/// <summary>
/// Create a new HandshakeLayer object given a SecureChannel and which end of the connection it is to be.
/// </summary>
/// <param name="secureChannel">the SecureChannel that comprises the secure functionality of this layer</param>
/// <param name="connectionEnd">this specifies which end of the connection - Server or Client</param>
public HandshakeLayer(SecureChannel secureChannel, ConnectionEnd connectionEnd)
{
// SHA256 is a class that computes the SHA-256 (SHA stands for Standard Hashing Algorithm) of it's input.
m_localHash = SHA256.Create();
m_remoteHash = SHA256.Create();
m_secureChannel = secureChannel;
SecurityParameters = new SecurityParameters
{
Entity = connectionEnd,
CompressionAlgorithm = CompressionMethod.Null,
PRFAlgorithm = PRFAlgorithm.SHA256,
CipherType = CipherType.Block
};
AllowedCipherSuites = new[]
{
CipherSuite.TLS_RSA_WITH_AES_256_CBC_SHA256,
CipherSuite.TLS_RSA_WITH_AES_256_CBC_SHA,
CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA256,
CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA
};
VerifyCertificate = c => c.Verify();
}
/// <summary>
/// Create a new HandshakeLayer object given a SecureChannel and which end of the connection it is to be.
/// </summary>
/// <param name="secureChannel">the SecureChannel that comprises the secure functionality of this layer</param>
/// <param name="connectionEnd">this specifies which end of the connection - Server or Client</param>
public HandshakeLayer(SecureChannel secureChannel, ConnectionEnd connectionEnd)
{
// SHA256 is a class that computes the SHA-256 (SHA stands for Standard Hashing Algorithm) of it's input.
m_localHash = IncrementalHash.CreateHash(HashAlgorithmName.SHA256); //SHA256.Create();
m_remoteHash = IncrementalHash.CreateHash(HashAlgorithmName.SHA256); // SHA256.Create();
m_secureChannel = secureChannel;
SecurityParameters = new SecurityParameters
{
Entity = connectionEnd,
CompressionAlgorithm = CompressionMethod.Null,
PRFAlgorithm = PRFAlgorithm.SHA256,
CipherType = CipherType.Block
};
AllowedCipherSuites = new[]
{
CipherSuite.TLS_RSA_WITH_AES_256_CBC_SHA256,
CipherSuite.TLS_RSA_WITH_AES_256_CBC_SHA,
CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA256,
CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA
};
#warning This method is not available in .NETStandard 1.6 - planned for 2.0; using X509Chain for now as it has the same functionality in NetFx, where X509Certificate2.Verify() calls the same internal method as X509Chain().Build(c)
VerifyCertificate = c => new X509Chain().Build(c); //c.Verify();
}
/// <summary>
/// Create a new HandshakeLayer object given a SecureChannel and which end of the connection it is to be.
/// </summary>
/// <param name="secureChannel">the SecureChannel that comprises the secure functionality of this layer</param>
/// <param name="connectionEnd">this specifies which end of the connection - Server or Client</param>
public HandshakeLayer(SecureChannel secureChannel, ConnectionEnd connectionEnd)
{
// SHA256 is a class that computes the SHA-256 (SHA stands for Standard Hashing Algorithm) of it's input.
m_localHash = SHA256.Create();
m_remoteHash = SHA256.Create();
m_secureChannel = secureChannel;
SecurityParameters = new SecurityParameters
{
Entity = connectionEnd,
CompressionAlgorithm = CompressionMethod.Null,
PRFAlgorithm = PRFAlgorithm.SHA256,
CipherType = CipherType.Block
};
AllowedCipherSuites = new[]
{
CipherSuite.TLS_RSA_WITH_AES_256_CBC_SHA256,
CipherSuite.TLS_RSA_WITH_AES_256_CBC_SHA,
CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA256,
CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA
};
VerifyCertificate = c => c.Verify();
}
/// <summary>
/// Create a new SecureChannel with the given <see cref="ConnectionEnd"/>.
/// </summary>
/// <param name="connectionEnd">the ConnectionEnd that this channel is to talk to</param>
public static SecureChannel CreateClientSecureChannel(byte[] sesionId = null, Configuration configuration = null)
{
SecureChannel secureChannel = new SecureChannel(ConnectionEnd.Client, configuration);
if (sesionId != null)
{
secureChannel.UpdateSessionId(sesionId);
}
return(secureChannel);
}
public void Setup()
{
X509Certificate2 certificate = new X509Certificate2("NetMQ.Testing.pfx", "1");
m_serverSecureChannel = new SecureChannel(ConnectionEnd.Server) { Certificate = certificate };
m_clientSecureChannel = new SecureChannel(ConnectionEnd.Client);
m_clientSecureChannel.SetVerifyCertificate(c => true);
IList<NetMQMessage> clientOutgoingMessages = new List<NetMQMessage>();
IList<NetMQMessage> serverOutgoingMessages = new List<NetMQMessage>();
bool serverComplete = false;
bool clientComplete = m_clientSecureChannel.ProcessMessage(null, clientOutgoingMessages);
while (!serverComplete || !clientComplete)
{
if (!serverComplete)
{
foreach (var message in clientOutgoingMessages)
{
serverComplete = m_serverSecureChannel.ProcessMessage(message, serverOutgoingMessages);
if (serverComplete)
{
break;
}
}
clientOutgoingMessages.Clear();
}
if (!clientComplete)
{
foreach (var message in serverOutgoingMessages)
{
clientComplete = m_clientSecureChannel.ProcessMessage(message, clientOutgoingMessages);
if (clientComplete)
{
break;
}
}
serverOutgoingMessages.Clear();
}
}
}
public HandshakeLayer(SecureChannel secureChannel, ConnectionEnd connectionEnd)
{
m_secureChannel = secureChannel;
SecurityParameters = new SecurityParameters();
SecurityParameters.Entity = connectionEnd;
SecurityParameters.CompressionAlgorithm = CompressionMethod.Null;
SecurityParameters.PRFAlgorithm = PRFAlgorithm.SHA256;
SecurityParameters.CipherType = CipherType.Block;
AllowedCipherSuites = new CipherSuite[]
{
CipherSuite.TLS_RSA_WITH_AES_256_CBC_SHA256,
CipherSuite.TLS_RSA_WITH_AES_256_CBC_SHA,
CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA256,
CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA,
};
VerifyCertificate = c => c.Verify();
}
public HandshakeLayer(SecureChannel secureChannel, ConnectionEnd connectionEnd)
{
m_localHash = SHA256.Create();
m_remoteHash = SHA256.Create();
m_secureChannel = secureChannel;
SecurityParameters = new SecurityParameters();
SecurityParameters.Entity = connectionEnd;
SecurityParameters.CompressionAlgorithm = CompressionMethod.Null;
SecurityParameters.PRFAlgorithm = PRFAlgorithm.SHA256;
SecurityParameters.CipherType = CipherType.Block;
AllowedCipherSuites = new CipherSuite[]
{
CipherSuite.TLS_RSA_WITH_AES_256_CBC_SHA256,
CipherSuite.TLS_RSA_WITH_AES_256_CBC_SHA,
CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA256,
CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA,
};
VerifyCertificate = c => c.Verify();
}
/// <summary>
/// Create a new instance of an OutgoingMessageBag that will use the given SecureChannel.
/// </summary>
/// <param name="secureChannel">a SecureChannel object that will serve to encrypt the protocol messages</param>
public OutgoingMessageBag(SecureChannel secureChannel)
{
m_secureChannel = secureChannel;
m_messages = new List <NetMQMessage>();
}
/// <summary>
/// Create a new instance of an OutgoingMessageBag that will use the given SecureChannel.
/// </summary>
/// <param name="secureChannel">a SecureChannel object that will serve to encrypt the protocol messages</param>
public OutgoingMessageBag(SecureChannel secureChannel)
{
m_secureChannel = secureChannel;
m_messages = new List<NetMQMessage>();
}
/// <summary>
/// Create a new SecureChannel with the given <see cref="ConnectionEnd"/>.
/// </summary>
/// <param name="connectionEnd">the ConnectionEnd that this channel is to talk to</param>
public static SecureChannel CreateServerSecureChannel(Configuration configuration = null)
{
SecureChannel secureChannel = new SecureChannel(ConnectionEnd.Server, configuration);
return(secureChannel);
}