Thread: [pgsqlclient-checkins] pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls Handsha
Status: Inactive
Brought to you by:
carlosga_fb
Menu
▾
▴
pgsqlclient-checkins
Update of /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv14118 Modified Files: ClientContext.cs ClientRecordProtocol.cs Context.cs SslClientStream.cs SslServerStream.cs Added Files: HandshakeState.cs Log Message: 2004-02-25 Carlos Guzman Alvarez <car...@te...> * Mono.Security.Protocol.Tls/HandshakeState.cs: - New file. * Mono.Security.Protocol.Tls/SslClientStream.cs: * Mono.Security.Protocol.Tls/SslServerStream.cs: * Mono.Security.Protocol.Tls/Context.cs: * Mono.Security.Protocol.Tls/ClientContext.cs: * Mono.Security.Protocol.Tls/ClientRecordProtocol.cs: - Added changes for better handling of ClientHelloRequest messages. --- NEW FILE: HandshakeState.cs --- /* Transport Security Layer (TLS) * Copyright (c) 2003-2004 Carlos Guzman Alvarez * * Permission is hereby granted, free of charge, to any person * obtaining a copy of this software and associated documentation * files (the "Software"), to deal in the Software without restriction, * including without limitation the rights to use, copy, modify, merge, * publish, distribute, sublicense, and/or sell copies of the Software, * and to permit persons to whom the Software is furnished to do so, * subject to the following conditions: * * The above copyright notice and this permission notice shall be included * in all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER * DEALINGS IN THE SOFTWARE. */ using System; namespace Mono.Security.Protocol.Tls { [Serializable] internal enum HandshakeState { None, Started, Finished } } Index: ClientContext.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls/ClientContext.cs,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** ClientContext.cs 23 Feb 2004 12:16:08 -0000 1.1 --- ClientContext.cs 25 Feb 2004 15:39:33 -0000 1.2 *************** *** 76,79 **** --- 76,91 ---- #endregion + + #region Methods + + public override void Clear() + { + this.helloDone = false; + this.clientHelloProtocol = 0; + + base.Clear(); + } + + #endregion } } Index: ClientRecordProtocol.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls/ClientRecordProtocol.cs,v retrieving revision 1.2 retrieving revision 1.3 diff -C2 -d -r1.2 -r1.3 *** ClientRecordProtocol.cs 23 Feb 2004 12:16:08 -0000 1.2 --- ClientRecordProtocol.cs 25 Feb 2004 15:39:33 -0000 1.3 *************** *** 119,126 **** TlsHandshakeType type, byte[] buffer) { switch (type) { case TlsHandshakeType.HelloRequest: ! this.SendRecord(TlsHandshakeType.ClientHello); return null; --- 119,137 ---- TlsHandshakeType type, byte[] buffer) { + ClientContext context = (ClientContext)this.context; + switch (type) { case TlsHandshakeType.HelloRequest: ! if (context.HandshakeState != HandshakeState.Started) ! { ! context.SslStream.NegotiateHandshake(); ! } ! else ! { ! this.SendAlert( ! TlsAlertLevel.Warning, ! TlsAlertDescription.NoRenegotiation); ! } return null; Index: Context.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls/Context.cs,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** Context.cs 23 Feb 2004 12:16:08 -0000 1.1 --- Context.cs 25 Feb 2004 15:39:33 -0000 1.2 *************** *** 67,73 **** private TlsCipherSuiteCollection supportedCiphers; // Misc private bool isActual; - private bool handshakeFinished; private bool connectionEnd; private bool protocolNegotiated; --- 67,75 ---- private TlsCipherSuiteCollection supportedCiphers; + // Handshake negotiation state + private HandshakeState handshakeState; + // Misc private bool isActual; private bool connectionEnd; private bool protocolNegotiated; *************** *** 186,193 **** } ! public bool HandshakeFinished { ! get { return handshakeFinished; } ! set { handshakeFinished = value; } } --- 188,195 ---- } ! public HandshakeState HandshakeState { ! get { return this.HandshakeState; } ! set { this.handshakeState = value; } } *************** *** 305,308 **** --- 307,311 ---- this.handshakeMessages = new TlsStream(); this.sessionId = null; + this.handshakeState = HandshakeState.None; this.random = RandomNumberGenerator.Create(); } *************** *** 328,332 **** } ! public void ClearKeyInfo() { // Clear Master Secret --- 331,347 ---- } ! public virtual void Clear() ! { ! this.compressionMethod = SecurityCompressionType.None; ! this.serverSettings = new TlsServerSettings(); ! this.clientSettings = new TlsClientSettings(); ! this.handshakeMessages = new TlsStream(); ! this.sessionId = null; ! this.handshakeState = HandshakeState.None; ! ! this.ClearKeyInfo(); ! } ! ! public virtual void ClearKeyInfo() { // Clear Master Secret *************** *** 347,350 **** --- 362,368 ---- this.serverWriteIV = null; + // Reset handshake messages + this.handshakeMessages.Reset(); + // Clear MAC keys if protocol is different than Ssl3 if (this.securityProtocol != SecurityProtocolType.Ssl3) Index: SslClientStream.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls/SslClientStream.cs,v retrieving revision 1.14 retrieving revision 1.15 diff -C2 -d -r1.14 -r1.15 *** SslClientStream.cs 24 Feb 2004 16:03:51 -0000 1.14 --- SslClientStream.cs 25 Feb 2004 15:39:33 -0000 1.15 *************** *** 123,127 **** get { ! if (this.context.HandshakeFinished) { return this.context.Cipher.CipherAlgorithmType; --- 123,127 ---- get { ! if (this.context.HandshakeState == HandshakeState.Finished) { return this.context.Cipher.CipherAlgorithmType; *************** *** 136,140 **** get { ! if (this.context.HandshakeFinished) { return this.context.Cipher.EffectiveKeyBits; --- 136,140 ---- get { ! if (this.context.HandshakeState == HandshakeState.Finished) { return this.context.Cipher.EffectiveKeyBits; *************** *** 154,158 **** get { ! if (this.context.HandshakeFinished) { return this.context.Cipher.HashAlgorithmType; --- 154,158 ---- get { ! if (this.context.HandshakeState == HandshakeState.Finished) { return this.context.Cipher.HashAlgorithmType; *************** *** 167,171 **** get { ! if (this.context.HandshakeFinished) { return this.context.Cipher.HashSize * 8; --- 167,171 ---- get { ! if (this.context.HandshakeState == HandshakeState.Finished) { return this.context.Cipher.HashSize * 8; *************** *** 180,184 **** get { ! if (this.context.HandshakeFinished) { return this.context.ServerSettings.Certificates[0].RSA.KeySize; --- 180,184 ---- get { ! if (this.context.HandshakeState == HandshakeState.Finished) { return this.context.ServerSettings.Certificates[0].RSA.KeySize; *************** *** 193,197 **** get { ! if (this.context.HandshakeFinished) { return this.context.Cipher.ExchangeAlgorithmType; --- 193,197 ---- get { ! if (this.context.HandshakeState == HandshakeState.Finished) { return this.context.Cipher.ExchangeAlgorithmType; *************** *** 206,210 **** get { ! if (this.context.HandshakeFinished) { return this.context.SecurityProtocol; --- 206,210 ---- get { ! if (this.context.HandshakeState == HandshakeState.Finished) { return this.context.SecurityProtocol; *************** *** 224,228 **** get { ! if (this.context.HandshakeFinished) { if (this.context.ServerSettings.Certificates != null && --- 224,228 ---- get { ! if (this.context.HandshakeState == HandshakeState.Finished) { if (this.context.ServerSettings.Certificates != null && *************** *** 389,393 **** if (this.innerStream != null) { ! if (this.context.HandshakeFinished && !this.context.ConnectionEnd) { --- 389,393 ---- if (this.innerStream != null) { ! if (this.context.HandshakeState == HandshakeState.Finished && !this.context.ConnectionEnd) { *************** *** 456,473 **** lock (this) { ! if (!this.context.HandshakeFinished) { ! this.doHandshake(); // Handshake negotiation } } - /* - if (!Monitor.TryEnter(this.read)) - { - throw new InvalidOperationException("A read operation is already in progress."); - } - System.Threading.Monitor.Enter(this.read); - */ - IAsyncResult asyncResult; --- 456,465 ---- lock (this) { ! if (this.context.HandshakeState == HandshakeState.None) { ! this.NegotiateHandshake(); } } IAsyncResult asyncResult; *************** *** 534,543 **** } } - /* - finally - { - Monitor.Exit(this.read); - } - */ return asyncResult; --- 526,529 ---- *************** *** 576,594 **** lock (this) { ! if (!this.context.HandshakeFinished) { ! // Start handshake negotiation ! this.doHandshake(); } } - /* - if (!Monitor.TryEnter(this.write)) - { - throw new InvalidOperationException("A write operation is already in progress."); - } - Monitor.Enter(this.write); - */ - IAsyncResult asyncResult; --- 562,571 ---- lock (this) { ! if (this.context.HandshakeState == HandshakeState.None) { ! this.NegotiateHandshake(); } } IAsyncResult asyncResult; *************** *** 615,625 **** } - /* - finally - { - Monitor.Exit(this.write); - } - */ - return asyncResult; } --- 592,595 ---- *************** *** 738,794 **** */ ! private void doHandshake() { ! try { ! // Obtain supported cipher suites ! this.context.SupportedCiphers = TlsCipherSuiteFactory.GetSupportedCiphers(this.context.SecurityProtocol); ! // Send client hello ! this.protocol.SendRecord(TlsHandshakeType.ClientHello); ! // Read server response ! while (!this.context.HelloDone) ! { ! // Read next record ! this.protocol.ReceiveRecord(); ! } ! // Send client certificate if requested ! if (this.context.ServerSettings.CertificateRequest) ! { ! this.protocol.SendRecord(TlsHandshakeType.Certificate); ! } ! // Send Client Key Exchange ! this.protocol.SendRecord(TlsHandshakeType.ClientKeyExchange); ! // Now initialize session cipher with the generated keys ! this.context.Cipher.InitializeCipher(); ! // Send certificate verify if requested ! if (this.context.ServerSettings.CertificateRequest) ! { ! this.protocol.SendRecord(TlsHandshakeType.CertificateVerify); ! } ! // Send Cipher Spec protocol ! this.protocol.SendChangeCipherSpec(); ! // Read record until server finished is received ! while (!this.context.HandshakeFinished) { ! // If all goes well this will process messages: ! // Change Cipher Spec ! // Server finished ! this.protocol.ReceiveRecord(); } - - // Clear Key Info - this.context.ClearKeyInfo(); - } - catch - { - throw new IOException("The authentication or decryption has failed."); } } --- 708,772 ---- */ ! internal void NegotiateHandshake() { ! lock (this) { ! try ! { ! if (this.context.HandshakeState != HandshakeState.None) ! { ! this.context.Clear(); ! } ! // Obtain supported cipher suites ! this.context.SupportedCiphers = TlsCipherSuiteFactory.GetSupportedCiphers(this.context.SecurityProtocol); ! // Send client hello ! this.protocol.SendRecord(TlsHandshakeType.ClientHello); ! // Read server response ! while (!this.context.HelloDone) ! { ! // Read next record ! this.protocol.ReceiveRecord(); ! } ! // Send client certificate if requested ! if (this.context.ServerSettings.CertificateRequest) ! { ! this.protocol.SendRecord(TlsHandshakeType.Certificate); ! } ! // Send Client Key Exchange ! this.protocol.SendRecord(TlsHandshakeType.ClientKeyExchange); ! // Now initialize session cipher with the generated keys ! this.context.Cipher.InitializeCipher(); ! // Send certificate verify if requested ! if (this.context.ServerSettings.CertificateRequest) ! { ! this.protocol.SendRecord(TlsHandshakeType.CertificateVerify); ! } ! ! // Send Cipher Spec protocol ! this.protocol.SendChangeCipherSpec(); ! // Read record until server finished is received ! while (this.context.HandshakeState != HandshakeState.Finished) ! { ! // If all goes well this will process messages: ! // Change Cipher Spec ! // Server finished ! this.protocol.ReceiveRecord(); ! } ! ! // Clear Key Info ! this.context.ClearKeyInfo(); ! } ! catch { ! throw new IOException("The authentication or decryption has failed."); } } } Index: SslServerStream.cs =================================================================== RCS file: /cvsroot/pgsqlclient/pgsqlclient_10/Mono.Security/Mono.Security/Mono.Security.Protocol.Tls/SslServerStream.cs,v retrieving revision 1.3 retrieving revision 1.4 diff -C2 -d -r1.3 -r1.4 *** SslServerStream.cs 24 Feb 2004 16:03:51 -0000 1.3 --- SslServerStream.cs 25 Feb 2004 15:39:33 -0000 1.4 *************** *** 101,105 **** get { ! if (this.context.HandshakeFinished) { return this.context.Cipher.CipherAlgorithmType; --- 101,105 ---- get { ! if (this.context.HandshakeState == HandshakeState.Finished) { return this.context.Cipher.CipherAlgorithmType; *************** *** 114,118 **** get { ! if (this.context.HandshakeFinished) { return this.context.Cipher.EffectiveKeyBits; --- 114,118 ---- get { ! if (this.context.HandshakeState == HandshakeState.Finished) { return this.context.Cipher.EffectiveKeyBits; *************** *** 127,131 **** get { ! if (this.context.HandshakeFinished) { return this.context.ClientSettings.ClientCertificate; --- 127,131 ---- get { ! if (this.context.HandshakeState == HandshakeState.Finished) { return this.context.ClientSettings.ClientCertificate; *************** *** 140,144 **** get { ! if (this.context.HandshakeFinished) { return this.context.Cipher.HashAlgorithmType; --- 140,144 ---- get { ! if (this.context.HandshakeState == HandshakeState.Finished) { return this.context.Cipher.HashAlgorithmType; *************** *** 153,157 **** get { ! if (this.context.HandshakeFinished) { return this.context.Cipher.HashSize * 8; --- 153,157 ---- get { ! if (this.context.HandshakeState == HandshakeState.Finished) { return this.context.Cipher.HashSize * 8; *************** *** 166,170 **** get { ! if (this.context.HandshakeFinished) { return this.context.ServerSettings.Certificates[0].RSA.KeySize; --- 166,170 ---- get { ! if (this.context.HandshakeState == HandshakeState.Finished) { return this.context.ServerSettings.Certificates[0].RSA.KeySize; *************** *** 179,183 **** get { ! if (this.context.HandshakeFinished) { return this.context.Cipher.ExchangeAlgorithmType; --- 179,183 ---- get { ! if (this.context.HandshakeState == HandshakeState.Finished) { return this.context.Cipher.ExchangeAlgorithmType; *************** *** 192,196 **** get { ! if (this.context.HandshakeFinished) { return this.context.SecurityProtocol; --- 192,196 ---- get { ! if (this.context.HandshakeState == HandshakeState.Finished) { return this.context.SecurityProtocol; *************** *** 205,209 **** get { ! if (this.context.HandshakeFinished) { if (this.context.ServerSettings.Certificates != null && --- 205,209 ---- get { ! if (this.context.HandshakeState == HandshakeState.Finished) { if (this.context.ServerSettings.Certificates != null && *************** *** 321,325 **** if (this.innerStream != null) { ! if (this.context.HandshakeFinished) { // Write close notify --- 321,325 ---- if (this.innerStream != null) { ! if (this.context.HandshakeState == HandshakeState.Finished) { // Write close notify *************** *** 382,386 **** lock (this) { ! if (!this.context.HandshakeFinished) { this.doHandshake(); // Handshake negotiation --- 382,386 ---- lock (this) { ! if (this.context.HandshakeState == HandshakeState.None) { this.doHandshake(); // Handshake negotiation *************** *** 488,492 **** lock (this) { ! if (!this.context.HandshakeFinished) { // Start handshake negotiation --- 488,492 ---- lock (this) { ! if (this.context.HandshakeState == HandshakeState.None) { // Start handshake negotiation |
×
Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.
Thanks for helping keep SourceForge clean.
X