public override SignatureParameters GetServerSignatureParameters (ITlsContext ctx) { if (Parameters.ServerSignatureParameters != null) return Parameters.ServerSignatureParameters; else return base.GetServerSignatureParameters (ctx); }
public virtual void AssertCertificateVerifySignatureAlgorithm(ITlsContext ctx, SignatureAndHashAlgorithm algorithm) { if (!ctx.IsServer) { throw new InvalidOperationException(); } AssertTls12(ctx); VerifySignatureAlgorithm(ctx, algorithm); ClientCertificateParameters parameters; if (ctx.HasClientCertificateParameters && ctx.ClientCertificateParameters != null) { parameters = ctx.ClientCertificateParameters; } else { parameters = null; } if (parameters != null && parameters.HasSignatureParameters && parameters.SignatureParameters != null) { if (!parameters.SignatureParameters.SignatureAndHashAlgorithms.Contains(algorithm)) { throw new TlsException(AlertDescription.IlegalParameter); } } else if (!algorithm.Equals(SignatureParameters.DefaultAlgorithm)) { throw new TlsException(AlertDescription.IlegalParameter); } }
void Clear () { if (context != null) { context.Dispose (); context = null; } }
public void AssertProtocol(ITlsContext ctx, TlsProtocolCode protocol) { if (!ctx.HasNegotiatedProtocol || ctx.NegotiatedProtocol != protocol) { throw new TlsException(AlertDescription.ProtocolVersion); } }
public virtual void AssertTls12(ITlsContext ctx) { if (!ctx.HasNegotiatedProtocol || ctx.NegotiatedProtocol != TlsProtocolCode.Tls12) { throw new TlsException(AlertDescription.ProtocolVersion); } }
public override SignatureParameters GetClientSignatureParameters (ITlsContext ctx) { if (ctx.IsServer) throw new InvalidOperationException (); if (Parameters.Type == SignatureInstrumentType.NoClientSignatureAlgorithms) return null; var parameters = Parameters.ClientSignatureParameters; if (parameters == null) return base.GetClientSignatureParameters (ctx); switch (Parameters.Type) { case SignatureInstrumentType.ClientProvidesSomeUnsupportedSignatureAlgorithms: case SignatureInstrumentType.ClientProvidesNoSupportedSignatureAlgorithms: case SignatureInstrumentType.ServerUsesUnsupportedSignatureAlgorithm2: // Instrumentation override. break; default: VerifySignatureParameters (ctx, parameters); break; } return parameters; }
public virtual SignatureAndHashAlgorithm SelectClientSignatureAlgorithm(ITlsContext ctx) { if (ctx.IsServer) { throw new InvalidOperationException(); } AssertTls12(ctx); SignatureParameters parameters; if (ctx.HasClientCertificateParameters) { parameters = ctx.ClientCertificateParameters.SignatureParameters; } else if (ctx.HasCurrentSignatureParameters) { parameters = ctx.CurrentSignatureParameters; } else { parameters = GetClientSignatureParameters(ctx); } if (parameters == null || parameters.IsEmpty) { parameters = SignatureParameters.GetDefaultServerParameters(); } return(SelectSignatureAlgorithm(ctx, parameters)); }
public override SignatureParameters GetClientSignatureParameters(ITlsContext ctx) { if (ctx.IsServer) { throw new InvalidOperationException(); } if (Parameters.Type == SignatureInstrumentType.NoClientSignatureAlgorithms) { return(null); } var parameters = Parameters.ClientSignatureParameters; if (parameters == null) { return(base.GetClientSignatureParameters(ctx)); } switch (Parameters.Type) { case SignatureInstrumentType.ClientProvidesSomeUnsupportedSignatureAlgorithms: case SignatureInstrumentType.ClientProvidesNoSupportedSignatureAlgorithms: case SignatureInstrumentType.ServerUsesUnsupportedSignatureAlgorithm2: // Instrumentation override. break; default: VerifySignatureParameters(ctx, parameters); break; } return(parameters); }
protected internal virtual void Initialize(ITlsContext ctx) { if (ctx.AskForClientCertificate != null) { askForClientCertificate = ctx.AskForClientCertificate.Value; } }
void Clear() { if (context != null) { context.Dispose(); context = null; } }
public void Initialize(MSI.IMonoTlsEventSink eventSink) { if (context != null) { throw new InvalidOperationException(); } context = TlsProviderFactory.CreateTlsContext(config, serverMode, eventSink); }
public void VerifySignatureAlgorithm(ITlsContext ctx, SignatureAndHashAlgorithm algorithm) { AssertTls12(ctx); if (!ctx.IsAlgorithmSupported(algorithm)) { throw new TlsException(AlertDescription.IlegalParameter); } }
public void VerifySignatureParameters(ITlsContext ctx, SignatureParameters parameters) { foreach (var algorithm in parameters.SignatureAndHashAlgorithms) { if (!ctx.IsAlgorithmSupported(algorithm)) { throw new TlsException(AlertDescription.IlegalParameter); } } }
public override SignatureParameters GetServerSignatureParameters(ITlsContext ctx) { if (Parameters.ServerSignatureParameters != null) { return(Parameters.ServerSignatureParameters); } else { return(base.GetServerSignatureParameters(ctx)); } }
public virtual void AssertClientSignatureAlgorithm(ITlsContext ctx, SignatureAndHashAlgorithm algorithm) { if (!ctx.IsServer) { throw new InvalidOperationException(); } AssertTls12(ctx); VerifySignatureAlgorithm(ctx, algorithm); }
public override ClientCertificateParameters GetServerCertificateParameters(ITlsContext ctx) { if (Parameters.ServerCertificateParameters != null) { return(Parameters.ServerCertificateParameters); } else { return(base.GetServerCertificateParameters(ctx)); } }
public override void AssertClientSignatureAlgorithm(ITlsContext ctx, SignatureAndHashAlgorithm algorithm) { AssertTls12(ctx); VerifySignatureAlgorithm(ctx, algorithm); if (Parameters.ExpectClientSignatureAlgorithm != null) { Context.Expect(algorithm, Is.EqualTo(Parameters.ExpectClientSignatureAlgorithm.Value), "client signature algorithm"); } }
public virtual SignatureParameters GetServerSignatureParameters (ITlsContext ctx) { if (!ctx.IsServer) throw new InvalidOperationException (); AssertTls12 (ctx); if (ctx.HasCurrentSignatureParameters) return ctx.CurrentSignatureParameters; return SignatureParameters.GetDefaultServerParameters (); }
public virtual SignatureAndHashAlgorithm SelectServerSignatureAlgorithm(ITlsContext ctx) { if (!ctx.IsServer) { throw new InvalidOperationException(); } AssertTls12(ctx); var parameters = GetServerSignatureParameters(ctx); return(SelectSignatureAlgorithm(ctx, parameters)); }
public SignatureAndHashAlgorithm SelectSignatureAlgorithm(ITlsContext ctx, SignatureParameters parameters) { AssertTls12(ctx); foreach (var algorithm in parameters.SignatureAndHashAlgorithms) { if (ctx.IsAlgorithmSupported(algorithm)) { return(algorithm); } } throw new TlsException(AlertDescription.IlegalParameter, "No supported signature type available."); }
public override SignatureAndHashAlgorithm SelectServerSignatureAlgorithm(ITlsContext ctx) { if (Parameters.ServerSignatureAlgorithm != null) { return(Parameters.ServerSignatureAlgorithm.Value); } else if (Parameters.ServerSignatureParameters != null) { return(SelectSignatureAlgorithm(ctx, Parameters.ServerSignatureParameters)); } else { return(base.SelectServerSignatureAlgorithm(ctx)); } }
public virtual SignatureParameters GetClientSignatureParameters (ITlsContext ctx) { if (ctx.IsServer) throw new InvalidOperationException (); SignatureParameters parameters = null; if (ctx.SettingsProvider.HasClientSignatureParameters) parameters = ctx.SettingsProvider.ClientSignatureParameters; if (parameters == null || parameters.IsEmpty) parameters = SignatureParameters.GetDefaultClientParameters (); VerifySignatureParameters (ctx, parameters); return parameters; }
public virtual SignatureParameters GetServerSignatureParameters(ITlsContext ctx) { if (!ctx.IsServer) { throw new InvalidOperationException(); } AssertTls12(ctx); if (ctx.HasCurrentSignatureParameters) { return(ctx.CurrentSignatureParameters); } return(SignatureParameters.GetDefaultServerParameters()); }
public virtual ClientCertificateParameters GetServerCertificateParameters (ITlsContext ctx) { if (!ctx.IsServer) throw new InvalidOperationException (); if (ctx.HasClientCertificateParameters) return ctx.ClientCertificateParameters; if (ctx.SettingsProvider.HasClientCertificateParameters) { var parameters = ctx.SettingsProvider.ClientCertificateParameters; if (parameters != null) return parameters; } return ClientCertificateParameters.GetDefaultParameters (); }
public virtual void AssertServerSignatureAlgorithm(ITlsContext ctx, SignatureAndHashAlgorithm algorithm) { if (ctx.IsServer) { throw new InvalidOperationException(); } AssertTls12(ctx); VerifySignatureAlgorithm(ctx, algorithm); if (ctx.HasCurrentSignatureParameters && ctx.CurrentSignatureParameters != null) { if (!ctx.CurrentSignatureParameters.SignatureAndHashAlgorithms.Contains(algorithm)) { throw new TlsException(AlertDescription.IlegalParameter); } } else if (!algorithm.Equals(SignatureParameters.DefaultAlgorithm)) { throw new TlsException(AlertDescription.IlegalParameter); } }
public virtual SignatureParameters GetClientSignatureParameters(ITlsContext ctx) { if (ctx.IsServer) { throw new InvalidOperationException(); } SignatureParameters parameters = null; if (ctx.SettingsProvider.HasClientSignatureParameters) { parameters = ctx.SettingsProvider.ClientSignatureParameters; } if (parameters == null || parameters.IsEmpty) { parameters = SignatureParameters.GetDefaultClientParameters(); } VerifySignatureParameters(ctx, parameters); return(parameters); }
public virtual ClientCertificateParameters GetServerCertificateParameters(ITlsContext ctx) { if (!ctx.IsServer) { throw new InvalidOperationException(); } if (ctx.HasClientCertificateParameters) { return(ctx.ClientCertificateParameters); } if (ctx.SettingsProvider.HasClientCertificateParameters) { var parameters = ctx.SettingsProvider.ClientCertificateParameters; if (parameters != null) { return(parameters); } } return(ClientCertificateParameters.GetDefaultParameters()); }
public override void AssertCertificateVerifySignatureAlgorithm(ITlsContext ctx, SignatureAndHashAlgorithm algorithm) { Context.Assert(ctx.IsServer, Is.True, "is server"); AssertTls12(ctx); VerifySignatureAlgorithm(ctx, algorithm); if (Parameters.ExpectCertificateVerifySignatureAlgorithm != null) { Context.Expect(algorithm, Is.EqualTo(Parameters.ExpectCertificateVerifySignatureAlgorithm.Value), "certificate validate signature algorithm"); return; } ClientCertificateParameters parameters; if (ctx.HasClientCertificateParameters && ctx.ClientCertificateParameters != null) { parameters = ctx.ClientCertificateParameters; } else { parameters = null; } if (parameters != null && parameters.HasSignatureParameters && parameters.SignatureParameters != null) { if (!parameters.SignatureParameters.SignatureAndHashAlgorithms.Contains(algorithm)) { throw new TlsException(AlertDescription.IlegalParameter); } } else if (!algorithm.Equals(SignatureParameters.DefaultAlgorithm)) { throw new TlsException(AlertDescription.IlegalParameter); } }
public override void AssertServerSignatureAlgorithm(ITlsContext ctx, SignatureAndHashAlgorithm algorithm) { Context.Assert(ctx.IsServer, Is.False, "is client"); AssertTls12(ctx); VerifySignatureAlgorithm(ctx, algorithm); if (Parameters.ExpectServerSignatureAlgorithm != null) { Context.Expect(algorithm, Is.EqualTo(Parameters.ExpectServerSignatureAlgorithm.Value), "server signature algorithm"); } else if (ctx.HasCurrentSignatureParameters && ctx.CurrentSignatureParameters != null) { if (!ctx.CurrentSignatureParameters.SignatureAndHashAlgorithms.Contains(algorithm)) { throw new TlsException(AlertDescription.IlegalParameter); } } else if (!algorithm.Equals(SignatureParameters.DefaultAlgorithm)) { throw new TlsException(AlertDescription.IlegalParameter); } }
public virtual void AssertClientSignatureAlgorithm (ITlsContext ctx, SignatureAndHashAlgorithm algorithm) { if (!ctx.IsServer) throw new InvalidOperationException (); AssertTls12 (ctx); VerifySignatureAlgorithm (ctx, algorithm); }
public virtual SignatureAndHashAlgorithm SelectServerSignatureAlgorithm (ITlsContext ctx) { if (!ctx.IsServer) throw new InvalidOperationException (); AssertTls12 (ctx); var parameters = GetServerSignatureParameters (ctx); return SelectSignatureAlgorithm (ctx, parameters); }
public virtual SignatureAndHashAlgorithm SelectClientSignatureAlgorithm (ITlsContext ctx) { if (ctx.IsServer) throw new InvalidOperationException (); AssertTls12 (ctx); SignatureParameters parameters; if (ctx.HasClientCertificateParameters) parameters = ctx.ClientCertificateParameters.SignatureParameters; else if (ctx.HasCurrentSignatureParameters) parameters = ctx.CurrentSignatureParameters; else parameters = GetClientSignatureParameters (ctx); if (parameters == null || parameters.IsEmpty) parameters = SignatureParameters.GetDefaultServerParameters (); return SelectSignatureAlgorithm (ctx, parameters); }
public override SignatureAndHashAlgorithm SelectClientSignatureAlgorithm (ITlsContext ctx) { if (Parameters.ClientSignatureAlgorithm != null) return Parameters.ClientSignatureAlgorithm.Value; else if (Parameters.ClientSignatureParameters != null) return SelectSignatureAlgorithm (ctx, Parameters.ClientSignatureParameters); else return base.SelectClientSignatureAlgorithm (ctx); }
public virtual void AssertTls12 (ITlsContext ctx) { if (!ctx.HasNegotiatedProtocol || ctx.NegotiatedProtocol != TlsProtocolCode.Tls12) throw new TlsException (AlertDescription.ProtocolVersion); }
public void StartRenegotiation (ITlsContext context) { Handler.OnRenegotiationStarted (Context, context.IsServer); }
public void StartRenegotiation(ITlsContext context) { Handler.OnRenegotiationStarted(Context, context.IsServer); }
public override void AssertClientSignatureAlgorithm (ITlsContext ctx, SignatureAndHashAlgorithm algorithm) { AssertTls12 (ctx); VerifySignatureAlgorithm (ctx, algorithm); if (Parameters.ExpectClientSignatureAlgorithm != null) Context.Expect (algorithm, Is.EqualTo (Parameters.ExpectClientSignatureAlgorithm.Value), "client signature algorithm"); }
public override void AssertTls12(ITlsContext ctx) { Context.Assert(ctx.HasNegotiatedProtocol, "Has negotiated protocol"); Context.Assert(ctx.NegotiatedProtocol, Is.EqualTo(TlsProtocolCode.Tls12), "Is TLS 1.2"); }
public override void AssertServerSignatureAlgorithm (ITlsContext ctx, SignatureAndHashAlgorithm algorithm) { Context.Assert (ctx.IsServer, Is.False, "is client"); AssertTls12 (ctx); VerifySignatureAlgorithm (ctx, algorithm); if (Parameters.ExpectServerSignatureAlgorithm != null) Context.Expect (algorithm, Is.EqualTo (Parameters.ExpectServerSignatureAlgorithm.Value), "server signature algorithm"); else if (ctx.HasCurrentSignatureParameters && ctx.CurrentSignatureParameters != null) { if (!ctx.CurrentSignatureParameters.SignatureAndHashAlgorithms.Contains (algorithm)) throw new TlsException (AlertDescription.IlegalParameter); } else if (!algorithm.Equals (SignatureParameters.DefaultAlgorithm)) { throw new TlsException (AlertDescription.IlegalParameter); } }
public override void AssertCertificateVerifySignatureAlgorithm (ITlsContext ctx, SignatureAndHashAlgorithm algorithm) { Context.Assert (ctx.IsServer, Is.True, "is server"); AssertTls12 (ctx); VerifySignatureAlgorithm (ctx, algorithm); if (Parameters.ExpectCertificateVerifySignatureAlgorithm != null) { Context.Expect (algorithm, Is.EqualTo (Parameters.ExpectCertificateVerifySignatureAlgorithm.Value), "certificate validate signature algorithm"); return; } ClientCertificateParameters parameters; if (ctx.HasClientCertificateParameters && ctx.ClientCertificateParameters != null) parameters = ctx.ClientCertificateParameters; else parameters = null; if (parameters != null && parameters.HasSignatureParameters && parameters.SignatureParameters != null) { if (!parameters.SignatureParameters.SignatureAndHashAlgorithms.Contains (algorithm)) throw new TlsException (AlertDescription.IlegalParameter); } else if (!algorithm.Equals (SignatureParameters.DefaultAlgorithm)) { throw new TlsException (AlertDescription.IlegalParameter); } }
public override ClientCertificateParameters GetServerCertificateParameters (ITlsContext ctx) { if (Parameters.ServerCertificateParameters != null) return Parameters.ServerCertificateParameters; else return base.GetServerCertificateParameters (ctx); }
public virtual void AssertServerSignatureAlgorithm (ITlsContext ctx, SignatureAndHashAlgorithm algorithm) { if (ctx.IsServer) throw new InvalidOperationException (); AssertTls12 (ctx); VerifySignatureAlgorithm (ctx, algorithm); if (ctx.HasCurrentSignatureParameters && ctx.CurrentSignatureParameters != null) { if (!ctx.CurrentSignatureParameters.SignatureAndHashAlgorithms.Contains (algorithm)) throw new TlsException (AlertDescription.IlegalParameter); } else if (!algorithm.Equals (SignatureParameters.DefaultAlgorithm)) { throw new TlsException (AlertDescription.IlegalParameter); } }
public virtual void AssertCertificateVerifySignatureAlgorithm (ITlsContext ctx, SignatureAndHashAlgorithm algorithm) { if (!ctx.IsServer) throw new InvalidOperationException (); AssertTls12 (ctx); VerifySignatureAlgorithm (ctx, algorithm); ClientCertificateParameters parameters; if (ctx.HasClientCertificateParameters && ctx.ClientCertificateParameters != null) parameters = ctx.ClientCertificateParameters; else parameters = null; if (parameters != null && parameters.HasSignatureParameters && parameters.SignatureParameters != null) { if (!parameters.SignatureParameters.SignatureAndHashAlgorithms.Contains (algorithm)) throw new TlsException (AlertDescription.IlegalParameter); } else if (!algorithm.Equals (SignatureParameters.DefaultAlgorithm)) { throw new TlsException (AlertDescription.IlegalParameter); } }
public override void AssertTls12 (ITlsContext ctx) { Context.Assert (ctx.HasNegotiatedProtocol, "Has negotiated protocol"); Context.Assert (ctx.NegotiatedProtocol, Is.EqualTo (TlsProtocolCode.Tls12), "Is TLS 1.2"); }
public void RenegotiationCompleted (ITlsContext context) { Handler.OnRenegotiationCompleted (Context, context.IsServer); }
public void RenegotiationCompleted(ITlsContext context) { Handler.OnRenegotiationCompleted(Context, context.IsServer); }
public void AssertProtocol (ITlsContext ctx, TlsProtocolCode protocol) { if (!ctx.HasNegotiatedProtocol || ctx.NegotiatedProtocol != protocol) throw new TlsException (AlertDescription.ProtocolVersion); }
public SignatureAndHashAlgorithm SelectSignatureAlgorithm (ITlsContext ctx, SignatureParameters parameters) { AssertTls12 (ctx); foreach (var algorithm in parameters.SignatureAndHashAlgorithms) { if (ctx.IsAlgorithmSupported (algorithm)) return algorithm; } throw new TlsException (AlertDescription.IlegalParameter, "No supported signature type available."); }
public void VerifySignatureAlgorithm (ITlsContext ctx, SignatureAndHashAlgorithm algorithm) { AssertTls12 (ctx); if (!ctx.IsAlgorithmSupported (algorithm)) throw new TlsException (AlertDescription.IlegalParameter); }
public void VerifySignatureParameters (ITlsContext ctx, SignatureParameters parameters) { foreach (var algorithm in parameters.SignatureAndHashAlgorithms) { if (!ctx.IsAlgorithmSupported (algorithm)) throw new TlsException (AlertDescription.IlegalParameter); } }
protected internal virtual void Initialize (ITlsContext ctx) { if (ctx.AskForClientCertificate != null) askForClientCertificate = ctx.AskForClientCertificate.Value; }
public void Initialize (MSI.IMonoTlsEventSink eventSink) { if (context != null) throw new InvalidOperationException (); context = TlsProviderFactory.CreateTlsContext (config, serverMode, eventSink); }