINGS IN THE SOFTWARE.
! */
!
! using System;
!
! namespace Mono.Security.Protocol.Tls.Handshake.Client
! {
! internal class TlsServerHello : TlsHandshakeMessage
! {
! #region FIELDS
!
! private SecurityProtocolType protocol;
! private SecurityCompressionType compressionMethod;
! private byte[] random;
! private byte[] sessionId;
! private CipherSuite cipherSuite;
!
! #endregion
!
! #region CONSTRUCTORS
!
! public TlsServerHello(TlsContext context, byte[] buffer)
! : base(context, TlsHandshakeType.ServerHello, buffer)
! {
! }
!
! #endregion
!
! #region METHODS
!
! public override void Update()
! {
! base.Update();
!
! this.Context.SessionId = this.sessionId;
! this.Context.ServerRandom = this.random;
! this.Context.Cipher = this.cipherSuite;
! this.Context.CompressionMethod = this.compressionMethod;
! this.Context.Cipher.Context = this.Context;
!
! // Compute ClientRandom + ServerRandom
! TlsStream random = new TlsStream();
! random.Write(this.Context.ClientRandom);
! random.Write(this.Context.ServerRandom);
! this.Context.RandomCS = random.ToArray();
!
! // Server R...
[truncated message content] |
