pgsqlclient-checkins Mailing List for PostgreSqlClient (Page 24)
Status: Inactive
Brought to you by:
carlosga_fb
Menu
▾
▴
pgsqlclient-checkins — Mailing list for CVS commit messages.
You can subscribe to this list here.
| 2003 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
(120) |
Aug
(95) |
Sep
(95) |
Oct
(213) |
Nov
(114) |
Dec
(64) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2004 |
Jan
(6) |
Feb
(134) |
Mar
(88) |
Apr
(28) |
May
(22) |
Jun
(15) |
Jul
(23) |
Aug
(2) |
Sep
(15) |
Oct
(2) |
Nov
(6) |
Dec
|
| 2005 |
Jan
(8) |
Feb
(6) |
Mar
|
Apr
(42) |
May
(3) |
Jun
|
Jul
|
Aug
|
Sep
(84) |
Oct
|
Nov
|
Dec
|
| 2006 |
Jan
|
Feb
|
Mar
(84) |
Apr
(46) |
May
(40) |
Jun
(8) |
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
|
From: <car...@us...> - 2004-02-16 12:00:37
|
Update of /cvsroot/pgsqlclient/pgsqlclient_10 In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv16755 Modified Files: changelog.txt Log Message: Updated changelog.txt Index: changelog.txt =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/changelog.txt,v retrieving revision 1.87 retrieving revision 1.88 diff -C2 -d -r1.87 -r1.88 *** changelog.txt 3 Jan 2004 15:44:44 -0000 1.87 --- changelog.txt 16 Feb 2004 11:52:35 -0000 1.88 *************** *** 1,884 **** ! PgSqlClient - ADO.NET Data Provider for PostgreSQL 7.4+ ! ------------------------------------------------------- ! ! ! 2004-01-03 Carlos Guzmán Álvarez <car...@te...> ! ! * source/PgCommand.cs: ! * source/NPgClient/PgStatement.cs: ! * source/NPgClient/PgResponsePacket.cs: ! [...1756 lines suppressed...] ! ! ! 2003-07-12 Carlos Guzmán Álvarez <car...@te...> ! ! ! * Added changelog.txt file. ! ! * source/PgConnection.cs: ! ! - Do not allow to execute CreateDatabase and GetDbSchemaTable if there are a DataReader open. ! ! * source/PgDbConnection.cs: ! ! - Changed Regular expression used for parsing connection string. ! ! ! 2003-07-12 Carlos Guzmán Álvarez <car...@te...> ! * Initial import. \ No newline at end of file |
|
From: <car...@us...> - 2004-02-15 21:58:07
|
Update of /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv32185 Modified Files: changelog.txt Log Message: 2004-2-15 Carlos Guzmán Álvarez <car...@te...> * Mono.Security.Protocol.Tls/SslClientStream.cs: - Added specific control od available data for Network Streams on Read ( Thanks to Francisco Figueiredo Jr. for his feedback ). - Removed test code. Index: changelog.txt =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/changelog.txt,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** changelog.txt 10 Feb 2004 09:47:03 -0000 1.1 --- changelog.txt 15 Feb 2004 21:50:32 -0000 1.2 *************** *** 2,5 **** --- 2,13 ---- --------------- ----------- ----------------------------------------- + 2004-2-15 Carlos Guzmán Álvarez <car...@te...> + + * Mono.Security.Protocol.Tls/SslClientStream.cs: + + - Added specific control od available data for Network Streams + on Read ( Thanks to Francisco Figueiredo Jr. for his feedback ). + + - Removed test code. 2004-2-10 Carlos Guzmán Álvarez <car...@te...> |
|
From: <car...@us...> - 2004-02-15 21:57:48
|
Update of /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv32147 Modified Files: SslClientStream.cs Log Message: 2004-2-15 Carlos Guzmán Álvarez <car...@te...> * Mono.Security.Protocol.Tls/SslClientStream.cs: - Added specific control od available data for Network Streams on Read ( Thanks to Francisco Figueiredo Jr. for his feedback ). - Removed test code. Index: SslClientStream.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls/SslClientStream.cs,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** SslClientStream.cs 10 Feb 2004 09:43:42 -0000 1.1 --- SslClientStream.cs 15 Feb 2004 21:50:14 -0000 1.2 *************** *** 389,410 **** throw new NotSupportedException(); - - /* - try - { - IAsyncResult result = this.innerStream.BeginRead( - buffer, - offset, - count, - callback, - state); - - return result; - } - catch (Exception ex) - { - throw new IOException("An error occurred on the underlying stream. See the inner exception for details on the error.", ex); - } - */ } --- 389,392 ---- *************** *** 431,447 **** throw new NotSupportedException(); - - /* - try - { - int readed = this.innerStream.EndRead(asyncResult); - - return readed; - } - catch (Exception ex) - { - throw new IOException("An error occurred on the underlying stream. See the inner exception for details on the error.", ex); - } - */ } --- 413,416 ---- *************** *** 480,485 **** if (!this.context.HandshakeFinished) { ! // Start handshake negotiation ! this.doHandshake(); } --- 449,453 ---- if (!this.context.HandshakeFinished) { ! this.doHandshake(); // Handshake negotiation } *************** *** 528,533 **** byte[] record = this.receiveRecord(); ! if (record != null && ! record.Length > 0) { // Write new data to the inputBuffer --- 496,500 ---- byte[] record = this.receiveRecord(); ! if (record != null && record.Length > 0) { // Write new data to the inputBuffer *************** *** 545,548 **** --- 512,525 ---- } } + + // TODO: Review if we need to check the Length + // property of the innerStream for other types + // of streams, to check that there are data available + // for read + if (this.innerStream is NetworkStream && + !((NetworkStream)this.innerStream).DataAvailable) + { + break; + } } *************** *** 652,656 **** // Try to read the Record Content Type ! int type = innerStream.ReadByte(); // There are no more data for read --- 629,633 ---- // Try to read the Record Content Type ! int type = this.innerStream.ReadByte(); // There are no more data for read |
|
From: <car...@us...> - 2004-02-15 00:24:45
|
Update of /cvsroot/pgsqlclient/pgsqlclient_10/PostgreSql.Data.PgSqlClient/source/NPgClient In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv934 Modified Files: PgDbClient.cs PgStatement.cs Log Message: 2004-02-15 Carlos Guzmán Álvarez <car...@te...> * source/NPgClient/PgDbClient.cs: * source/NPgClient/PgStatement.cs: - Simplify packet write. Index: PgDbClient.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/PostgreSql.Data.PgSqlClient/source/NPgClient/PgDbClient.cs,v retrieving revision 1.41 retrieving revision 1.42 diff -C2 -d -r1.41 -r1.42 *** PgDbClient.cs 9 Feb 2004 14:20:45 -0000 1.41 --- PgDbClient.cs 15 Feb 2004 00:17:52 -0000 1.42 *************** *** 145,185 **** PgDbClient.InitializeCharSets(); ! initializeSocket(); lock (this) { ! if (settings.SSL) { // Send SSL request message ! SSLRequest(); ! if (settings.SSL) { ! sslStream = new SslClientStream( ! networkStream, ! settings.ServerName, true, Mono.Security.Protocol.Tls.SecurityProtocolType.Default); ! receive = new BinaryReader(sslStream); ! send = new BinaryWriter(sslStream); } } // Send Startup message ! PgOutputPacket packet = new PgOutputPacket(settings.Encoding); packet.WriteInt(PgCodes.PROTOCOL_VERSION3); packet.WriteString("user"); ! packet.WriteString(settings.UserName); ! if (settings.Database != null && settings.Database.Length > 0) { packet.WriteString("database"); ! packet.WriteString(settings.Database); } packet.Write((byte)0); // Terminator // Handshake protocol will be negotiated here if the connection is using SSL/TLS ! SendData(packet.GetSimplePacketBytes()); PgResponsePacket response = new PgResponsePacket(); --- 145,186 ---- PgDbClient.InitializeCharSets(); ! this.initializeSocket(); lock (this) { ! if (this.settings.SSL) { // Send SSL request message ! this.SSLRequest(); ! if (this.settings.SSL) { ! this.sslStream = new SslClientStream( ! this.networkStream, ! this.settings.ServerName, true, Mono.Security.Protocol.Tls.SecurityProtocolType.Default); ! this.receive = new BinaryReader(this.sslStream); ! this.send = new BinaryWriter(this.sslStream); } } // Send Startup message ! PgOutputPacket packet = new PgOutputPacket(this.settings.Encoding); packet.WriteInt(PgCodes.PROTOCOL_VERSION3); packet.WriteString("user"); ! packet.WriteString(this.settings.UserName); ! if (settings.Database != null && ! this.settings.Database.Length > 0) { packet.WriteString("database"); ! packet.WriteString(this.settings.Database); } packet.Write((byte)0); // Terminator // Handshake protocol will be negotiated here if the connection is using SSL/TLS ! this.SendSimplePacket(packet); PgResponsePacket response = new PgResponsePacket(); *************** *** 188,193 **** while (response.Message != PgBackendCodes.READY_FOR_QUERY) { ! response = ReceiveResponsePacket(); ! processResponsePacket(response); } } --- 189,194 ---- while (response.Message != PgBackendCodes.READY_FOR_QUERY) { ! response = this.ReceiveResponsePacket(); ! this.processResponsePacket(response); } } *************** *** 195,204 **** catch (IOException ex) { ! detach(); throw new PgClientException(ex.Message); } catch (PgClientException ex) { ! detach(); throw ex; } --- 196,205 ---- catch (IOException ex) { ! this.detach(); throw new PgClientException(ex.Message); } catch (PgClientException ex) { ! this.detach(); throw ex; } *************** *** 211,217 **** // Send packet to the server PgOutputPacket packet = new PgOutputPacket(); ! SendData(packet.GetPacketBytes(PgFrontEndCodes.TERMINATE)); ! detach(); } catch (IOException ex) --- 212,218 ---- // Send packet to the server PgOutputPacket packet = new PgOutputPacket(); ! this.SendPacket(packet, PgFrontEndCodes.TERMINATE); ! this.detach(); } catch (IOException ex) *************** *** 225,233 **** } ! internal void SendData(byte[] data) { try { ! send.Write(data); } catch (IOException ex) --- 226,250 ---- } ! #endregion ! ! #region Send Methods ! ! internal void SendPacket(PgOutputPacket packet, char type) { try { ! this.send.Write(packet.GetPacketBytes(type)); ! } ! catch (IOException ex) ! { ! throw ex; ! } ! } ! ! internal void SendSimplePacket(PgOutputPacket packet) ! { ! try ! { ! this.send.Write(packet.GetSimplePacketBytes()); } catch (IOException ex) *************** *** 405,409 **** // Send the packet to the server ! SendData(outPacket.GetPacketBytes(PgFrontEndCodes.PASSWORD_MESSAGE)); } --- 422,426 ---- // Send the packet to the server ! this.SendPacket(outPacket, PgFrontEndCodes.PASSWORD_MESSAGE); } *************** *** 552,556 **** // Send packet to the server ! SendData(packet.GetPacketBytes(PgFrontEndCodes.FLUSH)); } catch (Exception ex) --- 569,573 ---- // Send packet to the server ! this.SendPacket(packet, PgFrontEndCodes.FLUSH); } catch (Exception ex) *************** *** 570,574 **** // Send packet to the server ! SendData(packet.GetPacketBytes(PgFrontEndCodes.SYNC)); // Receive response --- 587,591 ---- // Send packet to the server ! this.SendPacket(packet, PgFrontEndCodes.SYNC); // Receive response *************** *** 608,612 **** // Send packet to the server ! SendData(packet.GetSimplePacketBytes()); } catch (Exception ex) --- 625,629 ---- // Send packet to the server ! this.SendSimplePacket(packet); } catch (Exception ex) *************** *** 621,625 **** lock (this) { ! settings.SSL = false; try --- 638,642 ---- lock (this) { ! this.settings.SSL = false; try *************** *** 630,634 **** // Send packet to the server ! SendData(packet.GetSimplePacketBytes()); // Receive server response --- 647,651 ---- // Send packet to the server ! this.SendSimplePacket(packet); // Receive server response *************** *** 638,646 **** { case 'S': ! settings.SSL = true; break; default: ! settings.SSL = false; break; } --- 655,663 ---- { case 'S': ! this.settings.SSL = true; break; default: ! this.settings.SSL = false; break; } Index: PgStatement.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/PostgreSql.Data.PgSqlClient/source/NPgClient/PgStatement.cs,v retrieving revision 1.22 retrieving revision 1.23 diff -C2 -d -r1.22 -r1.23 *** PgStatement.cs 9 Feb 2004 14:20:45 -0000 1.22 --- PgStatement.cs 15 Feb 2004 00:17:53 -0000 1.23 *************** *** 202,207 **** // Send packet to the server ! db.SendData(packet.GetPacketBytes(PgFrontEndCodes.PARSE)); ! // Update status this.status = PgStatementStatus.Parsed; --- 202,207 ---- // Send packet to the server ! db.SendPacket(packet, PgFrontEndCodes.PARSE); ! // Update status this.status = PgStatementStatus.Parsed; *************** *** 241,245 **** // Send packet to the server ! db.SendData(packet.GetPacketBytes(PgFrontEndCodes.DESCRIBE)); // Flush pending messages --- 241,245 ---- // Send packet to the server ! db.SendPacket(packet, PgFrontEndCodes.DESCRIBE); // Flush pending messages *************** *** 303,307 **** // Send packet to the server ! db.SendData(packet.GetPacketBytes(PgFrontEndCodes.BIND)); // Update status --- 303,307 ---- // Send packet to the server ! db.SendPacket(packet, PgFrontEndCodes.BIND); // Update status *************** *** 330,334 **** // Send packet to the server ! db.SendData(packet.GetPacketBytes(PgFrontEndCodes.EXECUTE)); // Flush pending messages --- 330,334 ---- // Send packet to the server ! db.SendPacket(packet, PgFrontEndCodes.EXECUTE); // Flush pending messages *************** *** 406,410 **** // Send packet to the server ! db.SendData(packet.GetPacketBytes(PgFrontEndCodes.FUNCTION_CALL)); // Receive response --- 406,410 ---- // Send packet to the server ! db.SendPacket(packet, PgFrontEndCodes.FUNCTION_CALL); // Receive response *************** *** 442,446 **** // Send packet to the server ! db.SendData(packet.GetPacketBytes(PgFrontEndCodes.QUERY)); // Update Status --- 442,446 ---- // Send packet to the server ! db.SendPacket(packet, PgFrontEndCodes.QUERY); // Update Status *************** *** 551,555 **** // Send packet to the server ! db.SendData(packet.GetPacketBytes(PgFrontEndCodes.CLOSE)); // Sync server and client --- 551,555 ---- // Send packet to the server ! db.SendPacket(packet, PgFrontEndCodes.CLOSE); // Sync server and client |
|
From: <car...@us...> - 2004-02-14 23:59:45
|
Update of /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls.Handshake.Client In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv29146 Modified Files: TlsServerCertificate.cs Log Message: Removed test code Index: TlsServerCertificate.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls.Handshake.Client/TlsServerCertificate.cs,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** TlsServerCertificate.cs 10 Feb 2004 09:45:30 -0000 1.1 --- TlsServerCertificate.cs 14 Feb 2004 23:52:54 -0000 1.2 *************** *** 93,125 **** certificates.Add(certificate); - /* - System.Text.StringBuilder b = new System.Text.StringBuilder(); - - b.AppendFormat( - "\r\nCertificate {0} | Issuer name {1} | Self signed {2} ({3} bytes) \r\n", - certificates.Count, - certificate.IssuerName, - certificate.IsSelfSigned, - buffer.Length); - - b.Append("Contents: \r\n"); - - int byteCount = 0; - for (int i = 0; i < buffer.Length; i++) - { - if (byteCount == 25) - { - byteCount = 0; - b.Append("\r\n"); - } - - b.AppendFormat("{0} ", buffer[i].ToString("x2")); - - byteCount++; - } - - System.Diagnostics.Trace.Write(b.ToString()); - */ - readed += certLength; } --- 93,96 ---- |
|
From: <car...@us...> - 2004-02-12 20:02:08
|
Update of /cvsroot/pgsqlclient/pgsqlclient_10 In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv22594 Modified Files: dos2unix.sh Log Message: Updated file Index: dos2unix.sh =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/dos2unix.sh,v retrieving revision 1.3 retrieving revision 1.4 diff -C2 -d -r1.3 -r1.4 *** dos2unix.sh 10 Feb 2004 09:59:57 -0000 1.3 --- dos2unix.sh 12 Feb 2004 19:56:58 -0000 1.4 *************** *** 3,9 **** base_dir=./Mono.Security/Mono.Security - TLS_PATH=./base_dir TLS_PATH=$TLS_PATH:$base_dir/Mono.Math:$base_dir/Mono.Math.Prime:$base_dir/Mono.Math.Prime.Generator TLS_PATH=$TLS_PATH:$base_dir/Mono.Security:$base_dir/Mono.Security.Cryptography:$base_dir/Mono.Security.X509 TLS_PATH=$TLS_PATH:$base_dir/Mono.Security.Protocol.Tls.Alerts:$base_dir/Mono.Security.Protocol.Tls.Handshake TLS_PATH=$TLS_PATH:$base_dir/Mono.Security.Protocol.Tls.Handshake.Client:$base_dir/Mono.Security.Protocol.Tls.Handshake.Server --- 3,9 ---- base_dir=./Mono.Security/Mono.Security TLS_PATH=$TLS_PATH:$base_dir/Mono.Math:$base_dir/Mono.Math.Prime:$base_dir/Mono.Math.Prime.Generator TLS_PATH=$TLS_PATH:$base_dir/Mono.Security:$base_dir/Mono.Security.Cryptography:$base_dir/Mono.Security.X509 + TLS_PATH=$TLS_PATH:$base_dir/Mono.Security.Protocol.Tls TLS_PATH=$TLS_PATH:$base_dir/Mono.Security.Protocol.Tls.Alerts:$base_dir/Mono.Security.Protocol.Tls.Handshake TLS_PATH=$TLS_PATH:$base_dir/Mono.Security.Protocol.Tls.Handshake.Client:$base_dir/Mono.Security.Protocol.Tls.Handshake.Server |
|
From: <car...@us...> - 2004-02-12 19:57:16
|
Update of /cvsroot/pgsqlclient/pgsqlclient_10/PostgreSql.Data.PgSqlClient/source/NPgClient In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv21468 Modified Files: PgConnectionParams.cs Log Message: Rework simple query protocol implementation Index: PgConnectionParams.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/PostgreSql.Data.PgSqlClient/source/NPgClient/PgConnectionParams.cs,v retrieving revision 1.4 retrieving revision 1.5 diff -C2 -d -r1.4 -r1.5 *** PgConnectionParams.cs 9 Feb 2004 14:20:45 -0000 1.4 --- PgConnectionParams.cs 12 Feb 2004 19:52:05 -0000 1.5 *************** *** 36,39 **** --- 36,40 ---- private Encoding encoding; private bool ssl; + private bool simpleQueryMode; #endregion *************** *** 101,104 **** --- 102,111 ---- } + public bool SimpleQueryMode + { + get { return simpleQueryMode; } + set { simpleQueryMode = value; } + } + #endregion *************** *** 115,118 **** --- 122,126 ---- timeout = 15; encoding = Encoding.Default; + simpleQueryMode = false; } |
|
From: <car...@us...> - 2004-02-12 19:55:51
|
Update of /cvsroot/pgsqlclient/pgsqlclient_10/PostgreSql.Data.PgSqlClient/source In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv21087 Modified Files: PgCommand.cs PgDbConnection.cs Log Message: Rework simple query protocol implementation Index: PgCommand.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/PostgreSql.Data.PgSqlClient/source/PgCommand.cs,v retrieving revision 1.27 retrieving revision 1.28 diff -C2 -d -r1.27 -r1.28 *** PgCommand.cs 9 Feb 2004 21:52:04 -0000 1.27 --- PgCommand.cs 12 Feb 2004 19:50:41 -0000 1.28 *************** *** 28,32 **** namespace PostgreSql.Data.PgSqlClient ! { [ToolboxItem(true), ToolboxBitmap(typeof(PgCommand), "Resources.ToolBox.PgCommand.bmp")] --- 28,32 ---- namespace PostgreSql.Data.PgSqlClient ! { [ToolboxItem(true), ToolboxBitmap(typeof(PgCommand), "Resources.ToolBox.PgCommand.bmp")] *************** *** 51,56 **** private int matchIndex; private Hashtable matchReplaces; - private bool isPrepared; - private PgStatement statement; --- 51,54 ---- *************** *** 66,70 **** get { return this.commandText; } set ! { if (this.statement != null && this.commandText != value && this.commandText != null && this.commandText.Length != 0) --- 64,68 ---- get { return this.commandText; } set ! { if (this.statement != null && this.commandText != value && this.commandText != null && this.commandText.Length != 0) *************** *** 75,79 **** this.commandText = value; this.actualCommand = 0; ! this.commands = null; } } --- 73,77 ---- this.commandText = value; this.actualCommand = 0; ! this.commands = null; } } *************** *** 283,291 **** #endregion ! #region ICloneable MEthods object ICloneable.Clone() { ! PgCommand command = new PgCommand(CommandText, Connection, Transaction); command.CommandType = this.commandType; --- 281,293 ---- #endregion ! #region ICloneable Methods object ICloneable.Clone() { ! PgCommand command = new PgCommand( ! this.commandText, ! this.connection, ! this.transaction); ! command.CommandType = this.commandType; *************** *** 298,302 **** public void Cancel() ! { throw new NotSupportedException(); } --- 300,304 ---- public void Cancel() ! { throw new NotSupportedException(); } *************** *** 318,334 **** this.splitBatchCommands(false); ! #if (SIMPLE_PROTOCOL) ! if (this.isPrepared) { ! this.InternalExecute(); } else { ! this.InternalQuery(); } - #else - this.InternalPrepare(); - this.InternalExecute(); - #endif this.InternalSetOutputParameters(); --- 320,332 ---- this.splitBatchCommands(false); ! if (this.connection.DbConnection.Settings.SimpleQueryMode) { ! this.InternalQuery(); } else { ! this.InternalPrepare(); ! this.InternalExecute(); } this.InternalSetOutputParameters(); *************** *** 356,366 **** this.checkCommand(); ! this.commandBehavior = behavior; this.splitBatchCommands(true); - #if (!SIMPLE_PROTOCOL) this.InternalPrepare(); - #endif if ((commandBehavior & System.Data.CommandBehavior.SequentialAccess) == System.Data.CommandBehavior.SequentialAccess || --- 354,362 ---- this.checkCommand(); ! commandBehavior = behavior; this.splitBatchCommands(true); this.InternalPrepare(); if ((commandBehavior & System.Data.CommandBehavior.SequentialAccess) == System.Data.CommandBehavior.SequentialAccess || *************** *** 370,385 **** commandBehavior == System.Data.CommandBehavior.Default) { - #if (SIMPLE_PROTOCOL) - if (this.isPrepared) - { - this.InternalExecute(); - } - else - { - this.InternalQuery(); - } - #else this.InternalExecute(); - #endif } --- 366,370 ---- *************** *** 395,413 **** this.splitBatchCommands(false); ! #if (SIMPLE_PROTOCOL) ! if (this.isPrepared) { ! this.InternalExecute(); } else { ! this.InternalQuery(); } - #else - this.InternalPrepare(); - this.InternalExecute(); - #endif ! if (this.statement.HasRows) { returnValue = ((object[])this.statement.Rows[0])[0]; --- 380,394 ---- this.splitBatchCommands(false); ! if (this.connection.DbConnection.Settings.SimpleQueryMode) { ! this.InternalQuery(); } else { ! this.InternalPrepare(); ! this.InternalExecute(); } ! if (this.statement != null && this.statement.HasRows) { returnValue = ((object[])this.statement.Rows[0])[0]; *************** *** 422,427 **** this.splitBatchCommands(false); - this.InternalPrepare(); } --- 403,408 ---- this.splitBatchCommands(false); this.InternalPrepare(); + this.connection.ActiveCommands.Add(this); } *************** *** 459,465 **** internal void InternalPrepare() { ! if (this.commands == null) { ! this.splitBatchCommands(false); } --- 440,446 ---- internal void InternalPrepare() { ! if (commands == null) { ! splitBatchCommands(false); } *************** *** 470,481 **** this.statement.Status == PgStatementStatus.Error) { ! if (this.commandType == CommandType.StoredProcedure) { ! this.commands[actualCommand] = this.parseSPCommandText(); } // Get named parameters in CommandText ! this.namedParameters = this.search.Matches( ! this.commands[actualCommand]); string prepareName = "PS" + getStmtName(); --- 451,461 ---- this.statement.Status == PgStatementStatus.Error) { ! if (commandType == CommandType.StoredProcedure) { ! commands[actualCommand] = parseSPCommandText(); } // Get named parameters in CommandText ! namedParameters = search.Matches(commands[actualCommand]); string prepareName = "PS" + getStmtName(); *************** *** 485,489 **** prepareName, portalName, ! this.parseParameterNames()); // Parse statement --- 465,469 ---- prepareName, portalName, ! parseParameterNames()); // Parse statement *************** *** 492,504 **** // Describe statement this.statement.Describe(); - - // Add this command to the active command list - if (this.connection.ActiveCommands != null) - { - if (!this.connection.ActiveCommands.Contains(this)) - { - this.connection.ActiveCommands.Add(this); - } - } } else --- 472,475 ---- *************** *** 512,517 **** throw new PgException(ex.Message, ex); } - - this.isPrepared = true; } --- 483,486 ---- *************** *** 520,527 **** try { ! if (this.parameters.Count != 0) { // Set parameter values ! this.setParameterValues(); } --- 489,496 ---- try { ! if (parameters.Count != 0) { // Set parameter values ! setParameterValues(); } *************** *** 580,587 **** throw new PgException(ex.Message, ex); } - finally - { - this.isPrepared = false; - } } --- 549,552 ---- *************** *** 601,606 **** } } - - this.isPrepared = false; } --- 566,569 ---- *************** *** 609,613 **** bool returnValue = false; ! if ((this.CommandBehavior & CommandBehavior.SingleResult) != CommandBehavior.SingleResult) { this.actualCommand++; --- 572,576 ---- bool returnValue = false; ! if (commandBehavior != CommandBehavior.SingleResult) { this.actualCommand++; *************** *** 627,636 **** this.statement = null; - #if (SIMPLE_PROTOCOL) - this.InternalQuery(); - #else this.InternalPrepare(); this.InternalExecute(); ! #endif returnValue = true; } --- 590,596 ---- this.statement = null; this.InternalPrepare(); this.InternalExecute(); ! returnValue = true; } *************** *** 738,743 **** private string getStmtName() { ! return GetHashCode().ToString() + ! this.connection.GetHashCode().ToString() + DateTime.Now.Ticks; } --- 698,703 ---- private string getStmtName() { ! return GetHashCode().ToString() + ! this.connection.GetHashCode().ToString() + DateTime.Now.Ticks; } *************** *** 766,779 **** if (!this.matchReplaces.ContainsKey(match.Value)) { ! #if (SIMPLE_PROTOCOL) this.matchReplaces.Add( match.Value, this.parameters[matchIndex++].ConvertToPgString()); ! #else ! this.matchReplaces.Add( ! match.Value, ! "$" + ((matchIndex++) + 1).ToString()); ! #endif } return this.matchReplaces[match.Value].ToString(); } --- 726,743 ---- if (!this.matchReplaces.ContainsKey(match.Value)) { ! if (this.connection.DbConnection.Settings.SimpleQueryMode) ! { this.matchReplaces.Add( match.Value, this.parameters[matchIndex++].ConvertToPgString()); ! } ! else ! { ! this.matchReplaces.Add( ! match.Value, ! "$" + ((matchIndex++) + 1).ToString()); ! } } + return this.matchReplaces[match.Value].ToString(); } *************** *** 785,805 **** for (int i = 0; i < this.statement.Parameters.Length; i++) { ! string parameterName = this.parameters[i].ParameterName; if (namedParameters.Count != 0) { try { ! parameterName = this.namedParameters[i].Value.Trim(); } catch { ! parameterName = this.parameters[i].ParameterName; } } ! int index = this.parameters.IndexOf(parameterName); ! if (this.parameters[index].Direction == ParameterDirection.Input || ! this.parameters[index].Direction == ParameterDirection.InputOutput) { if (parameters[index].Value == System.DBNull.Value) --- 749,769 ---- for (int i = 0; i < this.statement.Parameters.Length; i++) { ! string parameterName = parameters[i].ParameterName; if (namedParameters.Count != 0) { try { ! parameterName = namedParameters[i].Value.Trim(); } catch { ! parameterName = parameters[i].ParameterName; } } ! int index = parameters.IndexOf(parameterName); ! if (parameters[index].Direction == ParameterDirection.Input || ! parameters[index].Direction == ParameterDirection.InputOutput) { if (parameters[index].Value == System.DBNull.Value) *************** *** 809,813 **** else { ! this.statement.Parameters[i].Value = this.parameters[index].Value; } } --- 773,777 ---- else { ! this.statement.Parameters[i].Value = parameters[index].Value; } } Index: PgDbConnection.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/PostgreSql.Data.PgSqlClient/source/PgDbConnection.cs,v retrieving revision 1.6 retrieving revision 1.7 diff -C2 -d -r1.6 -r1.7 *** PgDbConnection.cs 9 Feb 2004 14:19:22 -0000 1.6 --- PgDbConnection.cs 12 Feb 2004 19:50:41 -0000 1.7 *************** *** 178,181 **** --- 178,185 ---- settings.SSL = Boolean.Parse(element.Groups[2].Value.Trim()); break; + + case "simple query mode": + settings.SimpleQueryMode = Boolean.Parse(element.Groups[2].Value.Trim()); + break; } } |
|
From: <car...@us...> - 2004-02-10 10:22:41
|
Update of /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv7770 Added Files: AssemblyInfo.cs Log Message: Reorganization to match mono:: cvs structure --- NEW FILE: AssemblyInfo.cs --- /* Transport Security Layer (TLS) * Copyright (c) 2003-2004 Carlos Guzman Alvarez * * Permission is hereby granted, free of charge, to any person * obtaining a copy of this software and associated documentation * files (the "Software"), to deal in the Software without restriction, * including without limitation the rights to use, copy, modify, merge, * publish, distribute, sublicense, and/or sell copies of the Software, * and to permit persons to whom the Software is furnished to do so, * subject to the following conditions: * * The above copyright notice and this permission notice shall be included * in all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER * DEALINGS IN THE SOFTWARE. */ using System; using System.Runtime.CompilerServices; using System.Resources; using System.Reflection; [assembly: AssemblyTitle("Transport Security Layer (TLS)")] [assembly: AssemblyDescription("Transport Security Layer (TLS) Protocol implementation")] [assembly: AssemblyConfiguration("")] [assembly: AssemblyCompany("")] [assembly: AssemblyProduct("Transport Security Layer (TLS)")] [assembly: AssemblyCopyright("2003-2004 Carlos Guzman Alvarez")] [assembly: AssemblyTrademark("")] [assembly: AssemblyCulture("")] [assembly: AssemblyVersion("1.0.*")] [assembly: AssemblyDelaySign(false)] [assembly: AssemblyKeyFile("Mono.Security.Tls.snk")] [assembly: AssemblyKeyName("")] [assembly: CLSCompliant(true)] |
|
From: <car...@us...> - 2004-02-10 10:21:54
|
Update of /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv7587 Removed Files: AssemblyInfo.cs Log Message: Reorganization to match mono:: cvs structure --- AssemblyInfo.cs DELETED --- |
Update of /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls.Handshake.Server In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv7352 Added Files: TlsClientCertificate.cs TlsClientCertificateVerify.cs TlsClientFinished.cs TlsClientHello.cs TlsClientKeyExchange.cs TlsServerCertificate.cs TlsServerCertificateRequest.cs TlsServerFinished.cs TlsServerHello.cs TlsServerHelloDone.cs TlsServerKeyExchange.cs Log Message: Reorganization to match mono:: cvs structure --- NEW FILE: TlsClientCertificate.cs --- /* Transport Security Layer (TLS) * Copyright (c) 2003-2004 Carlos Guzman Alvarez * * Permission is hereby granted, free of charge, to any person * obtaining a copy of this software and associated documentation * files (the "Software"), to deal in the Software without restriction, * including without limitation the rights to use, copy, modify, merge, * publish, distribute, sublicense, and/or sell copies of the Software, * and to permit persons to whom the Software is furnished to do so, * subject to the following conditions: * * The above copyright notice and this permission notice shall be included * in all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER * DEALINGS IN THE SOFTWARE. */ using System; using Mono.Security.Protocol.Tls; using System.Security.Cryptography.X509Certificates; namespace Mono.Security.Protocol.Tls.Handshake.Server { internal class TlsClientCertificate : TlsHandshakeMessage { #region Constructors public TlsClientCertificate(TlsContext context, byte[] buffer) : base(context, TlsHandshakeType.Certificate, buffer) { } #endregion #region Methods public override void Update() { throw new NotSupportedException(); } #endregion #region Protected Methods protected override void ProcessAsSsl3() { this.ProcessAsTls1(); } protected override void ProcessAsTls1() { throw new NotSupportedException(); } #endregion } } --- NEW FILE: TlsClientCertificateVerify.cs --- /* Transport Security Layer (TLS) * Copyright (c) 2003-2004 Carlos Guzman Alvarez * * Permission is hereby granted, free of charge, to any person * obtaining a copy of this software and associated documentation * files (the "Software"), to deal in the Software without restriction, * including without limitation the rights to use, copy, modify, merge, * publish, distribute, sublicense, and/or sell copies of the Software, * and to permit persons to whom the Software is furnished to do so, * subject to the following conditions: * * The above copyright notice and this permission notice shall be included * in all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER * DEALINGS IN THE SOFTWARE. */ using System; using System.Security.Cryptography.X509Certificates; using System.Security.Cryptography; using Mono.Security.Cryptography; namespace Mono.Security.Protocol.Tls.Handshake.Server { internal class TlsClientCertificateVerify : TlsHandshakeMessage { #region Constructors public TlsClientCertificateVerify(TlsContext context, byte[] buffer) : base(context, TlsHandshakeType.Finished, buffer) { } #endregion #region Methods public override void Update() { throw new NotSupportedException(); } #endregion #region Protected Methods protected override void ProcessAsSsl3() { throw new NotSupportedException(); } protected override void ProcessAsTls1() { throw new NotSupportedException(); } #endregion } } --- NEW FILE: TlsClientFinished.cs --- /* Transport Security Layer (TLS) * Copyright (c) 2003-2004 Carlos Guzman Alvarez * * Permission is hereby granted, free of charge, to any person * obtaining a copy of this software and associated documentation * files (the "Software"), to deal in the Software without restriction, * including without limitation the rights to use, copy, modify, merge, * publish, distribute, sublicense, and/or sell copies of the Software, * and to permit persons to whom the Software is furnished to do so, * subject to the following conditions: * * The above copyright notice and this permission notice shall be included * in all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER * DEALINGS IN THE SOFTWARE. */ using System; using System.Security.Cryptography; using Mono.Security.Cryptography; namespace Mono.Security.Protocol.Tls.Handshake.Server { internal class TlsClientFinished : TlsHandshakeMessage { #region Constructors public TlsClientFinished(TlsContext context, byte[] buffer) : base(context, TlsHandshakeType.Finished, buffer) { } #endregion #region Methods public override void Update() { throw new NotSupportedException(); } #endregion #region Protected Methods protected override void ProcessAsSsl3() { throw new NotSupportedException(); } protected override void ProcessAsTls1() { throw new NotSupportedException(); } #endregion } } --- NEW FILE: TlsClientHello.cs --- /* Transport Security Layer (TLS) * Copyright (c) 2003-2004 Carlos Guzman Alvarez * * Permission is hereby granted, free of charge, to any person * obtaining a copy of this software and associated documentation * files (the "Software"), to deal in the Software without restriction, * including without limitation the rights to use, copy, modify, merge, * publish, distribute, sublicense, and/or sell copies of the Software, * and to permit persons to whom the Software is furnished to do so, * subject to the following conditions: * * The above copyright notice and this permission notice shall be included * in all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER * DEALINGS IN THE SOFTWARE. */ using System; using System.Security.Cryptography; namespace Mono.Security.Protocol.Tls.Handshake.Server { internal class TlsClientHello : TlsHandshakeMessage { #region Constructors public TlsClientHello(TlsContext context, byte[] buffer) : base(context, TlsHandshakeType.ClientHello, buffer) { } #endregion #region Methods public override void Update() { throw new NotSupportedException(); } #endregion #region Protected Methods protected override void ProcessAsSsl3() { this.ProcessAsTls1(); } protected override void ProcessAsTls1() { throw new NotSupportedException(); } #endregion } } --- NEW FILE: TlsClientKeyExchange.cs --- /* Transport Security Layer (TLS) * Copyright (c) 2003-2004 Carlos Guzman Alvarez * * Permission is hereby granted, free of charge, to any person * obtaining a copy of this software and associated documentation * files (the "Software"), to deal in the Software without restriction, * including without limitation the rights to use, copy, modify, merge, * publish, distribute, sublicense, and/or sell copies of the Software, * and to permit persons to whom the Software is furnished to do so, * subject to the following conditions: * * The above copyright notice and this permission notice shall be included * in all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER * DEALINGS IN THE SOFTWARE. */ using System; using System.IO; using System.Security.Cryptography; namespace Mono.Security.Protocol.Tls.Handshake.Server { internal class TlsClientKeyExchange : TlsHandshakeMessage { #region Constructors public TlsClientKeyExchange (TlsContext context, byte[] buffer) : base(context, TlsHandshakeType.ClientKeyExchange, buffer) { } #endregion #region Protected Methods protected override void ProcessAsSsl3() { throw new NotSupportedException(); } protected override void ProcessAsTls1() { throw new NotSupportedException(); } #endregion } } --- NEW FILE: TlsServerCertificate.cs --- /* Transport Security Layer (TLS) * Copyright (c) 2003-2004 Carlos Guzman Alvarez * * Permission is hereby granted, free of charge, to any person * obtaining a copy of this software and associated documentation * files (the "Software"), to deal in the Software without restriction, * including without limitation the rights to use, copy, modify, merge, * publish, distribute, sublicense, and/or sell copies of the Software, * and to permit persons to whom the Software is furnished to do so, * subject to the following conditions: * * The above copyright notice and this permission notice shall be included * in all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER * DEALINGS IN THE SOFTWARE. */ using System; using System.Collections; using System.Text.RegularExpressions; using System.Security.Cryptography; using X509Cert = System.Security.Cryptography.X509Certificates; using Mono.Security.Protocol.Tls.Alerts; using Mono.Security.X509; namespace Mono.Security.Protocol.Tls.Handshake.Server { internal class TlsServerCertificate : TlsHandshakeMessage { #region Constructors public TlsServerCertificate(TlsContext context) : base(context, TlsHandshakeType.Certificate) { } #endregion #region Methods public override void Update() { throw new NotSupportedException(); } #endregion #region Protected Methods protected override void ProcessAsSsl3() { throw new NotSupportedException(); } protected override void ProcessAsTls1() { throw new NotSupportedException(); } #endregion } } --- NEW FILE: TlsServerCertificateRequest.cs --- /* Transport Security Layer (TLS) * Copyright (c) 2003-2004 Carlos Guzman Alvarez * * Permission is hereby granted, free of charge, to any person * obtaining a copy of this software and associated documentation * files (the "Software"), to deal in the Software without restriction, * including without limitation the rights to use, copy, modify, merge, * publish, distribute, sublicense, and/or sell copies of the Software, * and to permit persons to whom the Software is furnished to do so, * subject to the following conditions: * * The above copyright notice and this permission notice shall be included * in all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER * DEALINGS IN THE SOFTWARE. */ using System; using System.Text; using Mono.Security; namespace Mono.Security.Protocol.Tls.Handshake.Server { internal class TlsServerCertificateRequest : TlsHandshakeMessage { #region Constructors public TlsServerCertificateRequest(TlsContext context) : base(context, TlsHandshakeType.ServerHello) { } #endregion #region Methods public override void Update() { throw new NotSupportedException(); } #endregion #region Protected Methods protected override void ProcessAsSsl3() { throw new NotSupportedException(); } protected override void ProcessAsTls1() { throw new NotSupportedException(); } #endregion } } --- NEW FILE: TlsServerFinished.cs --- /* Transport Security Layer (TLS) * Copyright (c) 2003-2004 Carlos Guzman Alvarez * * Permission is hereby granted, free of charge, to any person * obtaining a copy of this software and associated documentation * files (the "Software"), to deal in the Software without restriction, * including without limitation the rights to use, copy, modify, merge, * publish, distribute, sublicense, and/or sell copies of the Software, * and to permit persons to whom the Software is furnished to do so, * subject to the following conditions: * * The above copyright notice and this permission notice shall be included * in all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER * DEALINGS IN THE SOFTWARE. */ using System; using System.Security.Cryptography; using Mono.Security.Cryptography; namespace Mono.Security.Protocol.Tls.Handshake.Server { internal class TlsServerFinished : TlsHandshakeMessage { #region Constructors public TlsServerFinished(TlsContext context) : base(context, TlsHandshakeType.ServerHello) { } #endregion #region Methods public override void Update() { throw new NotSupportedException(); } #endregion #region Protected Methods protected override void ProcessAsSsl3() { throw new NotSupportedException(); } protected override void ProcessAsTls1() { throw new NotSupportedException(); } #endregion } } --- NEW FILE: TlsServerHello.cs --- /* Transport Security Layer (TLS) * Copyright (c) 2003-2004 Carlos Guzman Alvarez * * Permission is hereby granted, free of charge, to any person * obtaining a copy of this software and associated documentation * files (the "Software"), to deal in the Software without restriction, * including without limitation the rights to use, copy, modify, merge, * publish, distribute, sublicense, and/or sell copies of the Software, * and to permit persons to whom the Software is furnished to do so, * subject to the following conditions: * * The above copyright notice and this permission notice shall be included * in all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER * DEALINGS IN THE SOFTWARE. */ using System; namespace Mono.Security.Protocol.Tls.Handshake.Server { internal class TlsServerHello : TlsHandshakeMessage { #region Constructors public TlsServerHello(TlsContext context) : base(context, TlsHandshakeType.ServerHello) { } #endregion #region Methods public override void Update() { throw new NotSupportedException(); } #endregion #region Protected Methods protected override void ProcessAsSsl3() { throw new NotSupportedException(); } protected override void ProcessAsTls1() { throw new NotSupportedException(); } #endregion } } --- NEW FILE: TlsServerHelloDone.cs --- /* Transport Security Layer (TLS) * Copyright (c) 2003-2004 Carlos Guzman Alvarez * * Permission is hereby granted, free of charge, to any person * obtaining a copy of this software and associated documentation * files (the "Software"), to deal in the Software without restriction, * including without limitation the rights to use, copy, modify, merge, * publish, distribute, sublicense, and/or sell copies of the Software, * and to permit persons to whom the Software is furnished to do so, * subject to the following conditions: * * The above copyright notice and this permission notice shall be included * in all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER * DEALINGS IN THE SOFTWARE. */ using System; namespace Mono.Security.Protocol.Tls.Handshake.Server { internal class TlsServerHelloDone : TlsHandshakeMessage { #region Constructors public TlsServerHelloDone(TlsContext context) : base(context, TlsHandshakeType.ServerHello) { } #endregion #region Methods public override void Update() { throw new NotSupportedException(); } #endregion #region Protected Methods protected override void ProcessAsSsl3() { throw new NotSupportedException(); } protected override void ProcessAsTls1() { throw new NotSupportedException(); } #endregion } } --- NEW FILE: TlsServerKeyExchange.cs --- /* Transport Security Layer (TLS) * Copyright (c) 2003-2004 Carlos Guzman Alvarez * * Permission is hereby granted, free of charge, to any person * obtaining a copy of this software and associated documentation * files (the "Software"), to deal in the Software without restriction, * including without limitation the rights to use, copy, modify, merge, * publish, distribute, sublicense, and/or sell copies of the Software, * and to permit persons to whom the Software is furnished to do so, * subject to the following conditions: * * The above copyright notice and this permission notice shall be included * in all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER * DEALINGS IN THE SOFTWARE. */ using System; using System.Security.Cryptography; using Mono.Security.Cryptography; using Mono.Security.X509; namespace Mono.Security.Protocol.Tls.Handshake.Server { internal class TlsServerKeyExchange : TlsHandshakeMessage { #region Constructors public TlsServerKeyExchange(TlsContext context) : base(context, TlsHandshakeType.ServerKeyExchange) { } #endregion #region Methods public override void Update() { throw new NotSupportedException(); } #endregion #region Protected Methods protected override void ProcessAsSsl3() { this.ProcessAsTls1(); } protected override void ProcessAsTls1() { throw new NotSupportedException(); } #endregion } } |
|
From: <car...@us...> - 2004-02-10 10:03:12
|
Update of /cvsroot/pgsqlclient/pgsqlclient_10 In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv4185 Modified Files: dos2unix.sh Log Message: Reorganization to match mono:: cvs structure Index: dos2unix.sh =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/dos2unix.sh,v retrieving revision 1.2 retrieving revision 1.3 diff -C2 -d -r1.2 -r1.3 *** dos2unix.sh 9 Feb 2004 14:21:53 -0000 1.2 --- dos2unix.sh 10 Feb 2004 09:59:57 -0000 1.3 *************** *** 1,11 **** #!/bin/sh ! base_dir=./Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls TLS_PATH=./base_dir TLS_PATH=$TLS_PATH:$base_dir/Mono.Math:$base_dir/Mono.Math.Prime:$base_dir/Mono.Math.Prime.Generator ! TLS_PATH=$TLS_PATH:$base_dir/Mono.Math:$base_dir/Mono.Math.Prime:$base_dir/Mono.Math.Prime.Generator ! TLS_PATH=$TLS_PATH:$base_dir/Mono.Security:$base_dir/Mono.Security/Mono.Security.Cryptography:$base_dir/Mono.Security/Mono.Security.X509: ! TLS_PATH=$TLS_PATH:$base_dir/Mono.Security.Protocol.Tls.Alerts:$base_dir/Mono.Security.Protocol.Tls.Handshake:$base_dir/Mono.Security.Protocol.Tls.Handshake/Mono.Security.Protocol.Tls.Handshake.Client:$base_dir/Mono.Security.Protocol.Tls.Handshake/Mono.Security.Protocol.Tls.Handshake.Server base_dir=./PostgreSql.Data.PgSqlClient/source --- 1,11 ---- #!/bin/sh ! base_dir=./Mono.Security/Mono.Security TLS_PATH=./base_dir TLS_PATH=$TLS_PATH:$base_dir/Mono.Math:$base_dir/Mono.Math.Prime:$base_dir/Mono.Math.Prime.Generator ! TLS_PATH=$TLS_PATH:$base_dir/Mono.Security:$base_dir/Mono.Security.Cryptography:$base_dir/Mono.Security.X509 ! TLS_PATH=$TLS_PATH:$base_dir/Mono.Security.Protocol.Tls.Alerts:$base_dir/Mono.Security.Protocol.Tls.Handshake ! TLS_PATH=$TLS_PATH:$base_dir/Mono.Security.Protocol.Tls.Handshake.Client:$base_dir/Mono.Security.Protocol.Tls.Handshake.Server base_dir=./PostgreSql.Data.PgSqlClient/source |
|
From: <car...@us...> - 2004-02-10 10:01:19
|
Update of /cvsroot/pgsqlclient/pgsqlclient_10 In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv3825 Removed Files: monocp.sh Log Message: Reorganization to match mono:: cvs structure --- monocp.sh DELETED --- |
|
From: <car...@us...> - 2004-02-10 10:00:38
|
Update of /cvsroot/pgsqlclient/pgsqlclient_10 In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv3723 Added Files: Mono.Security.Tls.snk Log Message: Reorganization to match mono:: cvs structure --- NEW FILE: Mono.Security.Tls.snk --- (This appears to be a binary file; contents omitted.) |
|
From: <car...@us...> - 2004-02-10 10:00:09
|
Update of /cvsroot/pgsqlclient/pgsqlclient_10 In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv3515 Added Files: Mono.Security.License.txt Log Message: Reorganization to match mono:: cvs structure --- NEW FILE: Mono.Security.License.txt --- (This appears to be a binary file; contents omitted.) |
|
From: <car...@us...> - 2004-02-10 09:59:31
|
Update of /cvsroot/pgsqlclient/pgsqlclient_10 In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv3413 Modified Files: makefile PgSqlClient.build Log Message: Reorganization to match mono:: cvs structure Index: makefile =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/makefile,v retrieving revision 1.12 retrieving revision 1.13 diff -C2 -d -r1.12 -r1.13 *** makefile 9 Feb 2004 16:24:14 -0000 1.12 --- makefile 10 Feb 2004 09:56:04 -0000 1.13 *************** *** 15,19 **** # Source files - RECURSE_TLS = -recurse:./Mono.Security.Protocol.Tls/*.cs RECURSE_SOURCE = -recurse:./PostgreSql.Data.PgSqlClient/source/*.cs RECURSE_TESTS = -recurse:./PostgreSql.Data.PgSqlClient.UnitTests/source/*.cs --- 15,18 ---- Index: PgSqlClient.build =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/PgSqlClient.build,v retrieving revision 1.12 retrieving revision 1.13 diff -C2 -d -r1.12 -r1.13 *** PgSqlClient.build 9 Feb 2004 11:54:38 -0000 1.12 --- PgSqlClient.build 10 Feb 2004 09:56:04 -0000 1.13 *************** *** 15,19 **** <property name="build.dir" value="${base.build.dir}" /> ! <property name="tls.src.dir" value="Mono.Security.Protocol.Tls" /> <property name="src.dir" value="${project.FormalName}\source" /> <property name="resources.dir" value="${src.dir}\Resources" /> --- 15,19 ---- <property name="build.dir" value="${base.build.dir}" /> ! <property name="tls.src.dir" value="Mono.Security" /> <property name="src.dir" value="${project.FormalName}\source" /> <property name="resources.dir" value="${src.dir}\Resources" /> |
|
From: <car...@us...> - 2004-02-10 09:59:01
|
Update of /cvsroot/pgsqlclient/pgsqlclient_10 In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv3328 Removed Files: Mono.Security.Protocol.Tls.License.txt Mono.Security.Protocol.Tls.snk Log Message: Reorganization to match mono:: cvs structure --- Mono.Security.Protocol.Tls.License.txt DELETED --- --- Mono.Security.Protocol.Tls.snk DELETED --- |
|
From: <car...@us...> - 2004-02-10 09:51:49
|
Update of /cvsroot/pgsqlclient/pgsqlclient_10/PostgreSql.Data.PgSqlClient/source/NPgClient In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv1992 Removed Files: PgDecodeType.cs PgEncodeType.cs Log Message: Removed old files --- PgDecodeType.cs DELETED --- --- PgEncodeType.cs DELETED --- |
|
From: <car...@us...> - 2004-02-10 09:50:18
|
Update of /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv1603 Added Files: changelog.txt LICENSE.TXT README.TXT Log Message: Reorganization to match mono:: cvs structure --- NEW FILE: changelog.txt --- (This appears to be a binary file; contents omitted.) --- NEW FILE: LICENSE.TXT --- (This appears to be a binary file; contents omitted.) --- NEW FILE: README.TXT --- Transport Security Layer (TLS) ------------------------------ Transport Security Layer (TLS) protocol implementation. Copyright (c) 2003 Carlos Guzmán Álvarez Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. |
|
From: <car...@us...> - 2004-02-10 09:49:41
|
Update of /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.X509 In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv1532 Added Files: ITrustAnchors.cs TestAnchors.cs TrustAnchors.cs X501Name.cs X509Certificate.cs X509CertificateCollection.cs X509Chain.cs X509Extension.cs X509Extensions.cs X520Attributes.cs Log Message: Reorganization to match mono:: cvs structure --- NEW FILE: ITrustAnchors.cs --- // // ITrustAnchors.cs: Trust Anchors Interface // // Author: // Sebastien Pouliot (spo...@mo...) // // (C) 2003 Motus Technologies Inc. (http://www.motus.com) // using System; namespace Mono.Security.X509 { internal interface ITrustAnchors { X509CertificateCollection Anchors { get; } } } --- NEW FILE: TestAnchors.cs --- // // TestAnchors.cs: Trust Anchors for development and debugging // include test certificates for Microsoft (root agency) and Mono // // Author: // Sebastien Pouliot (spo...@mo...) // // (C) 2003 Motus Technologies Inc. (http://www.motus.com) // using System; namespace Mono.Security.X509 { internal class TestAnchors : TrustAnchors { static byte[] rootagency = { 0x30, 0x82, 0x01, 0xCA, 0x30, 0x82, 0x01, 0x74, 0xA0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x10, 0x06, 0x37, 0x6C, 0x00, 0xAA, 0x00, 0x64, 0x8A, 0x11, 0xCF, 0xB8, 0xD4, 0xAA, 0x5C, 0x35, 0xF4, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x04, 0x05, 0x00, 0x30, 0x16, 0x31, 0x14, 0x30, 0x12, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x0B, 0x52, 0x6F, 0x6F, 0x74, 0x20, 0x41, 0x67, 0x65, 0x6E, 0x63, 0x79, 0x30, 0x1E, 0x17, 0x0D, 0x39, 0x36, 0x30, 0x35, 0x32, 0x38, 0x32, 0x32, 0x30, 0x32, 0x35, 0x39, 0x5A, 0x17, 0x0D, 0x33, 0x39, 0x31, 0x32, 0x33, 0x31, 0x32, 0x33, 0x35, 0x39, 0x35, 0x39, 0x5A, 0x30, 0x16, 0x31, 0x14, 0x30, 0x12, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x0B, 0x52, 0x6F, 0x6F, 0x74, 0x20, 0x41, 0x67, 0x65, 0x6E, 0x63, 0x79, 0x30, 0x5B, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x4A, 0x00, 0x30, 0x47, 0x02, 0x40, 0x81, 0x55, 0x22, 0xB9, 0x8A, 0xA4, 0x6F, 0xED, 0xD6, 0xE7, 0xD9, 0x66, 0x0F, 0x55, 0xBC, 0xD7, 0xCD, 0xD5, 0xBC, 0x4E, 0x40, 0x02, 0x21, 0xA2, 0xB1, 0xF7, 0x87, 0x30, 0x85, 0x5E, 0xD2, 0xF2, 0x44, 0xB9, 0xDC, 0x9B, 0x75, 0xB6, 0xFB, 0x46, 0x5F, 0x42, 0xB6, 0x9D, 0x23, 0x36, 0x0B, 0xDE, 0x54, 0x0F, 0xCD, 0xBD, 0x1F, 0x99, 0x2A, 0x10, 0x58, 0x11, 0xCB, 0x40, 0xCB, 0xB5, 0xA7, 0x41, 0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x81, 0x9E, 0x30, 0x81, 0x9B, 0x30, 0x50, 0x06, 0x03, 0x55, 0x04, 0x03, 0x04, 0x49, 0x13, 0x47, 0x46, 0x6F, 0x72, 0x20, 0x54, 0x65, 0x73, 0x74, 0x69, 0x6E, 0x67, 0x20, 0x50, 0x75, 0x72, 0x70, 0x6F, 0x73, 0x65, 0x73, 0x20, 0x4F, 0x6E, 0x6C, 0x79, 0x20, 0x53, 0x61, 0x6D, 0x70, 0x6C, 0x65, 0x20, 0x53, 0x6F, 0x66, 0x74, 0x77, 0x61, 0x72, 0x65, 0x20, 0x50, 0x75, 0x62, 0x6C, 0x69, 0x73, 0x68, 0x69, 0x6E, 0x67, 0x20, 0x43, 0x72, 0x65, 0x64, 0x65, 0x6E, 0x74, 0x69, 0x61, 0x6C, 0x73, 0x20, 0x41, 0x67, 0x65, 0x6E, 0x63, 0x79, 0x30, 0x47, 0x06, 0x03, 0x55, 0x1D, 0x01, 0x04, 0x40, 0x30, 0x3E, 0x80, 0x10, 0x12, 0xE4, 0x09, 0x2D, 0x06, 0x1D, 0x1D, 0x4F, 0x00, 0x8D, 0x61, 0x21, 0xDC, 0x16, 0x64, 0x63, 0xA1, 0x18, 0x30, 0x16, 0x31, 0x14, 0x30, 0x12, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x0B, 0x52, 0x6F, 0x6F, 0x74, 0x20, 0x41, 0x67, 0x65, 0x6E, 0x63, 0x79, 0x82, 0x10, 0x06, 0x37, 0x6C, 0x00, 0xAA, 0x00, 0x64, 0x8A, 0x11, 0xCF, 0xB8, 0xD4, 0xAA, 0x5C, 0x35, 0xF4, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x04, 0x05, 0x00, 0x03, 0x41, 0x00, 0x2D, 0x2E, 0x3E, 0x7B, 0x89, 0x42, 0x89, 0x3F, 0xA8, 0x21, 0x17, 0xFA, 0xF0, 0xF5, 0xC3, 0x95, 0xDB, 0x62, 0x69, 0x5B, 0xC9, 0xDC, 0xC1, 0xB3, 0xFA, 0xF0, 0xC4, 0x6F, 0x6F, 0x64, 0x9A, 0xBD, 0xE7, 0x1B, 0x25, 0x68, 0x72, 0x83, 0x67, 0xBD, 0x56, 0xB0, 0x8D, 0x01, 0xBD, 0x2A, 0xF7, 0xCC, 0x4B, 0xBD, 0x87, 0xA5, 0xBA, 0x87, 0x20, 0x4C, 0x42, 0x11, 0x41, 0xAD, 0x10, 0x17, 0x3B, 0x8C }; static byte[] monoTestRoot = { 0x30, 0x82, 0x01, 0xC2, 0x30, 0x82, 0x01, 0x2B, 0xA0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x10, 0x28, 0xF4, 0x76, 0x38, 0x91, 0x74, 0x0E, 0x48, 0x85, 0xC7, 0x6E, 0x88, 0x4F, 0xE1, 0xB0, 0x69, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x04, 0x05, 0x00, 0x30, 0x20, 0x31, 0x1E, 0x30, 0x1C, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x15, 0x4D, 0x6F, 0x6E, 0x6F, 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x52, 0x6F, 0x6F, 0x74, 0x20, 0x41, 0x67, 0x65, 0x6E, 0x63, 0x79, 0x30, 0x1E, 0x17, 0x0D, 0x30, 0x33, 0x30, 0x39, 0x30, 0x31, 0x31, 0x35, 0x35, 0x35, 0x34, 0x38, 0x5A, 0x17, 0x0D, 0x33, 0x39, 0x31, 0x32, 0x33, 0x31, 0x31, 0x38, 0x35, 0x39, 0x35, 0x39, 0x5A, 0x30, 0x20, 0x31, 0x1E, 0x30, 0x1C, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x15, 0x4D, 0x6F, 0x6E, 0x6F, 0x20, 0x54, 0x65, 0x73, 0x74, 0x20, 0x52, 0x6F, 0x6F, 0x74, 0x20, 0x41, 0x67, 0x65, 0x6E, 0x63, 0x79, 0x30, 0x81, 0x9E, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x81, 0x8C, 0x00, 0x30, 0x81, 0x88, 0x02, 0x81, 0x80, 0xBF, 0xFE, 0x27, 0x00, 0xB0, 0x71, 0x08, 0x4F, 0xBD, 0x26, 0x01, 0x02, 0xD0, 0xB9, 0xC3, 0x52, 0xF2, 0xA1, 0xE9, 0xEF, 0x7A, 0x3F, 0x04, 0xE9, 0x37, 0x84, 0x63, 0xFA, 0xF5, 0xA7, 0xA8, 0xA4, 0xFB, 0x20, 0x0A, 0x75, 0x88, 0xAF, 0xC9, 0x8E, 0xEA, 0xAF, 0x02, 0x0E, 0x83, 0x43, 0x6B, 0xD3, 0x7E, 0xFD, 0x1D, 0x4E, 0x5A, 0x9F, 0x7E, 0x61, 0xC7, 0xE7, 0x53, 0xB2, 0x8A, 0x8A, 0x6B, 0x71, 0x3E, 0x67, 0xCF, 0x17, 0x12, 0x4E, 0xC6, 0x5B, 0xFF, 0xD8, 0xDC, 0x1D, 0x27, 0x06, 0xD2, 0xCD, 0xFF, 0x15, 0x12, 0x16, 0x9D, 0x77, 0x8B, 0x93, 0xF7, 0xE0, 0x9B, 0xB9, 0x92, 0x62, 0x18, 0xD4, 0x68, 0x73, 0x48, 0xD2, 0x6D, 0x7F, 0x35, 0x34, 0xE4, 0xB6, 0x2A, 0x62, 0x72, 0x32, 0xB1, 0xA3, 0xBD, 0x61, 0x18, 0x88, 0x3D, 0xAA, 0xE7, 0x02, 0x5A, 0x70, 0xEE, 0x9B, 0xE2, 0xAB, 0x87, 0xF9, 0x02, 0x03, 0x01, 0x00, 0x01, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x04, 0x05, 0x00, 0x03, 0x81, 0x81, 0x00, 0x8E, 0x08, 0xD7, 0x0F, 0x30, 0xB2, 0xFD, 0x3A, 0x5C, 0x94, 0xA9, 0x56, 0xBE, 0x44, 0x77, 0xE3, 0xA3, 0x92, 0xBC, 0xB9, 0xE4, 0x95, 0x68, 0xD4, 0xF4, 0xF9, 0x24, 0x4B, 0x2A, 0x79, 0x93, 0x57, 0x7E, 0x84, 0x50, 0x3F, 0xA9, 0xC8, 0xDA, 0x9E, 0x08, 0x9C, 0x21, 0xE1, 0x10, 0xFC, 0x1C, 0x5C, 0x4B, 0x60, 0x97, 0xBA, 0x55, 0xCB, 0x7C, 0xEA, 0xC3, 0x04, 0x2F, 0x55, 0xBB, 0x16, 0x26, 0xCD, 0x87, 0x90, 0x30, 0x7F, 0xE0, 0xCF, 0x24, 0x27, 0xB4, 0x3A, 0xD0, 0x9F, 0xC7, 0x55, 0xF8, 0x7C, 0xC9, 0xA0, 0x72, 0xE4, 0x06, 0xF1, 0x4A, 0x5B, 0xBB, 0x71, 0x84, 0x8B, 0x76, 0x23, 0x65, 0x1F, 0x1B, 0xEA, 0x96, 0x85, 0x13, 0x84, 0x0C, 0x8C, 0xCD, 0xDA, 0x3D, 0x1F, 0xEB, 0xA9, 0xA7, 0xDF, 0xE0, 0xD1, 0xDC, 0x93, 0x21, 0x7A, 0x10, 0xA7, 0x92, 0x63, 0x5D, 0xAB, 0xA2, 0x13, 0x37, 0xA4 }; static TestAnchors () { // add Microsoft Test Root for people who used MS makecert to create // their Authenticode(tm) test certificates coll.Add (new X509Certificate (rootagency)); // add Mono Test Root for people who used Mono makecert to create // their Authenticode(tm) test certificates coll.Add (new X509Certificate (monoTestRoot)); } } } --- NEW FILE: TrustAnchors.cs --- // // TrustAnchors.cs: "Official" default Trust Anchors for Mono // // Author: // Sebastien Pouliot (spo...@mo...) // // (C) 2003 Motus Technologies Inc. (http://www.motus.com) // using System; namespace Mono.Security.X509 { internal class TrustAnchors : ITrustAnchors { static byte[] msroot = { 0x30, 0x82, 0x04, 0x12, 0x30, 0x82, 0x02, 0xFA, 0xA0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x0F, 0x00, 0xC1, 0x00, 0x8B, 0x3C, 0x3C, 0x88, 0x11, 0xD1, 0x3E, 0xF6, 0x63, 0xEC, 0xDF, 0x40, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x04, 0x05, 0x00, 0x30, 0x70, 0x31, 0x2B, 0x30, 0x29, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x13, 0x22, 0x43, 0x6F, 0x70, 0x79, 0x72, 0x69, 0x67, 0x68, 0x74, 0x20, 0x28, 0x63, 0x29, 0x20, 0x31, 0x39, 0x39, 0x37, 0x20, 0x4D, 0x69, 0x63, 0x72, 0x6F, 0x73, 0x6F, 0x66, 0x74, 0x20, 0x43, 0x6F, 0x72, 0x70, 0x2E, 0x31, 0x1E, 0x30, 0x1C, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x13, 0x15, 0x4D, 0x69, 0x63, 0x72, 0x6F, 0x73, 0x6F, 0x66, 0x74, 0x20, 0x43, 0x6F, 0x72, 0x70, 0x6F, 0x72, 0x61, 0x74, 0x69, 0x6F, 0x6E, 0x31, 0x21, 0x30, 0x1F, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x18, 0x4D, 0x69, 0x63, 0x72, 0x6F, 0x73, 0x6F, 0x66, 0x74, 0x20, 0x52, 0x6F, 0x6F, 0x74, 0x20, 0x41, 0x75, 0x74, 0x68, 0x6F, 0x72, 0x69, 0x74, 0x79, 0x30, 0x1E, 0x17, 0x0D, 0x39, 0x37, 0x30, 0x31, 0x31, 0x30, 0x30, 0x37, 0x30, 0x30, 0x30, 0x30, 0x5A, 0x17, 0x0D, 0x32, 0x30, 0x31, 0x32, 0x33, 0x31, 0x30, 0x37, 0x30, 0x30, 0x30, 0x30, 0x5A, 0x30, 0x70, 0x31, 0x2B, 0x30, 0x29, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x13, 0x22, 0x43, 0x6F, 0x70, 0x79, 0x72, 0x69, 0x67, 0x68, 0x74, 0x20, 0x28, 0x63, 0x29, 0x20, 0x31, 0x39, 0x39, 0x37, 0x20, 0x4D, 0x69, 0x63, 0x72, 0x6F, 0x73, 0x6F, 0x66, 0x74, 0x20, 0x43, 0x6F, 0x72, 0x70, 0x2E, 0x31, 0x1E, 0x30, 0x1C, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x13, 0x15, 0x4D, 0x69, 0x63, 0x72, 0x6F, 0x73, 0x6F, 0x66, 0x74, 0x20, 0x43, 0x6F, 0x72, 0x70, 0x6F, 0x72, 0x61, 0x74, 0x69, 0x6F, 0x6E, 0x31, 0x21, 0x30, 0x1F, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x18, 0x4D, 0x69, 0x63, 0x72, 0x6F, 0x73, 0x6F, 0x66, 0x74, 0x20, 0x52, 0x6F, 0x6F, 0x74, 0x20, 0x41, 0x75, 0x74, 0x68, 0x6F, 0x72, 0x69, 0x74, 0x79, 0x30, 0x82, 0x01, 0x22, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0F, 0x00, 0x30, 0x82, 0x01, 0x0A, 0x02, 0x82, 0x01, 0x01, 0x00, 0xA9, 0x02, 0xBD, 0xC1, 0x70, 0xE6, 0x3B, 0xF2, 0x4E, 0x1B, 0x28, 0x9F, 0x97, 0x78, 0x5E, 0x30, 0xEA, 0xA2, 0xA9, 0x8D, 0x25, 0x5F, 0xF8, 0xFE, 0x95, 0x4C, 0xA3, 0xB7, 0xFE, 0x9D, 0xA2, 0x20, 0x3E, 0x7C, 0x51, 0xA2, 0x9B, 0xA2, 0x8F, 0x60, 0x32, 0x6B, 0xD1, 0x42, 0x64, 0x79, 0xEE, 0xAC, 0x76, 0xC9, 0x54, 0xDA, 0xF2, 0xEB, 0x9C, 0x86, 0x1C, 0x8F, 0x9F, 0x84, 0x66, 0xB3, 0xC5, 0x6B, 0x7A, 0x62, 0x23, 0xD6, 0x1D, 0x3C, 0xDE, 0x0F, 0x01, 0x92, 0xE8, 0x96, 0xC4, 0xBF, 0x2D, 0x66, 0x9A, 0x9A, 0x68, 0x26, 0x99, 0xD0, 0x3A, 0x2C, 0xBF, 0x0C, 0xB5, 0x58, 0x26, 0xC1, 0x46, 0xE7, 0x0A, 0x3E, 0x38, 0x96, 0x2C, 0xA9, 0x28, 0x39, 0xA8, 0xEC, 0x49, 0x83, 0x42, 0xE3, 0x84, 0x0F, 0xBB, 0x9A, 0x6C, 0x55, 0x61, 0xAC, 0x82, 0x7C, 0xA1, 0x60, 0x2D, 0x77, 0x4C, 0xE9, 0x99, 0xB4, 0x64, 0x3B, 0x9A, 0x50, 0x1C, 0x31, 0x08, 0x24, 0x14, 0x9F, 0xA9, 0xE7, 0x91, 0x2B, 0x18, 0xE6, 0x3D, 0x98, 0x63, 0x14, 0x60, 0x58, 0x05, 0x65, 0x9F, 0x1D, 0x37, 0x52, 0x87, 0xF7, 0xA7, 0xEF, 0x94, 0x02, 0xC6, 0x1B, 0xD3, 0xBF, 0x55, 0x45, 0xB3, 0x89, 0x80, 0xBF, 0x3A, 0xEC, 0x54, 0x94, 0x4E, 0xAE, 0xFD, 0xA7, 0x7A, 0x6D, 0x74, 0x4E, 0xAF, 0x18, 0xCC, 0x96, 0x09, 0x28, 0x21, 0x00, 0x57, 0x90, 0x60, 0x69, 0x37, 0xBB, 0x4B, 0x12, 0x07, 0x3C, 0x56, 0xFF, 0x5B, 0xFB, 0xA4, 0x66, 0x0A, 0x08, 0xA6, 0xD2, 0x81, 0x56, 0x57, 0xEF, 0xB6, 0x3B, 0x5E, 0x16, 0x81, 0x77, 0x04, 0xDA, 0xF6, 0xBE, 0xAE, 0x80, 0x95, 0xFE, 0xB0, 0xCD, 0x7F, 0xD6, 0xA7, 0x1A, 0x72, 0x5C, 0x3C, 0xCA, 0xBC, 0xF0, 0x08, 0xA3, 0x22, 0x30, 0xB3, 0x06, 0x85, 0xC9, 0xB3, 0x20, 0x77, 0x13, 0x85, 0xDF, 0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x81, 0xA8, 0x30, 0x81, 0xA5, 0x30, 0x81, 0xA2, 0x06, 0x03, 0x55, 0x1D, 0x01, 0x04, 0x81, 0x9A, 0x30, 0x81, 0x97, 0x80, 0x10, 0x5B, 0xD0, 0x70, 0xEF, 0x69, 0x72, 0x9E, 0x23, 0x51, 0x7E, 0x14, 0xB2, 0x4D, 0x8E, 0xFF, 0xCB, 0xA1, 0x72, 0x30, 0x70, 0x31, 0x2B, 0x30, 0x29, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x13, 0x22, 0x43, 0x6F, 0x70, 0x79, 0x72, 0x69, 0x67, 0x68, 0x74, 0x20, 0x28, 0x63, 0x29, 0x20, 0x31, 0x39, 0x39, 0x37, 0x20, 0x4D, 0x69, 0x63, 0x72, 0x6F, 0x73, 0x6F, 0x66, 0x74, 0x20, 0x43, 0x6F, 0x72, 0x70, 0x2E, 0x31, 0x1E, 0x30, 0x1C, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x13, 0x15, 0x4D, 0x69, 0x63, 0x72, 0x6F, 0x73, 0x6F, 0x66, 0x74, 0x20, 0x43, 0x6F, 0x72, 0x70, 0x6F, 0x72, 0x61, 0x74, 0x69, 0x6F, 0x6E, 0x31, 0x21, 0x30, 0x1F, 0x06, 0x03, 0x55, 0x04, 0x03, 0x13, 0x18, 0x4D, 0x69, 0x63, 0x72, 0x6F, 0x73, 0x6F, 0x66, 0x74, 0x20, 0x52, 0x6F, 0x6F, 0x74, 0x20, 0x41, 0x75, 0x74, 0x68, 0x6F, 0x72, 0x69, 0x74, 0x79, 0x82, 0x0F, 0x00, 0xC1, 0x00, 0x8B, 0x3C, 0x3C, 0x88, 0x11, 0xD1, 0x3E, 0xF6, 0x63, 0xEC, 0xDF, 0x40, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x04, 0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, 0x95, 0xE8, 0x0B, 0xC0, 0x8D, 0xF3, 0x97, 0x18, 0x35, 0xED, 0xB8, 0x01, 0x24, 0xD8, 0x77, 0x11, 0xF3, 0x5C, 0x60, 0x32, 0x9F, 0x9E, 0x0B, 0xCB, 0x3E, 0x05, 0x91, 0x88, 0x8F, 0xC9, 0x3A, 0xE6, 0x21, 0xF2, 0xF0, 0x57, 0x93, 0x2C, 0xB5, 0xA0, 0x47, 0xC8, 0x62, 0xEF, 0xFC, 0xD7, 0xCC, 0x3B, 0x3B, 0x5A, 0xA9, 0x36, 0x54, 0x69, 0xFE, 0x24, 0x6D, 0x3F, 0xC9, 0xCC, 0xAA, 0xDE, 0x05, 0x7C, 0xDD, 0x31, 0x8D, 0x3D, 0x9F, 0x10, 0x70, 0x6A, 0xBB, 0xFE, 0x12, 0x4F, 0x18, 0x69, 0xC0, 0xFC, 0xD0, 0x43, 0xE3, 0x11, 0x5A, 0x20, 0x4F, 0xEA, 0x62, 0x7B, 0xAF, 0xAA, 0x19, 0xC8, 0x2B, 0x37, 0x25, 0x2D, 0xBE, 0x65, 0xA1, 0x12, 0x8A, 0x25, 0x0F, 0x63, 0xA3, 0xF7, 0x54, 0x1C, 0xF9, 0x21, 0xC9, 0xD6, 0x15, 0xF3, 0x52, 0xAC, 0x6E, 0x43, 0x32, 0x07, 0xFD, 0x82, 0x17, 0xF8, 0xE5, 0x67, 0x6C, 0x0D, 0x51, 0xF6, 0xBD, 0xF1, 0x52, 0xC7, 0xBD, 0xE7, 0xC4, 0x30, 0xFC, 0x20, 0x31, 0x09, 0x88, 0x1D, 0x95, 0x29, 0x1A, 0x4D, 0xD5, 0x1D, 0x02, 0xA5, 0xF1, 0x80, 0xE0, 0x03, 0xB4, 0x5B, 0xF4, 0xB1, 0xDD, 0xC8, 0x57, 0xEE, 0x65, 0x49, 0xC7, 0x52, 0x54, 0xB6, 0xB4, 0x03, 0x28, 0x12, 0xFF, 0x90, 0xD6, 0xF0, 0x08, 0x8F, 0x7E, 0xB8, 0x97, 0xC5, 0xAB, 0x37, 0x2C, 0xE4, 0x7A, 0xE4, 0xA8, 0x77, 0xE3, 0x76, 0xA0, 0x00, 0xD0, 0x6A, 0x3F, 0xC1, 0xD2, 0x36, 0x8A, 0xE0, 0x41, 0x12, 0xA8, 0x35, 0x6A, 0x1B, 0x6A, 0xDB, 0x35, 0xE1, 0xD4, 0x1C, 0x04, 0xE4, 0xA8, 0x45, 0x04, 0xC8, 0x5A, 0x33, 0x38, 0x6E, 0x4D, 0x1C, 0x0D, 0x62, 0xB7, 0x0A, 0xA2, 0x8C, 0xD3, 0xD5, 0x54, 0x3F, 0x46, 0xCD, 0x1C, 0x55, 0xA6, 0x70, 0xDB, 0x12, 0x3A, 0x87, 0x93, 0x75, 0x9F, 0xA7, 0xD2, 0xA0 }; static byte[] verisign = { 0x30, 0x82, 0x02, 0x40, 0x30, 0x82, 0x01, 0xA9, 0x02, 0x10, 0x03, 0xC7, 0x8F, 0x37, 0xDB, 0x92, 0x28, 0xDF, 0x3C, 0xBB, 0x1A, 0xAD, 0x82, 0xFA, 0x67, 0x10, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x02, 0x05, 0x00, 0x30, 0x61, 0x31, 0x11, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x04, 0x07, 0x13, 0x08, 0x49, 0x6E, 0x74, 0x65, 0x72, 0x6E, 0x65, 0x74, 0x31, 0x17, 0x30, 0x15, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x13, 0x0E, 0x56, 0x65, 0x72, 0x69, 0x53, 0x69, 0x67, 0x6E, 0x2C, 0x20, 0x49, 0x6E, 0x63, 0x2E, 0x31, 0x33, 0x30, 0x31, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x13, 0x2A, 0x56, 0x65, 0x72, 0x69, 0x53, 0x69, 0x67, 0x6E, 0x20, 0x43, 0x6F, 0x6D, 0x6D, 0x65, 0x72, 0x63, 0x69, 0x61, 0x6C, 0x20, 0x53, 0x6F, 0x66, 0x74, 0x77, 0x61, 0x72, 0x65, 0x20, 0x50, 0x75, 0x62, 0x6C, 0x69, 0x73, 0x68, 0x65, 0x72, 0x73, 0x20, 0x43, 0x41, 0x30, 0x1E, 0x17, 0x0D, 0x39, 0x36, 0x30, 0x34, 0x30, 0x39, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x5A, 0x17, 0x0D, 0x30, 0x34, 0x30, 0x31, 0x30, 0x37, 0x32, 0x33, 0x35, 0x39, 0x35, 0x39, 0x5A, 0x30, 0x61, 0x31, 0x11, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x04, 0x07, 0x13, 0x08, 0x49, 0x6E, 0x74, 0x65, 0x72, 0x6E, 0x65, 0x74, 0x31, 0x17, 0x30, 0x15, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x13, 0x0E, 0x56, 0x65, 0x72, 0x69, 0x53, 0x69, 0x67, 0x6E, 0x2C, 0x20, 0x49, 0x6E, 0x63, 0x2E, 0x31, 0x33, 0x30, 0x31, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x13, 0x2A, 0x56, 0x65, 0x72, 0x69, 0x53, 0x69, 0x67, 0x6E, 0x20, 0x43, 0x6F, 0x6D, 0x6D, 0x65, 0x72, 0x63, 0x69, 0x61, 0x6C, 0x20, 0x53, 0x6F, 0x66, 0x74, 0x77, 0x61, 0x72, 0x65, 0x20, 0x50, 0x75, 0x62, 0x6C, 0x69, 0x73, 0x68, 0x65, 0x72, 0x73, 0x20, 0x43, 0x41, 0x30, 0x81, 0x9F, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x81, 0x8D, 0x00, 0x30, 0x81, 0x89, 0x02, 0x81, 0x81, 0x00, 0xC3, 0xD3, 0x69, 0x65, 0x52, 0x01, 0x94, 0x54, 0xAB, 0x28, 0xC6, 0x62, 0x18, 0xB3, 0x54, 0x55, 0xC5, 0x44, 0x87, 0x45, 0x4A, 0x3B, 0xC2, 0x7E, 0xD8, 0xD3, 0xD7, 0xC8, 0x80, 0x86, 0x8D, 0xD8, 0x0C, 0xF1, 0x16, 0x9C, 0xCC, 0x6B, 0xA9, 0x29, 0xB2, 0x8F, 0x76, 0x73, 0x92, 0xC8, 0xC5, 0x62, 0xA6, 0x3C, 0xED, 0x1E, 0x05, 0x75, 0xF0, 0x13, 0x00, 0x6C, 0x14, 0x4D, 0xD4, 0x98, 0x90, 0x07, 0xBE, 0x69, 0x73, 0x81, 0xB8, 0x62, 0x4E, 0x31, 0x1E, 0xD1, 0xFC, 0xC9, 0x0C, 0xEB, 0x7D, 0x90, 0xBF, 0xAE, 0xB4, 0x47, 0x51, 0xEC, 0x6F, 0xCE, 0x64, 0x35, 0x02, 0xD6, 0x7D, 0x67, 0x05, 0x77, 0xE2, 0x8F, 0xD9, 0x51, 0xD7, 0xFB, 0x97, 0x19, 0xBC, 0x3E, 0xD7, 0x77, 0x81, 0xC6, 0x43, 0xDD, 0xF2, 0xDD, 0xDF, 0xCA, 0xA3, 0x83, 0x8B, 0xCB, 0x41, 0xC1, 0x3D, 0x22, 0x48, 0x48, 0xA6, 0x19, 0x02, 0x03, 0x01, 0x00, 0x01, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x02, 0x05, 0x00, 0x03, 0x81, 0x81, 0x00, 0xB5, 0xBC, 0xB0, 0x75, 0x6A, 0x89, 0xA2, 0x86, 0xBD, 0x64, 0x78, 0xC3, 0xA7, 0x32, 0x75, 0x72, 0x11, 0xAA, 0x26, 0x02, 0x17, 0x60, 0x30, 0x4C, 0xE3, 0x48, 0x34, 0x19, 0xB9, 0x52, 0x4A, 0x51, 0x18, 0x80, 0xFE, 0x53, 0x2D, 0x7B, 0xD5, 0x31, 0x8C, 0xC5, 0x65, 0x99, 0x41, 0x41, 0x2F, 0xF2, 0xAE, 0x63, 0x7A, 0xE8, 0x73, 0x99, 0x15, 0x90, 0x1A, 0x1F, 0x7A, 0x8B, 0x41, 0xD0, 0x8E, 0x3A, 0xD0, 0xCD, 0x38, 0x34, 0x44, 0xD0, 0x75, 0xF8, 0xEA, 0x71, 0xC4, 0x81, 0x19, 0x38, 0x17, 0x35, 0x4A, 0xAE, 0xC5, 0x3E, 0x32, 0xE6, 0x21, 0xB8, 0x05, 0xC0, 0x93, 0xE1, 0xC7, 0x38, 0x5C, 0xD8, 0xF7, 0x93, 0x38, 0x64, 0x90, 0xED, 0x54, 0xCE, 0xCA, 0xD3, 0xD3, 0xD0, 0x5F, 0xEF, 0x04, 0x9B, 0xDE, 0x02, 0x82, 0xDD, 0x88, 0x29, 0xB1, 0xC3, 0x4F, 0xA5, 0xCD, 0x71, 0x64, 0x31, 0x3C, 0x3C }; static byte[] verisign_ts_root = { 0x30, 0x82, 0x02, 0xBC, 0x30, 0x82, 0x02, 0x25, 0x02, 0x10, 0x4A, 0x19, 0xD2, 0x38, 0x8C, 0x82, 0x59, 0x1C, 0xA5, 0x5D, 0x73, 0x5F, 0x15, 0x5D, 0xDC, 0xA3, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x04, 0x05, 0x00, 0x30, 0x81, 0x9E, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x13, 0x16, 0x56, 0x65, 0x72, 0x69, 0x53, 0x69, 0x67, 0x6E, 0x20, 0x54, 0x72, 0x75, 0x73, 0x74, 0x20, 0x4E, 0x65, 0x74, 0x77, 0x6F, 0x72, 0x6B, 0x31, 0x17, 0x30, 0x15, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x13, 0x0E, 0x56, 0x65, 0x72, 0x69, 0x53, 0x69, 0x67, 0x6E, 0x2C, 0x20, 0x49, 0x6E, 0x63, 0x2E, 0x31, 0x2C, 0x30, 0x2A, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x13, 0x23, 0x56, 0x65, 0x72, 0x69, 0x53, 0x69, 0x67, 0x6E, 0x20, 0x54, 0x69, 0x6D, 0x65, 0x20, 0x53, 0x74, 0x61, 0x6D, 0x70, 0x69, 0x6E, 0x67, 0x20, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x20, 0x52, 0x6F, 0x6F, 0x74, 0x31, 0x34, 0x30, 0x32, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x13, 0x2B, 0x4E, 0x4F, 0x20, 0x4C, 0x49, 0x41, 0x42, 0x49, 0x4C, 0x49, 0x54, 0x59, 0x20, 0x41, 0x43, 0x43, 0x45, 0x50, 0x54, 0x45, 0x44, 0x2C, 0x20, 0x28, 0x63, 0x29, 0x39, 0x37, 0x20, 0x56, 0x65, 0x72, 0x69, 0x53, 0x69, 0x67, 0x6E, 0x2C, 0x20, 0x49, 0x6E, 0x63, 0x2E, 0x30, 0x1E, 0x17, 0x0D, 0x39, 0x37, 0x30, 0x35, 0x31, 0x32, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x5A, 0x17, 0x0D, 0x30, 0x34, 0x30, 0x31, 0x30, 0x37, 0x32, 0x33, 0x35, 0x39, 0x35, 0x39, 0x5A, 0x30, 0x81, 0x9E, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x13, 0x16, 0x56, 0x65, 0x72, 0x69, 0x53, 0x69, 0x67, 0x6E, 0x20, 0x54, 0x72, 0x75, 0x73, 0x74, 0x20, 0x4E, 0x65, 0x74, 0x77, 0x6F, 0x72, 0x6B, 0x31, 0x17, 0x30, 0x15, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x13, 0x0E, 0x56, 0x65, 0x72, 0x69, 0x53, 0x69, 0x67, 0x6E, 0x2C, 0x20, 0x49, 0x6E, 0x63, 0x2E, 0x31, 0x2C, 0x30, 0x2A, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x13, 0x23, 0x56, 0x65, 0x72, 0x69, 0x53, 0x69, 0x67, 0x6E, 0x20, 0x54, 0x69, 0x6D, 0x65, 0x20, 0x53, 0x74, 0x61, 0x6D, 0x70, 0x69, 0x6E, 0x67, 0x20, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x20, 0x52, 0x6F, 0x6F, 0x74, 0x31, 0x34, 0x30, 0x32, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x13, 0x2B, 0x4E, 0x4F, 0x20, 0x4C, 0x49, 0x41, 0x42, 0x49, 0x4C, 0x49, 0x54, 0x59, 0x20, 0x41, 0x43, 0x43, 0x45, 0x50, 0x54, 0x45, 0x44, 0x2C, 0x20, 0x28, 0x63, 0x29, 0x39, 0x37, 0x20, 0x56, 0x65, 0x72, 0x69, 0x53, 0x69, 0x67, 0x6E, 0x2C, 0x20, 0x49, 0x6E, 0x63, 0x2E, 0x30, 0x81, 0x9F, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x81, 0x8D, 0x00, 0x30, 0x81, 0x89, 0x02, 0x81, 0x81, 0x00, 0xD3, 0x2E, 0x20, 0xF0, 0x68, 0x7C, 0x2C, 0x2D, 0x2E, 0x81, 0x1C, 0xB1, 0x06, 0xB2, 0xA7, 0x0B, 0xB7, 0x11, 0x0D, 0x57, 0xDA, 0x53, 0xD8, 0x75, 0xE3, 0xC9, 0x33, 0x2A, 0xB2, 0xD4, 0xF6, 0x09, 0x5B, 0x34, 0xF3, 0xE9, 0x90, 0xFE, 0x09, 0x0C, 0xD0, 0xDB, 0x1B, 0x5A, 0xB9, 0xCD, 0xE7, 0xF6, 0x88, 0xB1, 0x9D, 0xC0, 0x87, 0x25, 0xEB, 0x7D, 0x58, 0x10, 0x73, 0x6A, 0x78, 0xCB, 0x71, 0x15, 0xFD, 0xC6, 0x58, 0xF6, 0x29, 0xAB, 0x58, 0x5E, 0x96, 0x04, 0xFD, 0x2D, 0x62, 0x11, 0x58, 0x81, 0x1C, 0xCA, 0x71, 0x94, 0xD5, 0x22, 0x58, 0x2F, 0xD5, 0xCC, 0x14, 0x05, 0x84, 0x36, 0xBA, 0x94, 0xAA, 0xB4, 0x4D, 0x4A, 0xE9, 0xEE, 0x3B, 0x22, 0xAD, 0x56, 0x99, 0x7E, 0x21, 0x9C, 0x6C, 0x86, 0xC0, 0x4A, 0x47, 0x97, 0x6A, 0xB4, 0xA6, 0x36, 0xD5, 0xFC, 0x09, 0x2D, 0xD3, 0xB4, 0x39, 0x9B, 0x02, 0x03, 0x01, 0x00, 0x01, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x04, 0x05, 0x00, 0x03, 0x81, 0x81, 0x00, 0x61, 0x55, 0x0E, 0x3E, 0x7B, 0xC7, 0x92, 0x12, 0x7E, 0x11, 0x10, 0x8E, 0x22, 0xCC, 0xD4, 0xB3, 0x13, 0x2B, 0x5B, 0xE8, 0x44, 0xE4, 0x0B, 0x78, 0x9E, 0xA4, 0x7E, 0xF3, 0xA7, 0x07, 0x72, 0x1E, 0xE2, 0x59, 0xEF, 0xCC, 0x84, 0xE3, 0x89, 0x94, 0x4C, 0xDB, 0x4E, 0x61, 0xEF, 0xB3, 0xA4, 0xFB, 0x46, 0x3D, 0x50, 0x34, 0x0B, 0x9F, 0x70, 0x56, 0xF6, 0x8E, 0x2A, 0x7F, 0x17, 0xCE, 0xE5, 0x63, 0xBF, 0x79, 0x69, 0x07, 0x73, 0x2E, 0xB0, 0x95, 0x28, 0x8A, 0xF5, 0xED, 0xAA, 0xA9, 0xD2, 0x5D, 0xCD, 0x0A, 0xCA, 0x10, 0x09, 0x8F, 0xCE, 0xB3, 0xAF, 0x28, 0x96, 0xC4, 0x79, 0x29, 0x84, 0x92, 0xDC, 0xFF, 0xBA, 0x67, 0x42, 0x48, 0xA6, 0x90, 0x10, 0xE4, 0xBF, 0x61, 0xF8, 0x9C, 0x53, 0xE5, 0x93, 0xD1, 0x73, 0x3F, 0xF8, 0xFD, 0x9D, 0x4F, 0x84, 0xAC, 0x55, 0xD1, 0xFD, 0x11, 0x63, 0x63 }; // old verisign code signing certificate (96-99) using MD2 // still valid because of the timestamps static byte[] oldverisign = { 0x30, 0x82, 0x02, 0x35, 0x30, 0x82, 0x01, 0x9E, 0x02, 0x05, 0x02, 0xB4, 0x00, 0x00, 0x01, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x02, 0x05, 0x00, 0x30, 0x61, 0x31, 0x11, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x04, 0x07, 0x13, 0x08, 0x49, 0x6E, 0x74, 0x65, 0x72, 0x6E, 0x65, 0x74, 0x31, 0x17, 0x30, 0x15, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x13, 0x0E, 0x56, 0x65, 0x72, 0x69, 0x53, 0x69, 0x67, 0x6E, 0x2C, 0x20, 0x49, 0x6E, 0x63, 0x2E, 0x31, 0x33, 0x30, 0x31, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x13, 0x2A, 0x56, 0x65, 0x72, 0x69, 0x53, 0x69, 0x67, 0x6E, 0x20, 0x43, 0x6F, 0x6D, 0x6D, 0x65, 0x72, 0x63, 0x69, 0x61, 0x6C, 0x20, 0x53, 0x6F, 0x66, 0x74, 0x77, 0x61, 0x72, 0x65, 0x20, 0x50, 0x75, 0x62, 0x6C, 0x69, 0x73, 0x68, 0x65, 0x72, 0x73, 0x20, 0x43, 0x41, 0x30, 0x1E, 0x17, 0x0D, 0x39, 0x36, 0x30, 0x34, 0x30, 0x39, 0x30, 0x39, 0x33, 0x35, 0x35, 0x39, 0x5A, 0x17, 0x0D, 0x39, 0x39, 0x31, 0x32, 0x33, 0x31, 0x30, 0x39, 0x33, 0x35, 0x35, 0x38, 0x5A, 0x30, 0x61, 0x31, 0x11, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x04, 0x07, 0x13, 0x08, 0x49, 0x6E, 0x74, 0x65, 0x72, 0x6E, 0x65, 0x74, 0x31, 0x17, 0x30, 0x15, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x13, 0x0E, 0x56, 0x65, 0x72, 0x69, 0x53, 0x69, 0x67, 0x6E, 0x2C, 0x20, 0x49, 0x6E, 0x63, 0x2E, 0x31, 0x33, 0x30, 0x31, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x13, 0x2A, 0x56, 0x65, 0x72, 0x69, 0x53, 0x69, 0x67, 0x6E, 0x20, 0x43, 0x6F, 0x6D, 0x6D, 0x65, 0x72, 0x63, 0x69, 0x61, 0x6C, 0x20, 0x53, 0x6F, 0x66, 0x74, 0x77, 0x61, 0x72, 0x65, 0x20, 0x50, 0x75, 0x62, 0x6C, 0x69, 0x73, 0x68, 0x65, 0x72, 0x73, 0x20, 0x43, 0x41, 0x30, 0x81, 0x9F, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x81, 0x8D, 0x00, 0x30, 0x81, 0x89, 0x02, 0x81, 0x81, 0x00, 0xC3, 0xD3, 0x69, 0x65, 0x52, 0x01, 0x94, 0x54, 0xAB, 0x28, 0xC6, 0x62, 0x18, 0xB3, 0x54, 0x55, 0xC5, 0x44, 0x87, 0x45, 0x4A, 0x3B, 0xC2, 0x7E, 0xD8, 0xD3, 0xD7, 0xC8, 0x80, 0x86, 0x8D, 0xD8, 0x0C, 0xF1, 0x16, 0x9C, 0xCC, 0x6B, 0xA9, 0x29, 0xB2, 0x8F, 0x76, 0x73, 0x92, 0xC8, 0xC5, 0x62, 0xA6, 0x3C, 0xED, 0x1E, 0x05, 0x75, 0xF0, 0x13, 0x00, 0x6C, 0x14, 0x4D, 0xD4, 0x98, 0x90, 0x07, 0xBE, 0x69, 0x73, 0x81, 0xB8, 0x62, 0x4E, 0x31, 0x1E, 0xD1, 0xFC, 0xC9, 0x0C, 0xEB, 0x7D, 0x90, 0xBF, 0xAE, 0xB4, 0x47, 0x51, 0xEC, 0x6F, 0xCE, 0x64, 0x35, 0x02, 0xD6, 0x7D, 0x67, 0x05, 0x77, 0xE2, 0x8F, 0xD9, 0x51, 0xD7, 0xFB, 0x97, 0x19, 0xBC, 0x3E, 0xD7, 0x77, 0x81, 0xC6, 0x43, 0xDD, 0xF2, 0xDD, 0xDF, 0xCA, 0xA3, 0x83, 0x8B, 0xCB, 0x41, 0xC1, 0x3D, 0x22, 0x48, 0x48, 0xA6, 0x19, 0x02, 0x03, 0x01, 0x00, 0x01, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x02, 0x05, 0x00, 0x03, 0x81, 0x81, 0x00, 0x31, 0xBB, 0x30, 0xC5, 0x6F, 0xA7, 0xBE, 0x23, 0x26, 0x6D, 0xA5, 0x99, 0x76, 0x68, 0xC5, 0x2A, 0x03, 0x28, 0x4B, 0xF3, 0x89, 0xB0, 0x99, 0x03, 0x32, 0x5B, 0x94, 0xA1, 0x7B, 0xC1, 0xC8, 0x19, 0xD7, 0xF4, 0x95, 0x6C, 0xAC, 0x73, 0x24, 0x0A, 0xCB, 0x44, 0x05, 0x7D, 0x78, 0xEE, 0xFA, 0xF6, 0xA7, 0x9F, 0x87, 0xA4, 0x7F, 0xE8, 0xF3, 0x4B, 0x4F, 0x32, 0x30, 0x30, 0x15, 0x08, 0x17, 0x01, 0xB2, 0x80, 0xFC, 0xA1, 0xD9, 0x24, 0x87, 0xA5, 0x00, 0x5F, 0xCD, 0xDD, 0x29, 0xC8, 0xA1, 0xA5, 0xCA, 0x58, 0x75, 0x39, 0x60, 0x45, 0x1F, 0xDE, 0x8D, 0xD6, 0x57, 0x08, 0xD3, 0xC0, 0x1B, 0x81, 0xC2, 0xD9, 0xE2, 0x00, 0x8C, 0xEC, 0x0A, 0x91, 0x02, 0xC6, 0x9D, 0x36, 0x74, 0x9A, 0x83, 0x6B, 0xEF, 0x7C, 0x8C, 0xD2, 0xA5, 0x2A, 0x6A, 0xC9, 0x7E, 0xDB, 0xA9, 0xBD, 0x2B, 0x22, 0xFF, 0x1C }; static internal X509CertificateCollection coll; static TrustAnchors () { coll = new X509CertificateCollection (); coll.Add (new X509Certificate (msroot)); coll.Add (new X509Certificate (verisign)); coll.Add (new X509Certificate (verisign_ts_root)); } public X509CertificateCollection Anchors { get { return coll; } } } } --- NEW FILE: X501Name.cs --- // // X501Name.cs: X.501 Distinguished Names stuff // // Author: // Sebastien Pouliot (spo...@mo...) // // (C) 2002, 2003 Motus Technologies Inc. (http://www.motus.com) // using System; using System.Text; using Mono.Security; namespace Mono.Security.X509 { // References: // 1. Information technology - Open Systems Interconnection - The Directory: Models // http://www.itu.int/rec/recommendation.asp?type=items&lang=e&parent=T-REC-X.501-200102-I // 2. RFC2253: Lightweight Directory Access Protocol (v3): UTF-8 String Representation of Distinguished Names // http://www.ietf.org/rfc/rfc2253.txt /* * Name ::= CHOICE { RDNSequence } * * RDNSequence ::= SEQUENCE OF RelativeDistinguishedName * * RelativeDistinguishedName ::= SET OF AttributeTypeAndValue */ internal class X501 { static byte[] countryName = { 0x55, 0x04, 0x06 }; static byte[] organizationName = { 0x55, 0x04, 0x0A }; static byte[] organizationalUnitName = { 0x55, 0x04, 0x0B }; static byte[] commonName = { 0x55, 0x04, 0x03 }; static byte[] localityName = { 0x55, 0x04, 0x07 }; static byte[] stateOrProvinceName = { 0x55, 0x04, 0x08 }; static byte[] streetAddress = { 0x55, 0x04, 0x09 }; static byte[] serialNumber = { 0x55, 0x04, 0x05 }; static byte[] domainComponent = { 0x09, 0x92, 0x26, 0x89, 0x93, 0xF2, 0x2C, 0x64, 0x01, 0x19 }; static byte[] userid = { 0x09, 0x92, 0x26, 0x89, 0x93, 0xF2, 0x2C, 0x64, 0x01, 0x01 }; static byte[] email = { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x09, 0x01 }; static public string ToString (ASN1 seq) { StringBuilder sb = new StringBuilder (); for (int i = 0; i < seq.Count; i++) { ASN1 entry = seq [i]; ASN1 pair = entry [0]; ASN1 s = pair [1]; if (s == null) continue; ASN1 poid = pair [0]; if (poid == null) continue; if (poid.CompareValue (countryName)) sb.Append ("C="); else if (poid.CompareValue (organizationName)) sb.Append ("O="); else if (poid.CompareValue (organizationalUnitName)) sb.Append ("OU="); else if (poid.CompareValue (commonName)) sb.Append ("CN="); else if (poid.CompareValue (localityName)) sb.Append ("L="); else if (poid.CompareValue (stateOrProvinceName)) sb.Append ("S="); // NOTE: RFC2253 uses ST= else if (poid.CompareValue (streetAddress)) sb.Append ("STREET="); else if (poid.CompareValue (domainComponent)) sb.Append ("DC="); else if (poid.CompareValue (userid)) sb.Append ("UID="); else if (poid.CompareValue (email)) sb.Append ("E="); // NOTE: Not part of RFC2253 else { // unknown OID sb.Append ("OID."); // NOTE: Not present as RFC2253 sb.Append (ASN1Convert.ToOID (poid)); sb.Append ("="); } string sValue = null; // 16bits or 8bits string ? TODO not complete (+special chars!) if (s.Tag == 0x1E) { // BMPSTRING StringBuilder sb2 = new StringBuilder (); for (int j = 1; j < s.Value.Length; j+=2) sb2.Append ((char) s.Value[j]); sValue = sb2.ToString (); } else { sValue = System.Text.Encoding.UTF8.GetString (s.Value); // in some cases we must quote (") the value // Note: this doesn't seems to conform to RFC2253 char[] specials = { ',', '+', '"', '\\', '<', '>', ';' }; if (sValue.IndexOfAny(specials, 0, sValue.Length) > 0) sValue = "\"" + sValue + "\""; else if (sValue.StartsWith (" ")) sValue = "\"" + sValue + "\""; else if (sValue.EndsWith (" ")) sValue = "\"" + sValue + "\""; } sb.Append (sValue); // separator (not on last iteration) if (i < seq.Count - 1) sb.Append (", "); } return sb.ToString (); } static private X520.AttributeTypeAndValue GetAttributeFromOID (string attributeType) { switch (attributeType.ToUpper ().Trim ()) { case "C": return new X520.CountryName (); case "O": return new X520.OrganizationName (); case "OU": return new X520.OrganizationalUnitName (); case "CN": return new X520.CommonName (); case "L": return new X520.LocalityName (); case "S": // Microsoft case "ST": // RFC2253 return new X520.StateOrProvinceName (); case "DC": // return streetAddress; case "UID": // return domainComponent; default: return null; } } static public ASN1 FromString (string rdn) { if (rdn == null) throw new ArgumentNullException ("rdn"); // get string from here to ',' or end of string int start = 0; int end = 0; ASN1 asn1 = new ASN1 (0x30); while (start < rdn.Length) { end = rdn.IndexOf (',', end) + 1; if (end == 0) end = rdn.Length + 1; string av = rdn.Substring (start, end - start - 1); // get '=' position in substring int equal = av.IndexOf ('='); // get AttributeType string attributeType = av.Substring (0, equal); // get value string attributeValue = av.Substring (equal + 1); X520.AttributeTypeAndValue atv = GetAttributeFromOID (attributeType); atv.Value = attributeValue; asn1.Add (new ASN1 (0x31, atv.GetBytes ())); // next part start = end; if (start != - 1) { if (end > rdn.Length) break; } } return asn1; } } } --- NEW FILE: X509Certificate.cs --- // // X509Certificates.cs: Handles X.509 certificates. // // Author: // Sebastien Pouliot (spo...@mo...) // // (C) 2002, 2003 Motus Technologies Inc. (http://www.motus.com) // using System; using System.Security.Cryptography; using SSCX = System.Security.Cryptography.X509Certificates; using System.Text; namespace Mono.Security.X509 { // References: // a. Internet X.509 Public Key Infrastructure Certificate and CRL Profile // http://www.ietf.org/rfc/rfc3280.txt // b. ITU ASN.1 standards (free download) // http://www.itu.int/ITU-T/studygroups/com17/languages/ internal class X509Certificate { private ASN1 decoder; private byte[] m_encodedcert; private DateTime m_from; private DateTime m_until; private string m_issuername; private string m_keyalgo; private byte[] m_keyalgoparams; private string m_subject; private byte[] m_publickey; private byte[] signature; private string m_signaturealgo; private byte[] m_signaturealgoparams; // from http://www.ietf.org/rfc/rfc2459.txt // //Certificate ::= SEQUENCE { // tbsCertificate TBSCertificate, // signatureAlgorithm AlgorithmIdentifier, // signature BIT STRING } // //TBSCertificate ::= SEQUENCE { // version [0] Version DEFAULT v1, // serialNumber CertificateSerialNumber, // signature AlgorithmIdentifier, // issuer Name, // validity Validity, // subject Name, // subjectPublicKeyInfo SubjectPublicKeyInfo, // issuerUniqueID [1] IMPLICIT UniqueIdentifier OPTIONAL, // -- If present, version shall be v2 or v3 // subjectUniqueID [2] IMPLICIT UniqueIdentifier OPTIONAL, // -- If present, version shall be v2 or v3 // extensions [3] Extensions OPTIONAL // -- If present, version shall be v3 -- } private int version; private byte[] serialnumber; private byte[] issuerUniqueID; private byte[] subjectUniqueID; private X509Extensions extensions; // that's were the real job is! private void Parse (byte[] data) { string e = "Input data cannot be coded as a valid certificate."; try { decoder = new ASN1 (data); // Certificate if (decoder.Tag != 0x30) throw new CryptographicException (e); // Certificate / TBSCertificate if (decoder [0].Tag != 0x30) throw new CryptographicException (e); ASN1 tbsCertificate = decoder [0]; int tbs = 0; // Certificate / TBSCertificate / Version ASN1 v = decoder [0][tbs]; version = 1; // DEFAULT v1 if (v.Tag == 0xA0) { // version (optional) is present only in v2+ certs version += v.Value [0]; // zero based tbs++; } // Certificate / TBSCertificate / CertificateSerialNumber ASN1 sn = decoder [0][tbs++]; if (sn.Tag != 0x02) throw new CryptographicException (e); serialnumber = sn.Value; Array.Reverse (serialnumber, 0, serialnumber.Length); // Certificate / TBSCertificate / AlgorithmIdentifier ASN1 signatureAlgo = tbsCertificate.Element (tbs++, 0x30); ASN1 issuer = tbsCertificate.Element (tbs++, 0x30); m_issuername = X501.ToString (issuer); ASN1 validity = tbsCertificate.Element (tbs++, 0x30); ASN1 notBefore = validity [0]; m_from = ASN1Convert.ToDateTime (notBefore); ASN1 notAfter = validity [1]; m_until = ASN1Convert.ToDateTime (notAfter); ASN1 subject = tbsCertificate.Element (tbs++, 0x30); m_subject = X501.ToString (subject); ASN1 subjectPublicKeyInfo = tbsCertificate.Element (tbs++, 0x30); ASN1 algorithm = subjectPublicKeyInfo.Element (0, 0x30); ASN1 algo = algorithm.Element (0, 0x06); m_keyalgo = ASN1Convert.ToOID (algo); // parameters ANY DEFINED BY algorithm OPTIONAL // so we dont ask for a specific (Element) type and return DER ASN1 parameters = algorithm [1]; m_keyalgoparams = parameters.GetBytes (); ASN1 subjectPublicKey = subjectPublicKeyInfo.Element (1, 0x03); // we must drop th first byte (which is the number of unused bits // in the BITSTRING) int n = subjectPublicKey.Length - 1; m_publickey = new byte [n]; Array.Copy (subjectPublicKey.Value, 1, m_publickey, 0, n); // signature processing byte[] bitstring = decoder [2].Value; // first byte contains unused bits in first byte signature = new byte [bitstring.Length - 1]; Array.Copy (bitstring, 1, signature, 0, signature.Length); algorithm = decoder [1]; algo = algorithm.Element (0, 0x06); m_signaturealgo = ASN1Convert.ToOID (algo); parameters = algorithm [1]; if (parameters != null) m_signaturealgoparams = parameters.GetBytes (); else m_signaturealgoparams = null; // Certificate / TBSCertificate / issuerUniqueID ASN1 issuerUID = tbsCertificate.Element (tbs, 0xA1); if (issuerUID != null) { tbs++; issuerUniqueID = issuerUID.Value; } // Certificate / TBSCertificate / subjectUniqueID ASN1 subjectUID = tbsCertificate.Element (tbs, 0xA2); if (subjectUID != null) { tbs++; subjectUniqueID = subjectUID.Value; } // Certificate / TBSCertificate / Extensions ASN1 extns = tbsCertificate.Element (tbs, 0xA3); if ((extns != null) && (extns.Count == 1)) extensions = new X509Extensions (extns [0]); else extensions = new X509Extensions (null); // keep a copy of the original data m_encodedcert = (byte[]) data.Clone (); } catch { throw new CryptographicException (e); } } // constructors public X509Certificate (byte[] data) { if (data != null) Parse (data); } private byte[] GetUnsignedBigInteger (byte[] integer) { if (integer [0] == 0x00) { // this first byte is added so we're sure it's an unsigned integer // however we can't feed it into RSAParameters or DSAParameters int length = integer.Length - 1; byte[] uinteger = new byte [length]; Array.Copy (integer, 1, uinteger, 0, length); return uinteger; } else return integer; } // public methods public DSA DSA { get { DSAParameters dsaParams = new DSAParameters (); // for DSA m_publickey contains 1 ASN.1 integer - Y ASN1 pubkey = new ASN1 (m_publickey); if ((pubkey == null) || (pubkey.Tag != 0x02)) return null; dsaParams.Y = GetUnsignedBigInteger (pubkey.Value); ASN1 param = new ASN1 (m_keyalgoparams); if ((param == null) || (param.Tag != 0x30) || (param.Count < 3)) return null; if ((param [0].Tag != 0x02) || (param [1].Tag != 0x02) || (param [2].Tag != 0x02)) return null; dsaParams.P = GetUnsignedBigInteger (param [0].Value); dsaParams.Q = GetUnsignedBigInteger (param [1].Value); dsaParams.G = GetUnsignedBigInteger (param [2].Value); // BUG: MS BCL 1.0 can't import a key which // isn't the same size as the one present in // the container. DSACryptoServiceProvider dsa = new DSACryptoServiceProvider (dsaParams.Y.Length << 3); dsa.ImportParameters (dsaParams); return (DSA) dsa; } } public X509Extensions Extensions { get { return extensions; } } public byte[] Hash { get { HashAlgorithm hash = null; switch (m_signaturealgo) { case "1.2.840.113549.1.1.2": // MD2 with RSA encryption // maybe someone installed MD2 ? hash = HashAlgorithm.Create ("MD2"); break; case "1.2.840.113549.1.1.4": // MD5 with RSA encryption hash = MD5.Create (); break; case "1.2.840.113549.1.1.5": // SHA-1 with RSA Encryption case "1.2.840.10040.4.3": // SHA1-1 with DSA hash = SHA1.Create (); break; default: return null; } try { byte[] toBeSigned = decoder [0].GetBytes (); return hash.ComputeHash (toBeSigned, 0, toBeSigned.Length); } catch { return null; } } } public virtual string IssuerName { get { return m_issuername; } } public virtual string KeyAlgorithm { get { return m_keyalgo; } } public virtual byte[] KeyAlgorithmParameters { get { return m_keyalgoparams; } } public virtual byte[] PublicKey { get { return m_publickey; } } public virtual RSA RSA { get { RSAParameters rsaParams = new RSAParameters (); // for RSA m_publickey contains 2 ASN.1 integers // the modulus and the public exponent ASN1 pubkey = new ASN1 (m_publickey); ASN1 modulus = pubkey [0]; if ((modulus == null) || (modulus.Tag != 0x02)) return null; ASN1 exponent = pubkey [1]; if (exponent.Tag != 0x02) return null; rsaParams.Modulus = GetUnsignedBigInteger (modulus.Value); rsaParams.Exponent = exponent.Value; // BUG: MS BCL 1.0 can't import a key which // isn't the same size as the one present in // the container. int keySize = (rsaParams.Modulus.Length << 3); RSACryptoServiceProvider rsa = new RSACryptoServiceProvider (keySize); rsa.ImportParameters (rsaParams); return (RSA)rsa; } } public virtual byte[] RawData { get { return (byte[]) m_encodedcert.Clone (); } } public virtual byte[] SerialNumber { get { return serialnumber; } } public virtual byte[] Signature { get { switch (m_signaturealgo) { case "1.2.840.113549.1.1.2": // MD2 with RSA encryption case "1.2.840.113549.1.1.4": // MD5 with RSA encryption case "1.2.840.113549.1.1.5": // SHA-1 with RSA Encryption return signature; case "1.2.840.10040.4.3": // SHA-1 with DSA ASN1 sign = new ASN1 (signature); if ((sign == null) || (sign.Count != 2)) return null; // parts may be less than 20 bytes (i.e. first bytes were 0x00) byte[] part1 = sign [0].Value; byte[] part2 = sign [1].Value; byte[] sig = new byte [40]; Array.Copy (part1, 0, sig, (20 - part1.Length), part1.Length); Array.Copy (part2, 0, sig, (40 - part2.Length), part2.Length); return sig; default: throw new CryptographicException ("Unsupported hash algorithm: " + m_signaturealgo); } } } public virtual string SignatureAlgorithm { get { return m_signaturealgo; } } public virtual byte[] SignatureAlgorithmParameters { get { return m_signaturealgoparams; } } public virtual string SubjectName { get { return m_subject; } } public virtual DateTime ValidFrom { get { return m_from; } } public virtual DateTime ValidUntil { get { return m_until; } } public int Version { get { return version; } } public bool IsCurrent { get { return WasCurrent (DateTime.UtcNow); } } public bool WasCurrent (DateTime date) { return ((date > ValidFrom) && (date <= ValidUntil)); } private byte[] GetHash (string hashName) { byte[] toBeSigned = decoder [0].GetBytes (); HashAlgorithm ha = HashAlgorithm.Create (hashName); return ha.ComputeHash (toBeSigned); } public bool VerifySignature (DSA dsa) { // signatureOID is check by both this.Hash and this.Signature DSASignatureDeformatter v = new DSASignatureDeformatter (dsa); // only SHA-1 is supported v.SetHashAlgorithm ("SHA1"); return v.VerifySignature (this.Hash, this.Signature); } internal bool VerifySignature (RSA rsa) { RSAPKCS1SignatureDeformatter v = new RSAPKCS1SignatureDeformatter (rsa); switch (m_signaturealgo) { // MD2 with RSA encryption case "1.2.840.113549.1.1.2": // maybe someone installed MD2 ? v.SetHashAlgorithm ("MD2"); break; // MD5 with RSA encryption case "1.2.840.113549.1.1.4": v.SetHashAlgorithm ("MD5"); break; // SHA-1 with RSA Encryption case "1.2.840.113549.1.1.5": v.SetHashAlgorithm ("SHA1"); break; default: throw new CryptographicException ("Unsupported hash algorithm: " + m_signaturealgo); } return v.VerifySignature (this.Hash, this.Signature); } public bool VerifySignature (AsymmetricAlgorithm aa) { if (aa is RSA) return VerifySignature (aa as RSA); else if (aa is DSA) return VerifySignature (aa as DSA); else throw new NotSupportedException ("Unknown Asymmetric Algorithm " + aa.ToString ()); } public bool CheckSignature (byte[] hash, string hashAlgorithm, byte[] signature) { RSACryptoServiceProvider r = (RSACryptoServiceProvider) RSA; return r.VerifyHash (hash, hashAlgorithm, signature); } public bool IsSelfSigned { get { if (m_issuername == m_subject) return VerifySignature (RSA); else return false; } } } } --- NEW FILE: X509CertificateCollection.cs --- // // Based on System.Security.Cryptography.X509Certificates.X509CertificateCollection // in System assembly // // Authors: // Lawrence Pit (lo...@ca...) // Sebastien Pouliot (spo...@mo...) // using System; using System.Collections; namespace Mono.Security.X509 { [Serializable] internal class X509CertificateCollection : CollectionBase, IEnumerable { public X509CertificateCollection () {} public X509CertificateCollection (X509Certificate [] value) { AddRange (value); } public X509CertificateCollection (X509CertificateCollection value) { AddRange (value); } // Properties public X509Certificate this [int index] { get { return (X509Certificate) InnerList [index]; } set { InnerList [index] = value; } } // Methods public int Add (X509Certificate value) { if (value == null) throw new ArgumentNullException ("value"); return InnerList.Add (value); } public void AddRange (X509Certificate [] value) { if (value == null) throw new ArgumentNullException ("value"); for (int i = 0; i < value.Length; i++) InnerList.Add (value [i]); } public void AddRange (X509CertificateCollection value) { if (value == null) throw new ArgumentNullException ("value"); for (int i = 0; i < value.InnerList.Count; i++) InnerList.Add (value [i]); } public bool Contains (X509Certificate value) { return InnerList.Contains (value); } public void CopyTo (X509Certificate[] array, int index) { InnerList.CopyTo (array, index); } public new X509CertificateEnumerator GetEnumerator () { return new X509CertificateEnumerator (this); } IEnumerator IEnumerable.GetEnumerator () { return InnerList.GetEnumerator (); } public override int GetHashCode () { return InnerList.GetHashCode (); } public int IndexOf (X509Certificate value) { return InnerList.IndexOf (value); } public void Insert (int index, X509Certificate value) { InnerList.Insert (index, value); } public void Remove (X509Certificate value) { InnerList.Remove (value); } // Inner Class public class X509CertificateEnumerator : IEnumerator { private IEnumerator enumerator; // Constructors public X509CertificateEnumerator (X509CertificateCollection mappings) { enumerator = ((IEnumerable) mappings).GetEnumerator (); } // Properties public X509Certificate Current { get { return (X509Certificate) enumerator.Current; } } object IEnumerator.Current { get { return enumerator.Current; } } // Methods bool IEnumerator.MoveNext () { return enumerator.MoveNext (); } void IEnumerator.Reset () { enumerator.Reset (); } public bool MoveNext () { return enumerator.MoveNext (); } public void Reset () { enumerator.Reset (); } } } } --- NEW FILE: X509Chain.cs --- // // X509Chain.cs: X.509 Certificate Path // This is a VERY simplified and minimal version (for Authenticode support) // // Author: // Sebastien Pouliot (spo...@mo...) // // (C) 2003 Motus Technologies Inc. (http://www.motus.com) // using System; namespace Mono.Security.X509 { internal class X509Chain { private X509CertificateCollection roots; private X509CertificateCollection certs; private X509Certificate root; public X509Chain () { certs = new X509CertificateCollection (); } public void LoadCertificate (X509Certificate x509) { certs.Add (x509); } public void LoadCertificates (X509CertificateCollection coll) { certs.AddRange (coll); } public X509Certificate FindByIssuerName (string issuerName) { foreach (X509Certificate x in certs) { if (x.IssuerName == issuerName) return x; } return null; } public X509CertificateCollection GetChain (X509Certificate x509) { X509CertificateCollection path = new X509CertificateCollection (); X509Certificate x = FindCertificateParent (x509); if (x != null) { while (x != null) { x509 = x; path.Add (x509); x = FindCertificateParent (x509); if ((x != null) && (x.IsSelfSigned)) x = null; } } // find a trusted root x = FindCertificateRoot (x509); if (x == null) return null; root = x; return path; } private X509CertificateCollection GetTrustAnchors () { // TODO - Load from machine.config ITrustAnchors trust = (ITrustAnchors) new TestAnchors (); return trust.Anchors; } public X509CertificateCollection TrustAnchors { get { return ((roots == null) ? GetTrustAnchors () : roots); } set { roots = value; } } public X509Certificate Root { get { return root; } } public void Reset () { // this force a reload roots = null; certs.Clear (); } private X509Certificate FindCertificateParent (X509Certificate child) { foreach (X509Certificate potentialParent in certs) { if (IsParent (child, potentialParent)) return potentialParent; } return null; } private X509Certificate FindCertificateRoot (X509Certificate x509) { // if the trusted root is in the path if (TrustAnchors.Contains (x509)) return x509; foreach (X509Certificate root in TrustAnchors) { if (IsParent (x509, root)) return root; } return null; } private bool IsParent (X509Certificate child, X509Certificate parent) { if (child.IssuerName != parent.SubjectName) return false; return (child.VerifySignature (parent.RSA)); } } } --- NEW FILE: X509Extension.cs --- // // X509Extension.cs: Base class for all X.509 extensions. // // Author: // Sebastien Pouliot (spo...@mo...) // // (C) 2003 Motus Technologies Inc. (http://www.motus.com) // using System; using System.Text; using Mono.Security; namespace Mono.Security.X509 { /* * Extension ::= SEQUENCE { * extnID OBJECT IDENTIFIER, * critical BOOLEAN DEFAULT FALSE, * extnValue OCTET STRING * } */ internal class X509Extension { protected string extnOid; protected bool extnCritical; protected ASN1 extnValue; internal X509Extension () { extnCritical = false; } public X509Extension (ASN1 asn1) { if ((asn1.Tag != 0x30) || (asn1.Count < 2)) throw new ArgumentException ("Invalid X.509 extension"); if (asn1[0].Tag != 0x06) throw new ArgumentException ("Invalid X.509 extension"); extnOid = ASN1Convert.ToOID (asn1 [0]); extnCritical = ((asn1[1].Tag == 0x01) && (asn1[1].Value[0] == 0xFF)); extnValue = asn1 [asn1.Count - 1]; // last element Decode (); } public X509Extension (X509Extension extension) : this () { if (extension == null) throw new ArgumentNullException ("extension"); if ((extension.Value.Tag != 0x04) || (extension.Value.Count != 0)) throw new ArgumentException ("Invalid extension"); extnOid = extension.OID; extnCritical = extension.Critical; extnValue = extension.Value; Decode (); } protected virtual void Decode () {} protected virtual void Encode () {} public ASN1 ASN1 { get { ASN1 extension = new ASN1 (0x30); extension.Add (ASN1Convert.FromOID (extnOid)); if (extnCritical) extension.Add (new ASN1 (0x01, new byte [1] { 0x01 })); ASN1 os = extension.Add (new ASN1 (0x04)); Encode (); os.Add (extnValue); return extension; } } public string OID { get { return extnOid; } } public bool Critical { get { return extnCritical; } } // this gets overrided with more meaningful names public virtual string Name { get { return extnOid; } } public ASN1 Value { get { return extnValue; } } public byte[] GetBytes () { return ASN1.GetBytes (); } private void WriteLine (StringBuilder sb, int n, int pos) { byte[] value = extnValue.Value; int p = pos; StringBuilder preview = new StringBuilder (); for (int j=0; j < 8; j++) { if (j < n) { sb.Append (value [p++].ToString ("X2")); sb.Append (" "); } else sb.Append (" "); } sb.Append (" "); p = pos; for (int j=0; j < n; j++) { byte b = value [p++]; if (b < 0x20) sb.Append ("."); else sb.Append (Convert.ToChar (b)); } sb.Append (Environment.NewLine); } public override string ToString () { StringBuilder sb = new StringBuilder (); int div = (extnValue.Length >> 3); int rem = (extnValue.Length - (div << 3)); int x = 0; for (int i=0; i < div; i++) { WriteLine (sb, 8, x); x += 8; } WriteLine (sb, rem, x); return sb.ToString (); } } } --- NEW FILE: X509Extensions.cs --- // // X509Extensions.cs: Handles X.509 extensions. // // Author: // Sebastien Pouliot (spo...@mo...) // // (C) 2003 Motus Technologies Inc. (http://www.motus.com) // using System; using System.Collections; using Mono.Security; namespace Mono.Security.X509 { /* * Extensions ::= SEQUENCE SIZE (1..MAX) OF Extension * * Note: 1..MAX -> There shouldn't be 0 Extensions in the ASN1 structure */ internal class X509Extensions : ICollection, IEnumerable { private ArrayList extensions; private bool readOnly; public X509Extensions () { extensions = new ArrayList (); } public X509Extensions (ASN1 asn1) : this () { readOnly = true; if (asn1 == null) return; if (asn1.Tag != 0x30) throw new Exception ("Invalid extensions format"); for (int i=0; i < asn1.Count; i++) { X509Extension extension = new X509Extension (asn1 [i]); extensions.Add (extension); } } // ICollection public int Count { get { return extensions.Count; } } // ICollection public bool IsSynchronized { get { return extensions.IsSynchronized; } } // ICollection public object SyncRoot { get { return extensions.SyncRoot; } } // ICollection public void CopyTo (Array array, int index) { extensions.CopyTo (array, index); } // IEnumerable public IEnumerator GetEnumerator () { return extensions.GetEnumerator (); } public X509Extension this [int index] { get { return (X509Extension) extensions [index]; } } public X509Extension this [string index] { get { for (int i=0; i < extensions.Count; i++) { X509Extension extension = (X509Extension) extensions [i]; if (extension.OID == index) return extension; } return null; } } public void Add (X509Extension extension) { if (readOnly) throw new NotSupportedException ("Extensions are read only"); extensions.Add (extension); } public byte[] GetBytes () { if (extensions.Count < 1) return null; ASN1 sequence = new ASN1 (0x30); for (int i=0; i < extensions.Count; i++) { X509Extension x = (X509Extension) extensions [i]; sequence.Add (x.ASN1); } return sequence.GetBytes (); } } } --- NEW FILE: X520Attributes.cs --- // // X520.cs: X.520 related stuff (attributes, RDN) // // Author: // Sebastien Pouliot (spo...@mo...) // // (C) 2002, 2003 Motus Technologies Inc. (http://www.motus.com) // using System; using System.Text; using Mono.Security; namespace Mono.Security.X509 { // References: // 1. Information technology - Open Systems Interconnection - The Directory: Selected attribute types // http://www.itu.int/rec/recommendation.asp?type=folders&lang=e&parent=T-REC-X.520 // 2. Internet X.509 Public Key Infrastructure Certificate and CRL Profile // http://www.ietf.org/rfc/rfc3280.txt /* * AttributeTypeAndValue ::= SEQUENCE { * type AttributeType, * value AttributeValue * } * * AttributeType ::= OBJECT IDENTIFIER * * AttributeValue ::= ANY DEFINED BY AttributeType */ internal class X520 { public abstract class AttributeTypeAndValue { protected string oid; protected string attrValue; private int upperBound; private byte inputEncoding; protected byte defaultEncoding; public AttributeTypeAndValue (string oid, int upperBound) { inputEncoding = 0xFF; defaultEncoding = 0xFF; this.oid = oid; this.upperBound = upperBound; } public string Value { get { return attrValue; } set { attrValue = value; } } public ASN1 ASN1 { get { return GetASN1 (); } } public ASN1 GetASN1 (byte encoding) { ASN1 asn1 = new ASN1 (0x30); asn1.Add (ASN1Convert.FromOID (oid)); switch (encoding) { case 0x13: // PRINTABLESTRING asn1.Add (new ASN1 (0x13, Encoding.ASCII.GetBytes (attrValue))); break; case 0x1E: // BMPSTRING asn1.Add (new ASN1 (0x1E, Encoding.BigEndianUnicode.GetBytes (attrValue))); break; } return asn1; } public ASN1 GetASN1 () { byte encoding = inputEncoding; if (encoding == 0xFF) encoding = defaultEncoding; if (encoding == 0xFF) encoding = SelectBestEncoding (); return GetASN1 (encoding); } public byte[] GetBytes (byte encoding) { return GetASN1 (encoding) .GetBytes (); } public byte[] GetBytes () { return GetASN1 () .GetBytes (); } private byte SelectBestEncoding () { char[] notPrintableString = { '@', '_' }; if (attrValue.IndexOfAny (notPrintableString) != -1) return 0x1E; // BMPSTRING else return 0x13; // PRINTABLESTRING } } public class Name : AttributeTypeAndValue { public Name () : base ("2.5.4.41", 32768) {} } public class CommonName : AttributeTypeAndValue { public CommonName () : base ("2.5.4.3", 64) {} } public class LocalityName : AttributeTypeAndValue { public LocalityName () : base ("2.5.4.7", 128) {} } public class StateOrProvinceName : AttributeTypeAndValue { public StateOrProvinceName () : base ("2.5.4.8", 128) {} } public class OrganizationName : AttributeTypeAndValue { public OrganizationName () : base ("2.5.4.10", 64) {} } public class OrganizationalUnitName : AttributeTypeAndValue { public OrganizationalUnitName () : base ("2.5.4.11", 64) {} } /* -- Naming attributes of type X520Title * id-at-title AttributeType ::= { id-at 12 } * * X520Title ::= CHOICE { * teletexString TeletexString (SIZE (1..ub-title)), * printableString PrintableString (SIZE (1..ub-title)), * universalString UniversalString (SIZE (1..ub-title)), * utf8String UTF8String (SIZE (1..ub-title)), * bmpString BMPString (SIZE (1..ub-title)) * } */ public class Title : AttributeTypeAndValue { public Title () : base ("2.5.4.12", 64) {} } public class CountryName : AttributeTypeAndValue { public CountryName () : base ("2.5.4.6", 2) { defaultEncoding = 0x13; // PRINTABLESTRING } } } /* From RFC3280 * -- specifications of Upper Bounds MUST be regarded as mandatory * -- from Annex B of ITU-T X.411 Reference Definition of MTS Parameter * * -- Upper Bounds * * ub-name INTEGER ::= 32768 * ub-common-name INTEGER ::= 64 * ub-locality-name INTEGER ::= 128 * ub-state-name INTEGER ::= 128 * ub-organization-name INTEGER ::= 64 * ub-organizational-unit-name INTEGER ::= 64 * ub-title INTEGER ::= 64 * ub-serial-number INTEGER ::= 64 * ub-match INTEGER ::= 128 * ub-emailaddress-length INTEGER ::= 128 * ub-common-name-length INTEGER ::= 64 * ub-country-name-alpha-length INTEGER ::= 2 * ub-country-name-numeric-length INTEGER ::= 3 * ub-domain-defined-attributes INTEGER ::= 4 * ub-domain-defined-attribute-type-length INTEGER ::= 8 * ub-domain-defined-attribute-value-length INTEGER ::= 128 * ub-domain-name-length INTEGER ::= 16 * ub-extension-attributes INTEGER ::= 256 * ub-e163-4-number-length INTEGER ::= 15 * ub-e163-4-sub-address-length INTEGER ::= 40 * ub-generation-qualifier-length INTEGER ::= 3 * ub-given-name-length INTEGER ::= 16 * ub-... [truncated message content] |
Update of /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls.Handshake.Client In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv1400 Added Files: TlsClientCertificate.cs TlsClientCertificateVerify.cs TlsClientFinished.cs TlsClientHello.cs TlsClientKeyExchange.cs TlsServerCertificate.cs TlsServerCertificateRequest.cs TlsServerFinished.cs TlsServerHello.cs TlsServerHelloDone.cs TlsServerKeyExchange.cs Log Message: Reorganization to match mono:: cvs structure --- NEW FILE: TlsClientCertificate.cs --- /* Transport Security Layer (TLS) * Copyright (c) 2003-2004 Carlos Guzman Alvarez * * Permission is hereby granted, free of charge, to any person * obtaining a copy of this software and associated documentation * files (the "Software"), to deal in the Software without restriction, * including without limitation the rights to use, copy, modify, merge, * publish, distribute, sublicense, and/or sell copies of the Software, * and to permit persons to whom the Software is furnished to do so, * subject to the following conditions: * * The above copyright notice and this permission notice shall be included * in all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER * DEALINGS IN THE SOFTWARE. */ using System; using System.Security.Cryptography.X509Certificates; using Mono.Security.Protocol.Tls; namespace Mono.Security.Protocol.Tls.Handshake.Client { internal class TlsClientCertificate : TlsHandshakeMessage { #region Constructors public TlsClientCertificate(TlsContext context) : base(context, TlsHandshakeType.Certificate) { } #endregion #region Methods public override void Update() { base.Update(); this.Reset(); } #endregion #region Protected Methods protected override void ProcessAsSsl3() { this.ProcessAsTls1(); } protected override void ProcessAsTls1() { if (this.Context.ClientSettings.Certificates == null || this.Context.ClientSettings.Certificates.Count == 0) { throw this.Context.CreateException("Client certificate requested by the server and no client certificate specified."); } // Select a valid certificate X509Certificate clientCert = this.Context.ClientSettings.Certificates[0]; /* clientCert = this.Context.SslStream.RaiseClientCertificateSelection( this.Context.ClientSettings.Certificates, this.Context.ServerSettings.Certificates[0], this.Context.ClientSettings.TargetHost, null); */ this.Context.ClientSettings.ClientCertificate = clientCert; // Write client certificates information to a stream TlsStream stream = new TlsStream(); stream.WriteInt24(clientCert.GetRawCertData().Length); stream.Write(clientCert.GetRawCertData()); // Compose the message this.WriteInt24((int)stream.Length); this.Write(stream.ToArray()); } #endregion } } --- NEW FILE: TlsClientCertificateVerify.cs --- /* Transport Security Layer (TLS) * Copyright (c) 2003-2004 Carlos Guzman Alvarez * * Permission is hereby granted, free of charge, to any person * obtaining a copy of this software and associated documentation * files (the "Software"), to deal in the Software without restriction, * including without limitation the rights to use, copy, modify, merge, * publish, distribute, sublicense, and/or sell copies of the Software, * and to permit persons to whom the Software is furnished to do so, * subject to the following conditions: * * The above copyright notice and this permission notice shall be included * in all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER * DEALINGS IN THE SOFTWARE. */ using System; using System.Security.Cryptography.X509Certificates; using System.Security.Cryptography; using Mono.Security.Cryptography; namespace Mono.Security.Protocol.Tls.Handshake.Client { internal class TlsClientCertificateVerify : TlsHandshakeMessage { #region Constructors public TlsClientCertificateVerify(TlsContext context) : base(context, TlsHandshakeType.Finished) { } #endregion #region Methods public override void Update() { base.Update(); this.Reset(); } #endregion #region Protected Methods protected override void ProcessAsSsl3() { throw new NotSupportedException(); } protected override void ProcessAsTls1() { AsymmetricAlgorithm privKey = null; privKey = this.Context.SslStream.RaisePrivateKeySelection( this.Context.ClientSettings.ClientCertificate, this.Context.ClientSettings.TargetHost); if (privKey == null) { throw this.Context.CreateException("Client certificate Private Key unavailable."); } else { // Compute handshake messages hash MD5SHA1 hash = new MD5SHA1(); hash.ComputeHash( this.Context.HandshakeMessages.ToArray(), 0, (int)this.Context.HandshakeMessages.Length); // RSAManaged of the selected ClientCertificate // (at this moment the first one) RSA rsa = this.getClientCertRSA((RSA)privKey); // Write message this.Write(hash.CreateSignature(rsa)); } } #endregion #region Private methods private RSA getClientCertRSA(RSA privKey) { RSAParameters rsaParams = new RSAParameters(); RSAParameters privateParams = privKey.ExportParameters(true); // for RSA m_publickey contains 2 ASN.1 integers // the modulus and the public exponent ASN1 pubkey = new ASN1 (this.Context.ClientSettings.Certificates[0].GetPublicKey()); ASN1 modulus = pubkey [0]; if ((modulus == null) || (modulus.Tag != 0x02)) { return null; } ASN1 exponent = pubkey [1]; if (exponent.Tag != 0x02) { return null; } rsaParams.Modulus = this.getUnsignedBigInteger(modulus.Value); rsaParams.Exponent = exponent.Value; // Set private key parameters rsaParams.D = privateParams.D; rsaParams.DP = privateParams.DP; rsaParams.DQ = privateParams.DQ; rsaParams.InverseQ = privateParams.InverseQ; rsaParams.P = privateParams.P; rsaParams.Q = privateParams.Q; // BUG: MS BCL 1.0 can't import a key which // isn't the same size as the one present in // the container. int keySize = (rsaParams.Modulus.Length << 3); RSAManaged rsa = new RSAManaged(keySize); rsa.ImportParameters (rsaParams); return (RSA)rsa; } private byte[] getUnsignedBigInteger(byte[] integer) { if (integer [0] == 0x00) { // this first byte is added so we're sure it's an unsigned integer // however we can't feed it into RSAParameters or DSAParameters int length = integer.Length - 1; byte[] uinteger = new byte [length]; Array.Copy (integer, 1, uinteger, 0, length); return uinteger; } else { return integer; } } #endregion } } --- NEW FILE: TlsClientFinished.cs --- /* Transport Security Layer (TLS) * Copyright (c) 2003-2004 Carlos Guzman Alvarez * * Permission is hereby granted, free of charge, to any person * obtaining a copy of this software and associated documentation * files (the "Software"), to deal in the Software without restriction, * including without limitation the rights to use, copy, modify, merge, * publish, distribute, sublicense, and/or sell copies of the Software, * and to permit persons to whom the Software is furnished to do so, * subject to the following conditions: * * The above copyright notice and this permission notice shall be included * in all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER * DEALINGS IN THE SOFTWARE. */ using System; using System.Security.Cryptography; using Mono.Security.Cryptography; namespace Mono.Security.Protocol.Tls.Handshake.Client { internal class TlsClientFinished : TlsHandshakeMessage { #region Constructors public TlsClientFinished(TlsContext context) : base(context, TlsHandshakeType.Finished) { } #endregion #region Methods public override void Update() { base.Update(); this.Reset(); } #endregion #region Protected Methods protected override void ProcessAsSsl3() { // Compute handshake messages hashes HashAlgorithm hash = new TlsSslHandshakeHash(this.Context.MasterSecret); TlsStream data = new TlsStream(); data.Write(this.Context.HandshakeMessages.ToArray()); data.Write((int)0x434C4E54); hash.TransformFinalBlock(data.ToArray(), 0, (int)data.Length); this.Write(hash.Hash); data.Reset(); } protected override void ProcessAsTls1() { // Compute handshake messages hash HashAlgorithm hash = new MD5SHA1(); hash.ComputeHash( this.Context.HandshakeMessages.ToArray(), 0, (int)this.Context.HandshakeMessages.Length); // Write message Write(this.Context.Cipher.PRF(this.Context.MasterSecret, "client finished", hash.Hash, 12)); } #endregion } } --- NEW FILE: TlsClientHello.cs --- /* Transport Security Layer (TLS) * Copyright (c) 2003-2004 Carlos Guzman Alvarez * * Permission is hereby granted, free of charge, to any person * obtaining a copy of this software and associated documentation * files (the "Software"), to deal in the Software without restriction, * including without limitation the rights to use, copy, modify, merge, * publish, distribute, sublicense, and/or sell copies of the Software, * and to permit persons to whom the Software is furnished to do so, * subject to the following conditions: * * The above copyright notice and this permission notice shall be included * in all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER * DEALINGS IN THE SOFTWARE. */ using System; using System.Security.Cryptography; namespace Mono.Security.Protocol.Tls.Handshake.Client { internal class TlsClientHello : TlsHandshakeMessage { #region Fields private byte[] random; #endregion #region Constructors public TlsClientHello(TlsContext context) : base(context, TlsHandshakeType.ClientHello) { } #endregion #region Methods public override void Update() { base.Update(); this.Context.ClientRandom = random; random = null; } #endregion #region Protected Methods protected override void ProcessAsSsl3() { this.ProcessAsTls1(); } protected override void ProcessAsTls1() { // Client Version this.Write((short)this.Context.Protocol); // Random bytes - Unix time + Radom bytes [28] TlsStream clientRandom = new TlsStream(); clientRandom.Write(this.Context.GetUnixTime()); clientRandom.Write(this.Context.GetSecureRandomBytes(28)); this.random = clientRandom.ToArray(); clientRandom.Reset(); this.Write(this.random); // Session id // Send the session ID empty if (this.Context.SessionId != null) { this.Write((byte)this.Context.SessionId.Length); if (this.Context.SessionId.Length > 0) { this.Write(this.Context.SessionId); } } else { this.Write((byte)0); } // Write length of Cipher suites this.Write((short)(this.Context.SupportedCiphers.Count*2)); // Write Supported Cipher suites for (int i = 0; i < this.Context.SupportedCiphers.Count; i++) { this.Write((short)this.Context.SupportedCiphers[i].Code); } // Compression methods length this.Write((byte)1); // Compression methods ( 0 = none ) this.Write((byte)this.Context.CompressionMethod); } #endregion } } --- NEW FILE: TlsClientKeyExchange.cs --- /* Transport Security Layer (TLS) * Copyright (c) 2003-2004 Carlos Guzman Alvarez * * Permission is hereby granted, free of charge, to any person * obtaining a copy of this software and associated documentation * files (the "Software"), to deal in the Software without restriction, * including without limitation the rights to use, copy, modify, merge, * publish, distribute, sublicense, and/or sell copies of the Software, * and to permit persons to whom the Software is furnished to do so, * subject to the following conditions: * * The above copyright notice and this permission notice shall be included * in all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER * DEALINGS IN THE SOFTWARE. */ using System; using System.IO; using System.Security.Cryptography; namespace Mono.Security.Protocol.Tls.Handshake.Client { internal class TlsClientKeyExchange : TlsHandshakeMessage { #region Constructors public TlsClientKeyExchange (TlsContext context) : base(context, TlsHandshakeType.ClientKeyExchange) { } #endregion #region Protected Methods protected override void ProcessAsSsl3() { // Compute pre master secret byte[] preMasterSecret = this.Context.Cipher.CreatePremasterSecret(); // Create a new RSA key RSA rsa = this.Context.Cipher.CertificateRSA(); // Encrypt premaster_sercret RSAPKCS1KeyExchangeFormatter formatter = new RSAPKCS1KeyExchangeFormatter(rsa); // Write the preMasterSecret encrypted byte[] buffer = formatter.CreateKeyExchange(preMasterSecret); this.Write(buffer); // Create master secret this.Context.Cipher.ComputeMasterSecret(preMasterSecret); // Create keys this.Context.Cipher.ComputeKeys(); // Clear resources rsa.Clear(); } protected override void ProcessAsTls1() { // Compute pre master secret byte[] preMasterSecret = this.Context.Cipher.CreatePremasterSecret(); // Create a new RSA key RSA rsa = this.Context.Cipher.CertificateRSA(); // Encrypt premaster_sercret RSAPKCS1KeyExchangeFormatter formatter = new RSAPKCS1KeyExchangeFormatter(rsa); // Write the preMasterSecret encrypted byte[] buffer = formatter.CreateKeyExchange(preMasterSecret); this.Write((short)buffer.Length); this.Write(buffer); // Create master secret this.Context.Cipher.ComputeMasterSecret(preMasterSecret); // Create keys this.Context.Cipher.ComputeKeys(); // Clear resources rsa.Clear(); } #endregion } } --- NEW FILE: TlsServerCertificate.cs --- /* Transport Security Layer (TLS) * Copyright (c) 2003-2004 Carlos Guzman Alvarez * * Permission is hereby granted, free of charge, to any person * obtaining a copy of this software and associated documentation * files (the "Software"), to deal in the Software without restriction, * including without limitation the rights to use, copy, modify, merge, * publish, distribute, sublicense, and/or sell copies of the Software, * and to permit persons to whom the Software is furnished to do so, * subject to the following conditions: * * The above copyright notice and this permission notice shall be included * in all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER * DEALINGS IN THE SOFTWARE. */ using System; using System.Net; using System.Collections; using System.Text.RegularExpressions; using System.Security.Cryptography; using X509Cert = System.Security.Cryptography.X509Certificates; using Mono.Security.Protocol.Tls.Alerts; using Mono.Security.X509; namespace Mono.Security.Protocol.Tls.Handshake.Client { internal class TlsServerCertificate : TlsHandshakeMessage { #region Fields private X509CertificateCollection certificates; #endregion #region Constructors public TlsServerCertificate(TlsContext context, byte[] buffer) : base(context, TlsHandshakeType.Certificate, buffer) { } #endregion #region Methods public override void Update() { base.Update(); this.Context.ServerSettings.Certificates = certificates; } #endregion #region Protected Methods protected override void ProcessAsSsl3() { this.ProcessAsTls1(); } protected override void ProcessAsTls1() { this.certificates = new X509CertificateCollection(); int readed = 0; int length = this.ReadInt24(); while (readed < length) { // Read certificate length int certLength = ReadInt24(); // Increment readed readed += 3; if (certLength > 0) { // Read certificate data byte[] buffer = this.ReadBytes(certLength); // Create a new X509 Certificate X509Certificate certificate = new X509Certificate(buffer); certificates.Add(certificate); /* System.Text.StringBuilder b = new System.Text.StringBuilder(); b.AppendFormat( "\r\nCertificate {0} | Issuer name {1} | Self signed {2} ({3} bytes) \r\n", certificates.Count, certificate.IssuerName, certificate.IsSelfSigned, buffer.Length); b.Append("Contents: \r\n"); int byteCount = 0; for (int i = 0; i < buffer.Length; i++) { if (byteCount == 25) { byteCount = 0; b.Append("\r\n"); } b.AppendFormat("{0} ", buffer[i].ToString("x2")); byteCount++; } System.Diagnostics.Trace.Write(b.ToString()); */ readed += certLength; } } #warning Correct validation needs to be made using a certificate chain // Restrict validation to the first certificate this.validateCertificate(certificates[0]); } #endregion #region Private Methods private void validateCertificate(X509Certificate certificate) { ArrayList errors = new ArrayList(); // 1 step : Validate dates if (!certificate.IsCurrent) { // errors.Add(0x800B0101); errors.Add(0x01); } // 2 step: Validate CA // 3 step: Validate digital sign /* if (!certificate.VerifySignature(certificate.RSA)) { throw this.Context.CreateException("Certificate received from the server has invalid signature."); } */ // 4 step: Validate domain name if (!this.checkDomainName(certificate.SubjectName)) { // errors.Add(0x800B010F); errors.Add(0x02); } if (errors.Count > 0) { int[] certificateErrors = (int[])errors.ToArray(typeof(int)); if (!this.Context.SslStream.RaiseServerCertificateValidation( new X509Cert.X509Certificate(certificate.RawData), new int[]{})) { throw this.Context.CreateException("Invalid certificate received form server."); } } } private bool checkDomainName(string subjectName) { string domainName = String.Empty; Regex search = new Regex(@"([\w\s\d]*)\s*=\s*([^,]*)"); MatchCollection elements = search.Matches(subjectName); foreach (Match element in elements) { switch (element.Groups[1].Value.Trim().ToUpper()) { case "CN": domainName = element.Groups[2].Value; break; } } if (domainName == String.Empty) { return false; } else { string targetHost = this.Context.ClientSettings.TargetHost; // Check that the IP is correct try { IPAddress ipHost = Dns.Resolve(targetHost).AddressList[0]; IPAddress ipDomain = Dns.Resolve(domainName).AddressList[0]; return (ipHost.Address == ipDomain.Address); } catch (Exception) { return false; } } } #endregion } } --- NEW FILE: TlsServerCertificateRequest.cs --- /* Transport Security Layer (TLS) * Copyright (c) 2003-2004 Carlos Guzman Alvarez * * Permission is hereby granted, free of charge, to any person * obtaining a copy of this software and associated documentation * files (the "Software"), to deal in the Software without restriction, * including without limitation the rights to use, copy, modify, merge, * publish, distribute, sublicense, and/or sell copies of the Software, * and to permit persons to whom the Software is furnished to do so, * subject to the following conditions: * * The above copyright notice and this permission notice shall be included * in all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER * DEALINGS IN THE SOFTWARE. */ using System; using System.Text; using Mono.Security; namespace Mono.Security.Protocol.Tls.Handshake.Client { internal class TlsServerCertificateRequest : TlsHandshakeMessage { #region Fields private TlsClientCertificateType[] certificateTypes; private string[] distinguisedNames; #endregion #region Constructors public TlsServerCertificateRequest(TlsContext context, byte[] buffer) : base(context, TlsHandshakeType.ServerHello, buffer) { } #endregion #region Methods public override void Update() { base.Update(); this.Context.ServerSettings.CertificateTypes = this.certificateTypes; this.Context.ServerSettings.DistinguisedNames = this.distinguisedNames; this.Context.ServerSettings.CertificateRequest = true; } #endregion #region Protected Methods protected override void ProcessAsSsl3() { throw new NotSupportedException(); } protected override void ProcessAsTls1() { // Read requested certificate types int typesCount = this.ReadByte(); this.certificateTypes = new TlsClientCertificateType[typesCount]; for (int i = 0; i < typesCount; i++) { this.certificateTypes[i] = (TlsClientCertificateType)this.ReadByte(); } /* * Read requested certificate authorities (Distinguised Names) * * Name ::= SEQUENCE OF RelativeDistinguishedName * * RelativeDistinguishedName ::= SET OF AttributeValueAssertion * * AttributeValueAssertion ::= SEQUENCE { * attributeType OBJECT IDENTIFIER * attributeValue ANY } */ if (this.ReadInt16() != 0) { ASN1 rdn = new ASN1(this.ReadBytes(this.ReadInt16())); distinguisedNames = new string[rdn.Count]; #warning "needs testing" for (int i = 0; i < rdn.Count; i++) { // element[0] = attributeType // element[1] = attributeValue ASN1 element = new ASN1(rdn[i].Value); distinguisedNames[i] = Encoding.UTF8.GetString(element[1].Value); } } } #endregion } } --- NEW FILE: TlsServerFinished.cs --- /* Transport Security Layer (TLS) * Copyright (c) 2003-2004 Carlos Guzman Alvarez * * Permission is hereby granted, free of charge, to any person * obtaining a copy of this software and associated documentation * files (the "Software"), to deal in the Software without restriction, * including without limitation the rights to use, copy, modify, merge, * publish, distribute, sublicense, and/or sell copies of the Software, * and to permit persons to whom the Software is furnished to do so, * subject to the following conditions: * * The above copyright notice and this permission notice shall be included * in all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER * DEALINGS IN THE SOFTWARE. */ using System; using System.Security.Cryptography; using Mono.Security.Cryptography; namespace Mono.Security.Protocol.Tls.Handshake.Client { internal class TlsServerFinished : TlsHandshakeMessage { #region Constructors public TlsServerFinished(TlsContext context, byte[] buffer) : base(context, TlsHandshakeType.ServerHello, buffer) { } #endregion #region Methods public override void Update() { base.Update(); // Reset Hahdshake messages information this.Context.HandshakeMessages.Reset(); // Hahdshake is finished this.Context.HandshakeFinished = true; } #endregion #region Protected Methods protected override void ProcessAsSsl3() { // Compute handshake messages hashes HashAlgorithm hash = new TlsSslHandshakeHash(this.Context.MasterSecret); TlsStream data = new TlsStream(); data.Write(this.Context.HandshakeMessages.ToArray()); data.Write((int)0x53525652); hash.TransformFinalBlock(data.ToArray(), 0, (int)data.Length); data.Reset(); byte[] serverHash = this.ReadBytes((int)Length); byte[] clientHash = hash.Hash; // Check server prf against client prf if (clientHash.Length != serverHash.Length) { throw new TlsException("Invalid ServerFinished message received."); } for (int i = 0; i < serverHash.Length; i++) { if (clientHash[i] != serverHash[i]) { throw new TlsException("Invalid ServerFinished message received."); } } } protected override void ProcessAsTls1() { byte[] serverPRF = this.ReadBytes((int)Length); HashAlgorithm hash = new MD5SHA1(); hash.ComputeHash( this.Context.HandshakeMessages.ToArray(), 0, (int)this.Context.HandshakeMessages.Length); byte[] clientPRF = this.Context.Cipher.PRF(this.Context.MasterSecret, "server finished", hash.Hash, 12); // Check server prf against client prf if (clientPRF.Length != serverPRF.Length) { throw new TlsException("Invalid ServerFinished message received."); } for (int i = 0; i < serverPRF.Length; i++) { if (clientPRF[i] != serverPRF[i]) { throw new TlsException("Invalid ServerFinished message received."); } } } #endregion } } --- NEW FILE: TlsServerHello.cs --- /* Transport Security Layer (TLS) * Copyright (c) 2003-2004 Carlos Guzman Alvarez * * Permission is hereby granted, free of charge, to any person * obtaining a copy of this software and associated documentation * files (the "Software"), to deal in the Software without restriction, * including without limitation the rights to use, copy, modify, merge, * publish, distribute, sublicense, and/or sell copies of the Software, * and to permit persons to whom the Software is furnished to do so, * subject to the following conditions: * * The above copyright notice and this permission notice shall be included * in all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER * DEALINGS IN THE SOFTWARE. */ using System; namespace Mono.Security.Protocol.Tls.Handshake.Client { internal class TlsServerHello : TlsHandshakeMessage { #region Fields private SecurityProtocolType protocol; private SecurityCompressionType compressionMethod; private byte[] random; private byte[] sessionId; private CipherSuite cipherSuite; #endregion #region Constructors public TlsServerHello(TlsContext context, byte[] buffer) : base(context, TlsHandshakeType.ServerHello, buffer) { } #endregion #region Methods public override void Update() { base.Update(); this.Context.SessionId = this.sessionId; this.Context.ServerRandom = this.random; this.Context.Cipher = this.cipherSuite; this.Context.CompressionMethod = this.compressionMethod; this.Context.Cipher.Context = this.Context; // Compute ClientRandom + ServerRandom TlsStream random = new TlsStream(); random.Write(this.Context.ClientRandom); random.Write(this.Context.ServerRandom); this.Context.RandomCS = random.ToArray(); // Server Random + Client Random random.Reset(); random.Write(this.Context.ServerRandom); random.Write(this.Context.ClientRandom); this.Context.RandomSC = random.ToArray(); random.Reset(); } #endregion #region Protected Methods protected override void ProcessAsSsl3() { // Read protocol version this.protocol = (SecurityProtocolType)this.ReadInt16(); // Read random - Unix time + Random bytes this.random = this.ReadBytes(32); // Read Session id int length = (int)ReadByte(); if (length > 0) { this.sessionId = this.ReadBytes(length); } // Read cipher suite short cipherCode = this.ReadInt16(); if (this.Context.SupportedCiphers.IndexOf(cipherCode) == -1) { // The server has sent an invalid ciphersuite throw new TlsException("Invalid cipher suite received from server"); } this.cipherSuite = this.Context.SupportedCiphers[cipherCode]; // Read compression methods ( always 0 ) this.compressionMethod = (SecurityCompressionType)this.ReadByte(); } protected override void ProcessAsTls1() { // Read protocol version this.protocol = (SecurityProtocolType)this.ReadInt16(); // Read random - Unix time + Random bytes this.random = this.ReadBytes(32); // Read Session id int length = (int)ReadByte(); if (length > 0) { this.sessionId = this.ReadBytes(length); } // Read cipher suite short cipherCode = this.ReadInt16(); if (this.Context.SupportedCiphers.IndexOf(cipherCode) == -1) { // The server has sent an invalid ciphersuite throw new TlsException("Invalid cipher suite received from server"); } this.cipherSuite = this.Context.SupportedCiphers[cipherCode]; // Read compression methods ( always 0 ) this.compressionMethod = (SecurityCompressionType)this.ReadByte(); } #endregion } } --- NEW FILE: TlsServerHelloDone.cs --- /* Transport Security Layer (TLS) * Copyright (c) 2003-2004 Carlos Guzman Alvarez * * Permission is hereby granted, free of charge, to any person * obtaining a copy of this software and associated documentation * files (the "Software"), to deal in the Software without restriction, * including without limitation the rights to use, copy, modify, merge, * publish, distribute, sublicense, and/or sell copies of the Software, * and to permit persons to whom the Software is furnished to do so, * subject to the following conditions: * * The above copyright notice and this permission notice shall be included * in all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER * DEALINGS IN THE SOFTWARE. */ using System; namespace Mono.Security.Protocol.Tls.Handshake.Client { internal class TlsServerHelloDone : TlsHandshakeMessage { #region Constructors public TlsServerHelloDone(TlsContext context, byte[] buffer) : base(context, TlsHandshakeType.ServerHello, buffer) { } #endregion #region Methods public override void Update() { base.Update(); this.Context.HelloDone = true; } #endregion #region Protected Methods protected override void ProcessAsSsl3() { } protected override void ProcessAsTls1() { } #endregion } } --- NEW FILE: TlsServerKeyExchange.cs --- /* Transport Security Layer (TLS) * Copyright (c) 2003-2004 Carlos Guzman Alvarez * * Permission is hereby granted, free of charge, to any person * obtaining a copy of this software and associated documentation * files (the "Software"), to deal in the Software without restriction, * including without limitation the rights to use, copy, modify, merge, * publish, distribute, sublicense, and/or sell copies of the Software, * and to permit persons to whom the Software is furnished to do so, * subject to the following conditions: * * The above copyright notice and this permission notice shall be included * in all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER * DEALINGS IN THE SOFTWARE. */ using System; using System.Security.Cryptography; using Mono.Security.Cryptography; using Mono.Security.X509; namespace Mono.Security.Protocol.Tls.Handshake.Client { internal class TlsServerKeyExchange : TlsHandshakeMessage { #region Fields private RSAParameters rsaParams; private byte[] signedParams; #endregion #region Constructors public TlsServerKeyExchange(TlsContext context, byte[] buffer) : base(context, TlsHandshakeType.ServerKeyExchange, buffer) { this.verifySignature(); } #endregion #region Methods public override void Update() { base.Update(); this.Context.ServerSettings.ServerKeyExchange = true; this.Context.ServerSettings.RsaParameters = this.rsaParams; this.Context.ServerSettings.SignedParams = this.signedParams; } #endregion #region Protected Methods protected override void ProcessAsSsl3() { this.ProcessAsTls1(); } protected override void ProcessAsTls1() { this.rsaParams = new RSAParameters(); // Read modulus this.rsaParams.Modulus = this.ReadBytes(this.ReadInt16()); // Read exponent this.rsaParams.Exponent = this.ReadBytes(this.ReadInt16()); // Read signed params this.signedParams = this.ReadBytes(this.ReadInt16()); } #endregion #region Private Methods private void verifySignature() { MD5SHA1 hash = new MD5SHA1(); // Calculate size of server params int size = rsaParams.Modulus.Length + rsaParams.Exponent.Length + 4; // Create server params array TlsStream stream = new TlsStream(); stream.Write(this.Context.RandomCS); stream.Write(this.ToArray(), 0, size); hash.ComputeHash(stream.ToArray()); stream.Reset(); bool isValidSignature = hash.VerifySignature( this.Context.Cipher.CertificateRSA(), this.signedParams); if (!isValidSignature) { throw this.Context.CreateException("Data was not signed with the server certificate."); } } #endregion } } |
Update of /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls.Handshake In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv1266 Added Files: TlsClientCertificateType.cs TlsHandshakeMessage.cs TlsHandshakeType.cs Log Message: Reorganization to match mono:: cvs structure --- NEW FILE: TlsClientCertificateType.cs --- /* Transport Security Layer (TLS) * Copyright (c) 2003-2004 Carlos Guzman Alvarez * * Permission is hereby granted, free of charge, to any person * obtaining a copy of this software and associated documentation * files (the "Software"), to deal in the Software without restriction, * including without limitation the rights to use, copy, modify, merge, * publish, distribute, sublicense, and/or sell copies of the Software, * and to permit persons to whom the Software is furnished to do so, * subject to the following conditions: * * The above copyright notice and this permission notice shall be included * in all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER * DEALINGS IN THE SOFTWARE. */ using System; namespace Mono.Security.Protocol.Tls.Handshake { internal enum TlsClientCertificateType { RSA = 1, DSS = 2, RSAFixed = 3, DSSFixed = 4, Unknown = 255 } } --- NEW FILE: TlsHandshakeMessage.cs --- /* Transport Security Layer (TLS) * Copyright (c) 2003-2004 Carlos Guzman Alvarez * * Permission is hereby granted, free of charge, to any person * obtaining a copy of this software and associated documentation * files (the "Software"), to deal in the Software without restriction, * including without limitation the rights to use, copy, modify, merge, * publish, distribute, sublicense, and/or sell copies of the Software, * and to permit persons to whom the Software is furnished to do so, * subject to the following conditions: * * The above copyright notice and this permission notice shall be included * in all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER * DEALINGS IN THE SOFTWARE. */ using System; // using Mono.Security.Protocol.Tls; namespace Mono.Security.Protocol.Tls.Handshake { internal abstract class TlsHandshakeMessage : TlsStream { #region Fields private TlsContext context; private TlsHandshakeType handshakeType; private TlsContentType contentType; #endregion #region Properties public TlsContext Context { get { return this.context; } } public TlsHandshakeType HandshakeType { get { return this.handshakeType; } } public TlsContentType ContentType { get { return this.contentType; } } #endregion #region Constructors public TlsHandshakeMessage( TlsContext context, TlsHandshakeType handshakeType) : this(context, handshakeType, TlsContentType.Handshake) { } public TlsHandshakeMessage( TlsContext context, TlsHandshakeType handshakeType, TlsContentType contentType) : base() { this.context = context; this.handshakeType = handshakeType; this.contentType = contentType; // Process message this.process(); } public TlsHandshakeMessage( TlsContext context, TlsHandshakeType handshakeType, byte[] data) : base(data) { this.context = context; this.handshakeType = handshakeType; // Process message this.process(); } #endregion #region Abstract Methods protected abstract void ProcessAsTls1(); protected abstract void ProcessAsSsl3(); #endregion #region Methods private void process() { switch (this.Context.Protocol) { case SecurityProtocolType.Ssl3: this.ProcessAsSsl3(); break; case SecurityProtocolType.Tls: this.ProcessAsTls1(); break; } } public virtual void Update() { if (CanWrite) { this.context.HandshakeMessages.Write(this.EncodeMessage()); this.Reset(); } } public virtual byte[] EncodeMessage() { byte[] result = null; if (CanWrite) { TlsStream c = new TlsStream(); c.Write((byte)HandshakeType); c.WriteInt24((int)this.Length); c.Write(this.ToArray()); result = c.ToArray(); } return result; } #endregion } } --- NEW FILE: TlsHandshakeType.cs --- /* Transport Security Layer (TLS) * Copyright (c) 2003-2004 Carlos Guzman Alvarez * * Permission is hereby granted, free of charge, to any person * obtaining a copy of this software and associated documentation * files (the "Software"), to deal in the Software without restriction, * including without limitation the rights to use, copy, modify, merge, * publish, distribute, sublicense, and/or sell copies of the Software, * and to permit persons to whom the Software is furnished to do so, * subject to the following conditions: * * The above copyright notice and this permission notice shall be included * in all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER * DEALINGS IN THE SOFTWARE. */ using System; namespace Mono.Security.Protocol.Tls.Handshake { internal enum TlsHandshakeType : byte { HelloRequest = 0, ClientHello = 1, ServerHello = 2, Certificate = 11, ServerKeyExchange = 12, CertificateRequest = 13, ServerHelloDone = 14, CertificateVerify = 15, ClientKeyExchange = 16, Finished = 20, } } |
Update of /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls.Alerts In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv1202 Added Files: TlsAlert.cs TlsCloseNotifyAlert.cs TlsWarningAlertEventArgs.cs Log Message: Reorganization to match mono:: cvs structure --- NEW FILE: TlsAlert.cs --- /* Transport Security Layer (TLS) * Copyright (c) 2003-2004 Carlos Guzman Alvarez * * Permission is hereby granted, free of charge, to any person * obtaining a copy of this software and associated documentation * files (the "Software"), to deal in the Software without restriction, * including without limitation the rights to use, copy, modify, merge, * publish, distribute, sublicense, and/or sell copies of the Software, * and to permit persons to whom the Software is furnished to do so, * subject to the following conditions: * * The above copyright notice and this permission notice shall be included * in all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER * DEALINGS IN THE SOFTWARE. */ using System; using Mono.Security.Protocol.Tls; namespace Mono.Security.Protocol.Tls.Alerts { #region Enumerations public enum TlsAlertLevel : byte { Warning = 1, Fatal = 2 } public enum TlsAlertDescription : byte { CloseNotify = 0, UnexpectedMessage = 10, BadRecordMAC = 20, DecryptionFailed = 21, RecordOverflow = 22, DecompressionFailiure = 30, HandshakeFailiure = 40, BadCertificate = 42, UnsupportedCertificate = 43, CertificateRevoked = 44, CertificateExpired = 45, CertificateUnknown = 46, IlegalParameter = 47, UnknownCA = 48, AccessDenied = 49, DecodeError = 50, DecryptError = 51, ExportRestriction = 60, ProtocolVersion = 70, InsuficientSecurity = 71, InternalError = 80, UserCancelled = 90, NoRenegotiation = 100 } #endregion internal abstract class TlsAlert : TlsStream { #region Fields private TlsContext context; private TlsAlertLevel level; private TlsAlertDescription description; #endregion #region Properties public TlsContext Context { get { return this.context; } } #endregion #region Constructors public TlsAlert(TlsContext context, TlsAlertLevel level, TlsAlertDescription description) : base() { this.context = context; this.level = level; this.description = description; this.fill(); } #endregion #region Abstract Methods public abstract void Update(); #endregion #region Constructors private void fill() { Write((byte)level); Write((byte)description); } #endregion #region Static Methods internal static string GetAlertMessage(TlsAlertDescription description) { #if (DEBUG) switch (description) { case TlsAlertDescription.AccessDenied: return "An inappropriate message was received."; case TlsAlertDescription.BadCertificate: return "TLSCiphertext decrypted in an invalid way."; case TlsAlertDescription.BadRecordMAC: return "Record with an incorrect MAC."; case TlsAlertDescription.CertificateExpired: return "Certificate has expired or is not currently valid"; case TlsAlertDescription.CertificateRevoked: return "Certificate was revoked by its signer."; case TlsAlertDescription.CertificateUnknown: return "Certificate Unknown."; case TlsAlertDescription.CloseNotify: return "Connection closed"; case TlsAlertDescription.DecodeError: return "A message could not be decoded because some field was out of the specified range or the length of the message was incorrect."; case TlsAlertDescription.DecompressionFailiure: return "The decompression function received improper input (e.g. data that would expand to excessive length)."; case TlsAlertDescription.DecryptError: return "TLSCiphertext decrypted in an invalid way: either it wasn`t an even multiple of the block length or its padding values, when checked, weren`t correct."; case TlsAlertDescription.DecryptionFailed: return "Handshake cryptographic operation failed, including being unable to correctly verify a signature, decrypt a key exchange, or validate finished message."; case TlsAlertDescription.ExportRestriction: return "Negotiation not in compliance with export restrictions was detected."; case TlsAlertDescription.HandshakeFailiure: return "Unable to negotiate an acceptable set of security parameters given the options available."; case TlsAlertDescription.IlegalParameter: return "A field in the handshake was out of range or inconsistent with other fields."; case TlsAlertDescription.InsuficientSecurity: return "Negotiation has failed specifically because the server requires ciphers more secure than those supported by the client."; case TlsAlertDescription.InternalError: return "Internal error unrelated to the peer or the correctness of the protocol makes it impossible to continue."; case TlsAlertDescription.NoRenegotiation: return "Invalid renegotiation."; case TlsAlertDescription.ProtocolVersion: return "Unsupported protocol version."; case TlsAlertDescription.RecordOverflow: return "Invalid length on TLSCiphertext record or TLSCompressed record."; case TlsAlertDescription.UnexpectedMessage: return "Invalid message received."; case TlsAlertDescription.UnknownCA: return "CA can't be identified as a trusted CA."; case TlsAlertDescription.UnsupportedCertificate: return "Certificate was of an unsupported type."; case TlsAlertDescription.UserCancelled: return "Handshake cancelled by user."; default: return ""; } #else switch (description) { case TlsAlertDescription.AccessDenied: return "Invalid message."; case TlsAlertDescription.BadCertificate: return "Handshake failiure."; case TlsAlertDescription.BadRecordMAC: return "Cryptographic failiure."; case TlsAlertDescription.CertificateExpired: return "Handshake failiure."; case TlsAlertDescription.CertificateRevoked: return "Handshake failiure."; case TlsAlertDescription.CertificateUnknown: return "Handshake failiure."; case TlsAlertDescription.CloseNotify: return "Connection closed."; case TlsAlertDescription.DecodeError: return "Invalid message."; case TlsAlertDescription.DecompressionFailiure: return "Compression error."; case TlsAlertDescription.DecryptError: return "Cryptographic failiure."; case TlsAlertDescription.DecryptionFailed: return "Cryptographic failiure."; case TlsAlertDescription.ExportRestriction: return "Handshake failiure."; case TlsAlertDescription.HandshakeFailiure: return "Handshake failiure."; case TlsAlertDescription.IlegalParameter: return "Handshake failiure."; case TlsAlertDescription.InsuficientSecurity: return "Handshake failiure."; case TlsAlertDescription.InternalError: return "Fatal failiure."; case TlsAlertDescription.NoRenegotiation: return "Handshake failiure."; case TlsAlertDescription.ProtocolVersion: return "Handshake failiure."; case TlsAlertDescription.RecordOverflow: return "Incorrect message."; case TlsAlertDescription.UnexpectedMessage: return "Incorrect message."; case TlsAlertDescription.UnknownCA: return "Handshake failiure."; case TlsAlertDescription.UnsupportedCertificate: return "Handshake failiure."; case TlsAlertDescription.UserCancelled: return "Handshake cancelled by user."; default: return ""; } #endif } #endregion } } --- NEW FILE: TlsCloseNotifyAlert.cs --- /* Transport Security Layer (TLS) * Copyright (c) 2003-2004 Carlos Guzman Alvarez * * Permission is hereby granted, free of charge, to any person * obtaining a copy of this software and associated documentation * files (the "Software"), to deal in the Software without restriction, * including without limitation the rights to use, copy, modify, merge, * publish, distribute, sublicense, and/or sell copies of the Software, * and to permit persons to whom the Software is furnished to do so, * subject to the following conditions: * * The above copyright notice and this permission notice shall be included * in all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER * DEALINGS IN THE SOFTWARE. */ using System; using Mono.Security.Protocol.Tls; namespace Mono.Security.Protocol.Tls.Alerts { internal class TlsCloseNotifyAlert : TlsAlert { public TlsCloseNotifyAlert(TlsContext context) : base(context, TlsAlertLevel.Warning, TlsAlertDescription.CloseNotify) { } public override void Update() { this.Context.ConnectionEnd = true; } } } --- NEW FILE: TlsWarningAlertEventArgs.cs --- /* Transport Security Layer (TLS) * Copyright (c) 2003-2004 Carlos Guzman Alvarez * * Permission is hereby granted, free of charge, to any person * obtaining a copy of this software and associated documentation * files (the "Software"), to deal in the Software without restriction, * including without limitation the rights to use, copy, modify, merge, * publish, distribute, sublicense, and/or sell copies of the Software, * and to permit persons to whom the Software is furnished to do so, * subject to the following conditions: * * The above copyright notice and this permission notice shall be included * in all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER * DEALINGS IN THE SOFTWARE. */ using System; namespace Mono.Security.Protocol.Tls.Alerts { public delegate void TlsWarningAlertEventHandler(object sender, TlsWarningAlertEventArgs e); public sealed class TlsWarningAlertEventArgs { #region Fields private TlsAlertLevel level; private TlsAlertDescription description; private string message; #endregion #region Properties public TlsAlertLevel Level { get { return level; } } public TlsAlertDescription Description { get { return description; } } public string Message { get { return message; } } #endregion #region Constructors internal TlsWarningAlertEventArgs(TlsAlertLevel level, TlsAlertDescription description) { this.level = level; this.description = description; this.message = TlsAlert.GetAlertMessage(description); } #endregion } } |
Update of /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv1023 Added Files: AssemblyInfo.cs CipherAlgorithmType.cs CipherSuite.cs ExchangeAlgorithmType.cs HashAlgorithmType.cs RSASslSignatureDeformatter.cs RSASslSignatureFormatter.cs SecurityCompressionType.cs SecurityProtocolType.cs SslClientStream.cs SslServerStream.cs TlsCipherSuite.cs TlsCipherSuiteCollection.cs TlsCipherSuiteFactory.cs TlsClientSettings.cs TlsContentType.cs TlsContext.cs TlsException.cs TlsServerSettings.cs TlsSslCipherSuite.cs TlsSslHandshakeHash.cs TlsStream.cs Log Message: Reorganization to match mono:: cvs structure --- NEW FILE: AssemblyInfo.cs --- /* Transport Security Layer (TLS) * Copyright (c) 2003-2004 Carlos Guzman Alvarez * * Permission is hereby granted, free of charge, to any person * obtaining a copy of this software and associated documentation * files (the "Software"), to deal in the Software without restriction, * including without limitation the rights to use, copy, modify, merge, * publish, distribute, sublicense, and/or sell copies of the Software, * and to permit persons to whom the Software is furnished to do so, * subject to the following conditions: * * The above copyright notice and this permission notice shall be included * in all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER * DEALINGS IN THE SOFTWARE. */ using System; using System.Runtime.CompilerServices; using System.Resources; using System.Reflection; [assembly: AssemblyTitle("Transport Security Layer (TLS)")] [assembly: AssemblyDescription("Transport Security Layer (TLS) Protocol implementation")] [assembly: AssemblyConfiguration("")] [assembly: AssemblyCompany("")] [assembly: AssemblyProduct("Transport Security Layer (TLS)")] [assembly: AssemblyCopyright("2003 - Carlos Guzmán Álvarez")] [assembly: AssemblyTrademark("")] [assembly: AssemblyCulture("")] [assembly: AssemblyVersion("1.0.*")] [assembly: AssemblyDelaySign(false)] [assembly: AssemblyKeyFile("Mono.Security.Protocol.Tls.snk")] [assembly: AssemblyKeyName("")] [assembly: CLSCompliant(true)] --- NEW FILE: CipherAlgorithmType.cs --- /* Transport Security Layer (TLS) * Copyright (c) 2003-2004 Carlos Guzman Alvarez * * Permission is hereby granted, free of charge, to any person * obtaining a copy of this software and associated documentation * files (the "Software"), to deal in the Software without restriction, * including without limitation the rights to use, copy, modify, merge, * publish, distribute, sublicense, and/or sell copies of the Software, * and to permit persons to whom the Software is furnished to do so, * subject to the following conditions: * * The above copyright notice and this permission notice shall be included * in all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER * DEALINGS IN THE SOFTWARE. */ using System; namespace Mono.Security.Protocol.Tls { public enum CipherAlgorithmType { Des, None, Rc2, Rc4, Rijndael, SkipJack, TripleDes } } --- NEW FILE: CipherSuite.cs --- /* Transport Security Layer (TLS) * Copyright (c) 2003-2004 Carlos Guzman Alvarez * * Permission is hereby granted, free of charge, to any person * obtaining a copy of this software and associated documentation * files (the "Software"), to deal in the Software without restriction, * including without limitation the rights to use, copy, modify, merge, * publish, distribute, sublicense, and/or sell copies of the Software, * and to permit persons to whom the Software is furnished to do so, * subject to the following conditions: * * The above copyright notice and this permission notice shall be included * in all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER * DEALINGS IN THE SOFTWARE. */ using System; using System.IO; using System.Text; using System.Security.Cryptography; using Mono.Security; using Mono.Security.Cryptography; using Mono.Security.X509; using M = Mono.Security.Cryptography; namespace Mono.Security.Protocol.Tls { internal abstract class CipherSuite { #region Fields private short code; private string name; private CipherAlgorithmType cipherAlgorithmType; private HashAlgorithmType hashAlgorithmType; private ExchangeAlgorithmType exchangeAlgorithmType; private bool isExportable; private CipherMode cipherMode; private byte keyMaterialSize; private int keyBlockSize; private byte expandedKeyMaterialSize; private short effectiveKeyBits; private byte ivSize; private byte blockSize; private TlsContext context; private SymmetricAlgorithm encryptionAlgorithm; private ICryptoTransform encryptionCipher; private SymmetricAlgorithm decryptionAlgorithm; private ICryptoTransform decryptionCipher; private KeyedHashAlgorithm clientHMAC; private KeyedHashAlgorithm serverHMAC; #endregion #region Protected Properties protected ICryptoTransform EncryptionCipher { get { return this.encryptionCipher; } } protected ICryptoTransform DecryptionCipher { get { return this.decryptionCipher; } } protected KeyedHashAlgorithm ClientHMAC { get { return this.clientHMAC; } } protected KeyedHashAlgorithm ServerHMAC { get { return this.serverHMAC; } } #endregion #region Properties public CipherAlgorithmType CipherAlgorithmType { get { return this.cipherAlgorithmType; } } public string HashAlgorithmName { get { switch (this.hashAlgorithmType) { case HashAlgorithmType.Md5: return "MD5"; case HashAlgorithmType.Sha1: return "SHA1"; default: return "None"; } } } public HashAlgorithmType HashAlgorithmType { get { return this.hashAlgorithmType; } } public int HashSize { get { switch (this.hashAlgorithmType) { case HashAlgorithmType.Md5: return 16; case HashAlgorithmType.Sha1: return 20; default: return 0; } } } public ExchangeAlgorithmType ExchangeAlgorithmType { get { return this.exchangeAlgorithmType; } } public CipherMode CipherMode { get { return this.cipherMode; } } public short Code { get { return this.code; } } public string Name { get { return this.name; } } public bool IsExportable { get { return this.isExportable; } } public byte KeyMaterialSize { get { return this.keyMaterialSize; } } public int KeyBlockSize { get { return this.keyBlockSize; } } public byte ExpandedKeyMaterialSize { get { return this.expandedKeyMaterialSize; } } public byte EffectiveKeyBits { get { return this.EffectiveKeyBits; } } public byte IvSize { get { return this.ivSize; } } public byte BlockSize { get { return this.blockSize; } } public TlsContext Context { get { return this.context; } set { this.context = value; } } #endregion #region Constructors public CipherSuite( short code, string name, CipherAlgorithmType cipherAlgorithmType, HashAlgorithmType hashAlgorithmType, ExchangeAlgorithmType exchangeAlgorithmType, bool exportable, bool blockMode, byte keyMaterialSize, byte expandedKeyMaterialSize, short effectiveKeyBytes, byte ivSize, byte blockSize) { this.code = code; this.name = name; this.cipherAlgorithmType = cipherAlgorithmType; this.hashAlgorithmType = hashAlgorithmType; this.exchangeAlgorithmType = exchangeAlgorithmType; this.isExportable = exportable; if (blockMode) { this.cipherMode = CipherMode.CBC; } this.keyMaterialSize = keyMaterialSize; this.expandedKeyMaterialSize= expandedKeyMaterialSize; this.effectiveKeyBits = effectiveKeyBits; this.ivSize = ivSize; this.blockSize = blockSize; this.keyBlockSize = this.keyMaterialSize*2 + this.HashSize*2 + this.ivSize*2; } #endregion #region Methods public void InitializeCipher() { this.createEncryptionCipher(); this.createDecryptionCipher(); } public RSA CertificateRSA() { RSA rsaCert = this.Context.ServerSettings.Certificates[0].RSA; RSA rsa = new RSAManaged(rsaCert.KeySize); rsa.ImportParameters(rsaCert.ExportParameters(false)); return rsa; } public void UpdateClientCipherIV(byte[] iv) { if (this.cipherMode == CipherMode.CBC) { // Set the new IV this.encryptionAlgorithm.IV = iv; // Create encryption cipher with the new IV this.encryptionCipher = this.encryptionAlgorithm.CreateEncryptor(); } } public void UpdateServerCipherIV(byte[] iv) { if (this.cipherMode == CipherMode.CBC) { // Set the new IV this.decryptionAlgorithm.IV = iv; // Create encryption cipher with the new IV this.decryptionCipher = this.decryptionAlgorithm.CreateDecryptor(); } } public byte[] EncryptRecord(byte[] fragment, byte[] mac) { // Encryption ( fragment + mac [+ padding + padding_length] ) MemoryStream ms = new MemoryStream(); CryptoStream cs = new CryptoStream(ms, this.EncryptionCipher, CryptoStreamMode.Write); cs.Write(fragment, 0, fragment.Length); cs.Write(mac, 0, mac.Length); if (this.CipherMode == CipherMode.CBC) { // Calculate padding_length byte fragmentLength = (byte)(fragment.Length + mac.Length + 1); byte paddingLength = (byte)(this.blockSize - fragmentLength % this.blockSize); if (paddingLength == this.blockSize) { paddingLength = 0; } // Write padding length byte byte[] padding = new byte[(paddingLength + 1)]; for (int i = 0; i < (paddingLength + 1); i++) { padding[i] = paddingLength; } cs.Write(padding, 0, padding.Length); } cs.FlushFinalBlock(); cs.Close(); return ms.ToArray(); } public void DecryptRecord(byte[] fragment, ref byte[] dcrFragment, ref byte[] dcrMAC) { int fragmentSize = 0; int paddingLength = 0; // Decrypt message fragment ( fragment + mac [+ padding + padding_length] ) byte[] buffer = new byte[fragment.Length]; this.DecryptionCipher.TransformBlock(fragment, 0, fragment.Length, buffer, 0); // Calculate fragment size if (this.CipherMode == CipherMode.CBC) { // Calculate padding_length paddingLength = buffer[buffer.Length - 1]; fragmentSize = (buffer.Length - (paddingLength + 1)) - this.HashSize; } else { fragmentSize = buffer.Length - this.HashSize; } dcrFragment = new byte[fragmentSize]; dcrMAC = new byte[HashSize]; Buffer.BlockCopy(buffer, 0, dcrFragment, 0, dcrFragment.Length); Buffer.BlockCopy(buffer, dcrFragment.Length, dcrMAC, 0, dcrMAC.Length); } #endregion #region Abstract Methods public abstract byte[] ComputeClientRecordMAC(TlsContentType contentType, byte[] fragment); public abstract byte[] ComputeServerRecordMAC(TlsContentType contentType, byte[] fragment); public abstract void ComputeMasterSecret(byte[] preMasterSecret); public abstract void ComputeKeys(); #endregion #region Key Generation Methods public byte[] CreatePremasterSecret() { TlsStream stream = new TlsStream(); // Write protocol version stream.Write((short)this.Context.Protocol); // Generate random bytes stream.Write(this.context.GetSecureRandomBytes(46)); byte[] preMasterSecret = stream.ToArray(); stream.Reset(); return preMasterSecret; } public byte[] PRF(byte[] secret, string label, byte[] data, int length) { HashAlgorithm md5 = MD5.Create(); HashAlgorithm sha1 = SHA1.Create(); int secretLen = secret.Length / 2; // Seed TlsStream seedStream = new TlsStream(); seedStream.Write(Encoding.ASCII.GetBytes(label)); seedStream.Write(data); byte[] seed = seedStream.ToArray(); seedStream.Reset(); // Secret 1 byte[] secret1 = new byte[secretLen]; System.Array.Copy(secret, 0, secret1, 0, secretLen); // Secret2 byte[] secret2 = new byte[secretLen]; System.Array.Copy(secret, secretLen, secret2, 0, secretLen); // Secret 1 processing byte[] p_md5 = Expand("MD5", secret1, seed, length); // Secret 2 processing byte[] p_sha = Expand("SHA1", secret2, seed, length); // Perfor XOR of both results byte[] masterSecret = new byte[length]; for (int i = 0; i < masterSecret.Length; i++) { masterSecret[i] = (byte)(p_md5[i] ^ p_sha[i]); } return masterSecret; } public byte[] Expand(string hashName, byte[] secret, byte[] seed, int length) { int hashLength = hashName == "MD5" ? 16 : 20; int iterations = (int)(length / hashLength); if ((length % hashLength) > 0) { iterations++; } M.HMAC hmac = new M.HMAC(hashName, secret); TlsStream resMacs = new TlsStream(); byte[][] hmacs = new byte[iterations + 1][]; hmacs[0] = seed; for (int i = 1; i <= iterations; i++) { TlsStream hcseed = new TlsStream(); hmac.TransformFinalBlock(hmacs[i-1], 0, hmacs[i-1].Length); hmacs[i] = hmac.Hash; hcseed.Write(hmacs[i]); hcseed.Write(seed); hmac.TransformFinalBlock(hcseed.ToArray(), 0, (int)hcseed.Length); resMacs.Write(hmac.Hash); hcseed.Reset(); } byte[] res = new byte[length]; System.Array.Copy(resMacs.ToArray(), 0, res, 0, res.Length); resMacs.Reset(); return res; } #endregion #region Private Methods private void createEncryptionCipher() { // Create and configure the symmetric algorithm switch (this.cipherAlgorithmType) { case CipherAlgorithmType.Des: this.encryptionAlgorithm = DES.Create(); break; case CipherAlgorithmType.Rc2: this.encryptionAlgorithm = RC2.Create(); break; case CipherAlgorithmType.Rc4: this.encryptionAlgorithm = new ARC4Managed(); break; case CipherAlgorithmType.TripleDes: this.encryptionAlgorithm = TripleDES.Create(); break; case CipherAlgorithmType.Rijndael: this.encryptionAlgorithm = Rijndael.Create(); break; } // If it's a block cipher if (this.cipherMode == CipherMode.CBC) { // Configure encrypt algorithm this.encryptionAlgorithm.Mode = this.cipherMode; this.encryptionAlgorithm.Padding = PaddingMode.None; this.encryptionAlgorithm.KeySize = this.keyMaterialSize * 8; this.encryptionAlgorithm.BlockSize = this.blockSize * 8; } // Set the key and IV for the algorithm this.encryptionAlgorithm.Key = this.context.ClientWriteKey; this.encryptionAlgorithm.IV = this.context.ClientWriteIV; // Create encryption cipher this.encryptionCipher = this.encryptionAlgorithm.CreateEncryptor(); // Create the HMAC algorithm for the client this.clientHMAC = new M.HMAC( this.HashAlgorithmName, this.context.ClientWriteMAC); } private void createDecryptionCipher() { // Create and configure the symmetric algorithm switch (this.cipherAlgorithmType) { case CipherAlgorithmType.Des: this.decryptionAlgorithm = DES.Create(); break; case CipherAlgorithmType.Rc2: this.decryptionAlgorithm = RC2.Create(); break; case CipherAlgorithmType.Rc4: this.decryptionAlgorithm = new ARC4Managed(); break; case CipherAlgorithmType.TripleDes: this.decryptionAlgorithm = TripleDES.Create(); break; case CipherAlgorithmType.Rijndael: this.decryptionAlgorithm = Rijndael.Create(); break; } // If it's a block cipher if (this.cipherMode == CipherMode.CBC) { // Configure encrypt algorithm this.decryptionAlgorithm.Mode = this.cipherMode; this.decryptionAlgorithm.Padding = PaddingMode.None; this.decryptionAlgorithm.KeySize = this.keyMaterialSize * 8; this.decryptionAlgorithm.BlockSize = this.blockSize * 8; } // Set the key and IV for the algorithm this.decryptionAlgorithm.Key = this.context.ServerWriteKey; this.decryptionAlgorithm.IV = this.context.ServerWriteIV; // Create decryption cipher this.decryptionCipher = this.decryptionAlgorithm.CreateDecryptor(); // Create the HMAC algorithm for the server this.serverHMAC = new M.HMAC( this.HashAlgorithmName, this.context.ServerWriteMAC); } #endregion } } --- NEW FILE: ExchangeAlgorithmType.cs --- /* Transport Security Layer (TLS) * Copyright (c) 2003-2004 Carlos Guzman Alvarez * * Permission is hereby granted, free of charge, to any person * obtaining a copy of this software and associated documentation * files (the "Software"), to deal in the Software without restriction, * including without limitation the rights to use, copy, modify, merge, * publish, distribute, sublicense, and/or sell copies of the Software, * and to permit persons to whom the Software is furnished to do so, * subject to the following conditions: * * The above copyright notice and this permission notice shall be included * in all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER * DEALINGS IN THE SOFTWARE. */ using System; namespace Mono.Security.Protocol.Tls { public enum ExchangeAlgorithmType { DiffieHellman, Fortezza, None, RsaKeyX, RsaSign } } --- NEW FILE: HashAlgorithmType.cs --- /* Transport Security Layer (TLS) * Copyright (c) 2003-2004 Carlos Guzman Alvarez * * Permission is hereby granted, free of charge, to any person * obtaining a copy of this software and associated documentation * files (the "Software"), to deal in the Software without restriction, * including without limitation the rights to use, copy, modify, merge, * publish, distribute, sublicense, and/or sell copies of the Software, * and to permit persons to whom the Software is furnished to do so, * subject to the following conditions: * * The above copyright notice and this permission notice shall be included * in all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER * DEALINGS IN THE SOFTWARE. */ using System; namespace Mono.Security.Protocol.Tls { public enum HashAlgorithmType { Md5, None, Sha1 } } --- NEW FILE: RSASslSignatureDeformatter.cs --- /* Transport Security Layer (TLS) * Copyright (c) 2003-2004 Carlos Guzman Alvarez * * Permission is hereby granted, free of charge, to any person * obtaining a copy of this software and associated documentation * files (the "Software"), to deal in the Software without restriction, * including without limitation the rights to use, copy, modify, merge, * publish, distribute, sublicense, and/or sell copies of the Software, * and to permit persons to whom the Software is furnished to do so, * subject to the following conditions: * * The above copyright notice and this permission notice shall be included * in all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER * DEALINGS IN THE SOFTWARE. */ using System; using System.Security.Cryptography; namespace Mono.Security.Protocol.Tls { internal class RSASslSignatureDeformatter : AsymmetricSignatureDeformatter { #region Fields private RSA key; private HashAlgorithm hash; #endregion #region Constructors public RSASslSignatureDeformatter() { } public RSASslSignatureDeformatter(AsymmetricAlgorithm key) { this.SetKey(key); } #endregion #region Methods public override bool VerifySignature( byte[] rgbHash, byte[] rgbSignature) { if (key == null) { throw new CryptographicUnexpectedOperationException("The key is a null reference"); } if (hash == null) { throw new CryptographicUnexpectedOperationException("The hash algorithm is a null reference."); } if (rgbHash == null) { throw new ArgumentNullException("The rgbHash parameter is a null reference."); } return Mono.Security.Cryptography.PKCS1.Verify_v15( this.key, this.hash, rgbHash, rgbSignature); } public override void SetHashAlgorithm(string strName) { switch (strName) { case "MD5SHA1": this.hash = new Mono.Security.Cryptography.MD5SHA1(); break; default: this.hash = HashAlgorithm.Create(strName); break; } } public override void SetKey(AsymmetricAlgorithm key) { if (!(key is RSA)) { throw new ArgumentException("Specfied key is not an RSA key"); } this.key = key as RSA; } #endregion } } --- NEW FILE: RSASslSignatureFormatter.cs --- /* Transport Security Layer (TLS) * Copyright (c) 2003-2004 Carlos Guzman Alvarez * * Permission is hereby granted, free of charge, to any person * obtaining a copy of this software and associated documentation * files (the "Software"), to deal in the Software without restriction, * including without limitation the rights to use, copy, modify, merge, * publish, distribute, sublicense, and/or sell copies of the Software, * and to permit persons to whom the Software is furnished to do so, * subject to the following conditions: * * The above copyright notice and this permission notice shall be included * in all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER * DEALINGS IN THE SOFTWARE. */ using System; using System.Security.Cryptography; namespace Mono.Security.Protocol.Tls { internal class RSASslSignatureFormatter : AsymmetricSignatureFormatter { #region Fields private RSA key; private HashAlgorithm hash; #endregion #region Constructors public RSASslSignatureFormatter() { } public RSASslSignatureFormatter(AsymmetricAlgorithm key) { this.SetKey(key); } #endregion #region Methods public override byte[] CreateSignature(byte[] rgbHash) { if (key == null) { throw new CryptographicUnexpectedOperationException("The key is a null reference"); } if (hash == null) { throw new CryptographicUnexpectedOperationException("The hash algorithm is a null reference."); } if (rgbHash == null) { throw new ArgumentNullException("The rgbHash parameter is a null reference."); } return Mono.Security.Cryptography.PKCS1.Sign_v15( this.key, this.hash, rgbHash); } public override void SetHashAlgorithm(string strName) { switch (strName) { case "MD5SHA1": this.hash = new Mono.Security.Cryptography.MD5SHA1(); break; default: this.hash = HashAlgorithm.Create(strName); break; } } public override void SetKey(AsymmetricAlgorithm key) { if (!(key is RSA)) { throw new ArgumentException("Specfied key is not an RSA key"); } this.key = key as RSA; } #endregion } } --- NEW FILE: SecurityCompressionType.cs --- /* Transport Security Layer (TLS) * Copyright (c) 2003-2004 Carlos Guzman Alvarez * * Permission is hereby granted, free of charge, to any person * obtaining a copy of this software and associated documentation * files (the "Software"), to deal in the Software without restriction, * including without limitation the rights to use, copy, modify, merge, * publish, distribute, sublicense, and/or sell copies of the Software, * and to permit persons to whom the Software is furnished to do so, * subject to the following conditions: * * The above copyright notice and this permission notice shall be included * in all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER * DEALINGS IN THE SOFTWARE. */ using System; namespace Mono.Security.Protocol.Tls { // Information about compression methods allowed by TLS // can be found in: // draft-ietf-tls-compression-05.txt (http://www.ietf.org/internet-drafts/draft-ietf-tls-compression-05.txt) public enum SecurityCompressionType : byte { None = 0, Zlib = 1 } } --- NEW FILE: SecurityProtocolType.cs --- /* Transport Security Layer (TLS) * Copyright (c) 2003-2004 Carlos Guzman Alvarez * * Permission is hereby granted, free of charge, to any person * obtaining a copy of this software and associated documentation * files (the "Software"), to deal in the Software without restriction, * including without limitation the rights to use, copy, modify, merge, * publish, distribute, sublicense, and/or sell copies of the Software, * and to permit persons to whom the Software is furnished to do so, * subject to the following conditions: * * The above copyright notice and this permission notice shall be included * in all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER * DEALINGS IN THE SOFTWARE. */ using System; namespace Mono.Security.Protocol.Tls { public enum SecurityProtocolType : short { Default = (0x03 << 8) | 0x01, Ssl3 = (0x03 << 8) | 0x00, Tls = (0x03 << 8) | 0x01 } } --- NEW FILE: SslClientStream.cs --- /* Transport Security Layer (TLS) * Copyright (c) 2003-2004 Carlos Guzman Alvarez * * Permission is hereby granted, free of charge, to any person * obtaining a copy of this software and associated documentation * files (the "Software"), to deal in the Software without restriction, * including without limitation the rights to use, copy, modify, merge, * publish, distribute, sublicense, and/or sell copies of the Software, * and to permit persons to whom the Software is furnished to do so, * subject to the following conditions: * * The above copyright notice and this permission notice shall be included * in all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, [...1132 lines suppressed...] return null; } internal AsymmetricAlgorithm RaisePrivateKeySelection( X509Certificate clientCertificate, string targetHost) { if (this.PrivateKeySelection != null) { return this.PrivateKeySelection( clientCertificate, targetHost); } return null; } #endregion } } --- NEW FILE: SslServerStream.cs --- /* Transport Security Layer (TLS) * Copyright (c) 2003-2004 Carlos Guzman Alvarez * * Permission is hereby granted, free of charge, to any person * obtaining a copy of this software and associated documentation * files (the "Software"), to deal in the Software without restriction, * including without limitation the rights to use, copy, modify, merge, * publish, distribute, sublicense, and/or sell copies of the Software, * and to permit persons to whom the Software is furnished to do so, * subject to the following conditions: * * The above copyright notice and this permission notice shall be included * in all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER * DEALINGS IN THE SOFTWARE. */ using System; using System.IO; using System.Security.Cryptography.X509Certificates; namespace Mono.Security.Protocol.Tls { public class SslServerStream : Stream, IDisposable { #region Fields private Stream innerStream; private bool disposed; private bool ownsStream; #endregion #region Properties public override bool CanRead { get { return this.innerStream.CanRead; } } public override bool CanWrite { get { return this.innerStream.CanWrite; } } public override bool CanSeek { get { return this.innerStream.CanSeek; } } public override long Length { get { throw new NotSupportedException(); } } public override long Position { get { throw new NotSupportedException(); } set { throw new NotSupportedException(); } } #endregion #region Security Properties public bool CheckCertRevocationStatus { get { throw new NotSupportedException(); } set { throw new NotSupportedException(); } } public CipherAlgorithmType CipherAlgorithm { get { throw new NotSupportedException(); } } public int CipherStrength { get { throw new NotSupportedException(); } } public X509Certificate ClientCertificate { get { throw new NotSupportedException(); } } public CertificateValidationCallback ClientCertValidationDelegate { get { throw new NotSupportedException(); } set { throw new NotSupportedException(); } } public HashAlgorithmType HashAlgorithm { get { throw new NotSupportedException(); } } public int HashStrength { get { throw new NotSupportedException(); } } public int KeyExchangeStrength { get { throw new NotSupportedException(); } } public ExchangeAlgorithmType KeyExchangeAlgorithm { get { throw new NotSupportedException(); } } public SecurityProtocolType SecurityProtocol { get { throw new NotSupportedException(); } } public X509Certificate ServerCertificate { get { throw new NotSupportedException(); } } #endregion #region Constructors public SslServerStream(Stream stream, X509Certificate serverCertificate) { throw new NotSupportedException(); } public SslServerStream( Stream stream, X509Certificate serverCertificate, bool clientCertificateRequired, bool ownsStream) { throw new NotSupportedException(); } public SslServerStream( Stream stream, X509Certificate serverCertificate, bool clientCertificateRequired, bool ownsStream, SecurityProtocolType securityProtocolType) { throw new NotSupportedException(); } #endregion #region Finalizer ~SslServerStream() { this.Dispose(false); } #endregion #region IDisposable Methods void IDisposable.Dispose() { this.Dispose(true); GC.SuppressFinalize(this); } protected virtual void Dispose(bool disposing) { if (!this.disposed) { if (disposing) { if (this.innerStream != null) { if (this.ownsStream) { // Close inner stream this.innerStream.Close(); } } this.ownsStream = false; this.innerStream = null; } this.disposed = true; } } #endregion #region Methods public override IAsyncResult BeginRead( byte[] buffer, int offset, int count, AsyncCallback asyncCallback, object asyncState) { throw new NotSupportedException(); } public override IAsyncResult BeginWrite( byte[] buffer, int offset, int count, AsyncCallback asyncCallback, object asyncState) { throw new NotSupportedException(); } public override void Close() { throw new NotSupportedException(); } public override int EndRead(IAsyncResult asyncResult) { throw new NotSupportedException(); } public override void EndWrite(IAsyncResult asyncResult) { throw new NotSupportedException(); } public override void Flush() { if (this.disposed) { throw new ObjectDisposedException("The NetworkStream is closed."); } } public int Read(byte[] buffer) { throw new NotSupportedException(); } public override int Read( byte[] buffer, int offset, int count) { throw new NotSupportedException(); } public override long Seek(long offset, SeekOrigin origin) { throw new NotSupportedException(); } public override void SetLength(long value) { throw new NotSupportedException(); } public void Write(byte[] buffer) { throw new NotSupportedException(); } public override void Write( byte[] buffer, int offset, int count) { throw new NotSupportedException(); } #endregion } } --- NEW FILE: TlsCipherSuite.cs --- /* Transport Security Layer (TLS) * Copyright (c) 2003-2004 Carlos Guzman Alvarez * * Permission is hereby granted, free of charge, to any person * obtaining a copy of this software and associated documentation * files (the "Software"), to deal in the Software without restriction, * including without limitation the rights to use, copy, modify, merge, * publish, distribute, sublicense, and/or sell copies of the Software, * and to permit persons to whom the Software is furnished to do so, * subject to the following conditions: * * The above copyright notice and this permission notice shall be included * in all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER * DEALINGS IN THE SOFTWARE. */ using System; using System.IO; using System.Text; using System.Security.Cryptography; using System.Security.Cryptography.X509Certificates; using Mono.Security; using Mono.Security.Cryptography; namespace Mono.Security.Protocol.Tls { internal class TlsCipherSuite : CipherSuite { #region Constructors public TlsCipherSuite( short code, string name, CipherAlgorithmType cipherAlgorithmType, HashAlgorithmType hashAlgorithmType, ExchangeAlgorithmType exchangeAlgorithmType, bool exportable, bool blockMode, byte keyMaterialSize, byte expandedKeyMaterialSize, short effectiveKeyBytes, byte ivSize, byte blockSize) : base(code, name, cipherAlgorithmType, hashAlgorithmType, exchangeAlgorithmType, exportable, blockMode, keyMaterialSize, expandedKeyMaterialSize, effectiveKeyBytes, ivSize, blockSize) { } #endregion #region MAC Generation Methods public override byte[] ComputeServerRecordMAC(TlsContentType contentType, byte[] fragment) { TlsStream data = new TlsStream(); byte[] result = null; data.Write(this.Context.ReadSequenceNumber); data.Write((byte)contentType); data.Write((short)this.Context.Protocol); data.Write((short)fragment.Length); data.Write(fragment); result = this.ServerHMAC.ComputeHash(data.ToArray()); data.Reset(); return result; } public override byte[] ComputeClientRecordMAC(TlsContentType contentType, byte[] fragment) { TlsStream data = new TlsStream(); byte[] result = null; data.Write(this.Context.WriteSequenceNumber); data.Write((byte)contentType); data.Write((short)this.Context.Protocol); data.Write((short)fragment.Length); data.Write(fragment); result = this.ClientHMAC.ComputeHash(data.ToArray()); data.Reset(); return result; } #endregion #region Key Generation Methods public override void ComputeMasterSecret(byte[] preMasterSecret) { // Create master secret this.Context.MasterSecret = new byte[preMasterSecret.Length]; this.Context.MasterSecret = this.PRF( preMasterSecret, "master secret", this.Context.RandomCS, 48); } public override void ComputeKeys() { // Create keyblock TlsStream keyBlock = new TlsStream( this.PRF( this.Context.MasterSecret, "key expansion", this.Context.RandomSC, this.KeyBlockSize)); this.Context.ClientWriteMAC = keyBlock.ReadBytes(this.HashSize); this.Context.ServerWriteMAC = keyBlock.ReadBytes(this.HashSize); this.Context.ClientWriteKey = keyBlock.ReadBytes(this.KeyMaterialSize); this.Context.ServerWriteKey = keyBlock.ReadBytes(this.KeyMaterialSize); if (!this.IsExportable) { if (this.IvSize != 0) { this.Context.ClientWriteIV = keyBlock.ReadBytes(this.IvSize); this.Context.ServerWriteIV = keyBlock.ReadBytes(this.IvSize); } else { this.Context.ClientWriteIV = new byte[0]; this.Context.ServerWriteIV = new byte[0]; } } else { // Generate final write keys byte[] finalClientWriteKey = PRF(this.Context.ClientWriteKey, "client write key", this.Context.RandomCS, this.KeyMaterialSize); byte[] finalServerWriteKey = PRF(this.Context.ServerWriteKey, "server write key", this.Context.RandomCS, this.KeyMaterialSize); this.Context.ClientWriteKey = finalClientWriteKey; this.Context.ServerWriteKey = finalServerWriteKey; // Generate IV block byte[] ivBlock = PRF(new byte[]{}, "IV block", this.Context.RandomCS, this.IvSize*2); // Generate IV keys this.Context.ClientWriteIV = new byte[this.IvSize]; System.Array.Copy(ivBlock, 0, this.Context.ClientWriteIV, 0, this.Context.ClientWriteIV.Length); this.Context.ServerWriteIV = new byte[this.IvSize]; System.Array.Copy(ivBlock, this.IvSize, this.Context.ServerWriteIV, 0, this.Context.ServerWriteIV.Length); } // Clear no more needed data keyBlock.Reset(); } #endregion } } --- NEW FILE: TlsCipherSuiteCollection.cs --- /* Transport Security Layer (TLS) * Copyright (c) 2003-2004 Carlos Guzman Alvarez * * Permission is hereby granted, free of charge, to any person * obtaining a copy of this software and associated documentation * files (the "Software"), to deal in the Software without restriction, * including without limitation the rights to use, copy, modify, merge, * publish, distribute, sublicense, and/or sell copies of the Software, * and to permit persons to whom the Software is furnished to do so, * subject to the following conditions: * * The above copyright notice and this permission notice shall be included * in all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER * DEALINGS IN THE SOFTWARE. */ using System; using System.Collections; using System.Globalization; using System.Security.Cryptography; namespace Mono.Security.Protocol.Tls { internal sealed class TlsCipherSuiteCollection : ArrayList { #region Fields private SecurityProtocolType protocol; #endregion #region Properties public CipherSuite this[string name] { get { return (CipherSuite)this[IndexOf(name)]; } set { this[IndexOf(name)] = (CipherSuite)value; } } public CipherSuite this[short code] { get { return (CipherSuite)base[IndexOf(code)]; } set { base[IndexOf(code)] = (CipherSuite)value; } } public new CipherSuite this[int code] { get { return (CipherSuite)base[code]; } set { base[code] = (CipherSuite)value; } } #endregion #region Constructors public TlsCipherSuiteCollection(SecurityProtocolType protocol) : base() { this.protocol = protocol; } #endregion #region Methods public bool Contains(string name) { return(-1 != IndexOf(name)); } public int IndexOf(string name) { int index = 0; foreach (CipherSuite suite in this) { if (cultureAwareCompare(suite.Name, name)) { return index; } index++; } return -1; } public int IndexOf(short code) { int index = 0; foreach (CipherSuite suite in this) { if (suite.Code == code) { return index; } index++; } return -1; } public void RemoveAt(string errorMessage) { RemoveAt(IndexOf(errorMessage)); } public CipherSuite Add( short code, string name, CipherAlgorithmType cipherType, HashAlgorithmType hashType, ExchangeAlgorithmType exchangeType, bool exportable, bool blockMode, byte keyMaterialSize, byte expandedKeyMaterialSize, short effectiveKeyBytes, byte ivSize, byte blockSize) { switch (this.protocol) { case SecurityProtocolType.Ssl3: return this.add( new TlsSslCipherSuite( code, name, cipherType, hashType, exchangeType, exportable, blockMode, keyMaterialSize, expandedKeyMaterialSize, effectiveKeyBytes, ivSize, blockSize)); case SecurityProtocolType.Tls: return this.add( new TlsCipherSuite( code, name, cipherType, hashType, exchangeType, exportable, blockMode, keyMaterialSize, expandedKeyMaterialSize, effectiveKeyBytes, ivSize, blockSize)); default: throw new NotSupportedException(); } } private TlsCipherSuite add(TlsCipherSuite cipherSuite) { base.Add(cipherSuite); return cipherSuite; } private TlsSslCipherSuite add(TlsSslCipherSuite cipherSuite) { base.Add(cipherSuite); return cipherSuite; } private bool cultureAwareCompare(string strA, string strB) { try { return CultureInfo.CurrentCulture.CompareInfo.Compare(strA, strB, CompareOptions.IgnoreKanaType | CompareOptions.IgnoreWidth | CompareOptions.IgnoreCase) == 0 ? true : false; } catch (NotSupportedException) { return strA.ToUpper() == strB.ToUpper() ? true : false; } } #endregion } } --- NEW FILE: TlsCipherSuiteFactory.cs --- /* Transport Security Layer (TLS) * Copyright (c) 2003-2004 Carlos Guzman Alvarez * * Permission is hereby granted, free of charge, to any person * obtaining a copy of this software and associated documentation * files (the "Software"), to deal in the Software without restriction, * including without limitation the rights to use, copy, modify, merge, * publish, distribute, sublicense, and/or sell copies of the Software, * and to permit persons to whom the Software is furnished to do so, * subject to the following conditions: * * The above copyright notice and this permission notice shall be included * in all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER * DEALINGS IN THE SOFTWARE. */ using System; namespace Mono.Security.Protocol.Tls { internal class TlsCipherSuiteFactory { public static TlsCipherSuiteCollection GetSupportedCiphers(SecurityProtocolType protocol) { switch (protocol) { case SecurityProtocolType.Ssl3: return TlsCipherSuiteFactory.GetSsl3SupportedCiphers(); case SecurityProtocolType.Tls: return TlsCipherSuiteFactory.GetTls1SupportedCiphers(); default: throw new NotSupportedException(); } } #region Private Static Methods private static TlsCipherSuiteCollection GetTls1SupportedCiphers() { TlsCipherSuiteCollection scs = new TlsCipherSuiteCollection(SecurityProtocolType.Tls); // Supported ciphers scs.Add((0x00 << 0x08) | 0x35, "TLS_RSA_WITH_AES_256_CBC_SHA", CipherAlgorithmType.Rijndael, HashAlgorithmType.Sha1, ExchangeAlgorithmType.RsaSign, false, true, 32, 32, 256, 16, 16); scs.Add((0x00 << 0x08) | 0x2F, "TLS_RSA_WITH_AES_128_CBC_SHA", CipherAlgorithmType.Rijndael, HashAlgorithmType.Sha1, ExchangeAlgorithmType.RsaSign, false, true, 16, 16, 128, 16, 16); scs.Add((0x00 << 0x08) | 0x0A, "TLS_RSA_WITH_3DES_EDE_CBC_SHA", CipherAlgorithmType.TripleDes, HashAlgorithmType.Sha1, ExchangeAlgorithmType.RsaSign, false, true, 24, 24, 168, 8, 8); scs.Add((0x00 << 0x08) | 0x09, "TLS_RSA_WITH_DES_CBC_SHA", CipherAlgorithmType.Des, HashAlgorithmType.Sha1, ExchangeAlgorithmType.RsaSign, false, true, 8, 8, 56, 8, 8); scs.Add((0x00 << 0x08) | 0x05, "TLS_RSA_WITH_RC4_128_SHA", CipherAlgorithmType.Rc4, HashAlgorithmType.Sha1, ExchangeAlgorithmType.RsaSign, false, false, 16, 16, 128, 0, 0); scs.Add((0x00 << 0x08) | 0x04, "TLS_RSA_WITH_RC4_128_MD5", CipherAlgorithmType.Rc4, HashAlgorithmType.Md5, ExchangeAlgorithmType.RsaSign, false, false, 16, 16, 128, 0, 0); // Default CipherSuite // scs.Add(0, "TLS_NULL_WITH_NULL_NULL", CipherAlgorithmType.None, HashAlgorithmType.None, ExchangeAlgorithmType.None, true, false, 0, 0, 0, 0, 0); // RSA Cipher Suites // scs.Add((0x00 << 0x08) | 0x01, "TLS_RSA_WITH_NULL_MD5", CipherAlgorithmType.None, HashAlgorithmType.Md5, ExchangeAlgorithmType.None, true, false, 0, 0, 0, 0, 0); // scs.Add((0x00 << 0x08) | 0x02, "TLS_RSA_WITH_NULL_SHA", CipherAlgorithmType.None, HashAlgorithmType.Sha1, ExchangeAlgorithmType.None, true, false, 0, 0, 0, 0, 0); // scs.Add((0x00 << 0x08) | 0x03, "TLS_RSA_EXPORT_WITH_RC4_40_MD5", CipherAlgorithmType.Rc4, HashAlgorithmType.Md5, ExchangeAlgorithmType.RsaSignKeyX, true, false, 5, 16, 40, 0, 0); // scs.Add((0x00 << 0x08) | 0x05, "TLS_RSA_WITH_RC4_128_SHA", CipherAlgorithmType.Rc4, HashAlgorithmType.Sha1, ExchangeAlgorithmType.RsaSign, false, false, 16, 16, 128, 0, 0); // scs.Add((0x00 << 0x08) | 0x04, "TLS_RSA_WITH_RC4_128_MD5", CipherAlgorithmType.Rc4, HashAlgorithmType.Md5, ExchangeAlgorithmType.RsaSign, false, false, 16, 16, 128, 0, 0); // scs.Add((0x00 << 0x08) | 0x06, "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5", CipherAlgorithmType.Rc2, HashAlgorithmType.Md5, ExchangeAlgorithmType.RsaKeyX, true, true, 5, 16, 40, 8, 8); // scs.Add((0x00 << 0x08) | 0x07, "TLS_RSA_WITH_IDEA_CBC_SHA", "IDEA", HashAlgorithmType.Sha1, ExchangeAlgorithmType.RsaSign, false, true, 16, 16, 128, 8, 8); // scs.Add((0x00 << 0x08) | 0x08, "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA", CipherAlgorithmType.Des, HashAlgorithmType.Sha1, ExchangeAlgorithmType.RsaKeyX, true, true, 5, 8, 40, 8, 8); // scs.Add((0x00 << 0x08) | 0x09, "TLS_RSA_WITH_DES_CBC_SHA", CipherAlgorithmType.Des, HashAlgorithmType.Sha1, ExchangeAlgorithmType.RsaSign, false, true, 8, 8, 56, 8, 8); // scs.Add((0x00 << 0x08) | 0x0A, "TLS_RSA_WITH_3DES_EDE_CBC_SHA", CipherAlgorithmType.TripleDes, HashAlgorithmType.Sha1, ExchangeAlgorithmType.RsaSign, false, true, 24, 24, 168, 8, 8); // Diffie-Hellman Cipher Suites // scs.Add((0x00 << 0x08) | 0x0B, "TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA", CipherAlgorithmType.Des, HashAlgorithmType.Sha1, ExchangeAlgorithmType.DiffieHellman, true, true, 5, 8, 40, 8, 8); // scs.Add((0x00 << 0x08) | 0x0C, "TLS_DH_DSS_WITH_DES_CBC_SHA", CipherAlgorithmType.Des, HashAlgorithmType.Sha1, false, ExchangeAlgorithmType.DiffieHellman, true, 8, 8, 56, 8, 8); // scs.Add((0x00 << 0x08) | 0x0D, "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA", CipherAlgorithmType.TripleDes, HashAlgorithmType.Sha1, ExchangeAlgorithmType.DiffieHellman, false, true, 24, 24, 168, 8, 8); // scs.Add((0x00 << 0x08) | 0x0E, "TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA", CipherAlgorithmType.Des, HashAlgorithmType.Sha1, ExchangeAlgorithmType.DiffieHellman, true, true, 5, 8, 40, 8, 8); // scs.Add((0x00 << 0x08) | 0x0F, "TLS_DH_RSA_WITH_DES_CBC_SHA", CipherAlgorithmType.Des, HashAlgorithmType.Sha1, false, ExchangeAlgorithmType.DiffieHellman, true, 8, 8, 56, 8, 8); // scs.Add((0x00 << 0x08) | 0x10, "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA", CipherAlgorithmType.TripleDes, HashAlgorithmType.Sha1, ExchangeAlgorithmType.DiffieHellman, false, true, 24, 24, 168, 8, 8); // scs.Add((0x00 << 0x08) | 0x11, "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", CipherAlgorithmType.Des, HashAlgorithmType.Sha1, ExchangeAlgorithmType.DiffieHellman, true, true, 5, 8, 40, 8, 8); // scs.Add((0x00 << 0x08) | 0x12, "TLS_DHE_DSS_WITH_DES_CBC_SHA", CipherAlgorithmType.Des, HashAlgorithmType.Sha1, ExchangeAlgorithmType.DiffieHellman, false, true, 8, 8, 56, 8, 8); // scs.Add((0x00 << 0x08) | 0x13, "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA", CipherAlgorithmType.TripleDes, HashAlgorithmType.Sha1, ExchangeAlgorithmType.DiffieHellman, false, true, 24, 24, 168, 8, 8); // scs.Add((0x00 << 0x08) | 0x14, "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA", CipherAlgorithmType.Des, HashAlgorithmType.Sha1, ExchangeAlgorithmType.DiffieHellman, true, true, 5, 8, 40, 8, 8); // scs.Add((0x00 << 0x08) | 0x15, "TLS_DHE_RSA_WITH_DES_CBC_SHA", HashAlgorithmType.Sha1, CipherAlgorithmType.Des, false, ExchangeAlgorithmType.DiffieHellman, true, 8, 8, 56, 8, 8); // scs.Add((0x00 << 0x08) | 0x16, "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA", CipherAlgorithmType.TripleDes, HashAlgorithmType.Sha1, ExchangeAlgorithmType.DiffieHellman, false, true, 24, 24, 168, 8, 8); // Anonymous Diffie-Hellman Cipher Suites // scs.Add((0x00 << 0x08) | 0x17, "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5", CipherAlgorithmType.Rc4, HashAlgorithmType.Md5, ExchangeAlgorithmType.DiffieHellman, true, false, 5, 16, 40, 0, 0); // scs.Add((0x00 << 0x08) | 0x18, "TLS_DH_anon_WITH_RC4_128_MD5", CipherAlgorithmType.Rc4, HashAlgorithmType.Md5, false, ExchangeAlgorithmType.DiffieHellman, false, 16, 16, 128, 0, 0); // scs.Add((0x00 << 0x08) | 0x19, "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA", CipherAlgorithmType.Des, HashAlgorithmType.Sha1, ExchangeAlgorithmType.DiffieHellman, false, true, 5, 8, 40, 8, 8); // scs.Add((0x00 << 0x08) | 0x1A, "TLS_DH_anon_WITH_DES_CBC_SHA", "DES4", HashAlgorithmType.Sha1, ExchangeAlgorithmType.DiffieHellman, false, true, 8, 8, 56, 8, 8); // scs.Add((0x00 << 0x08) | 0x1B, "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA", CipherAlgorithmType.TripleDes, HashAlgorithmType.Sha1, ExchangeAlgorithmType.DiffieHellman, false, true, 24, 24, 168, 8, 8); // AES CipherSuites // // Ref: RFC3268 - (http://www.ietf.org/rfc/rfc3268.txt) // scs.Add((0x00 << 0x08) | 0x2F, "TLS_RSA_WITH_AES_128_CBC_SHA", CipherAlgorithmType.Rijndael, HashAlgorithmType.Sha1, ExchangeAlgorithmType.RsaSign, false, true, 16, 16, 128, 16, 16); // scs.Add((0x00 << 0x08) | 0x30, "TLS_DH_DSS_WITH_AES_128_CBC_SHA", CipherAlgorithmType.Rijndael, HashAlgorithmType.Sha1, ExchangeAlgorithmType.DiffieHellman, false, true, 16, 16, 128, 8, 8); // scs.Add((0x00 << 0x08) | 0x31, "TLS_DH_RSA_WITH_AES_128_CBC_SHA", CipherAlgorithmType.Rijndael, HashAlgorithmType.Sha1, ExchangeAlgorithmType.DiffieHellman, false, true, 16, 16, 128, 8, 8); // scs.Add((0x00 << 0x08) | 0x32, "TLS_DHE_DSS_WITH_AES_128_CBC_SHA", CipherAlgorithmType.Rijndael, HashAlgorithmType.Sha1, ExchangeAlgorithmType.DiffieHellman, false, true, 16, 16, 128, 8, 8); // scs.Add((0x00 << 0x08) | 0x33, "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", CipherAlgorithmType.Rijndael, HashAlgorithmType.Sha1, ExchangeAlgorithmType.DiffieHellman, false, true, 16, 16, 128, 8, 8); // scs.Add((0x00 << 0x08) | 0x34, "TLS_DH_anon_WITH_AES_128_CBC_SHA", CipherAlgorithmType.Rijndael, HashAlgorithmType.Sha1, ExchangeAlgorithmType.DiffieHellman, false, true, 16, 16, 128, 8, 8); // scs.Add((0x00 << 0x08) | 0x35, "TLS_RSA_WITH_AES_256_CBC_SHA", CipherAlgorithmType.Rijndael, HashAlgorithmType.Sha1, ExchangeAlgorithmType.RsaSign, false, true, 32, 32, 256, 16, 16); // scs.Add((0x00 << 0x08) | 0x36, "TLS_DH_DSS_WITH_AES_256_CBC_SHA", CipherAlgorithmType.Rijndael, HashAlgorithmType.Sha1, ExchangeAlgorithmType.DiffieHellman, false, true, 32, 32, 256, 16, 16); // scs.Add((0x00 << 0x08) | 0x37, "TLS_DH_RSA_WITH_AES_256_CBC_SHA", CipherAlgorithmType.Rijndael, HashAlgorithmType.Sha1, ExchangeAlgorithmType.DiffieHellman, false, true, 32, 32, 256, 16, 16); // scs.Add((0x00 << 0x08) | 0x38, "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", CipherAlgorithmType.Rijndael, HashAlgorithmType.Sha1, ExchangeAlgorithmType.DiffieHellman, false, true, 32, 32, 256, 16, 16); // scs.Add((0x00 << 0x08) | 0x39, "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", CipherAlgorithmType.Rijndael, HashAlgorithmType.Sha1, ExchangeAlgorithmType.DiffieHellman, false, true, 32, 32, 256, 16, 16); // scs.Add((0x00 << 0x08) | 0x3A, "TLS_DH_anon_WITH_AES_256_CBC_SHA", CipherAlgorithmType.Rijndael, HashAlgorithmType.Sha1, ExchangeAlgorithmType.DiffieHellman, false, true, 32, 32, 256, 16, 16); return scs; } private static TlsCipherSuiteCollection GetSsl3SupportedCiphers() { TlsCipherSuiteCollection scs = new TlsCipherSuiteCollection(SecurityProtocolType.Ssl3); // Supported ciphers scs.Add((0x00 << 0x08) | 0x0A, "SSL_RSA_WITH_3DES_EDE_CBC_SHA", CipherAlgorithmType.TripleDes, HashAlgorithmType.Sha1, ExchangeAlgorithmType.RsaSign, false, true, 24, 24, 168, 8, 8); scs.Add((0x00 << 0x08) | 0x09, "SSL_RSA_WITH_DES_CBC_SHA", CipherAlgorithmType.Des, HashAlgorithmType.Sha1, ExchangeAlgorithmType.RsaSign, false, true, 8, 8, 56, 8, 8); scs.Add((0x00 << 0x08) | 0x05, "SSL_RSA_WITH_RC4_128_SHA", CipherAlgorithmType.Rc4, HashAlgorithmType.Sha1, ExchangeAlgorithmType.RsaSign, false, false, 16, 16, 128, 0, 0); scs.Add((0x00 << 0x08) | 0x04, "SSL_RSA_WITH_RC4_128_MD5", CipherAlgorithmType.Rc4, HashAlgorithmType.Md5, ExchangeAlgorithmType.RsaSign, false, false, 16, 16, 128, 0, 0); // Default CipherSuite // scs.Add(0, "SSL_NULL_WITH_NULL_NULL", CipherAlgorithmType.None, HashAlgorithmType.None, true, false, 0, 0, 0, 0, 0); // RSA Cipher Suites // scs.Add((0x00 << 0x08) | 0x01, "SSL_RSA_WITH_NULL_MD5", CipherAlgorithmType.None, HashAlgorithmType.Md5, ExchangeAlgorithmType.None, true, false, 0, 0, 0, 0, 0); // scs.Add((0x00 << 0x08) | 0x02, "SSL_RSA_WITH_NULL_SHA", CipherAlgorithmType.None, HashAlgorithmType.Sha1, true, ExchangeAlgorithmType.None, false, 0, 0, 0, 0, 0); // scs.Add((0x00 << 0x08) | 0x03, "SSL_RSA_EXPORT_WITH_RC4_40_MD5", CipherAlgorithmType.Rc4, HashAlgorithmType.Md5, ExchangeAlgorithmType.RsaKeyX, true, false, 5, 16, 40, 0, 0); // scs.Add((0x00 << 0x08) | 0x05, "SSL_RSA_WITH_RC4_128_SHA", CipherAlgorithmType.Rc4, HashAlgorithmType.Sha1, ExchangeAlgorithmType.RsaSign, false, false, 16, 16, 128, 0, 0); // scs.Add((0x00 << 0x08) | 0x04, "SSL_RSA_WITH_RC4_128_MD5", CipherAlgorithmType.Rc4, HashAlgorithmType.Md5, ExchangeAlgorithmType.RsaSign, false, false, 16, 16, 128, 0, 0); // scs.Add((0x00 << 0x08) | 0x06, "SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5", CipherAlgorithmType.Rc2, HashAlgorithmType.Md5, ExchangeAlgorithmType.RsaKeyX, true, true, 5, 16, 40, 8, 8); // scs.Add((0x00 << 0x08) | 0x07, "SSL_RSA_WITH_IDEA_CBC_SHA", "IDEA", HashAlgorithmType.Sha1, ExchangeAlgorithmType.RsaSign, false, true, 16, 16, 128, 8, 8); // scs.Add((0x00 << 0x08) | 0x08, "SSL_RSA_EXPORT_WITH_DES40_CBC_SHA", CipherAlgorithmType.Des, HashAlgorithmType.Sha1, ExchangeAlgorithmType.RsaKeyEx, true, true, 5, 8, 40, 8, 8); // scs.Add((0x00 << 0x08) | 0x09, "SSL_RSA_WITH_DES_CBC_SHA", CipherAlgorithmType.Des, HashAlgorithmType.Sha1, ExchangeAlgorithmType.RsaSign, false, true, 8, 8, 56, 8, 8); // scs.Add((0x00 << 0x08) | 0x0A, "SSL_RSA_WITH_3DES_EDE_CBC_SHA", CipherAlgorithmType.TripleDes, HashAlgorithmType.Sha1, ExchangeAlgorithmType.RsaSign, false, true, 24, 24, 168, 8, 8); // Diffie-Hellman Cipher Suites // scs.Add((0x00 << 0x08) | 0x0B, "SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA", CipherAlgorithmType.Des, HashAlgorithmType.Sha1, ExchangeAlgorithmType.DiffieHellman, true, true, 5, 8, 40, 8, 8); // scs.Add((0x00 << 0x08) | 0x0C, "SSL_DH_DSS_WITH_DES_CBC_SHA", CipherAlgorithmType.Des, HashAlgorithmType.Sha1, ExchangeAlgorithmType.DiffieHellman, false, true, 8, 8, 56, 8, 8); // scs.Add((0x00 << 0x08) | 0x0D, "SSL_DH_DSS_WITH_3DES_EDE_CBC_SHA", CipherAlgorithmType.TripleDes, HashAlgorithmType.Sha1, ExchangeAlgorithmType.DiffieHellman, false, true, 24, 24, 168, 8, 8); // scs.Add((0x00 << 0x08) | 0x0E, "SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA", CipherAlgorithmType.Des, HashAlgorithmType.Sha1, ExchangeAlgorithmType.DiffieHellman, true, true, 5, 8, 40, 8, 8); // scs.Add((0x00 << 0x08) | 0x0F, "SSL_DH_RSA_WITH_DES_CBC_SHA", CipherAlgorithmType.Des, HashAlgorithmType.Sha1, ExchangeAlgorithmType.DiffieHellman, false, true, 8, 8, 56, 8, 8); // scs.Add((0x00 << 0x08) | 0x10, "SSL_DH_RSA_WITH_3DES_EDE_CBC_SHA", CipherAlgorithmType.TripleDes, HashAlgorithmType.Sha1, ExchangeAlgorithmType.DiffieHellman, false, true, 24, 24, 168, 8, 8); // scs.Add((0x00 << 0x08) | 0x11, "SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA", CipherAlgorithmType.Des, HashAlgorithmType.Sha1, ExchangeAlgorithmType.DiffieHellman, true, true, 5, 8, 40, 8, 8); // scs.Add((0x00 << 0x08) | 0x12, "SSL_DHE_DSS_WITH_DES_CBC_SHA", CipherAlgorithmType.Des, HashAlgorithmType.Sha1, ExchangeAlgorithmType.DiffieHellman, false, true, 8, 8, 56... [truncated message content] |
Update of /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Cryptography In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv901 Added Files: ARC4Managed.cs HMAC.cs MD5SHA1.cs PKCS1.cs RC4.cs RSAManaged.cs Log Message: Reorganization to match mono:: cvs structure --- NEW FILE: ARC4Managed.cs --- // // ARC4Managed.cs: Alleged RC4(tm) compatible symmetric stream cipher // RC4 is a trademark of RSA Security // using System; using System.Security.Cryptography; namespace Mono.Security.Cryptography { // References: // a. Usenet 1994 - RC4 Algorithm revealed // http://www.qrst.de/html/dsds/rc4.htm internal class ARC4Managed : RC4, ICryptoTransform { private byte[] key; private byte[] state; private byte x; private byte y; private bool m_disposed; public ARC4Managed () : base () { state = new byte [256]; m_disposed = false; } ~ARC4Managed () { Dispose (true); } protected override void Dispose (bool disposing) { if (!m_disposed) { x = 0; y = 0; if (key != null) { Array.Clear (key, 0, key.Length); key = null; } Array.Clear (state, 0, state.Length); state = null; GC.SuppressFinalize (this); m_disposed = true; } } public override byte[] Key { get { return (byte[]) key.Clone (); } set { key = (byte[]) value.Clone (); KeySetup (key); } } public bool CanReuseTransform { get { return false; } } public override ICryptoTransform CreateEncryptor (byte[] rgbKey, byte[] rgvIV) { Key = rgbKey; return (ICryptoTransform) this; } public override ICryptoTransform CreateDecryptor (byte[] rgbKey, byte[] rgvIV) { Key = rgbKey; return CreateEncryptor (); } public override void GenerateIV () { // not used for a stream cipher IV = new byte [0]; } public override void GenerateKey () { byte[] key = new byte [KeySizeValue >> 3]; RandomNumberGenerator rng = RandomNumberGenerator.Create (); rng.GetBytes (key); Key = key; } public bool CanTransformMultipleBlocks { get { return true; } } public int InputBlockSize { get { return 1; } } public int OutputBlockSize { get { return 1; } } private void KeySetup (byte[] key) { byte index1 = 0; byte index2 = 0; for (int counter = 0; counter < 256; counter++) state [counter] = (byte) counter; x = 0; y = 0; for (int counter = 0; counter < 256; counter++) { index2 = (byte) ((key [index1] + state [counter] + index2) % 256); // swap byte byte tmp = state [counter]; state [counter] = state [index2]; state [index2] = tmp; index1 = (byte) ((index1 + 1) % key.Length); } } public int TransformBlock (byte[] inputBuffer, int inputOffset, int inputCount, byte[] outputBuffer, int outputOffset) { byte xorIndex; for (int counter = 0; counter < inputCount; counter ++) { x = (byte) ((x + 1) % 256); y = (byte) ((state [x] + y) % 256); // swap byte byte tmp = state [x]; state [x] = state [y]; state [y] = tmp; xorIndex = (byte) (state [x] + (state [y]) % 256); outputBuffer [outputOffset + counter] = (byte) (inputBuffer [inputOffset + counter] ^ state [xorIndex]); } return inputCount; } public byte[] TransformFinalBlock (byte[] inputBuffer, int inputOffset, int inputCount) { byte[] output = new byte [inputCount]; TransformBlock (inputBuffer, inputOffset, inputCount, output, 0); return output; } } } --- NEW FILE: HMAC.cs --- /* Transport Security Layer (TLS) * Copyright (c) 2003-2004 Carlos Guzman Alvarez * * Permission is hereby granted, free of charge, to any person * obtaining a copy of this software and associated documentation * files (the "Software"), to deal in the Software without restriction, * including without limitation the rights to use, copy, modify, merge, * publish, distribute, sublicense, and/or sell copies of the Software, * and to permit persons to whom the Software is furnished to do so, * subject to the following conditions: * * The above copyright notice and this permission notice shall be included * in all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER * DEALINGS IN THE SOFTWARE. */ using System; using System.Security.Cryptography; namespace Mono.Security.Cryptography { /* * References: * RFC 2104 (http://www.ietf.org/rfc/rfc2104.txt) * RFC 2202 (http://www.ietf.org/rfc/rfc2202.txt) * MSDN: * * Extending the KeyedHashAlgorithm Class (http://msdn.microsoft.com/library/default.asp?url=/library/en-us/cpguide/html/cpconextendingkeyedhashalgorithmclass.asp) */ internal class HMAC : System.Security.Cryptography.KeyedHashAlgorithm { #region Fields private HashAlgorithm hash; private bool hashing; private byte[] innerPad; private byte[] outerPad; #endregion #region Properties public override byte[] Key { get { return (byte[])KeyValue.Clone(); } set { if (hashing) { throw new Exception("Cannot change key during hash operation."); } /* if key is longer than 64 bytes reset it to rgbKey = Hash(rgbKey) */ if (value.Length > 64) { KeyValue = hash.ComputeHash(value); } else { KeyValue = (byte[])value.Clone(); } initializePad(); } } #endregion #region Constructors public HMAC() { // Create the hash hash = MD5.Create(); // Set HashSizeValue HashSizeValue = hash.HashSize; // Generate a radom key byte[] rgbKey = new byte[64]; RNGCryptoServiceProvider rng = new RNGCryptoServiceProvider(); rng.GetNonZeroBytes(rgbKey); KeyValue = (byte[])rgbKey.Clone(); this.Initialize(); } public HMAC(string hashName, byte[] rgbKey) { // Create the hash if (hashName == null || hashName.Length == 0) { hashName = "MD5"; } hash = HashAlgorithm.Create(hashName); // Set HashSizeValue HashSizeValue = hash.HashSize; /* if key is longer than 64 bytes reset it to rgbKey = Hash(rgbKey) */ if (rgbKey.Length > 64) { KeyValue = hash.ComputeHash(rgbKey); } else { KeyValue = (byte[])rgbKey.Clone(); } this.Initialize(); } #endregion #region Methods public override void Initialize() { hash.Initialize(); initializePad(); hashing = false; } protected override byte[] HashFinal() { if (!hashing) { hash.TransformBlock(innerPad, 0, innerPad.Length, innerPad, 0); hashing = true; } // Finalize the original hash hash.TransformFinalBlock(new byte[0], 0, 0); byte[] firstResult = hash.Hash; hash.Initialize(); hash.TransformBlock(outerPad, 0, outerPad.Length, outerPad, 0); hash.TransformFinalBlock(firstResult, 0, firstResult.Length); Initialize(); return hash.Hash; } protected override void HashCore( byte[] array, int ibStart, int cbSize) { if (!hashing) { hash.TransformBlock(innerPad, 0, innerPad.Length, innerPad, 0); hashing = true; } hash.TransformBlock(array, ibStart, cbSize, array, ibStart); } #endregion #region Private Methods private void initializePad() { // Fill pad arrays innerPad = new byte[64]; outerPad = new byte[64]; /* Pad the key for inner and outer digest */ for (int i = 0 ; i < KeyValue.Length; ++i) { innerPad[i] = (byte)(KeyValue[i] ^ 0x36); outerPad[i] = (byte)(KeyValue[i] ^ 0x5C); } for (int i = KeyValue.Length; i < 64; ++i) { innerPad[i] = 0x36; outerPad[i] = 0x5C; } } #endregion } } --- NEW FILE: MD5SHA1.cs --- /* Transport Security Layer (TLS) * Copyright (c) 2003-2004 Carlos Guzman Alvarez * * Permission is hereby granted, free of charge, to any person * obtaining a copy of this software and associated documentation * files (the "Software"), to deal in the Software without restriction, * including without limitation the rights to use, copy, modify, merge, * publish, distribute, sublicense, and/or sell copies of the Software, * and to permit persons to whom the Software is furnished to do so, * subject to the following conditions: * * The above copyright notice and this permission notice shall be included * in all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER * DEALINGS IN THE SOFTWARE. */ using System; using System.Security.Cryptography; using Mono.Security.Protocol.Tls; namespace Mono.Security.Cryptography { internal class MD5SHA1 : HashAlgorithm { #region Fields private HashAlgorithm md5; private HashAlgorithm sha; private bool hashing; #endregion #region Constructors public MD5SHA1() : base() { this.md5 = MD5.Create(); this.sha = SHA1.Create(); // Set HashSizeValue this.HashSizeValue = this.md5.HashSize + this.sha.HashSize; } #endregion #region Methods public override void Initialize() { this.md5.Initialize(); this.sha.Initialize(); this.hashing = false; } protected override byte[] HashFinal() { if (!hashing) { this.hashing = true; } // Finalize the original hash this.md5.TransformFinalBlock(new byte[0], 0, 0); this.sha.TransformFinalBlock(new byte[0], 0, 0); byte[] hash = new byte[36]; System.Array.Copy(this.md5.Hash, 0, hash, 0, 16); System.Array.Copy(this.sha.Hash, 0, hash, 16, 20); return hash; } protected override void HashCore( byte[] array, int ibStart, int cbSize) { if (!hashing) { hashing = true; } this.md5.TransformBlock(array, ibStart, cbSize, array, ibStart); this.sha.TransformBlock(array, ibStart, cbSize, array, ibStart); } public byte[] CreateSignature(RSA rsa) { if (rsa == null) { throw new CryptographicUnexpectedOperationException ("missing key"); } RSASslSignatureFormatter f = new RSASslSignatureFormatter(rsa); f.SetHashAlgorithm("MD5SHA1"); return f.CreateSignature(this.Hash); } public bool VerifySignature(RSA rsa, byte[] rgbSignature) { if (rsa == null) { throw new CryptographicUnexpectedOperationException ("missing key"); } if (rgbSignature == null) { throw new ArgumentNullException ("rgbSignature"); } RSASslSignatureDeformatter d = new RSASslSignatureDeformatter(rsa); d.SetHashAlgorithm("MD5SHA1"); return d.VerifySignature(this.Hash, rgbSignature); } #endregion } } --- NEW FILE: PKCS1.cs --- // // PKCS1.cs - Implements PKCS#1 primitives. // // Author: // Sebastien Pouliot (spo...@mo...) // // (C) 2002, 2003 Motus Technologies Inc. (http://www.motus.com) // using System; using System.Security.Cryptography; namespace Mono.Security.Cryptography { // References: // a. PKCS#1: RSA Cryptography Standard // http://www.rsasecurity.com/rsalabs/pkcs/pkcs-1/index.html internal class PKCS1 { private static bool Compare (byte[] array1, byte[] array2) { bool result = (array1.Length == array2.Length); if (result) { for (int i=0; i < array1.Length; i++) if (array1[i] != array2[i]) return false; } return result; } private static byte[] xor (byte[] array1, byte[] array2) { byte[] result = new byte [array1.Length]; for (int i=0; i < result.Length; i++) result[i] = (byte) (array1[i] ^ array2[i]); return result; } private static byte[] emptySHA1 = { 0xda, 0x39, 0xa3, 0xee, 0x5e, 0x6b, 0x4b, 0x0d, 0x32, 0x55, 0xbf, 0xef, 0x95, 0x60, 0x18, 0x90, 0xaf, 0xd8, 0x07, 0x09 }; private static byte[] emptySHA256 = { 0xe3, 0xb0, 0xc4, 0x42, 0x98, 0xfc, 0x1c, 0x14, 0x9a, 0xfb, 0xf4, 0xc8, 0x99, 0x6f, 0xb9, 0x24, 0x27, 0xae, 0x41, 0xe4, 0x64, 0x9b, 0x93, 0x4c, 0xa4, 0x95, 0x99, 0x1b, 0x78, 0x52, 0xb8, 0x55 }; private static byte[] emptySHA384 = { 0x38, 0xb0, 0x60, 0xa7, 0x51, 0xac, 0x96, 0x38, 0x4c, 0xd9, 0x32, 0x7e, 0xb1, 0xb1, 0xe3, 0x6a, 0x21, 0xfd, 0xb7, 0x11, 0x14, 0xbe, 0x07, 0x43, 0x4c, 0x0c, 0xc7, 0xbf, 0x63, 0xf6, 0xe1, 0xda, 0x27, 0x4e, 0xde, 0xbf, 0xe7, 0x6f, 0x65, 0xfb, 0xd5, 0x1a, 0xd2, 0xf1, 0x48, 0x98, 0xb9, 0x5b }; private static byte[] emptySHA512 = { 0xcf, 0x83, 0xe1, 0x35, 0x7e, 0xef, 0xb8, 0xbd, 0xf1, 0x54, 0x28, 0x50, 0xd6, 0x6d, 0x80, 0x07, 0xd6, 0x20, 0xe4, 0x05, 0x0b, 0x57, 0x15, 0xdc, 0x83, 0xf4, 0xa9, 0x21, 0xd3, 0x6c, 0xe9, 0xce, 0x47, 0xd0, 0xd1, 0x3c, 0x5d, 0x85, 0xf2, 0xb0, 0xff, 0x83, 0x18, 0xd2, 0x87, 0x7e, 0xec, 0x2f, 0x63, 0xb9, 0x31, 0xbd, 0x47, 0x41, 0x7a, 0x81, 0xa5, 0x38, 0x32, 0x7a, 0xf9, 0x27, 0xda, 0x3e }; private static byte[] GetEmptyHash (HashAlgorithm hash) { if (hash is SHA1) return emptySHA1; else if (hash is SHA256) return emptySHA256; else if (hash is SHA384) return emptySHA384; else if (hash is SHA512) return emptySHA512; else return hash.ComputeHash ((byte[])null); } // PKCS #1 v.2.1, Section 4.1 // I2OSP converts a non-negative integer to an octet string of a specified length. public static byte[] I2OSP (int x, int size) { byte[] array = BitConverter.GetBytes (x); Array.Reverse (array, 0, array.Length); return I2OSP (array, size); } public static byte[] I2OSP (byte[] x, int size) { byte[] result = new byte [size]; Array.Copy (x, 0, result, (result.Length - x.Length), x.Length); return result; } // PKCS #1 v.2.1, Section 4.2 // OS2IP converts an octet string to a nonnegative integer. public static byte[] OS2IP (byte[] x) { int i = 0; while ((x [i++] == 0x00) && (i < x.Length)); i--; if (i > 0) { byte[] result = new byte [x.Length - i]; Array.Copy (x, i, result, 0, result.Length); return result; } else return x; } // PKCS #1 v.2.1, Section 5.1.1 public static byte[] RSAEP (RSA rsa, byte[] m) { // c = m^e mod n return rsa.EncryptValue (m); } // PKCS #1 v.2.1, Section 5.1.2 public static byte[] RSADP (RSA rsa, byte[] c) { // m = c^d mod n // Decrypt value may apply CRT optimizations return rsa.DecryptValue (c); } // PKCS #1 v.2.1, Section 5.2.1 public static byte[] RSASP1 (RSA rsa, byte[] m) { // first form: s = m^d mod n // Decrypt value may apply CRT optimizations return rsa.DecryptValue (m); } // PKCS #1 v.2.1, Section 5.2.2 public static byte[] RSAVP1 (RSA rsa, byte[] s) { // m = s^e mod n return rsa.EncryptValue (s); } // PKCS #1 v.2.1, Section 7.1.1 // RSAES-OAEP-ENCRYPT ((n, e), M, L) public static byte[] Encrypt_OAEP (RSA rsa, HashAlgorithm hash, RandomNumberGenerator rng, byte[] M) { int size = rsa.KeySize / 8; int hLen = hash.HashSize / 8; if (M.Length > size - 2 * hLen - 2) throw new CryptographicException ("message too long"); // empty label L SHA1 hash byte[] lHash = GetEmptyHash (hash); int PSLength = (size - M.Length - 2 * hLen - 2); // DB = lHash || PS || 0x01 || M byte[] DB = new byte [lHash.Length + PSLength + 1 + M.Length]; Array.Copy (lHash, 0, DB, 0, lHash.Length); DB [(lHash.Length + PSLength)] = 0x01; Array.Copy (M, 0, DB, (DB.Length - M.Length), M.Length); byte[] seed = new byte [hLen]; rng.GetBytes (seed); byte[] dbMask = MGF1 (hash, seed, size - hLen - 1); byte[] maskedDB = xor (DB, dbMask); byte[] seedMask = MGF1 (hash, maskedDB, hLen); byte[] maskedSeed = xor (seed, seedMask); // EM = 0x00 || maskedSeed || maskedDB byte[] EM = new byte [maskedSeed.Length + maskedDB.Length + 1]; Array.Copy (maskedSeed, 0, EM, 1, maskedSeed.Length); Array.Copy (maskedDB, 0, EM, maskedSeed.Length + 1, maskedDB.Length); byte[] m = OS2IP (EM); byte[] c = RSAEP (rsa, m); return I2OSP (c, size); } // PKCS #1 v.2.1, Section 7.1.2 // RSAES-OAEP-DECRYPT (K, C, L) public static byte[] Decrypt_OAEP (RSA rsa, HashAlgorithm hash, byte[] C) { int size = rsa.KeySize / 8; int hLen = hash.HashSize / 8; if ((size < (2 * hLen + 2)) || (C.Length != size)) throw new CryptographicException ("decryption error"); byte[] c = OS2IP (C); byte[] m = RSADP (rsa, c); byte[] EM = I2OSP (m, size); // split EM = Y || maskedSeed || maskedDB byte[] maskedSeed = new byte [hLen]; Array.Copy (EM, 1, maskedSeed, 0, maskedSeed.Length); byte[] maskedDB = new byte [size - hLen - 1]; Array.Copy (EM, (EM.Length - maskedDB.Length), maskedDB, 0, maskedDB.Length); byte[] seedMask = MGF1 (hash, maskedDB, hLen); byte[] seed = xor (maskedSeed, seedMask); byte[] dbMask = MGF1 (hash, seed, size - hLen - 1); byte[] DB = xor (maskedDB, dbMask); byte[] lHash = GetEmptyHash (hash); // split DB = lHash' || PS || 0x01 || M byte[] dbHash = new byte [lHash.Length]; Array.Copy (DB, 0, dbHash, 0, dbHash.Length); bool h = Compare (lHash, dbHash); // find separator 0x01 int nPos = lHash.Length; while (DB[nPos] == 0) nPos++; int Msize = DB.Length - nPos - 1; byte[] M = new byte [Msize]; Array.Copy (DB, (nPos + 1), M, 0, Msize); // we could have returned EM[0] sooner but would be helping a timing attack if ((EM[0] != 0) || (!h) || (DB[nPos] != 0x01)) return null; return M; } // PKCS #1 v.2.1, Section 7.2.1 // RSAES-PKCS1-V1_5-ENCRYPT ((n, e), M) public static byte[] Encrypt_v15 (RSA rsa, RandomNumberGenerator rng, byte[] M) { int size = rsa.KeySize / 8; if (M.Length > size - 11) throw new CryptographicException ("message too long"); int PSLength = System.Math.Max (8, (size - M.Length - 3)); byte[] PS = new byte [PSLength]; rng.GetNonZeroBytes (PS); byte[] EM = new byte [size]; EM [1] = 0x02; Array.Copy (PS, 0, EM, 2, PSLength); Array.Copy (M, 0, EM, (size - M.Length), M.Length); byte[] m = OS2IP (EM); byte[] c = RSAEP (rsa, m); byte[] C = I2OSP (c, size); return C; } // PKCS #1 v.2.1, Section 7.2.2 // RSAES-PKCS1-V1_5-DECRYPT (K, C) public static byte[] Decrypt_v15 (RSA rsa, byte[] C) { int size = rsa.KeySize / 8; if ((size < 11) || (C.Length != size)) throw new CryptographicException ("decryption error"); byte[] c = OS2IP (C); byte[] m = RSADP (rsa, c); byte[] EM = I2OSP (m, size); if ((EM [0] != 0x00) || (EM [1] != 0x02)) return null; int mPos = 10; // PS is a minimum of 8 bytes + 2 bytes for header while ((EM [mPos] != 0x00) && (mPos < EM.Length)) mPos++; if (EM [mPos] != 0x00) return null; mPos++; byte[] M = new byte [EM.Length - mPos]; Array.Copy (EM, mPos, M, 0, M.Length); return M; } // PKCS #1 v.2.1, Section 8.2.1 // RSASSA-PKCS1-V1_5-SIGN (K, M) public static byte[] Sign_v15 (RSA rsa, HashAlgorithm hash, byte[] hashValue) { int size = (rsa.KeySize >> 3); // div 8 byte[] EM = Encode_v15 (hash, hashValue, size); byte[] m = OS2IP (EM); byte[] s = RSASP1 (rsa, m); byte[] S = I2OSP (s, size); return S; } // PKCS #1 v.2.1, Section 8.2.2 // RSASSA-PKCS1-V1_5-VERIFY ((n, e), M, S) public static bool Verify_v15 (RSA rsa, HashAlgorithm hash, byte[] hashValue, byte[] signature) { int size = (rsa.KeySize >> 3); // div 8 byte[] s = OS2IP (signature); byte[] m = RSAVP1 (rsa, s); byte[] EM2 = I2OSP (m, size); byte[] EM = Encode_v15 (hash, hashValue, size); bool result = Compare (EM, EM2); if (!result) { // NOTE: some signatures don't include the hash OID (pretty lame but real) // and compatible with MS implementation if ((EM2 [0] != 0x00) || (EM2 [1] != 0x01)) return false; // TODO: add more validation byte[] decryptedHash = new byte [hashValue.Length]; Array.Copy (EM2, EM2.Length - hashValue.Length, decryptedHash, 0, decryptedHash.Length); result = Compare (decryptedHash, hashValue); } return result; } // PKCS #1 v.2.1, Section 9.2 // EMSA-PKCS1-v1_5-Encode public static byte[] Encode_v15 (HashAlgorithm hash, byte[] hashValue, int emLength) { if (hashValue.Length != (hash.HashSize >> 3)) throw new CryptographicException ("bad hash length for " + hash.ToString ()); // DigestInfo ::= SEQUENCE { // digestAlgorithm AlgorithmIdentifier, // digest OCTET STRING // } byte[] t = null; string oid = CryptoConfig.MapNameToOID (hash.ToString ()); if (oid != null) { ASN1 digestAlgorithm = new ASN1 (0x30); digestAlgorithm.Add (new ASN1 (CryptoConfig.EncodeOID (oid))); digestAlgorithm.Add (new ASN1 (0x05)); // NULL ASN1 digest = new ASN1 (0x04, hashValue); ASN1 digestInfo = new ASN1 (0x30); digestInfo.Add (digestAlgorithm); digestInfo.Add (digest); t = digestInfo.GetBytes (); } else { // There are no valid OID, in this case t = hashValue // This is the case of the MD5SHA hash algorithm t = hashValue; } Array.Copy (hashValue, 0, t, t.Length - hashValue.Length, hashValue.Length); int PSLength = System.Math.Max (8, emLength - t.Length - 3); // PS = PSLength of 0xff // EM = 0x00 | 0x01 | PS | 0x00 | T byte[] EM = new byte [PSLength + t.Length + 3]; EM [1] = 0x01; for (int i=2; i < PSLength + 2; i++) EM[i] = 0xff; Array.Copy (t, 0, EM, PSLength + 3, t.Length); return EM; } // PKCS #1 v.2.1, Section B.2.1 public static byte[] MGF1 (HashAlgorithm hash, byte[] mgfSeed, int maskLen) { // 1. If maskLen > 2^32 hLen, output "mask too long" and stop. // easy - this is impossible by using a int (31bits) as parameter ;-) // BUT with a signed int we do have to check for negative values! if (maskLen < 0) throw new OverflowException(); int mgfSeedLength = mgfSeed.Length; int hLen = (hash.HashSize >> 3); // from bits to bytes int iterations = (maskLen / hLen); if (maskLen % hLen != 0) iterations++; // 2. Let T be the empty octet string. byte[] T = new byte [iterations * hLen]; byte[] toBeHashed = new byte [mgfSeedLength + 4]; int pos = 0; // 3. For counter from 0 to \ceil (maskLen / hLen) - 1, do the following: for (int counter = 0; counter < iterations; counter++) { // a. Convert counter to an octet string C of length 4 octets byte[] C = I2OSP (counter, 4); // b. Concatenate the hash of the seed mgfSeed and C to the octet string T: // T = T || Hash (mgfSeed || C) Array.Copy (mgfSeed, 0, toBeHashed, 0, mgfSeedLength); Array.Copy (C, 0, toBeHashed, mgfSeedLength, 4); byte[] output = hash.ComputeHash (toBeHashed); Array.Copy (output, 0, T, pos, hLen); pos += mgfSeedLength; } // 4. Output the leading maskLen octets of T as the octet string mask. byte[] mask = new byte [maskLen]; Array.Copy (T, 0, mask, 0, maskLen); return mask; } } } --- NEW FILE: RC4.cs --- // // RC4.cs: RC4(tm) symmetric stream cipher // RC4 is a trademark of RSA Security // // Author: // Sebastien Pouliot (spo...@mo...) // // (C) 2003 Motus Technologies Inc. (http://www.motus.com) // using System; using System.Security.Cryptography; namespace Mono.Security.Cryptography { internal abstract class RC4 : SymmetricAlgorithm { private static KeySizes[] s_legalBlockSizes = { new KeySizes (64, 64, 0) }; private static KeySizes[] s_legalKeySizes = { new KeySizes (40, 2048, 8) }; public RC4() { KeySizeValue = 128; BlockSizeValue = 64; FeedbackSizeValue = BlockSizeValue; LegalBlockSizesValue = s_legalBlockSizes; LegalKeySizesValue = s_legalKeySizes; } new static public RC4 Create() { return Create ("RC4"); } new static public RC4 Create (string algName) { object o = CryptoConfig.CreateFromName (algName); // in case machine.config isn't configured to use // any RC4 implementation if (o == null) { o = new ARC4Managed (); } return (RC4) o; } } } --- NEW FILE: RSAManaged.cs --- // // RSAManaged.cs - Implements the RSA algorithm. // // Authors: // Sebastien Pouliot (spo...@mo...) // Ben Maurer (bm...@us...) // // (C) 2002, 2003 Motus Technologies Inc. (http://www.motus.com) // Portions (C) 2003 Ben Maurer // // Key generation translated from Bouncy Castle JCE (http://www.bouncycastle.org/) // See bouncycastle.txt for license. // using System; using System.Security.Cryptography; using Mono.Math; // Big chunks of code are coming from the original RSACryptoServiceProvider class. // The class was refactored to : // a. ease integration of new hash algorithm (like MD2, RIPEMD160, ...); // b. provide better support for the coming SSL implementation (requires // EncryptValue/DecryptValue) with, or without, Mono runtime/corlib; // c. provide an alternative RSA implementation for all Windows (like using // OAEP without Windows XP). namespace Mono.Security.Cryptography { internal class RSAManaged : RSA { private const int defaultKeySize = 1024; private bool isCRTpossible = false; private bool keypairGenerated = false; private bool m_disposed = false; private BigInteger d; private BigInteger p; private BigInteger q; private BigInteger dp; private BigInteger dq; private BigInteger qInv; private BigInteger n; // modulus private BigInteger e; public RSAManaged () : this (defaultKeySize) {} public RSAManaged (int dwKeySize) { KeySizeValue = dwKeySize; LegalKeySizesValue = new KeySizes [1]; LegalKeySizesValue [0] = new KeySizes (384, 16384, 8); } ~RSAManaged () { // Zeroize private key Dispose (false); } private void GenerateKeyPair () { // p and q values should have a length of half the strength in bits int pbitlength = ((KeySize + 1) >> 1); int qbitlength = (KeySize - pbitlength); const uint uint_e = 17; e = uint_e; // fixed // generate p, prime and (p-1) relatively prime to e for (;;) { p = BigInteger.genPseudoPrime (pbitlength); if (p % uint_e != 1) break; } // generate a modulus of the required length for (;;) { // generate q, prime and (q-1) relatively prime to e, // and not equal to p for (;;) { q = BigInteger.genPseudoPrime (qbitlength); if ((q % uint_e != 1) && (p != q)) break; } // calculate the modulus n = p * q; if (n.bitCount () == KeySize) break; // if we get here our primes aren't big enough, make the largest // of the two p and try again if (p < q) p = q; } BigInteger pSub1 = (p - 1); BigInteger qSub1 = (q - 1); BigInteger phi = pSub1 * qSub1; // calculate the private exponent d = e.modInverse (phi); // calculate the CRT factors dp = d % pSub1; dq = d % qSub1; qInv = q.modInverse (p); keypairGenerated = true; isCRTpossible = true; } // overrides from RSA class public override int KeySize { get { // in case keypair hasn't been (yet) generated if (keypairGenerated) return n.bitCount (); else return base.KeySize; } } public override string KeyExchangeAlgorithm { get { return "RSA-PKCS1-KeyEx"; } } public override string SignatureAlgorithm { get { return "http://www.w3.org/2000/09/xmldsig#rsa-sha1"; } } public override byte[] DecryptValue (byte[] rgb) { if (m_disposed) throw new ObjectDisposedException ("private key"); // decrypt operation is used for signature if (!keypairGenerated) GenerateKeyPair (); BigInteger input = new BigInteger (rgb); BigInteger output; // decrypt (which uses the private key) can be // optimized by using CRT (Chinese Remainder Theorem) if (isCRTpossible) { // m1 = c^dp mod p BigInteger m1 = input.modPow (dp, p); // m2 = c^dq mod q BigInteger m2 = input.modPow (dq, q); BigInteger h; if (m2 > m1) { // thanks to benm! h = p - ((m2 - m1) * qInv % p); output = m2 + q * h; } else { // h = (m1 - m2) * qInv mod p h = (m1 - m2) * qInv % p; // m = m2 + q * h; output = m2 + q * h; } } else { // m = c^d mod n output = input.modPow (d, n); } byte[] result = output.getBytes (); // zeroize value input.Clear (); output.Clear (); return result; } public override byte[] EncryptValue (byte[] rgb) { if (m_disposed) throw new ObjectDisposedException ("public key"); if (!keypairGenerated) GenerateKeyPair (); BigInteger input = new BigInteger (rgb); BigInteger output = input.modPow (e, n); byte[] result = output.getBytes (); // zeroize value input.Clear (); output.Clear (); return result; } public override RSAParameters ExportParameters (bool includePrivateParameters) { if (m_disposed) throw new ObjectDisposedException (""); if (!keypairGenerated) GenerateKeyPair (); RSAParameters param = new RSAParameters (); param.Exponent = e.getBytes (); param.Modulus = n.getBytes (); if (includePrivateParameters) { param.D = d.getBytes (); param.DP = dp.getBytes (); param.DQ = dq.getBytes (); param.InverseQ = qInv.getBytes (); param.P = p.getBytes (); param.Q = q.getBytes (); } return param; } public override void ImportParameters (RSAParameters parameters) { if (m_disposed) throw new ObjectDisposedException (""); // if missing "mandatory" parameters if (parameters.Exponent == null) throw new CryptographicException ("Missing Exponent"); if (parameters.Modulus == null) throw new CryptographicException ("Missing Modulus"); e = new BigInteger (parameters.Exponent); n = new BigInteger (parameters.Modulus); // only if the private key is present if (parameters.D != null) d = new BigInteger (parameters.D); if (parameters.DP != null) dp = new BigInteger (parameters.DP); if (parameters.DQ != null) dq = new BigInteger (parameters.DQ); if (parameters.InverseQ != null) qInv = new BigInteger (parameters.InverseQ); if (parameters.P != null) p = new BigInteger (parameters.P); if (parameters.Q != null) q = new BigInteger (parameters.Q); // we now have a keypair keypairGenerated = true; isCRTpossible = ((p != null) && (q != null) && (dp != null) && (dq != null) && (qInv != null)); } protected override void Dispose (bool disposing) { if (!m_disposed) { // Always zeroize private key if (d != null) { d.Clear (); d = null; } if (p != null) { p.Clear (); p = null; } if (q != null) { q.Clear (); q = null; } if (dp != null) { dp.Clear (); dp = null; } if (dq != null) { dq.Clear (); dq = null; } if (qInv != null) { qInv.Clear (); qInv = null; } if (disposing) { // clear public key if (e != null) { e.Clear (); e = null; } if (n != null) { n.Clear (); n = null; } } } // call base class // no need as they all are abstract before us m_disposed = true; } } } |
