[pgsqlclient-checkins] pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls ClientR
Status: Inactive
Brought to you by:
carlosga_fb
Menu
▾
▴
[pgsqlclient-checkins] pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls ClientRecordProtocol.cs,NONE,1.1 RecordProtocol.cs,NONE,1.1 SslClientStream.cs,1.8,1.9
Update of /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv29951 Modified Files: SslClientStream.cs Added Files: ClientRecordProtocol.cs RecordProtocol.cs Log Message: 2004-02-19 Carlos Guzmán Álvarez <car...@te...> * Mono.Security.Protocol.Tls/RecordProtocol.cs: * Mono.Security.Protocol.Tls/ClientRecordProtocol.cs: - New classes for handle the SSL/TLS record protocol. * Mono.Security.Protocol.Tls/SslClientStream.cs: - Record protocol stuff moved to the new classes. - Removed Warning event. --- NEW FILE: ClientRecordProtocol.cs --- /* Transport Security Layer (TLS) * Copyright (c) 2003-2004 Carlos Guzman Alvarez * * Permission is hereby granted, free of charge, to any person * obtaining a copy of this software and associated documentation * files (the "Software"), to deal in the Software without restriction, * including without limitation the rights to use, copy, modify, merge, * publish, distribute, sublicense, and/or sell copies of the Software, * and to permit persons to whom the Software is furnished to do so, * subject to the following conditions: * * The above copyright notice and this permission notice shall be included * in all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER * DEALINGS IN THE SOFTWARE. */ using System; using System.IO; using Mono.Security.Protocol.Tls.Alerts; using Mono.Security.Protocol.Tls.Handshake; using Mono.Security.Protocol.Tls.Handshake.Client; namespace Mono.Security.Protocol.Tls { internal class ClientRecordProtocol : RecordProtocol { #region Constructors public ClientRecordProtocol( Stream innerStream, TlsContext context) : base(innerStream, context) { } #endregion #region Send Messages public override void SendRecord(TlsHandshakeType type) { // Create the record message TlsHandshakeMessage msg = this.createClientHandshakeMessage(type); // Write record this.SendRecord(msg.ContentType, msg.EncodeMessage()); // Update session msg.Update(); // Reset message contents msg.Reset(); } #endregion #region Handshake Processing Methods protected override void ProcessHandshakeMessage(TlsStream handMsg) { TlsHandshakeType handshakeType = (TlsHandshakeType)handMsg.ReadByte(); TlsHandshakeMessage message = null; // Read message length int length = handMsg.ReadInt24(); // Read message data byte[] data = new byte[length]; handMsg.Read(data, 0, length); // Create and process the server message message = this.createServerHandshakeMessage(handshakeType, data); // Update session if (message != null) { message.Update(); } } #endregion #region Client Handshake Message Factories private TlsHandshakeMessage createClientHandshakeMessage(TlsHandshakeType type) { switch (type) { case TlsHandshakeType.ClientHello: return new TlsClientHello(this.context); case TlsHandshakeType.Certificate: return new TlsClientCertificate(this.context); case TlsHandshakeType.ClientKeyExchange: return new TlsClientKeyExchange(this.context); case TlsHandshakeType.CertificateVerify: return new TlsClientCertificateVerify(this.context); case TlsHandshakeType.Finished: return new TlsClientFinished(this.context); default: throw new InvalidOperationException("Unknown client handshake message type: " + type.ToString() ); } } private TlsHandshakeMessage createServerHandshakeMessage(TlsHandshakeType type, byte[] buffer) { switch (type) { case TlsHandshakeType.HelloRequest: this.SendRecord(TlsHandshakeType.ClientHello); return null; case TlsHandshakeType.ServerHello: return new TlsServerHello(this.context, buffer); case TlsHandshakeType.Certificate: return new TlsServerCertificate(this.context, buffer); case TlsHandshakeType.ServerKeyExchange: return new TlsServerKeyExchange(this.context, buffer); case TlsHandshakeType.CertificateRequest: return new TlsServerCertificateRequest(this.context, buffer); case TlsHandshakeType.ServerHelloDone: return new TlsServerHelloDone(this.context, buffer); case TlsHandshakeType.Finished: return new TlsServerFinished(this.context, buffer); default: throw this.context.CreateException("Unknown server handshake message received ({0})", type.ToString()); } } #endregion } } --- NEW FILE: RecordProtocol.cs --- /* Transport Security Layer (TLS) * Copyright (c) 2003-2004 Carlos Guzman Alvarez * * Permission is hereby granted, free of charge, to any person * obtaining a copy of this software and associated documentation * files (the "Software"), to deal in the Software without restriction, * including without limitation the rights to use, copy, modify, merge, * publish, distribute, sublicense, and/or sell copies of the Software, * and to permit persons to whom the Software is furnished to do so, * subject to the following conditions: * * The above copyright notice and this permission notice shall be included * in all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER * DEALINGS IN THE SOFTWARE. */ using System; using System.IO; using System.Security.Cryptography; using System.Security.Cryptography.X509Certificates; using Mono.Security.Protocol.Tls.Alerts; using Mono.Security.Protocol.Tls.Handshake; namespace Mono.Security.Protocol.Tls { internal abstract class RecordProtocol { #region Fields protected Stream innerStream; protected TlsContext context; #endregion #region Properties public Stream InnerStream { get { return this.innerStream; } set { this.innerStream = value; } } public TlsContext Context { get { return this.context; } set { this.context = value; } } #endregion #region Constructors public RecordProtocol(Stream innerStream, TlsContext context) { this.innerStream = innerStream; this.context = context; } #endregion #region Abstract Methods public abstract void SendRecord(TlsHandshakeType type); protected abstract void ProcessHandshakeMessage(TlsStream handMsg); #endregion #region Reveive Record Methods public byte[] ReceiveRecord() { if (this.context.ConnectionEnd) { throw this.context.CreateException("The session is finished and it's no longer valid."); } // Try to read the Record Content Type int type = this.innerStream.ReadByte(); // There are no more data for read if (type == -1) { return null; } TlsContentType contentType = (TlsContentType)type; short protocol = this.readShort(); short length = this.readShort(); // Read Record data int received = 0; byte[] buffer = new byte[length]; while (received != length) { received += this.innerStream.Read( buffer, received, buffer.Length - received); } TlsStream message = new TlsStream(buffer); // Check that the message has a valid protocol version if (protocol != this.context.Protocol) { throw this.context.CreateException("Invalid protocol version on message received from server"); } // Decrypt message contents if needed if (contentType == TlsContentType.Alert && length == 2) { } else { if (this.context.IsActual && contentType != TlsContentType.ChangeCipherSpec) { message = this.decryptRecordFragment( contentType, message.ToArray()); } } byte[] result = message.ToArray(); // Process record switch (contentType) { case TlsContentType.Alert: this.processAlert( (TlsAlertLevel)message.ReadByte(), (TlsAlertDescription)message.ReadByte()); break; case TlsContentType.ChangeCipherSpec: // Reset sequence numbers this.context.ReadSequenceNumber = 0; break; case TlsContentType.ApplicationData: break; case TlsContentType.Handshake: while (!message.EOF) { this.ProcessHandshakeMessage(message); } // Update handshakes of current messages this.context.HandshakeMessages.Write(message.ToArray()); break; default: throw this.context.CreateException("Unknown record received from server."); } return result; } private short readShort() { byte[] b = new byte[2]; this.innerStream.Read(b, 0, b.Length); short val = BitConverter.ToInt16(b, 0); return System.Net.IPAddress.HostToNetworkOrder(val); } private void processAlert( TlsAlertLevel alertLevel, TlsAlertDescription alertDesc) { switch (alertLevel) { case TlsAlertLevel.Fatal: throw this.context.CreateException(alertLevel, alertDesc); case TlsAlertLevel.Warning: default: switch (alertDesc) { case TlsAlertDescription.CloseNotify: this.context.ConnectionEnd = true; break; } break; } } #endregion #region Send Record Methods public void SendAlert(TlsAlert alert) { // Write record this.SendRecord(TlsContentType.Alert, alert.ToArray()); // Update session alert.Update(); // Reset message contents alert.Reset(); } public void SendChangeCipherSpec() { // Send Change Cipher Spec message this.SendRecord(TlsContentType.ChangeCipherSpec, new byte[] {1}); // Reset sequence numbers this.context.WriteSequenceNumber = 0; // Make the pending state to be the current state this.context.IsActual = true; // Send Finished message this.SendRecord(TlsHandshakeType.Finished); } public void SendRecord(TlsContentType contentType, byte[] recordData) { if (this.context.ConnectionEnd) { throw this.context.CreateException("The session is finished and it's no longer valid."); } byte[] record = this.EncodeRecord(contentType, recordData); this.innerStream.Write(record, 0, record.Length); } public byte[] EncodeRecord(TlsContentType contentType, byte[] recordData) { return this.EncodeRecord( contentType, recordData, 0, recordData.Length); } public byte[] EncodeRecord( TlsContentType contentType, byte[] recordData, int offset, int count) { if (this.context.ConnectionEnd) { throw this.context.CreateException("The session is finished and it's no longer valid."); } TlsStream record = new TlsStream(); int position = offset; while (position < ( offset + count )) { short fragmentLength = 0; byte[] fragment; if ((count - position) > TlsContext.MAX_FRAGMENT_SIZE) { fragmentLength = TlsContext.MAX_FRAGMENT_SIZE; } else { fragmentLength = (short)(count - position); } // Fill the fragment data fragment = new byte[fragmentLength]; Buffer.BlockCopy(recordData, position, fragment, 0, fragmentLength); if (this.context.IsActual) { // Encrypt fragment fragment = this.encryptRecordFragment(contentType, fragment); } // Write tls message record.Write((byte)contentType); record.Write(this.context.Protocol); record.Write((short)fragment.Length); record.Write(fragment); // Update buffer position position += fragmentLength; } return record.ToArray(); } #endregion #region Cryptography Methods private byte[] encryptRecordFragment( TlsContentType contentType, byte[] fragment) { // Calculate message MAC byte[] mac = this.context.Cipher.ComputeClientRecordMAC(contentType, fragment); // Encrypt the message byte[] ecr = this.context.Cipher.EncryptRecord(fragment, mac); // Set new IV if (this.context.Cipher.CipherMode == CipherMode.CBC) { byte[] iv = new byte[this.context.Cipher.IvSize]; System.Array.Copy(ecr, ecr.Length - iv.Length, iv, 0, iv.Length); this.context.Cipher.UpdateClientCipherIV(iv); } // Update sequence number this.context.WriteSequenceNumber++; return ecr; } private TlsStream decryptRecordFragment( TlsContentType contentType, byte[] fragment) { byte[] dcrFragment = null; byte[] dcrMAC = null; // Decrypt message this.context.Cipher.DecryptRecord(fragment, ref dcrFragment, ref dcrMAC); // Set new IV if (this.context.Cipher.CipherMode == CipherMode.CBC) { byte[] iv = new byte[this.context.Cipher.IvSize]; System.Array.Copy(fragment, fragment.Length - iv.Length, iv, 0, iv.Length); this.context.Cipher.UpdateServerCipherIV(iv); } // Check MAC code byte[] mac = this.context.Cipher.ComputeServerRecordMAC(contentType, dcrFragment); // Check that the mac is correct if (mac.Length != dcrMAC.Length) { throw new TlsException("Invalid MAC received from server."); } for (int i = 0; i < mac.Length; i++) { if (mac[i] != dcrMAC[i]) { throw new TlsException("Invalid MAC received from server."); } } // Update sequence number this.context.ReadSequenceNumber++; return new TlsStream(dcrFragment); } #endregion } } Index: SslClientStream.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls/SslClientStream.cs,v retrieving revision 1.8 retrieving revision 1.9 diff -C2 -d -r1.8 -r1.9 *** SslClientStream.cs 18 Feb 2004 15:28:13 -0000 1.8 --- SslClientStream.cs 19 Feb 2004 13:54:09 -0000 1.9 *************** *** 34,38 **** using Mono.Security.Protocol.Tls.Alerts; using Mono.Security.Protocol.Tls.Handshake; - using Mono.Security.Protocol.Tls.Handshake.Client; namespace Mono.Security.Protocol.Tls --- 34,37 ---- *************** *** 58,67 **** public class SslClientStream : Stream, IDisposable { - #region Events - - public event TlsWarningAlertEventHandler WarningAlert; - - #endregion - #region Internal Events --- 57,60 ---- *************** *** 80,85 **** --- 73,80 ---- private BufferedStream inputBuffer; private TlsContext context; + private ClientRecordProtocol protocol; private bool ownsStream; private bool disposed; + private bool checkCertRevocationStatus; private string read; private string write; *************** *** 121,126 **** public bool CheckCertRevocationStatus { ! get { throw new NotImplementedException(); } ! set { throw new NotImplementedException(); } } --- 116,121 ---- public bool CheckCertRevocationStatus { ! get { return this.checkCertRevocationStatus ; } ! set { this.checkCertRevocationStatus = value; } } *************** *** 346,350 **** } ! this.context = new TlsContext( this, securityProtocolType, --- 341,345 ---- } ! this.context = new TlsContext( this, securityProtocolType, *************** *** 356,359 **** --- 351,355 ---- this.read = String.Empty; this.write = String.Empty; + this.protocol = new ClientRecordProtocol(innerStream, context); } *************** *** 389,393 **** // Write close notify TlsCloseNotifyAlert alert = new TlsCloseNotifyAlert(this.context); ! this.SendAlert(alert); } --- 385,389 ---- // Write close notify TlsCloseNotifyAlert alert = new TlsCloseNotifyAlert(this.context); ! this.protocol.SendAlert(alert); } *************** *** 479,483 **** // Read next record and write it into the inputBuffer long position = this.inputBuffer.Position; ! byte[] record = this.receiveRecord(); if (record != null && record.Length > 0) --- 475,479 ---- // Read next record and write it into the inputBuffer long position = this.inputBuffer.Position; ! byte[] record = this.protocol.ReceiveRecord(); if (record != null && record.Length > 0) *************** *** 576,580 **** // Send the buffer as a TLS record ! byte[] record = this.encodeRecord( TlsContentType.ApplicationData, buffer, offset, count); --- 572,576 ---- // Send the buffer as a TLS record ! byte[] record = this.protocol.EncodeRecord( TlsContentType.ApplicationData, buffer, offset, count); *************** *** 670,1000 **** #endregion - #region Reveive Record Methods - - private byte[] receiveRecord() - { - if (this.context.ConnectionEnd) - { - throw this.context.CreateException("The session is finished and it's no longer valid."); - } - - // Try to read the Record Content Type - int type = this.innerStream.ReadByte(); - - // There are no more data for read - if (type == -1) - { - return null; - } - - TlsContentType contentType = (TlsContentType)type; - short protocol = this.ReadShort(); - short length = this.ReadShort(); - - // Read Record data - int received = 0; - byte[] buffer = new byte[length]; - while (received != length) - { - received += this.innerStream.Read( - buffer, received, buffer.Length - received); - } - - TlsStream message = new TlsStream(buffer); - - // Check that the message has a valid protocol version - if (protocol != this.context.Protocol) - { - throw this.context.CreateException("Invalid protocol version on message received from server"); - } - - // Decrypt message contents if needed - if (contentType == TlsContentType.Alert && length == 2) - { - } - else - { - if (this.context.IsActual && - contentType != TlsContentType.ChangeCipherSpec) - { - message = this.decryptRecordFragment( - contentType, - message.ToArray()); - } - } - - byte[] result = message.ToArray(); - - // Process record - switch (contentType) - { - case TlsContentType.Alert: - this.processAlert((TlsAlertLevel)message.ReadByte(), - (TlsAlertDescription)message.ReadByte()); - break; - - case TlsContentType.ChangeCipherSpec: - // Reset sequence numbers - this.context.ReadSequenceNumber = 0; - break; - - case TlsContentType.ApplicationData: - break; - - case TlsContentType.Handshake: - while (!message.EOF) - { - this.processHandshakeMessage(message); - } - // Update handshakes of current messages - this.context.HandshakeMessages.Write(message.ToArray()); - break; - - default: - throw this.context.CreateException("Unknown record received from server."); - } - - return result; - } - - #endregion - - #region Send Record Methods - - internal void SendAlert(TlsAlert alert) - { - // Write record - this.sendRecord(TlsContentType.Alert, alert.ToArray()); - - // Update session - alert.Update(); - - // Reset message contents - alert.Reset(); - } - - private void sendChangeCipherSpec() - { - // Send Change Cipher Spec message - this.sendRecord(TlsContentType.ChangeCipherSpec, new byte[] {1}); - - // Reset sequence numbers - this.context.WriteSequenceNumber = 0; - - // Make the pending state to be the current state - this.context.IsActual = true; - - // Send Finished message - this.sendRecord(TlsHandshakeType.Finished); - } - - private void sendRecord(TlsHandshakeType type) - { - TlsHandshakeMessage msg = this.createClientHandshakeMessage(type); - - // Write record - this.sendRecord(msg.ContentType, msg.EncodeMessage()); - - // Update session - msg.Update(); - - // Reset message contents - msg.Reset(); - } - - private void sendRecord(TlsContentType contentType, byte[] recordData) - { - if (this.context.ConnectionEnd) - { - throw this.context.CreateException("The session is finished and it's no longer valid."); - } - - byte[] record = this.encodeRecord(contentType, recordData); - - this.innerStream.Write(record, 0, record.Length); - } - - private byte[] encodeRecord(TlsContentType contentType, byte[] recordData) - { - return this.encodeRecord( - contentType, - recordData, - 0, - recordData.Length); - } - - private byte[] encodeRecord( - TlsContentType contentType, - byte[] recordData, - int offset, - int count) - { - if (this.context.ConnectionEnd) - { - throw this.context.CreateException("The session is finished and it's no longer valid."); - } - - TlsStream record = new TlsStream(); - - int position = offset; - - while (position < ( offset + count )) - { - short fragmentLength = 0; - byte[] fragment; - - if ((count - position) > TlsContext.MAX_FRAGMENT_SIZE) - { - fragmentLength = TlsContext.MAX_FRAGMENT_SIZE; - } - else - { - fragmentLength = (short)(count - position); - } - - // Fill the fragment data - fragment = new byte[fragmentLength]; - Buffer.BlockCopy(recordData, position, fragment, 0, fragmentLength); - - if (this.context.IsActual) - { - // Encrypt fragment - fragment = this.encryptRecordFragment(contentType, fragment); - } - - // Write tls message - record.Write((byte)contentType); - record.Write(this.context.Protocol); - record.Write((short)fragment.Length); - record.Write(fragment); - - // Update buffer position - position += fragmentLength; - } - - return record.ToArray(); - } - - #endregion - - #region Cryptography Methods - - private byte[] encryptRecordFragment( - TlsContentType contentType, - byte[] fragment) - { - // Calculate message MAC - byte[] mac = this.context.Cipher.ComputeClientRecordMAC(contentType, fragment); - - // Encrypt the message - byte[] ecr = this.context.Cipher.EncryptRecord(fragment, mac); - - // Set new IV - if (this.context.Cipher.CipherMode == CipherMode.CBC) - { - byte[] iv = new byte[this.context.Cipher.IvSize]; - System.Array.Copy(ecr, ecr.Length - iv.Length, iv, 0, iv.Length); - this.context.Cipher.UpdateClientCipherIV(iv); - } - - // Update sequence number - this.context.WriteSequenceNumber++; - - return ecr; - } - - private TlsStream decryptRecordFragment( - TlsContentType contentType, - byte[] fragment) - { - byte[] dcrFragment = null; - byte[] dcrMAC = null; - - // Decrypt message - this.context.Cipher.DecryptRecord(fragment, ref dcrFragment, ref dcrMAC); - - // Set new IV - if (this.context.Cipher.CipherMode == CipherMode.CBC) - { - byte[] iv = new byte[this.context.Cipher.IvSize]; - System.Array.Copy(fragment, fragment.Length - iv.Length, iv, 0, iv.Length); - this.context.Cipher.UpdateServerCipherIV(iv); - } - - // Check MAC code - byte[] mac = this.context.Cipher.ComputeServerRecordMAC(contentType, dcrFragment); - - // Check that the mac is correct - if (mac.Length != dcrMAC.Length) - { - throw new TlsException("Invalid MAC received from server."); - } - for (int i = 0; i < mac.Length; i++) - { - if (mac[i] != dcrMAC[i]) - { - throw new TlsException("Invalid MAC received from server."); - } - } - - // Update sequence number - this.context.ReadSequenceNumber++; - - return new TlsStream(dcrFragment); - } - - #endregion - - #region Handshake Processing Methods - - private void processHandshakeMessage(TlsStream handMsg) - { - TlsHandshakeType handshakeType = (TlsHandshakeType)handMsg.ReadByte(); - TlsHandshakeMessage message = null; - - // Read message length - int length = handMsg.ReadInt24(); - - // Read message data - byte[] data = new byte[length]; - handMsg.Read(data, 0, length); - - // Create and process the server message - message = this.createServerHandshakeMessage(handshakeType, data); - - // Update session - if (message != null) - { - message.Update(); - } - } - - private void processAlert( - TlsAlertLevel alertLevel, - TlsAlertDescription alertDesc) - { - switch (alertLevel) - { - case TlsAlertLevel.Fatal: - throw this.context.CreateException(alertLevel, alertDesc); - - case TlsAlertLevel.Warning: - default: - switch (alertDesc) - { - case TlsAlertDescription.CloseNotify: - this.context.ConnectionEnd = true; - break; - - default: - this.RaiseWarningAlert(alertLevel, alertDesc); - break; - } - break; - } - } - - #endregion - #region Misc Methods --- 666,669 ---- *************** *** 1005,1018 **** } - private short ReadShort() - { - byte[] b = new byte[2]; - this.innerStream.Read(b, 0, b.Length); - - short val = BitConverter.ToInt16(b, 0); - - return System.Net.IPAddress.HostToNetworkOrder(val); - } - private void checkDisposed() { --- 674,677 ---- *************** *** 1050,1058 **** private void doHandshake() { ! // Obtain supported cipher suite collection ! this.context.SupportedCiphers = TlsCipherSuiteFactory.GetSupportedCiphers(context.SecurityProtocol); // Send client hello ! this.sendRecord(TlsHandshakeType.ClientHello); // Read server response --- 709,717 ---- private void doHandshake() { ! // Obtain supported cipher suites ! this.context.SupportedCiphers = TlsCipherSuiteFactory.GetSupportedCiphers(this.context.SecurityProtocol); // Send client hello ! this.protocol.SendRecord(TlsHandshakeType.ClientHello); // Read server response *************** *** 1060,1064 **** { // Read next record ! this.receiveRecord(); } --- 719,723 ---- { // Read next record ! this.protocol.ReceiveRecord(); } *************** *** 1066,1074 **** if (this.context.ServerSettings.CertificateRequest) { ! this.sendRecord(TlsHandshakeType.Certificate); } // Send Client Key Exchange ! this.sendRecord(TlsHandshakeType.ClientKeyExchange); // Now initialize session cipher with the generated keys --- 725,733 ---- if (this.context.ServerSettings.CertificateRequest) { ! this.protocol.SendRecord(TlsHandshakeType.Certificate); } // Send Client Key Exchange ! this.protocol.SendRecord(TlsHandshakeType.ClientKeyExchange); // Now initialize session cipher with the generated keys *************** *** 1078,1086 **** if (this.context.ServerSettings.CertificateRequest) { ! this.sendRecord(TlsHandshakeType.CertificateVerify); } // Send Cipher Spec protocol ! this.sendChangeCipherSpec(); // Read record until server finished is received --- 737,745 ---- if (this.context.ServerSettings.CertificateRequest) { ! this.protocol.SendRecord(TlsHandshakeType.CertificateVerify); } // Send Cipher Spec protocol ! this.protocol.SendChangeCipherSpec(); // Read record until server finished is received *************** *** 1090,1094 **** // Change Cipher Spec // Server finished ! this.receiveRecord(); } --- 749,753 ---- // Change Cipher Spec // Server finished ! this.protocol.ReceiveRecord(); } *************** *** 1096,1154 **** this.context.ClearKeyInfo(); } - - private TlsHandshakeMessage createClientHandshakeMessage(TlsHandshakeType type) - { - switch (type) - { - case TlsHandshakeType.ClientHello: - return new TlsClientHello(this.context); - - case TlsHandshakeType.Certificate: - return new TlsClientCertificate(this.context); - - case TlsHandshakeType.ClientKeyExchange: - return new TlsClientKeyExchange(this.context); - - case TlsHandshakeType.CertificateVerify: - return new TlsClientCertificateVerify(this.context); - - case TlsHandshakeType.Finished: - return new TlsClientFinished(this.context); - - default: - throw new InvalidOperationException("Unknown client handshake message type: " + type.ToString() ); - } - } - - private TlsHandshakeMessage createServerHandshakeMessage(TlsHandshakeType type, byte[] buffer) - { - switch (type) - { - case TlsHandshakeType.HelloRequest: - this.sendRecord(TlsHandshakeType.ClientHello); - return null; - - case TlsHandshakeType.ServerHello: - return new TlsServerHello(this.context, buffer); - - case TlsHandshakeType.Certificate: - return new TlsServerCertificate(this.context, buffer); - - case TlsHandshakeType.ServerKeyExchange: - return new TlsServerKeyExchange(this.context, buffer); - - case TlsHandshakeType.CertificateRequest: - return new TlsServerCertificateRequest(this.context, buffer); - - case TlsHandshakeType.ServerHelloDone: - return new TlsServerHelloDone(this.context, buffer); - - case TlsHandshakeType.Finished: - return new TlsServerFinished(this.context, buffer); - - default: - throw this.context.CreateException("Unknown server handshake message received ({0})", type.ToString()); - } - } #endregion --- 755,758 ---- *************** *** 1156,1169 **** #region Event Methods - internal void RaiseWarningAlert( - TlsAlertLevel level, - TlsAlertDescription description) - { - if (WarningAlert != null) - { - WarningAlert(this, new TlsWarningAlertEventArgs(level, description)); - } - } - internal bool RaiseServerCertificateValidation( X509Certificate certificate, --- 760,763 ---- *************** *** 1212,1214 **** #endregion } ! } --- 806,808 ---- #endregion } ! } \ No newline at end of file |
