Update of /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls.Handshake/Mono.Security.Protocol.Tls.Handshake.Client
In directory sc8-pr-cvs1:/tmp/cvs-serv4208
Modified Files:
TlsClientCertificate.cs TlsClientCertificateVerify.cs
TlsServerKeyExchange.cs
Log Message:
Added changes to signatures handling code (not finished)
Index: TlsClientCertificate.cs
===================================================================
RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls.Handshake/Mono.Security.Protocol.Tls.Handshake.Client/TlsClientCertificate.cs,v
retrieving revision 1.8
retrieving revision 1.9
diff -C2 -d -r1.8 -r1.9
*** TlsClientCertificate.cs 3 Nov 2003 12:35:56 -0000 1.8
--- TlsClientCertificate.cs 3 Nov 2003 16:21:25 -0000 1.9
***************
*** 59,64 ****
protected override void ProcessAsTls1()
{
- #warning "Send only the appropiate type of certificate"
-
if (Session.Settings.Certificates == null ||
Session.Settings.Certificates.Count == 0)
--- 59,62 ----
Index: TlsClientCertificateVerify.cs
===================================================================
RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls.Handshake/Mono.Security.Protocol.Tls.Handshake.Client/TlsClientCertificateVerify.cs,v
retrieving revision 1.8
retrieving revision 1.9
diff -C2 -d -r1.8 -r1.9
*** TlsClientCertificateVerify.cs 3 Nov 2003 12:35:56 -0000 1.8
--- TlsClientCertificateVerify.cs 3 Nov 2003 16:21:25 -0000 1.9
***************
*** 63,67 ****
foreach (X509Certificate cert in Session.Settings.Certificates)
{
! HashAlgorithm hash = new MD5SHA1CryptoServiceProvider();
X509.X509Certificate c = new X509.X509Certificate(cert.GetRawCertData());
RSA rsa = c.RSA;
--- 63,67 ----
foreach (X509Certificate cert in Session.Settings.Certificates)
{
! MD5SHA1CryptoServiceProvider hash = new MD5SHA1CryptoServiceProvider();
X509.X509Certificate c = new X509.X509Certificate(cert.GetRawCertData());
RSA rsa = c.RSA;
***************
*** 80,108 ****
// Write the signature
! RSAPKCS1SignatureFormatter sf = new RSAPKCS1SignatureFormatter(rsa);
! switch (c.SignatureAlgorithm)
! {
! // MD2 with RSA encryption
! case "1.2.840.113549.1.1.2":
! // maybe someone installed MD2 ?
! sf.SetHashAlgorithm("MD2");
! break;
!
! // MD5 with RSA encryption
! case "1.2.840.113549.1.1.4":
! sf.SetHashAlgorithm("MD5");
! break;
!
! // SHA-1 with RSA Encryption
! case "1.2.840.113549.1.1.5":
! sf.SetHashAlgorithm("SHA1");
! break;
!
! default:
! throw this.Session.CreateException("Unsupported hash algorithm: " + c.SignatureAlgorithm);
! }
!
! #warning "Seems that for this we need the private key"
! Write(sf.CreateSignature(hash.Hash));
}
}
--- 80,84 ----
// Write the signature
! Write(hash.CreateSignature(rsa));
}
}
Index: TlsServerKeyExchange.cs
===================================================================
RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls/Mono.Security.Protocol.Tls.Handshake/Mono.Security.Protocol.Tls.Handshake.Client/TlsServerKeyExchange.cs,v
retrieving revision 1.9
retrieving revision 1.10
diff -C2 -d -r1.9 -r1.10
*** TlsServerKeyExchange.cs 3 Nov 2003 10:33:50 -0000 1.9
--- TlsServerKeyExchange.cs 3 Nov 2003 16:21:25 -0000 1.10
***************
*** 90,94 ****
private void verifySignature()
{
! HashAlgorithm hash = new MD5SHA1CryptoServiceProvider();
// Create server params array
--- 90,94 ----
private void verifySignature()
{
! MD5SHA1CryptoServiceProvider hash = new MD5SHA1CryptoServiceProvider();
// Create server params array
***************
*** 106,114 ****
// Verify Signature
- RSA rsa = new RSACryptoServiceProvider(rsaParams.Modulus.Length << 3);
- rsa.ImportParameters(rsaParams);
-
X509Certificate certificate = this.Session.Context.ServerSettings.ServerCertificates[0];
! certificate.CheckSignature(hash.Hash, "SHA1", this.signedParams);
}
--- 106,116 ----
// Verify Signature
X509Certificate certificate = this.Session.Context.ServerSettings.ServerCertificates[0];
!
! RSACryptoServiceProvider rsa = new RSACryptoServiceProvider(rsaParams.Modulus.Length << 3);
! rsa.ImportParameters(rsaParams);
!
! byte[] sign = hash.CreateSignature(rsa);
! hash.VerifySignature(rsa, this.signedParams);
}
|
