2004-02-17 Carlos Guzm��n ��lvarez <carlosga@telefonica.net>

author Carlos Guzmán Álvarez <carlos@mono-cvs.ximian.com>

Tue, 17 Feb 2004 18:33:38 +0000 (18:33 -0000)

committer Carlos Guzmán Álvarez <carlos@mono-cvs.ximian.com>

Tue, 17 Feb 2004 18:33:38 +0000 (18:33 -0000)
author Carlos Guzmán Álvarez <carlos@mono-cvs.ximian.com>
Tue, 17 Feb 2004 18:33:38 +0000 (18:33 -0000)
committer Carlos Guzmán Álvarez <carlos@mono-cvs.ximian.com>
Tue, 17 Feb 2004 18:33:38 +0000 (18:33 -0000)
diff --git a/mcs/class/Mono.Security/ChangeLog b/mcs/class/Mono.Security/ChangeLog

index 53ed3f488f8d2aab7c4000d66ef0642da604892d..d4307ac97a0e307f221527ffa30a7cbd624546a1 100644 (file)
--- a/mcs/class/Mono.Security/ChangeLog
+++ b/mcs/class/Mono.Security/ChangeLog
@@ -1,5 +1,25 @@
  2004-02-17 Carlos Guzmán Álvarez  <carlosga@telefonica.net>
  
+       * Mono.Security.Protocol.Tls.Handshake.Client/TlsClientCertificate.cs:
+
+               - Raise the Client Certificate event.
+
+       * Mono.Security.Protocol.Tls/CipherSuite.cs:
+       * Mono.Security.Protocol.Tls/SslClientStream.cs:
+       * Mono.Security.Protocol.Tls/SecurityProtocolType.cs:
+       * Mono.Security.Protocol.Tls/TlsCipherSuite.cs:
+       * Mono.Security.Protocol.Tls/TlsCipherSuiteCollection.cs:
+       * Mono.Security.Protocol.Tls/TlsCipherSuiteFactory.cs:
+       * Mono.Security.Protocol.Tls/TlsContext.cs:
+       * Mono.Security.Protocol.Tls.Handshake/TlsHandshakeMessage.cs:
+       * Mono.Security.Protocol.Tls.Handshake.Client/TlsClientHello.cs:
+
+               - Change the SecurityProtocolType enum to mtch .NET 1.2 documentation definition.
+
+       * Mono.Security.Protocol.Tls/SslClientStream.cs:
+
+               - Impement SelectedClientCertificate and ServerCertificate properties.
+
         * Mono.Security.Protocol.Tls/SslClientStream.cs:
  
          - Added changes for bring async methods to work ( Thanks to Sebastien Pouliot )
diff --git a/mcs/class/Mono.Security/Mono.Security.Protocol.Tls.Handshake.Client/TlsClientCertificate.cs b/mcs/class/Mono.Security/Mono.Security.Protocol.Tls.Handshake.Client/TlsClientCertificate.cs

index 94b1002dc3e9f8cf0666ddca16aa8febb9f0c36b..1ff380aaf23800080ea1330ca9a272cdd064a7c1 100644 (file)
--- a/mcs/class/Mono.Security/Mono.Security.Protocol.Tls.Handshake.Client/TlsClientCertificate.cs
+++ b/mcs/class/Mono.Security/Mono.Security.Protocol.Tls.Handshake.Client/TlsClientCertificate.cs
@@ -59,6 +59,8 @@ namespace Mono.Security.Protocol.Tls.Handshake.Client
  
                 protected override void ProcessAsTls1()
                 {
+#warning "Client certificate selection is unfinished"
+
                         if (this.Context.ClientSettings.Certificates == null ||
                                 this.Context.ClientSettings.Certificates.Count == 0)
                         {
@@ -68,14 +70,18 @@ namespace Mono.Security.Protocol.Tls.Handshake.Client
                         // Select a valid certificate
                         X509Certificate clientCert = this.Context.ClientSettings.Certificates[0];
  
-                       /*
                         clientCert = this.Context.SslStream.RaiseClientCertificateSelection(
-                                                       this.Context.ClientSettings.Certificates,
-                                                       this.Context.ServerSettings.Certificates[0],
-                                                       this.Context.ClientSettings.TargetHost,
-                                                       null);
-                       */
-       
+                               this.Context.ClientSettings.Certificates,
+                               new X509Certificate(this.Context.ServerSettings.Certificates[0].RawData),
+                               this.Context.ClientSettings.TargetHost,
+                               null);
+
+                       if (clientCert == null)
+                       {
+                               throw this.Context.CreateException("Client certificate requested by the server and no client certificate specified.");
+                       }
+
+                       // Update the selected client certificate
                         this.Context.ClientSettings.ClientCertificate = clientCert;
  
                         // Write client certificates information to a stream
diff --git a/mcs/class/Mono.Security/Mono.Security.Protocol.Tls.Handshake.Client/TlsClientHello.cs b/mcs/class/Mono.Security/Mono.Security.Protocol.Tls.Handshake.Client/TlsClientHello.cs

index c0ebeb680db0da47d226bb2289be344ea33a6aa8..b507426d95810d498db672fd2f465d2df4ac6d13 100644 (file)
--- a/mcs/class/Mono.Security/Mono.Security.Protocol.Tls.Handshake.Client/TlsClientHello.cs
+++ b/mcs/class/Mono.Security/Mono.Security.Protocol.Tls.Handshake.Client/TlsClientHello.cs
@@ -67,7 +67,7 @@ namespace Mono.Security.Protocol.Tls.Handshake.Client
                 protected override void ProcessAsTls1()
                 {
                         // Client Version
-                       this.Write((short)this.Context.Protocol);
+                       this.Write(this.Context.Protocol);
                                                                 
                         // Random bytes - Unix time + Radom bytes [28]
                         TlsStream clientRandom = new TlsStream();
diff --git a/mcs/class/Mono.Security/Mono.Security.Protocol.Tls.Handshake/TlsHandshakeMessage.cs b/mcs/class/Mono.Security/Mono.Security.Protocol.Tls.Handshake/TlsHandshakeMessage.cs

index 5632eee398b929210ae606ad3061713159ac2ae2..d03318a3ce65d0a359a10d4c6d7f513e7d9d5453 100644 (file)
--- a/mcs/class/Mono.Security/Mono.Security.Protocol.Tls.Handshake/TlsHandshakeMessage.cs
+++ b/mcs/class/Mono.Security/Mono.Security.Protocol.Tls.Handshake/TlsHandshakeMessage.cs
@@ -104,15 +104,20 @@ namespace Mono.Security.Protocol.Tls.Handshake
  
                 private void process()
                 {
-                       switch (this.Context.Protocol)
+                       switch (this.Context.SecurityProtocol)
                         {
+                               case SecurityProtocolType.Tls:
+                               case SecurityProtocolType.Default:
+                                       this.ProcessAsTls1();
+                                       break;
+
                                 case SecurityProtocolType.Ssl3:
                                         this.ProcessAsSsl3();
                                         break;
  
-                               case SecurityProtocolType.Tls:
-                                       this.ProcessAsTls1();
-                                       break;
+                               case SecurityProtocolType.Ssl2:
+                               default:
+                                       throw new NotSupportedException("Unsupported security protocol type");
                         }
                 }
  
diff --git a/mcs/class/Mono.Security/Mono.Security.Protocol.Tls/CipherSuite.cs b/mcs/class/Mono.Security/Mono.Security.Protocol.Tls/CipherSuite.cs

index 968eb6e0c0ea6b715757dd12facd48ec45ba639a..603680d701e701760f0bfe66001f57905440b9a0 100755 (executable)
--- a/mcs/class/Mono.Security/Mono.Security.Protocol.Tls/CipherSuite.cs
+++ b/mcs/class/Mono.Security/Mono.Security.Protocol.Tls/CipherSuite.cs
@@ -349,7 +349,7 @@ namespace Mono.Security.Protocol.Tls
                         TlsStream stream = new TlsStream();
  
                         // Write protocol version
-                       stream.Write((short)this.Context.Protocol);
+                       stream.Write(this.Context.Protocol);
  
                         // Generate random bytes
                         stream.Write(this.context.GetSecureRandomBytes(46));
diff --git a/mcs/class/Mono.Security/Mono.Security.Protocol.Tls/SecurityProtocolType.cs b/mcs/class/Mono.Security/Mono.Security.Protocol.Tls/SecurityProtocolType.cs

index c0a1c4aa96f628449fd5bc87d3a2d40f37240c64..42a1af3d0a7e25a28b15d3ab077010693892b547 100644 (file)
--- a/mcs/class/Mono.Security/Mono.Security.Protocol.Tls/SecurityProtocolType.cs
+++ b/mcs/class/Mono.Security/Mono.Security.Protocol.Tls/SecurityProtocolType.cs
@@ -26,10 +26,12 @@ using System;
  
  namespace Mono.Security.Protocol.Tls
  {
-       public enum SecurityProtocolType : short
+       [Flags]
+       public enum SecurityProtocolType
         {
-               Default = (0x03 << 8) | 0x01,
-               Ssl3    = (0x03 << 8) | 0x00,
-               Tls             = (0x03 << 8) | 0x01
+               Default = -1073741824,
+               Ssl2    = 12,
+               Ssl3    = 48,
+               Tls             = 192
         }
  }
 \ No newline at end of file
diff --git a/mcs/class/Mono.Security/Mono.Security.Protocol.Tls/SslClientStream.cs b/mcs/class/Mono.Security/Mono.Security.Protocol.Tls/SslClientStream.cs

index 89e1f91ecad36902ec165557acbf30bb8b164c4f..bd77f118e31ced96b1639110b1bc67916d3d473f 100644 (file)
--- a/mcs/class/Mono.Security/Mono.Security.Protocol.Tls/SslClientStream.cs
+++ b/mcs/class/Mono.Security/Mono.Security.Protocol.Tls/SslClientStream.cs
@@ -164,17 +164,29 @@ namespace Mono.Security.Protocol.Tls
                 
                 public SecurityProtocolType SecurityProtocol 
                 {
-                       get { return this.context.Protocol; }
+                       get { return this.context.SecurityProtocol; }
                 }
                 
                 public X509Certificate SelectedClientCertificate 
                 {
-                       get { throw new NotImplementedException(); }
+                       get { return this.context.ClientSettings.ClientCertificate; }
                 }
  
                 public X509Certificate ServerCertificate 
                 {
-                       get { throw new NotImplementedException(); }
+                       get 
+                       { 
+                               if (!this.context.HandshakeFinished)
+                               {
+                                       if (this.context.ServerSettings.Certificates != null &&
+                                               this.context.ServerSettings.Certificates.Count > 0)
+                                       {
+                                               return new X509Certificate(this.context.ServerSettings.Certificates[0].RawData);
+                                       }
+                               }
+
+                               return null;
+                       }
                 } 
  
                 #endregion
@@ -630,9 +642,9 @@ namespace Mono.Security.Protocol.Tls
                                 return null;
                         }
  
-                       TlsContentType                  contentType     = (TlsContentType)type;
-                       SecurityProtocolType    protocol        = (SecurityProtocolType)this.ReadShort();
-                       short                                   length          = this.ReadShort();
+                       TlsContentType  contentType     = (TlsContentType)type;
+                       short                   protocol        = this.ReadShort();
+                       short                   length          = this.ReadShort();
                         
                         // Read Record data
                         int             received        = 0;
@@ -662,7 +674,6 @@ namespace Mono.Security.Protocol.Tls
                                 {
                                         message = this.decryptRecordFragment(
                                                 contentType, 
-                                               protocol,
                                                 message.ToArray());
                                 }
                         }
@@ -808,7 +819,7 @@ namespace Mono.Security.Protocol.Tls
  
                                 // Write tls message
                                 record.Write((byte)contentType);
-                               record.Write((short)this.context.Protocol);
+                               record.Write(this.context.Protocol);
                                 record.Write((short)fragment.Length);
                                 record.Write(fragment);
  
@@ -848,9 +859,8 @@ namespace Mono.Security.Protocol.Tls
                 }
  
                 private TlsStream decryptRecordFragment(
-                       TlsContentType                  contentType, 
-                       SecurityProtocolType    protocol,
-                       byte[]                                  fragment)
+                       TlsContentType  contentType, 
+                       byte[]                  fragment)
                 {
                         byte[]  dcrFragment     = null;
                         byte[]  dcrMAC          = null;
@@ -995,7 +1005,7 @@ namespace Mono.Security.Protocol.Tls
                 private void doHandshake()
                 {
                         // Obtain supported cipher suite collection
-                       this.context.SupportedCiphers = TlsCipherSuiteFactory.GetSupportedCiphers(context.Protocol);
+                       this.context.SupportedCiphers = TlsCipherSuiteFactory.GetSupportedCiphers(context.SecurityProtocol);
  
                         // Send client hello
                         this.sendRecord(TlsHandshakeType.ClientHello);
diff --git a/mcs/class/Mono.Security/Mono.Security.Protocol.Tls/TlsCipherSuite.cs b/mcs/class/Mono.Security/Mono.Security.Protocol.Tls/TlsCipherSuite.cs

index c91b3caa29156ca06cf6e23695b14083b0e56ce0..e0ffc062ff11bde2273197afd9f5e699f70098f9 100644 (file)
--- a/mcs/class/Mono.Security/Mono.Security.Protocol.Tls/TlsCipherSuite.cs
+++ b/mcs/class/Mono.Security/Mono.Security.Protocol.Tls/TlsCipherSuite.cs
@@ -60,7 +60,7 @@ namespace Mono.Security.Protocol.Tls
  
                         data.Write(this.Context.ReadSequenceNumber);
                         data.Write((byte)contentType);
-                       data.Write((short)this.Context.Protocol);
+                       data.Write(this.Context.Protocol);
                         data.Write((short)fragment.Length);
                         data.Write(fragment);
  
@@ -78,7 +78,7 @@ namespace Mono.Security.Protocol.Tls
  
                         data.Write(this.Context.WriteSequenceNumber);
                         data.Write((byte)contentType);
-                       data.Write((short)this.Context.Protocol);
+                       data.Write(this.Context.Protocol);
                         data.Write((short)fragment.Length);
                         data.Write(fragment);
  
diff --git a/mcs/class/Mono.Security/Mono.Security.Protocol.Tls/TlsCipherSuiteCollection.cs b/mcs/class/Mono.Security/Mono.Security.Protocol.Tls/TlsCipherSuiteCollection.cs

index 2986e9b96c4bfd5853ff114fad80e9112baad521..40a7e3cb6b184b9bc6960b2ca5f4ca63dd582db4 100644 (file)
--- a/mcs/class/Mono.Security/Mono.Security.Protocol.Tls/TlsCipherSuiteCollection.cs
+++ b/mcs/class/Mono.Security/Mono.Security.Protocol.Tls/TlsCipherSuiteCollection.cs
@@ -117,22 +117,24 @@ namespace Mono.Security.Protocol.Tls
                 {
                         switch (this.protocol)
                         {
-                               case SecurityProtocolType.Ssl3:
+                               case SecurityProtocolType.Default:
+                               case SecurityProtocolType.Tls:
                                         return this.add(
-                                               new TlsSslCipherSuite(
+                                               new TlsCipherSuite(
                                                 code, name, cipherType, hashType, exchangeType, exportable, 
                                                 blockMode, keyMaterialSize, expandedKeyMaterialSize, 
                                                 effectiveKeyBytes, ivSize, blockSize));
  
-                               case SecurityProtocolType.Tls:
+                               case SecurityProtocolType.Ssl3:
                                         return this.add(
-                                               new TlsCipherSuite(
+                                               new TlsSslCipherSuite(
                                                 code, name, cipherType, hashType, exchangeType, exportable, 
                                                 blockMode, keyMaterialSize, expandedKeyMaterialSize, 
                                                 effectiveKeyBytes, ivSize, blockSize));
  
+                               case SecurityProtocolType.Ssl2:
                                 default:
-                                       throw new NotSupportedException();
+                                       throw new NotSupportedException("Unsupported security protocol type.");
                         }
                 }
  
diff --git a/mcs/class/Mono.Security/Mono.Security.Protocol.Tls/TlsCipherSuiteFactory.cs b/mcs/class/Mono.Security/Mono.Security.Protocol.Tls/TlsCipherSuiteFactory.cs

index bdf25e3122a0347a232a8b2979b65fedc4ead2bb..9387cb2a476cafc0637d0222f307ccba03fe8bcd 100755 (executable)
--- a/mcs/class/Mono.Security/Mono.Security.Protocol.Tls/TlsCipherSuiteFactory.cs
+++ b/mcs/class/Mono.Security/Mono.Security.Protocol.Tls/TlsCipherSuiteFactory.cs
@@ -32,14 +32,16 @@ namespace Mono.Security.Protocol.Tls
                 {
                         switch (protocol)
                         {
+                               case SecurityProtocolType.Default:
+                               case SecurityProtocolType.Tls:                          
+                                       return TlsCipherSuiteFactory.GetTls1SupportedCiphers();
+
                                 case SecurityProtocolType.Ssl3:
                                         return TlsCipherSuiteFactory.GetSsl3SupportedCiphers();
  
-                               case SecurityProtocolType.Tls:
-                                       return TlsCipherSuiteFactory.GetTls1SupportedCiphers();
-
+                               case SecurityProtocolType.Ssl2:
                                 default:
-                                       throw new NotSupportedException();
+                                       throw new NotSupportedException("Unsupported security protocol type");
                         }
                 }
  
@@ -165,4 +167,4 @@ namespace Mono.Security.Protocol.Tls
  
                 #endregion
         }
-}
+}
+\ No newline at end of file
diff --git a/mcs/class/Mono.Security/Mono.Security.Protocol.Tls/TlsContext.cs b/mcs/class/Mono.Security/Mono.Security.Protocol.Tls/TlsContext.cs

index 79b8d446b2ba8fe23c97dac663f080b7bd18dc97..d601537191db9b46b1596ff75b933aa4fe538a2a 100644 (file)
--- a/mcs/class/Mono.Security/Mono.Security.Protocol.Tls/TlsContext.cs
+++ b/mcs/class/Mono.Security/Mono.Security.Protocol.Tls/TlsContext.cs
@@ -42,7 +42,7 @@ namespace Mono.Security.Protocol.Tls
                 private SslClientStream sslStream;
  
                 // Protocol version
-               private SecurityProtocolType protocol;
+               private SecurityProtocolType securityProtocol;
  
                 // Sesison ID
                 private byte[] sessionId;
@@ -90,9 +90,11 @@ namespace Mono.Security.Protocol.Tls
                 
                 #endregion
  
-               #region INTERNAL_CONSTANTS
+               #region Internal Constants
  
-               internal const short MAX_FRAGMENT_SIZE = 16384; // 2^14
+               internal const short MAX_FRAGMENT_SIZE  = 16384; // 2^14
+               internal const short TLS1_PROTOCOL_CODE = (0x03 << 8) | 0x01;
+               internal const short SSL3_PROTOCOL_CODE = (0x03 << 8) | 0x00;
  
                 #endregion
  
@@ -103,10 +105,30 @@ namespace Mono.Security.Protocol.Tls
                         get { return sslStream; }
                 }
  
-               public SecurityProtocolType Protocol
+               public SecurityProtocolType SecurityProtocol
                 {
-                       get { return this.protocol; }
-                       set { this.protocol = value; }
+                       get { return this.securityProtocol; }
+                       set { this.securityProtocol = value; }
+               }
+
+               public short Protocol
+               {
+                       get 
+                       { 
+                               switch (this.securityProtocol)
+                               {
+                                       case SecurityProtocolType.Tls:
+                                       case SecurityProtocolType.Default:
+                                               return TLS1_PROTOCOL_CODE;
+
+                                       case SecurityProtocolType.Ssl3:
+                                               return SSL3_PROTOCOL_CODE;
+
+                                       case SecurityProtocolType.Ssl2:
+                                       default:
+                                               throw new NotSupportedException("Unsupported security protocol type");
+                               }
+                       }
                 }
  
                 public byte[] SessionId
@@ -257,13 +279,13 @@ namespace Mono.Security.Protocol.Tls
                 #region Constructors
  
                 public TlsContext(
-                       SslClientStream sslStream,
-                       SecurityProtocolType securityProtocolType,
-                       string targetHost,
-                       X509CertificateCollection clientCertificates)
+                       SslClientStream                         sslStream,
+                       SecurityProtocolType            securityProtocolType,
+                       string                                          targetHost,
+                       X509CertificateCollection       clientCertificates)
                 {
                         this.sslStream                  = sslStream;
-                       this.protocol                   = securityProtocolType;
+                       this.securityProtocol   = securityProtocolType;
                         this.compressionMethod  = SecurityCompressionType.None;
                         this.serverSettings             = new TlsServerSettings();
                         this.clientSettings             = new TlsClientSettings();
@@ -317,7 +339,7 @@ namespace Mono.Security.Protocol.Tls
                         this.serverWriteIV      = null;
  
                         // Clear MAC keys if protocol is different than Ssl3
-                       if (this.protocol != SecurityProtocolType.Ssl3)
+                       if (this.securityProtocol != SecurityProtocolType.Ssl3)
                         {
                                 this.clientWriteMAC = null;
                                 this.serverWriteMAC = null;
author	Carlos Guzmán Álvarez <carlos@mono-cvs.ximian.com>
	Tue, 17 Feb 2004 18:33:38 +0000 (18:33 -0000)
committer	Carlos Guzmán Álvarez <carlos@mono-cvs.ximian.com>
	Tue, 17 Feb 2004 18:33:38 +0000 (18:33 -0000)
mcs/class/Mono.Security/ChangeLog		patch \| blob \| history
mcs/class/Mono.Security/Mono.Security.Protocol.Tls.Handshake.Client/TlsClientCertificate.cs		patch \| blob \| history
mcs/class/Mono.Security/Mono.Security.Protocol.Tls.Handshake.Client/TlsClientHello.cs		patch \| blob \| history
mcs/class/Mono.Security/Mono.Security.Protocol.Tls.Handshake/TlsHandshakeMessage.cs		patch \| blob \| history
mcs/class/Mono.Security/Mono.Security.Protocol.Tls/CipherSuite.cs		patch \| blob \| history
mcs/class/Mono.Security/Mono.Security.Protocol.Tls/SecurityProtocolType.cs		patch \| blob \| history
mcs/class/Mono.Security/Mono.Security.Protocol.Tls/SslClientStream.cs		patch \| blob \| history
mcs/class/Mono.Security/Mono.Security.Protocol.Tls/TlsCipherSuite.cs		patch \| blob \| history
mcs/class/Mono.Security/Mono.Security.Protocol.Tls/TlsCipherSuiteCollection.cs		patch \| blob \| history
mcs/class/Mono.Security/Mono.Security.Protocol.Tls/TlsCipherSuiteFactory.cs		patch \| blob \| history
mcs/class/Mono.Security/Mono.Security.Protocol.Tls/TlsContext.cs		patch \| blob \| history