[pgsqlclient-checkins] pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls Content
Status: Inactive
Brought to you by:
carlosga_fb
Menu
▾
▴
[pgsqlclient-checkins] pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls ContentType.cs,1.2,1.3 Context.cs,1.10,1.11 RecordProtocol.cs,1.19,1.20
|
From: Carlos G. Á. <car...@us...> - 2004-09-24 21:33:46
|
Update of /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv3962 Modified Files: ContentType.cs Context.cs RecordProtocol.cs Log Message: Updated ClientHelloV2 support Index: ContentType.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls/ContentType.cs,v retrieving revision 1.2 retrieving revision 1.3 diff -C2 -d -r1.2 -r1.3 *** ContentType.cs 23 Sep 2004 20:31:24 -0000 1.2 --- ContentType.cs 24 Sep 2004 21:33:34 -0000 1.3 *************** *** 30,34 **** internal enum ContentType : byte { - ClientHelloV2 = 1, ChangeCipherSpec = 20, Alert = 21, --- 30,33 ---- Index: RecordProtocol.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls/RecordProtocol.cs,v retrieving revision 1.19 retrieving revision 1.20 diff -C2 -d -r1.19 -r1.20 *** RecordProtocol.cs 23 Sep 2004 21:10:44 -0000 1.19 --- RecordProtocol.cs 24 Sep 2004 21:33:34 -0000 1.20 *************** *** 89,96 **** } ! ContentType contentType = (ContentType)type; ! byte[] buffer = this.ReadRecordBuffer(contentType); ! TlsStream message = new TlsStream(buffer); // Decrypt message contents if needed --- 89,98 ---- } ! // Set last handshake message received to None ! this.context.LastHandshakeMsg = HandshakeType.None; ! ContentType contentType = (ContentType)type; ! byte[] buffer = this.ReadRecordBuffer(type); ! byte[] result = null; // Decrypt message contents if needed *************** *** 102,127 **** if (this.context.IsActual && contentType != ContentType.ChangeCipherSpec) { ! message = this.decryptRecordFragment(contentType, message.ToArray()); ! DebugHelper.WriteLine("Decrypted record data", message.ToArray()); } } - - // Set last handshake message received to None - this.context.LastHandshakeMsg = HandshakeType.None; - // Process record - byte[] result = message.ToArray(); - switch (contentType) { - case ContentType.ClientHelloV2: - // Set the last handshake message received as the standard ClientHello - this.context.LastHandshakeMsg = HandshakeType.ClientHello; - result = null; - break; - case ContentType.Alert: ! this.ProcessAlert((AlertLevel)message.ReadByte(), (AlertDescription)message.ReadByte()); result = null; break; --- 104,121 ---- if (this.context.IsActual && contentType != ContentType.ChangeCipherSpec) { ! result = this.decryptRecordFragment(contentType, buffer); ! DebugHelper.WriteLine("Decrypted record data", result); ! } ! else ! { ! result = buffer; } } switch (contentType) { case ContentType.Alert: ! this.ProcessAlert((AlertLevel)result[0], (AlertDescription)result[1]); result = null; break; *************** *** 135,138 **** --- 129,133 ---- case ContentType.Handshake: + TlsStream message = new TlsStream(result); while (!message.EOF) { *************** *** 141,151 **** // Update handshakes of current messages ! this.context.HandshakeMessages.Write(message.ToArray()); break; default: ! throw new TlsException( ! AlertDescription.UnexpectedMessage, ! "Unknown record received from server."); } --- 136,144 ---- // Update handshakes of current messages ! this.context.HandshakeMessages.Write(result); break; default: ! return null; } *************** *** 153,165 **** } ! private byte[] ReadRecordBuffer(ContentType contentType) { switch (contentType) { ! case ContentType.ClientHelloV2: return this.ReadClientHelloV2(); default: ! if (!Enum.IsDefined(typeof(ContentType), contentType)) { throw new TlsException(AlertDescription.DecodeError); --- 146,158 ---- } ! private byte[] ReadRecordBuffer(int contentType) { switch (contentType) { ! case 0x80: return this.ReadClientHelloV2(); default: ! if (!Enum.IsDefined(typeof(ContentType), (ContentType)contentType)) { throw new TlsException(AlertDescription.DecodeError); *************** *** 169,200 **** } private byte[] ReadClientHelloV2() { ! short protocol = this.ReadShort(); ! short cipherSpecLength = this.ReadShort(); ! short sessionIdLength = this.ReadShort(); ! short challengeLength = this.ReadShort(); short length = (challengeLength > 32) ? (short)32 : challengeLength; // Read CipherSpecs ! byte[] cipherSpecV2 = new byte[cipherSpecLength]; ! this.innerStream.Read(cipherSpecV2, 0, cipherSpecV2.Length); // Read session ID ! byte[] sessionId = new byte[sessionIdLength]; ! this.innerStream.Read(sessionId, 0, sessionId.Length); // Read challenge ID ! byte[] challenge = new byte[challengeLength]; ! this.innerStream.Read(challenge, 0, challenge.Length); ! // Check that the message has a valid protocol version ! SecurityProtocolType protocolType = this.context.DecodeProtocolCode(protocol); ! if (protocolType != SecurityProtocolType.Ssl3 && protocolType != SecurityProtocolType.Tls) ! { ! throw new TlsException( ! AlertDescription.ProtocolVersion, "Invalid protocol version on message received"); ! } ! if (challengeLength < 16 || cipherSpecLength == 0 || (cipherSpecLength % 3) != 0) { --- 162,230 ---- } + private short ReadShort() + { + byte[] b = new byte[2]; + this.innerStream.Read(b, 0, b.Length); + + short val = BitConverter.ToInt16(b, 0); + + return System.Net.IPAddress.HostToNetworkOrder(val); + } + + private void ProcessAlert(AlertLevel alertLevel, AlertDescription alertDesc) + { + switch (alertLevel) + { + case AlertLevel.Fatal: + throw new TlsException(alertLevel, alertDesc); + + case AlertLevel.Warning: + default: + switch (alertDesc) + { + case AlertDescription.CloseNotify: + this.context.ConnectionEnd = true; + break; + } + break; + } + } + + #endregion + + #region Record Buffer read + private byte[] ReadClientHelloV2() { ! int msgLength = this.innerStream.ReadByte(); ! ! // Read the message contents ! byte[] tmp = new byte[msgLength]; ! this.innerStream.Read(tmp, 0, tmp.Length); ! ! // Add them to a TlsStream ! TlsStream stream = new TlsStream(tmp); ! ! int msgType = stream.ReadByte(); ! if (msgType != 1) ! { ! throw new TlsException(AlertDescription.DecodeError); ! } ! short protocol = stream.ReadInt16(); ! short cipherSpecLength = stream.ReadInt16(); ! short sessionIdLength = stream.ReadInt16(); ! short challengeLength = stream.ReadInt16(); short length = (challengeLength > 32) ? (short)32 : challengeLength; // Read CipherSpecs ! byte[] cipherSpecV2 = stream.ReadBytes(cipherSpecLength); // Read session ID ! byte[] sessionId = stream.ReadBytes(sessionIdLength); // Read challenge ID ! byte[] challenge = stream.ReadBytes(challengeLength); ! // Check the Challenge Length if (challengeLength < 16 || cipherSpecLength == 0 || (cipherSpecLength % 3) != 0) { *************** *** 208,216 **** } ! // Select the cipher suite collection ! this.Context.SupportedCiphers = CipherSuiteFactory.GetSupportedCiphers(protocolType); // Select the Cipher suite ! this.ProcessCipherSpecV2Buffer(protocolType, cipherSpecV2); // Updated the Client Random --- 238,246 ---- } ! // Update the protocol version ! this.Context.ChangeProtocol(protocol); // Select the Cipher suite ! this.ProcessCipherSpecV2Buffer(this.Context.SecurityProtocol, cipherSpecV2); // Updated the Client Random *************** *** 218,221 **** --- 248,257 ---- Buffer.BlockCopy(challenge, 0, this.context.ClientRandom, 0, length); + // Update the Handshake Hashes + this.Context.HandshakeMessages.Write(tmp); + + // Updated the LastHandshake message + this.context.LastHandshakeMsg = HandshakeType.ClientHello; + return new byte[0]; } *************** *** 246,278 **** } - private short ReadShort() - { - byte[] b = new byte[2]; - this.innerStream.Read(b, 0, b.Length); - - short val = BitConverter.ToInt16(b, 0); - - return System.Net.IPAddress.HostToNetworkOrder(val); - } - - private void ProcessAlert(AlertLevel alertLevel, AlertDescription alertDesc) - { - switch (alertLevel) - { - case AlertLevel.Fatal: - throw new TlsException(alertLevel, alertDesc); - - case AlertLevel.Warning: - default: - switch (alertDesc) - { - case AlertDescription.CloseNotify: - this.context.ConnectionEnd = true; - break; - } - break; - } - } - #endregion --- 282,285 ---- *************** *** 413,419 **** #region Cryptography Methods ! private byte[] encryptRecordFragment( ! ContentType contentType, ! byte[] fragment) { byte[] mac = null; --- 420,424 ---- #region Cryptography Methods ! private byte[] encryptRecordFragment(ContentType contentType, byte[] fragment) { byte[] mac = null; *************** *** 449,455 **** } ! private TlsStream decryptRecordFragment( ! ContentType contentType, ! byte[] fragment) { byte[] dcrFragment = null; --- 454,458 ---- } ! private byte[] decryptRecordFragment(ContentType contentType, byte[] fragment) { byte[] dcrFragment = null; *************** *** 510,514 **** this.context.ReadSequenceNumber++; ! return new TlsStream(dcrFragment); } --- 513,517 ---- this.context.ReadSequenceNumber++; ! return dcrFragment; } Index: Context.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls/Context.cs,v retrieving revision 1.10 retrieving revision 1.11 diff -C2 -d -r1.10 -r1.11 *** Context.cs 26 Apr 2004 09:18:45 -0000 1.10 --- Context.cs 24 Sep 2004 21:33:34 -0000 1.11 *************** *** 407,410 **** --- 407,428 ---- } + public void ChangeProtocol(short protocol) + { + SecurityProtocolType protocolType = this.DecodeProtocolCode(protocol); + + if ((protocolType & this.SecurityProtocolFlags) == protocolType || + (this.SecurityProtocolFlags & SecurityProtocolType.Default) == SecurityProtocolType.Default) + { + this.SecurityProtocol = protocolType; + this.SupportedCiphers.Clear(); + this.SupportedCiphers = null; + this.SupportedCiphers = CipherSuiteFactory.GetSupportedCiphers(protocolType); + } + else + { + throw new TlsException(AlertDescription.ProtocolVersion, "Incorrect protocol version received from server"); + } + } + #endregion } |
