Ejemplo n.º 1
0
        public static CipherSuiteCollection GetSupportedCiphers(bool server, SecurityProtocolType protocol)
        {
            switch (protocol)
            {
            case SecurityProtocolType.Default:
            case SecurityProtocolType.Tls:
                return(CipherSuiteFactory.GetTls1SupportedCiphers());

            case SecurityProtocolType.Ssl3:
                return(CipherSuiteFactory.GetSsl3SupportedCiphers());

            case SecurityProtocolType.Ssl2:
            default:
                throw new NotSupportedException("Unsupported security protocol type");
            }
        }
Ejemplo n.º 2
0
        /*
         *      Client											Server
         *
         *      ClientHello                 -------->
         *                                                                                                      ServerHello
         *                                                                                                      Certificate*
         *                                                                                                      ServerKeyExchange*
         *                                                                                                      CertificateRequest*
         *                                                              <--------			ServerHelloDone
         *      Certificate*
         *      ClientKeyExchange
         *      CertificateVerify*
         *      [ChangeCipherSpec]
         *      Finished                    -------->
         *                                                                                                      [ChangeCipherSpec]
         *                                                              <--------           Finished
         *      Application Data            <------->			Application Data
         *
         *                      Fig. 1 - Message flow for a full handshake
         */

        internal override IAsyncResult OnBeginNegotiateHandshake(AsyncCallback callback, object state)
        {
            // Reset the context if needed
            if (this.context.HandshakeState != HandshakeState.None)
            {
                this.context.Clear();
            }

            // Obtain supported cipher suites
            this.context.SupportedCiphers = CipherSuiteFactory.GetSupportedCiphers(this.context.SecurityProtocol);

            // Set handshake state
            this.context.HandshakeState = HandshakeState.Started;

            // Receive Client Hello message
            return(this.protocol.BeginReceiveRecord(this.innerStream, callback, state));
        }
Ejemplo n.º 3
0
        public void ChangeProtocol(short protocol)
        {
            SecurityProtocolType protocolType = this.DecodeProtocolCode(protocol);

            if ((protocolType & this.SecurityProtocolFlags) == protocolType ||
                (this.SecurityProtocolFlags & SecurityProtocolType.Default) == SecurityProtocolType.Default)
            {
                this.SecurityProtocol = protocolType;
                this.SupportedCiphers.Clear();
                this.SupportedCiphers = null;
                this.SupportedCiphers = CipherSuiteFactory.GetSupportedCiphers(protocolType);
            }
            else
            {
                throw new TlsException(AlertDescription.ProtocolVersion, "Incorrect protocol version received from server");
            }
        }
Ejemplo n.º 4
0
        internal override IAsyncResult BeginNegotiateHandshake(AsyncCallback callback, object state)
        {
            if (this.context.HandshakeState != HandshakeState.None)
            {
                this.context.Clear();
            }

            // Obtain supported cipher suites
            this.context.SupportedCiphers = CipherSuiteFactory.GetSupportedCiphers(false, context.SecurityProtocol);

            // Set handshake state
            this.context.HandshakeState = HandshakeState.Started;

            NegotiateAsyncResult result = new NegotiateAsyncResult(callback, state, NegotiateState.SentClientHello);

            // Begin sending the client hello
            this.protocol.BeginSendRecord(HandshakeType.ClientHello, NegotiateAsyncWorker, result);

            return(result);
        }
Ejemplo n.º 5
0
        public static CipherSuiteCollection GetSupportedCiphers(SecurityProtocolType protocol)
        {
            if (protocol != SecurityProtocolType.Default)
            {
                if (protocol != SecurityProtocolType.Ssl2)
                {
                    if (protocol == SecurityProtocolType.Ssl3)
                    {
                        return(CipherSuiteFactory.GetSsl3SupportedCiphers());
                    }
                    if (protocol == SecurityProtocolType.Tls)
                    {
                        goto IL_2D;
                    }
                }
                throw new NotSupportedException("Unsupported security protocol type");
            }
IL_2D:
            return(CipherSuiteFactory.GetTls1SupportedCiphers());
        }
Ejemplo n.º 6
0
        public static CipherSuiteCollection GetSupportedCiphers(bool server, SecurityProtocolType protocol)
        {
            CipherSuiteCollection suites;

            switch (protocol)
            {
            case SecurityProtocolType.Default:
            case SecurityProtocolType.Tls:
                suites = CipherSuiteFactory.GetTls1SupportedCiphers();
                break;

            case SecurityProtocolType.Ssl3:
                suites = CipherSuiteFactory.GetSsl3SupportedCiphers();
                break;

            case SecurityProtocolType.Ssl2:
            default:
                throw new NotSupportedException("Unsupported security protocol type");
            }

            IEnumerable <string> list = null;

#if INSIDE_SYSTEM
            // if SSL/TLS support is built-in System.dll (e.g. monotouch) then we can access ServicePointManager
            // extension directly
            var cb = server ? ServicePointManager.ServerCipherSuitesCallback : ServicePointManager.ClientCipherSuitesCallback;
            if (cb == null)
            {
                return(suites);                // e.g. no callback was set
            }
            list = cb((System.Net.SecurityProtocolType)(int) protocol, suites.GetNames());
#elif !BOOTSTRAP_BASIC
            // Mono.Security must work on MS.NET so it cannot depend on any Mono-specific extensions
            PropertyInfo pi = null;
            if (server)
            {
                if (server_callback == null)
                {
                    server_callback = spm.GetProperty("ServerCipherSuitesCallback", BindingFlags.Static | BindingFlags.Public);
                }
                pi = server_callback;
            }
            else
            {
                if (client_callback == null)
                {
                    client_callback = spm.GetProperty("ClientCipherSuitesCallback", BindingFlags.Static | BindingFlags.Public);
                }
                pi = client_callback;
            }
            if (pi == null)
            {
                return(suites);                // e.g. MS runtime - return every supported suites
            }
            var cb = (Delegate)pi.GetGetMethod().Invoke(null, null);
            if (cb == null)
            {
                return(suites);                // e.g. no callback was set - return every supported suites
            }
            list = (IEnumerable <string>)cb.DynamicInvoke(new object[] {
                (System.Net.SecurityProtocolType)(int) protocol, suites.GetNames()
            });
#else
            // TODO: right now the callback is only available when using System.Net.* types for SSL/TLS
            return(suites);
#endif
            CipherSuiteCollection allowed = new CipherSuiteCollection(protocol);
            if (list != null)
            {
                foreach (var name in list)
                {
                    // add any supported (ignore unknowns) ciphers requested by the callback
                    var cipher = suites [name];
                    if (cipher != null)
                    {
                        allowed.Add(cipher);
                    }
                }
            }
            return(allowed);
        }