public static IEnumerable<CipherInstrumentParameters> GetParameters (TestContext ctx, InstrumentationCategory category) { switch (category) { case InstrumentationCategory.SelectClientCipher: return SelectAllCiphers ((protocol, cipher) => { var parameters = CreateParameters (category, CipherInstrumentType.SelectClientCipher, protocol, cipher); parameters.ProtocolVersion = protocol; parameters.ClientCiphers = new CipherSuiteCode[] { cipher }; parameters.ExpectedClientCipher = cipher; return parameters; }); case InstrumentationCategory.SelectServerCipher: return SelectAllCiphers ((protocol, cipher) => { var parameters = CreateParameters (category, CipherInstrumentType.SelectServerCipher, protocol, cipher); parameters.ProtocolVersion = protocol; parameters.ServerCiphers = new CipherSuiteCode[] { cipher }; parameters.ExpectedServerCipher = cipher; return parameters; }); case InstrumentationCategory.SelectCipher: return ConnectionTypes.Select (t => Create (ctx, category, t)); default: ctx.AssertFail ("Unsupported instrumentation category: '{0}'.", category); return null; } }
static SignatureInstrumentParameters Create( TestContext ctx, InstrumentationCategory category, SignatureInstrumentType type, SignatureAndHashAlgorithm algorithm, CipherSuiteCode cipher) { var parameters = CreateParameters(category, type, algorithm.Hash, algorithm.Signature, cipher); parameters.ClientCertificate = ResourceManager.MonkeyCertificate; parameters.RequireClientCertificate = true; var signatureParameters = new SignatureParameters(); signatureParameters.Add(algorithm); switch (type) { case SignatureInstrumentType.ClientSignatureAlgorithmAndCipher: parameters.ClientSignatureParameters = signatureParameters; parameters.ClientCiphers = new CipherSuiteCode[] { cipher }; break; case SignatureInstrumentType.ServerSignatureAlgorithmAndCipher: parameters.ServerSignatureAlgorithm = algorithm; parameters.ServerCiphers = new CipherSuiteCode[] { cipher }; break; default: ctx.AssertFail("Unsupported signature instrument: '{0}'.", type); break; } return(parameters); }
static CipherInstrumentParameters Create(TestContext ctx, InstrumentationCategory category, CipherInstrumentType type) { var parameters = CreateParameters(category, type); switch (type) { case CipherInstrumentType.SelectClientCipher: parameters.ProtocolVersion = ctx.GetParameter <ProtocolVersions> (); parameters.ClientCiphers = new CipherSuiteCode[] { ctx.GetParameter <CipherSuiteCode> () }; parameters.ValidateCipherList = true; break; case CipherInstrumentType.SelectServerCipher: parameters.ProtocolVersion = ctx.GetParameter <ProtocolVersions> (); parameters.ServerCiphers = new CipherSuiteCode[] { ctx.GetParameter <CipherSuiteCode> () }; parameters.ValidateCipherList = true; break; case CipherInstrumentType.InvalidCipher: parameters.ServerCiphers = new CipherSuiteCode[] { CipherSuiteCode.TLS_DHE_RSA_WITH_AES_128_CBC_SHA }; parameters.ClientCiphers = new CipherSuiteCode[] { CipherSuiteCode.TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 }; parameters.ProtocolVersion = ProtocolVersions.Tls12; parameters.ExpectServerAlert = AlertDescription.HandshakeFailure; break; default: ctx.AssertFail("Unsupported cipher instrument: '{0}'.", type); break; } return(parameters); }
public InstrumentationConnectionType (InstrumentationCategory category, ConnectionProviderType clientType, ConnectionProviderType serverType) { Category = category; ClientType = clientType; ServerType = serverType; Value = string.Format ("{0}:{1}:{2}", category, clientType, serverType); }
public static IEnumerable<GenericConnectionInstrumentType> GetInstrumentationTypes (TestContext ctx, InstrumentationCategory category) { switch (category) { case InstrumentationCategory.ClientConnection: yield return GenericConnectionInstrumentType.FragmentHandshakeMessages; yield return GenericConnectionInstrumentType.SendBlobAfterReceivingFinish; yield return GenericConnectionInstrumentType.InvalidClientCertificateV1; break; case InstrumentationCategory.ServerConnection: yield return GenericConnectionInstrumentType.FragmentHandshakeMessages; yield return GenericConnectionInstrumentType.InvalidServerCertificateV1; yield return GenericConnectionInstrumentType.InvalidServerCertificateRsa512; break; case InstrumentationCategory.Connection: yield return GenericConnectionInstrumentType.FragmentHandshakeMessages; yield return GenericConnectionInstrumentType.ServerProvidesInvalidCertificate; yield return GenericConnectionInstrumentType.ClientProvidesInvalidCertificate; yield return GenericConnectionInstrumentType.RequireRsaKeyExchange; yield return GenericConnectionInstrumentType.RsaKeyExchangeNotAllowed; yield return GenericConnectionInstrumentType.RequireDheKeyExchange; yield return GenericConnectionInstrumentType.DheKeyExchangeNotAllowed; break; case InstrumentationCategory.CertificateChecks: yield return GenericConnectionInstrumentType.InvalidServerCertificateV1; yield return GenericConnectionInstrumentType.InvalidServerCertificateRsa512; yield return GenericConnectionInstrumentType.InvalidClientCertificateV1; yield return GenericConnectionInstrumentType.InvalidServerCertificateRsa512; yield return GenericConnectionInstrumentType.ServerProvidesInvalidCertificate; yield return GenericConnectionInstrumentType.ClientProvidesInvalidCertificate; yield return GenericConnectionInstrumentType.RequireRsaKeyExchange; yield return GenericConnectionInstrumentType.RsaKeyExchangeNotAllowed; yield return GenericConnectionInstrumentType.RequireDheKeyExchange; yield return GenericConnectionInstrumentType.DheKeyExchangeNotAllowed; yield return GenericConnectionInstrumentType.ClientCertificateInvalidForRsa; yield return GenericConnectionInstrumentType.ClientProvidesCertificateThatsInvalidForRsa; yield return GenericConnectionInstrumentType.ClientCertificateInvalidForDhe; yield return GenericConnectionInstrumentType.ClientProvidesCertificateThatsInvalidForDhe; yield return GenericConnectionInstrumentType.ClientCertificateRequiresRsaKeyExchange; yield return GenericConnectionInstrumentType.ClientCertificateRequiresDheKeyExchange; break; case InstrumentationCategory.MartinTest: yield return GenericConnectionInstrumentType.MartinTest; break; default: ctx.AssertFail ("Unsupported instrumentation category: '{0}'.", category); break; } }
static SimpleConnectionParameters CreateParameters(InstrumentationCategory category, SimpleConnectionType type, params object[] args) { var sb = new StringBuilder(); sb.Append(type); foreach (var arg in args) { sb.AppendFormat(":{0}", arg); } var name = sb.ToString(); return(new SimpleConnectionParameters(category, type, name, ResourceManager.SelfSignedServerCertificate) { ClientCertificateValidator = AcceptAnyCertificate }); }
public static IEnumerable<CipherInstrumentParameters> GetParameters (TestContext ctx, InstrumentationCategory category) { switch (category) { case InstrumentationCategory.SelectClientCipher: return SelectClientCipherTypes.Select (t => Create (ctx, category, t)); case InstrumentationCategory.SelectServerCipher: return SelectServerCipherTypes.Select (t => Create (ctx, category, t)); case InstrumentationCategory.SelectCipher: return ConnectionTypes.Select (t => Create (ctx, category, t)); default: ctx.AssertFail ("Unsupported instrumentation category: '{0}'.", category); return null; } }
static RenegotiationInstrumentParameters CreateParameters(InstrumentationCategory category, RenegotiationInstrumentType type, params object[] args) { var sb = new StringBuilder(); sb.Append(type); foreach (var arg in args) { sb.AppendFormat(":{0}", arg); } var name = sb.ToString(); return(new RenegotiationInstrumentParameters(category, type, name, ResourceManager.SelfSignedServerCertificate) { ClientCertificateValidator = AcceptAnyCertificate, ServerCertificateValidator = AcceptAnyCertificate, ProtocolVersion = ProtocolVersions.Tls12 }); }
public static MonoConnectionFlags GetConnectionFlags (TestContext ctx, InstrumentationCategory category) { switch (category) { case InstrumentationCategory.AllClientSignatureAlgorithms: case InstrumentationCategory.ClientSignatureParameters: case InstrumentationCategory.ClientConnection: return MonoConnectionFlags.ClientInstrumentation; case InstrumentationCategory.AllServerSignatureAlgorithms: case InstrumentationCategory.ServerSignatureParameters: case InstrumentationCategory.ServerConnection: return MonoConnectionFlags.ServerInstrumentation; case InstrumentationCategory.SignatureAlgorithms: case InstrumentationCategory.Connection: return MonoConnectionFlags.ClientInstrumentation | MonoConnectionFlags.ServerInstrumentation; case InstrumentationCategory.MartinTest: return MonoConnectionFlags.ServerInstrumentation | MonoConnectionFlags.ClientInstrumentation; default: ctx.AssertFail ("Unsupported instrumentation category: '{0}'.", category); return MonoConnectionFlags.None; } }
public static IEnumerable<SimpleConnectionType> GetTestTypes (TestContext ctx, InstrumentationCategory category) { switch (category) { case InstrumentationCategory.SimpleMonoClient: yield return SimpleConnectionType.SimpleTls10; yield return SimpleConnectionType.SimpleTls11; yield return SimpleConnectionType.SimpleTls12; yield break; case InstrumentationCategory.SimpleMonoServer: yield return SimpleConnectionType.SimpleTls10; yield return SimpleConnectionType.SimpleTls11; yield return SimpleConnectionType.SimpleTls12; yield break; case InstrumentationCategory.SimpleMonoConnection: yield return SimpleConnectionType.SimpleTls10; yield return SimpleConnectionType.SimpleTls11; yield return SimpleConnectionType.SimpleTls12; yield return SimpleConnectionType.CipherSelectionOrder; yield return SimpleConnectionType.CipherSelectionOrder2; yield break; case InstrumentationCategory.MonoProtocolVersions: yield return SimpleConnectionType.Simple; yield return SimpleConnectionType.ValidateCertificate; yield return SimpleConnectionType.RequestClientCertificate; yield return SimpleConnectionType.RequireClientCertificateRSA; yield return SimpleConnectionType.RequireClientCertificateDHE; yield break; case InstrumentationCategory.MartinTest: yield return SimpleConnectionType.MartinTest; yield break; default: ctx.AssertFail ("Unspported connection category: '{0}.", category); yield break; } }
public static IEnumerable<SimpleConnectionParameters> GetParameters (TestContext ctx, InstrumentationCategory category) { switch (category) { case InstrumentationCategory.SimpleMonoClient: return ClientConnectionTypes.Select (t => Create (ctx, category, t)); case InstrumentationCategory.SimpleMonoServer: return ServerConnectionTypes.Select (t => Create (ctx, category, t)); case InstrumentationCategory.SimpleMonoConnection: return ConnectionTypes.Select (t => Create (ctx, category, t)); case InstrumentationCategory.MonoProtocolVersions: return AllVersionTypes.Select (t => Create (ctx, category, t)); case InstrumentationCategory.MartinTest: return MartinTestTypes.Select (t => Create (ctx, category, t)); default: ctx.AssertFail ("Unsupported connection category: '{0}'.", category); return null; } }
public static IEnumerable<SignatureInstrumentParameters> GetParameters (TestContext ctx, InstrumentationCategory category) { switch (category) { case InstrumentationCategory.AllClientSignatureAlgorithms: return SelectAlgorithmsAndCiphers (SignatureInstrumentType.ClientSignatureAlgorithmAndCipher).Select (t => Create (ctx, category, t.Item1, t.Item2, t.Item3)); case InstrumentationCategory.AllServerSignatureAlgorithms: return SelectAlgorithmsAndCiphers (SignatureInstrumentType.ServerSignatureAlgorithmAndCipher).Select (t => Create (ctx, category, t.Item1, t.Item2, t.Item3)); case InstrumentationCategory.ClientSignatureParameters: return ClientSignatureParameterTypes.Select (t => Create (ctx, category, t)); case InstrumentationCategory.ServerSignatureParameters: return ServerSignatureParameterTypes.Select (t => Create (ctx, category, t)); case InstrumentationCategory.SignatureAlgorithms: return SignatureParameterTypes.Select (t => Create (ctx, category, t)); default: ctx.AssertFail ("Unsupported instrumentation category: '{0}'.", category); return null; } }
public static IEnumerable <SignatureInstrumentParameters> GetParameters(TestContext ctx, InstrumentationCategory category) { switch (category) { case InstrumentationCategory.AllClientSignatureAlgorithms: return(SelectAlgorithmsAndCiphers(SignatureInstrumentType.ClientSignatureAlgorithmAndCipher).Select(t => Create(ctx, category, t.Item1, t.Item2, t.Item3))); case InstrumentationCategory.AllServerSignatureAlgorithms: return(SelectAlgorithmsAndCiphers(SignatureInstrumentType.ServerSignatureAlgorithmAndCipher).Select(t => Create(ctx, category, t.Item1, t.Item2, t.Item3))); case InstrumentationCategory.ClientSignatureParameters: return(ClientSignatureParameterTypes.Select(t => Create(ctx, category, t))); case InstrumentationCategory.ServerSignatureParameters: return(ServerSignatureParameterTypes.Select(t => Create(ctx, category, t))); case InstrumentationCategory.SignatureAlgorithms: return(SignatureParameterTypes.Select(t => Create(ctx, category, t))); default: ctx.AssertFail("Unsupported instrumentation category: '{0}'.", category); return(null); } }
public static IEnumerable <CipherInstrumentParameters> GetParameters(TestContext ctx, InstrumentationCategory category) { switch (category) { case InstrumentationCategory.SelectClientCipher: return(SelectClientCipherTypes.Select(t => Create(ctx, category, t))); case InstrumentationCategory.SelectServerCipher: return(SelectServerCipherTypes.Select(t => Create(ctx, category, t))); case InstrumentationCategory.SelectCipher: return(ConnectionTypes.Select(t => Create(ctx, category, t))); default: ctx.AssertFail("Unsupported instrumentation category: '{0}'.", category); return(null); } }
public static IEnumerable <SimpleConnectionType> GetTestTypes(TestContext ctx, InstrumentationCategory category) { switch (category) { case InstrumentationCategory.SimpleMonoClient: yield return(SimpleConnectionType.SimpleTls10); yield return(SimpleConnectionType.SimpleTls11); yield return(SimpleConnectionType.SimpleTls12); yield break; case InstrumentationCategory.SimpleMonoServer: yield return(SimpleConnectionType.SimpleTls10); yield return(SimpleConnectionType.SimpleTls11); yield return(SimpleConnectionType.SimpleTls12); yield break; case InstrumentationCategory.SimpleMonoConnection: yield return(SimpleConnectionType.SimpleTls10); yield return(SimpleConnectionType.SimpleTls11); yield return(SimpleConnectionType.SimpleTls12); yield return(SimpleConnectionType.CipherSelectionOrder); yield return(SimpleConnectionType.CipherSelectionOrder2); yield break; case InstrumentationCategory.MonoProtocolVersions: yield return(SimpleConnectionType.Simple); yield return(SimpleConnectionType.ValidateCertificate); yield return(SimpleConnectionType.RequestClientCertificate); yield return(SimpleConnectionType.RequireClientCertificateRSA); yield return(SimpleConnectionType.RequireClientCertificateDHE); yield break; case InstrumentationCategory.MartinTest: yield return(SimpleConnectionType.MartinTest); yield break; default: ctx.AssertFail("Unspported connection category: '{0}.", category); yield break; } }
public InstrumentationConnectionProvider(ConnectionProvider client, ConnectionProvider server, InstrumentationCategory category, InstrumentationConnectionFlags flags) : base(client, server, (MonoConnectionTestCategory)category, (MonoConnectionTestFlags)flags) { }
public SignatureInstrumentParameters(InstrumentationCategory category, SignatureInstrumentType type, string identifier, IServerCertificate certificate) : base(category, identifier, certificate) { Type = type; }
public static IEnumerable<RenegotiationInstrumentType> GetInstrumentationTypes (TestContext ctx, InstrumentationCategory category) { switch (category) { case InstrumentationCategory.ClientRenegotiation: yield return RenegotiationInstrumentType.RequestClientRenegotiation; break; case InstrumentationCategory.ServerRenegotiation: yield return RenegotiationInstrumentType.RequestRenegotiation; yield return RenegotiationInstrumentType.SendBlobBeforeHelloRequest; yield return RenegotiationInstrumentType.SendBlobAfterHelloRequest; yield return RenegotiationInstrumentType.SendBlobBeforeAndAfterHelloRequest; yield return RenegotiationInstrumentType.SendDuplicateHelloRequest; yield return RenegotiationInstrumentType.RequestServerRenegotiation; yield return RenegotiationInstrumentType.RequestServerRenegotiationWithPendingRead; break; case InstrumentationCategory.Renegotiation: yield return RenegotiationInstrumentType.SendBlobBeforeRenegotiatingHello; yield return RenegotiationInstrumentType.SendBlobBeforeRenegotiatingHelloNoPendingRead; yield return RenegotiationInstrumentType.RequestClientRenegotiationWithPendingWrite; break; case InstrumentationCategory.MartinTest: case InstrumentationCategory.MartinTestClient: case InstrumentationCategory.MartinTestServer: yield return RenegotiationInstrumentType.MartinTest; break; default: ctx.AssertFail ("Unsupported instrumentation category: '{0}'.", category); break; } }
public SimpleConnectionParameters (InstrumentationCategory category, SimpleConnectionType type, ClientParameters clientParameters, ServerParameters serverParameters) : base (category, clientParameters, serverParameters) { Type = type; }
public SimpleConnectionParameters (InstrumentationCategory category, SimpleConnectionType type, string identifier, IServerCertificate certificate) : base (category, identifier, certificate) { Type = type; }
public GenericConnectionInstrumentParameters (InstrumentationCategory category, GenericConnectionInstrumentType type, string identifier, IServerCertificate certificate) : base (category, identifier, certificate) { Type = type; }
public static IEnumerable <GenericConnectionInstrumentType> GetInstrumentationTypes(TestContext ctx, InstrumentationCategory category) { switch (category) { case InstrumentationCategory.ClientConnection: yield return(GenericConnectionInstrumentType.FragmentHandshakeMessages); yield return(GenericConnectionInstrumentType.SendBlobAfterReceivingFinish); yield return(GenericConnectionInstrumentType.InvalidClientCertificateV1); break; case InstrumentationCategory.ServerConnection: yield return(GenericConnectionInstrumentType.FragmentHandshakeMessages); yield return(GenericConnectionInstrumentType.InvalidServerCertificateV1); yield return(GenericConnectionInstrumentType.InvalidServerCertificateRsa512); break; case InstrumentationCategory.Connection: yield return(GenericConnectionInstrumentType.FragmentHandshakeMessages); yield return(GenericConnectionInstrumentType.ServerProvidesInvalidCertificate); yield return(GenericConnectionInstrumentType.ClientProvidesInvalidCertificate); yield return(GenericConnectionInstrumentType.RequireRsaKeyExchange); yield return(GenericConnectionInstrumentType.RsaKeyExchangeNotAllowed); yield return(GenericConnectionInstrumentType.RequireDheKeyExchange); yield return(GenericConnectionInstrumentType.DheKeyExchangeNotAllowed); break; case InstrumentationCategory.CertificateChecks: yield return(GenericConnectionInstrumentType.InvalidServerCertificateV1); yield return(GenericConnectionInstrumentType.InvalidServerCertificateRsa512); yield return(GenericConnectionInstrumentType.InvalidClientCertificateV1); yield return(GenericConnectionInstrumentType.InvalidServerCertificateRsa512); yield return(GenericConnectionInstrumentType.ServerProvidesInvalidCertificate); yield return(GenericConnectionInstrumentType.ClientProvidesInvalidCertificate); yield return(GenericConnectionInstrumentType.RequireRsaKeyExchange); yield return(GenericConnectionInstrumentType.RsaKeyExchangeNotAllowed); yield return(GenericConnectionInstrumentType.RequireDheKeyExchange); yield return(GenericConnectionInstrumentType.DheKeyExchangeNotAllowed); yield return(GenericConnectionInstrumentType.ClientCertificateInvalidForRsa); yield return(GenericConnectionInstrumentType.ClientProvidesCertificateThatsInvalidForRsa); yield return(GenericConnectionInstrumentType.ClientCertificateInvalidForDhe); yield return(GenericConnectionInstrumentType.ClientProvidesCertificateThatsInvalidForDhe); yield return(GenericConnectionInstrumentType.ClientCertificateRequiresRsaKeyExchange); yield return(GenericConnectionInstrumentType.ClientCertificateRequiresDheKeyExchange); break; case InstrumentationCategory.MartinTest: yield return(GenericConnectionInstrumentType.MartinTest); break; default: ctx.AssertFail("Unsupported instrumentation category: '{0}'.", category); break; } }
static GenericConnectionInstrumentParameters Create(TestContext ctx, InstrumentationCategory category, GenericConnectionInstrumentType type) { var parameters = CreateParameters(category, type); switch (type) { case GenericConnectionInstrumentType.FragmentHandshakeMessages: parameters.Add(HandshakeInstrumentType.FragmentHandshakeMessages); break; case GenericConnectionInstrumentType.SendBlobAfterReceivingFinish: parameters.Add(HandshakeInstrumentType.SendBlobAfterReceivingFinish); break; case GenericConnectionInstrumentType.InvalidServerCertificateV1: parameters.ServerCertificate = ResourceManager.InvalidServerCertificateV1; parameters.ExpectServerAlert = AlertDescription.UnsupportedCertificate; break; case GenericConnectionInstrumentType.InvalidServerCertificateRsa512: parameters.ServerCertificate = ResourceManager.InvalidServerCertificateRsa512; parameters.ExpectServerAlert = AlertDescription.UnsupportedCertificate; break; case GenericConnectionInstrumentType.ServerProvidesInvalidCertificate: parameters.ServerCertificate = ResourceManager.InvalidServerCertificateV1; parameters.Add(HandshakeInstrumentType.OverrideServerCertificateSelection); parameters.ExpectClientAlert = AlertDescription.UnsupportedCertificate; break; case GenericConnectionInstrumentType.InvalidClientCertificateV1: parameters.ClientCertificate = ResourceManager.InvalidClientCertificateV1; parameters.RequireClientCertificate = true; parameters.ExpectClientAlert = AlertDescription.UnsupportedCertificate; break; case GenericConnectionInstrumentType.InvalidClientCertificateRsa512: parameters.ClientCertificate = ResourceManager.InvalidClientCertificateRsa512; parameters.RequireClientCertificate = true; parameters.ExpectClientAlert = AlertDescription.UnsupportedCertificate; break; case GenericConnectionInstrumentType.ClientProvidesInvalidCertificate: parameters.ClientCertificate = ResourceManager.InvalidClientCertificateV1; parameters.RequireClientCertificate = true; parameters.Add(HandshakeInstrumentType.OverrideClientCertificateSelection); parameters.ExpectServerAlert = AlertDescription.UnsupportedCertificate; break; case GenericConnectionInstrumentType.RequireRsaKeyExchange: parameters.ProtocolVersion = ProtocolVersions.Tls12; parameters.ServerCertificate = ResourceManager.ServerCertificateRsaOnly; parameters.ClientCiphers = new CipherSuiteCode[] { CipherSuiteCode.TLS_DHE_RSA_WITH_AES_128_CBC_SHA, CipherSuiteCode.TLS_RSA_WITH_AES_128_CBC_SHA }; parameters.ExpectedServerCipher = CipherSuiteCode.TLS_RSA_WITH_AES_128_CBC_SHA; break; case GenericConnectionInstrumentType.RsaKeyExchangeNotAllowed: parameters.ProtocolVersion = ProtocolVersions.Tls12; parameters.ServerCertificate = ResourceManager.ServerCertificateDheOnly; parameters.ServerCiphers = new CipherSuiteCode[] { CipherSuiteCode.TLS_RSA_WITH_AES_128_CBC_SHA }; parameters.ExpectServerAlert = AlertDescription.HandshakeFailure; break; case GenericConnectionInstrumentType.RequireDheKeyExchange: parameters.ProtocolVersion = ProtocolVersions.Tls12; parameters.ServerCertificate = ResourceManager.ServerCertificateDheOnly; parameters.ClientCiphers = new CipherSuiteCode[] { CipherSuiteCode.TLS_RSA_WITH_AES_128_CBC_SHA, CipherSuiteCode.TLS_DHE_RSA_WITH_AES_128_CBC_SHA }; parameters.ExpectedServerCipher = CipherSuiteCode.TLS_DHE_RSA_WITH_AES_128_CBC_SHA; break; case GenericConnectionInstrumentType.DheKeyExchangeNotAllowed: parameters.ProtocolVersion = ProtocolVersions.Tls12; parameters.ServerCertificate = ResourceManager.ServerCertificateRsaOnly; parameters.ServerCiphers = new CipherSuiteCode[] { CipherSuiteCode.TLS_DHE_RSA_WITH_AES_128_CBC_SHA }; parameters.ExpectServerAlert = AlertDescription.HandshakeFailure; break; case GenericConnectionInstrumentType.MartinClientPuppy: case GenericConnectionInstrumentType.MartinServerPuppy: goto case GenericConnectionInstrumentType.MartinTest; case GenericConnectionInstrumentType.ClientCertificateRequiresRsaKeyExchange: parameters.ServerCertificate = ResourceManager.ServerCertificateRsaOnly; parameters.ClientCiphers = new CipherSuiteCode[] { CipherSuiteCode.TLS_RSA_WITH_AES_128_CBC_SHA }; parameters.ClientCertificate = ResourceManager.ClientCertificateRsaOnly; parameters.RequireClientCertificate = true; parameters.ClientCertificateValidator = AcceptAnyCertificate; parameters.ServerCertificateValidator = AcceptAnyCertificate; break; case GenericConnectionInstrumentType.ClientCertificateRequiresDheKeyExchange: parameters.ServerCertificate = ResourceManager.ServerCertificateDheOnly; parameters.ClientCiphers = new CipherSuiteCode[] { CipherSuiteCode.TLS_DHE_RSA_WITH_AES_128_CBC_SHA }; parameters.ClientCertificate = ResourceManager.ClientCertificateDheOnly; parameters.RequireClientCertificate = true; parameters.ClientCertificateValidator = AcceptAnyCertificate; parameters.ServerCertificateValidator = AcceptAnyCertificate; break; case GenericConnectionInstrumentType.ClientCertificateInvalidForRsa: parameters.ServerCertificate = ResourceManager.ServerCertificateRsaOnly; parameters.ClientCiphers = new CipherSuiteCode[] { CipherSuiteCode.TLS_RSA_WITH_AES_128_CBC_SHA }; parameters.ClientCertificate = ResourceManager.ClientCertificateDheOnly; parameters.RequireClientCertificate = true; parameters.ClientCertificateValidator = AcceptAnyCertificate; parameters.ServerCertificateValidator = AcceptAnyCertificate; parameters.ExpectClientAlert = AlertDescription.UnsupportedCertificate; break; case GenericConnectionInstrumentType.ClientCertificateInvalidForDhe: parameters.ServerCertificate = ResourceManager.ServerCertificateDheOnly; parameters.ClientCiphers = new CipherSuiteCode[] { CipherSuiteCode.TLS_DHE_RSA_WITH_AES_128_CBC_SHA }; parameters.ClientCertificate = ResourceManager.ClientCertificateRsaOnly; parameters.RequireClientCertificate = true; parameters.ClientCertificateValidator = AcceptAnyCertificate; parameters.ServerCertificateValidator = AcceptAnyCertificate; parameters.ExpectClientAlert = AlertDescription.UnsupportedCertificate; break; case GenericConnectionInstrumentType.ClientProvidesCertificateThatsInvalidForRsa: parameters.ServerCertificate = ResourceManager.ServerCertificateRsaOnly; parameters.ClientCiphers = new CipherSuiteCode[] { CipherSuiteCode.TLS_RSA_WITH_AES_128_CBC_SHA }; parameters.ClientCertificate = ResourceManager.ClientCertificateDheOnly; parameters.RequireClientCertificate = true; parameters.ClientCertificateValidator = AcceptAnyCertificate; parameters.ServerCertificateValidator = AcceptAnyCertificate; parameters.ExpectServerAlert = AlertDescription.UnsupportedCertificate; parameters.Add(HandshakeInstrumentType.OverrideClientCertificateSelection); break; case GenericConnectionInstrumentType.ClientProvidesCertificateThatsInvalidForDhe: parameters.ServerCertificate = ResourceManager.ServerCertificateDheOnly; parameters.ClientCiphers = new CipherSuiteCode[] { CipherSuiteCode.TLS_DHE_RSA_WITH_AES_128_CBC_SHA }; parameters.ClientCertificate = ResourceManager.ClientCertificateRsaOnly; parameters.RequireClientCertificate = true; parameters.ClientCertificateValidator = AcceptAnyCertificate; parameters.ServerCertificateValidator = AcceptAnyCertificate; parameters.ExpectServerAlert = AlertDescription.UnsupportedCertificate; parameters.Add(HandshakeInstrumentType.OverrideClientCertificateSelection); break; case GenericConnectionInstrumentType.MartinTest: parameters.ClientCiphers = parameters.ServerCiphers = new CipherSuiteCode[] { CipherSuiteCode.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 }; break; default: ctx.AssertFail("Unsupported connection instrument: '{0}'.", type); break; } if (parameters.ExpectClientAlert != null || parameters.ExpectServerAlert != null) { parameters.Add(HandshakeInstrumentType.DontSendAlerts); } return(parameters); }
public CipherInstrumentParameters (InstrumentationCategory category, CipherInstrumentType type, ClientParameters clientParameters, ServerParameters serverParameters) : base (category, clientParameters, serverParameters) { Type = type; }
static ConnectionInstrumentParameters Create (TestContext ctx, InstrumentationCategory category, ConnectionInstrumentType type) { var parameters = CreateParameters (category, type); switch (type) { case ConnectionInstrumentType.FragmentHandshakeMessages: parameters.HandshakeInstruments = new HandshakeInstrumentType[] { HandshakeInstrumentType.FragmentHandshakeMessages }; break; case ConnectionInstrumentType.SendBlobAfterReceivingFinish: parameters.HandshakeInstruments = new HandshakeInstrumentType[] { HandshakeInstrumentType.SendBlobAfterReceivingFinish }; break; case ConnectionInstrumentType.MartinTest: parameters.RequestRenegotiation = true; parameters.EnableDebugging = true; break; default: ctx.AssertFail ("Unsupported connection instrument: '{0}'.", type); break; } return parameters; }
static SignatureInstrumentParameters Create ( TestContext ctx, InstrumentationCategory category, SignatureInstrumentType type, SignatureAndHashAlgorithm algorithm, CipherSuiteCode cipher) { var parameters = CreateParameters (category, type, algorithm.Hash, algorithm.Signature, cipher); parameters.ClientCertificate = ResourceManager.MonkeyCertificate; parameters.RequireClientCertificate = true; var signatureParameters = new SignatureParameters (); signatureParameters.Add (algorithm); switch (type) { case SignatureInstrumentType.ClientSignatureAlgorithmAndCipher: parameters.ClientSignatureParameters = signatureParameters; parameters.ClientCiphers = new CipherSuiteCode[] { cipher }; break; case SignatureInstrumentType.ServerSignatureAlgorithmAndCipher: parameters.ServerSignatureAlgorithm = algorithm; parameters.ServerCiphers = new CipherSuiteCode[] { cipher }; break; default: ctx.AssertFail ("Unsupported signature instrument: '{0}'.", type); break; } return parameters; }
public InstrumentationConnectionFilter(InstrumentationCategory category, InstrumentationConnectionFlags flags) { Category = category; Flags = flags; }
public static IEnumerable<SimpleConnectionParameters> GetParameters (TestContext ctx, InstrumentationCategory category) { return GetTestTypes (ctx, category).Select (t => Create (ctx, category, t)); }
static RenegotiationInstrumentParameters Create (TestContext ctx, InstrumentationCategory category, RenegotiationInstrumentType type) { var parameters = CreateParameters (category, type); switch (type) { case RenegotiationInstrumentType.RequestRenegotiation: parameters.Add (HandshakeInstrumentType.RequestServerRenegotiation); break; case RenegotiationInstrumentType.SendBlobBeforeHelloRequest: parameters.Add (HandshakeInstrumentType.RequestServerRenegotiation, HandshakeInstrumentType.SendBlobBeforeHelloRequest); break; case RenegotiationInstrumentType.SendBlobAfterHelloRequest: parameters.Add (HandshakeInstrumentType.RequestServerRenegotiation, HandshakeInstrumentType.SendBlobAfterHelloRequest); break; case RenegotiationInstrumentType.SendBlobBeforeAndAfterHelloRequest: parameters.Add (HandshakeInstrumentType.RequestServerRenegotiation); parameters.Add (HandshakeInstrumentType.SendBlobBeforeHelloRequest, HandshakeInstrumentType.SendBlobAfterHelloRequest); break; case RenegotiationInstrumentType.SendDuplicateHelloRequest: parameters.Add (HandshakeInstrumentType.RequestServerRenegotiation, HandshakeInstrumentType.SendDuplicateHelloRequest); break; case RenegotiationInstrumentType.RequestServerRenegotiation: parameters.RequestServerRenegotiation = true; break; case RenegotiationInstrumentType.RequestServerRenegotiationWithPendingRead: parameters.RequestServerRenegotiation = true; parameters.QueueServerReadFirst = true; break; case RenegotiationInstrumentType.SendBlobBeforeRenegotiatingHello: parameters.RequestServerRenegotiation = true; parameters.QueueServerReadFirst = true; parameters.Add (HandshakeInstrumentType.SendBlobBeforeRenegotiatingHello); break; case RenegotiationInstrumentType.SendBlobBeforeRenegotiatingHelloNoPendingRead: parameters.RequestServerRenegotiation = true; parameters.Add (HandshakeInstrumentType.SendBlobBeforeRenegotiatingHello); break; case RenegotiationInstrumentType.RequestClientRenegotiation: parameters.RequestClientRenegotiation = true; break; case RenegotiationInstrumentType.RequestClientRenegotiationWithPendingWrite: parameters.RequestClientRenegotiation = true; parameters.ServerWriteDuringClientRenegotiation = true; parameters.UseStreamInstrumentation = true; break; case RenegotiationInstrumentType.MartinTest: parameters.RequestServerRenegotiation = true; parameters.Add (HandshakeInstrumentType.AskForClientCertificate); parameters.NeedCustomCertificateSelectionCallback = true; parameters.EnableDebugging = true; break; default: ctx.AssertFail ("Unsupported connection instrument: '{0}'.", type); break; } return parameters; }
public InstrumentationConnectionProvider(ConnectionProvider client, ConnectionProvider server, InstrumentationCategory category, InstrumentationConnectionFlags flags) : base(client, server, string.Format("{0}:{1}:{2}{3}", client.Name, server.Name, category, GetFlagsName(flags))) { Category = category; Flags = flags; }
public InstrumentationParameters (InstrumentationCategory category, string identifier, IServerCertificate certificate) : base (identifier, certificate) { Category = category; }
public static IEnumerable <SimpleConnectionParameters> GetParameters(TestContext ctx, InstrumentationCategory category) { return(GetTestTypes(ctx, category).Select(t => Create(ctx, category, t))); }
public InstrumentationParameters (InstrumentationCategory category, ClientParameters clientParameters, ServerParameters serverParameters) : base (clientParameters, serverParameters) { Category = category; }
static SimpleConnectionParameters Create(TestContext ctx, InstrumentationCategory category, SimpleConnectionType type) { var parameters = CreateParameters(category, type); var provider = DependencyInjector.Get <ICertificateProvider> (); var acceptSelfSigned = provider.AcceptThisCertificate(ResourceManager.SelfSignedServerCertificate); var acceptFromCA = provider.AcceptFromCA(ResourceManager.LocalCACertificate); switch (type) { case SimpleConnectionType.Simple: break; case SimpleConnectionType.ValidateCertificate: parameters.ServerCertificate = ResourceManager.ServerCertificateFromCA; parameters.ClientCertificateValidator = acceptFromCA; break; case SimpleConnectionType.SimpleTls10: parameters.ProtocolVersion = ProtocolVersions.Tls10; break; case SimpleConnectionType.SimpleTls11: parameters.ProtocolVersion = ProtocolVersions.Tls11; parameters.ExpectedCipher = CipherSuiteCode.TLS_DHE_RSA_WITH_AES_256_CBC_SHA; break; case SimpleConnectionType.SimpleTls12: parameters.ProtocolVersion = ProtocolVersions.Tls12; parameters.ExpectedCipher = CipherSuiteCode.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384; break; case SimpleConnectionType.SelectCiphersTls10: parameters.ProtocolVersion = ProtocolVersions.Tls10; break; case SimpleConnectionType.SelectCiphersTls11: parameters.ProtocolVersion = ProtocolVersions.Tls11; break; case SimpleConnectionType.SelectCiphersTls12: parameters.ProtocolVersion = ProtocolVersions.Tls12; break; case SimpleConnectionType.RequestClientCertificate: /* * Request client certificate, but do not require it. * * FIXME: * SslStream with Mono's old implementation fails here. */ parameters.ClientCertificate = ResourceManager.MonkeyCertificate; parameters.ClientCertificateValidator = acceptSelfSigned; parameters.AskForClientCertificate = true; parameters.ServerCertificateValidator = acceptFromCA; break; case SimpleConnectionType.RequireClientCertificateRSA: /* * Require client certificate. * */ parameters.ClientCertificate = ResourceManager.MonkeyCertificate; parameters.ClientCertificateValidator = acceptSelfSigned; parameters.RequireClientCertificate = true; parameters.ServerCertificateValidator = acceptFromCA; parameters.ServerCiphers = new CipherSuiteCode[] { CipherSuiteCode.TLS_RSA_WITH_AES_128_CBC_SHA }; break; case SimpleConnectionType.RequireClientCertificateDHE: /* * Require client certificate. * */ parameters.ClientCertificate = ResourceManager.MonkeyCertificate; parameters.ClientCertificateValidator = acceptSelfSigned; parameters.RequireClientCertificate = true; parameters.ServerCertificateValidator = acceptFromCA; parameters.ServerCiphers = new CipherSuiteCode[] { CipherSuiteCode.TLS_DHE_RSA_WITH_AES_256_CBC_SHA }; break; case SimpleConnectionType.CipherSelectionOrder: parameters.ProtocolVersion = ProtocolVersions.Tls12; parameters.ClientCiphers = new CipherSuiteCode[] { CipherSuiteCode.TLS_RSA_WITH_AES_128_CBC_SHA, CipherSuiteCode.TLS_DHE_RSA_WITH_AES_128_CBC_SHA }; parameters.ExpectedServerCipher = CipherSuiteCode.TLS_RSA_WITH_AES_128_CBC_SHA; break; case SimpleConnectionType.CipherSelectionOrder2: parameters.ProtocolVersion = ProtocolVersions.Tls12; parameters.ClientCiphers = new CipherSuiteCode[] { CipherSuiteCode.TLS_DHE_RSA_WITH_AES_128_CBC_SHA, CipherSuiteCode.TLS_RSA_WITH_AES_128_CBC_SHA }; parameters.ExpectedServerCipher = CipherSuiteCode.TLS_DHE_RSA_WITH_AES_128_CBC_SHA; break; case SimpleConnectionType.MartinTest: goto case SimpleConnectionType.SimpleTls12; default: ctx.AssertFail("Unsupported connection type: '{0}'.", type); break; } return(parameters); }
protected InstrumentationParameters (InstrumentationParameters other) : base (other) { Category = other.Category; }
public static InstrumentationConnectionFlags GetConnectionFlags(TestContext ctx, InstrumentationCategory category) { switch (category) { case InstrumentationCategory.SimpleMonoClient: case InstrumentationCategory.SelectClientCipher: return(InstrumentationConnectionFlags.RequireMonoClient); case InstrumentationCategory.SimpleMonoServer: case InstrumentationCategory.SelectServerCipher: return(InstrumentationConnectionFlags.RequireMonoServer); case InstrumentationCategory.SimpleMonoConnection: case InstrumentationCategory.MonoProtocolVersions: case InstrumentationCategory.SelectCipher: return(InstrumentationConnectionFlags.RequireMonoClient | InstrumentationConnectionFlags.RequireMonoServer); case InstrumentationCategory.AllClientSignatureAlgorithms: case InstrumentationCategory.ClientSignatureParameters: case InstrumentationCategory.ClientConnection: case InstrumentationCategory.ClientRenegotiation: case InstrumentationCategory.MartinTestClient: return(InstrumentationConnectionFlags.ClientInstrumentation); case InstrumentationCategory.AllServerSignatureAlgorithms: case InstrumentationCategory.ServerConnection: case InstrumentationCategory.ServerRenegotiation: case InstrumentationCategory.MartinTestServer: return(InstrumentationConnectionFlags.ServerInstrumentation); case InstrumentationCategory.ServerSignatureParameters: return(InstrumentationConnectionFlags.ClientInstrumentation | InstrumentationConnectionFlags.ServerInstrumentation); case InstrumentationCategory.SignatureAlgorithms: case InstrumentationCategory.Connection: case InstrumentationCategory.Renegotiation: case InstrumentationCategory.CertificateChecks: return(InstrumentationConnectionFlags.ClientInstrumentation | InstrumentationConnectionFlags.ServerInstrumentation); case InstrumentationCategory.MartinTest: return(InstrumentationConnectionFlags.RequireMonoClient | InstrumentationConnectionFlags.RequireMonoServer | InstrumentationConnectionFlags.RequireTls12); default: ctx.AssertFail("Unsupported instrumentation category: '{0}'.", category); return(InstrumentationConnectionFlags.None); } }
public InstrumentationConnectionProvider (ConnectionProvider client, ConnectionProvider server, InstrumentationCategory category, InstrumentationConnectionFlags flags) : base (client, server, string.Format ("{0}:{1}:{2}{3}", client.Name, server.Name, category, GetFlagsName (flags))) { Category = category; Flags = flags; }
static SignatureInstrumentParameters Create(TestContext ctx, InstrumentationCategory category, SignatureInstrumentType type) { var parameters = CreateParameters(category, type); parameters.ClientCertificate = ResourceManager.MonkeyCertificate; parameters.RequireClientCertificate = true; switch (type) { case SignatureInstrumentType.NoClientSignatureAlgorithms: parameters.ExpectServerSignatureAlgorithm = new SignatureAndHashAlgorithm(HashAlgorithmType.Sha1); parameters.ClientCiphers = new CipherSuiteCode[] { CipherSuiteCode.TLS_DHE_RSA_WITH_AES_128_CBC_SHA }; break; case SignatureInstrumentType.VerifyClientSignatureAlgorithms: parameters.ExpectClientAlert = AlertDescription.IlegalParameter; goto case SignatureInstrumentType.ClientProvidesSomeUnsupportedSignatureAlgorithms; case SignatureInstrumentType.ClientProvidesSomeUnsupportedSignatureAlgorithms: parameters.ClientSignatureParameters = new SignatureParameters(); parameters.ClientSignatureParameters.Add(HashAlgorithmType.Sha1, SignatureAlgorithmType.Dsa); parameters.ClientSignatureParameters.Add(HashAlgorithmType.Unknown, SignatureAlgorithmType.Unknown); parameters.ClientSignatureParameters.Add(HashAlgorithmType.Sha256, SignatureAlgorithmType.Rsa); parameters.ClientCiphers = new CipherSuiteCode[] { CipherSuiteCode.TLS_DHE_RSA_WITH_AES_128_CBC_SHA }; break; case SignatureInstrumentType.ClientProvidesNoSupportedSignatureAlgorithms: parameters.ClientSignatureParameters = new SignatureParameters(); parameters.ClientSignatureParameters.Add(HashAlgorithmType.Unknown, SignatureAlgorithmType.Dsa); parameters.ExpectServerSignatureAlgorithm = new SignatureAndHashAlgorithm(HashAlgorithmType.Sha1); parameters.ClientCiphers = new CipherSuiteCode[] { CipherSuiteCode.TLS_DHE_RSA_WITH_AES_128_CBC_SHA }; parameters.ExpectServerAlert = AlertDescription.IlegalParameter; break; case SignatureInstrumentType.Tls10WithRsaExchange: parameters.ClientCiphers = parameters.ServerCiphers = new CipherSuiteCode[] { CipherSuiteCode.TLS_RSA_WITH_AES_256_CBC_SHA }; parameters.ProtocolVersion = ProtocolVersions.Tls10; break; case SignatureInstrumentType.Tls10WithDheExchange: parameters.ClientCiphers = parameters.ServerCiphers = new CipherSuiteCode[] { CipherSuiteCode.TLS_DHE_RSA_WITH_AES_128_CBC_SHA }; parameters.ProtocolVersion = ProtocolVersions.Tls10; break; case SignatureInstrumentType.ServerUsesUnsupportedSignatureAlgorithm: parameters.ClientCiphers = new CipherSuiteCode[] { CipherSuiteCode.TLS_DHE_RSA_WITH_AES_128_CBC_SHA }; parameters.ClientSignatureParameters = new SignatureParameters(); parameters.ClientSignatureParameters.Add(HashAlgorithmType.Sha384); parameters.ServerSignatureAlgorithm = new SignatureAndHashAlgorithm(HashAlgorithmType.Sha512); parameters.ExpectClientAlert = AlertDescription.IlegalParameter; break; case SignatureInstrumentType.ServerUsesUnsupportedSignatureAlgorithm2: // MD5SHA1 is never allowed for TLS 1.2. parameters.ClientCiphers = new CipherSuiteCode[] { CipherSuiteCode.TLS_DHE_RSA_WITH_AES_128_CBC_SHA }; parameters.ClientSignatureParameters = new SignatureParameters(); parameters.ClientSignatureParameters.Add(HashAlgorithmType.Sha1); // we'd normally not be allowed to request this from user settings, but there's an instrumentation override // in place for this test. parameters.ClientSignatureParameters.Add(HashAlgorithmType.Md5Sha1); // Instrumentation override lets us force set this. parameters.ServerSignatureAlgorithm = new SignatureAndHashAlgorithm(HashAlgorithmType.Md5Sha1); parameters.ExpectClientAlert = AlertDescription.IlegalParameter; parameters.ProtocolVersion = ProtocolVersions.Tls12; break; case SignatureInstrumentType.ServerSendsCertificateParametersWithoutAlgorithms: parameters.ServerCertificateParameters = new ClientCertificateParameters(); parameters.ExpectCertificateVerifySignatureAlgorithm = SignatureParameters.DefaultAlgorithm; break; case SignatureInstrumentType.ServerSendsCertificateParametersWithSomeUnsupportedAlgorithms: parameters.ServerCertificateParameters = new ClientCertificateParameters(); parameters.ServerCertificateParameters.SignatureParameters.Add(HashAlgorithmType.Unknown); parameters.ServerCertificateParameters.SignatureParameters.Add(HashAlgorithmType.Sha384); parameters.ExpectCertificateVerifySignatureAlgorithm = new SignatureAndHashAlgorithm(HashAlgorithmType.Sha384); break; case SignatureInstrumentType.ServerSendsCertificateParametersWithNoSupportedAlgorithms: parameters.ServerCertificateParameters = new ClientCertificateParameters(); parameters.ServerCertificateParameters.SignatureParameters.Add(HashAlgorithmType.Unknown); parameters.ExpectCertificateVerifySignatureAlgorithm = SignatureParameters.DefaultAlgorithm; parameters.ExpectClientAlert = AlertDescription.IlegalParameter; break; case SignatureInstrumentType.ClientSendsCertificateVerifyWithUnrequestedAlgorithm: parameters.ServerCertificateParameters = new ClientCertificateParameters(); parameters.ServerCertificateParameters.SignatureParameters.Add(HashAlgorithmType.Sha384); parameters.ServerCertificateParameters.SignatureParameters.Add(HashAlgorithmType.Sha512); parameters.ClientSignatureAlgorithm = new SignatureAndHashAlgorithm(HashAlgorithmType.Sha256); parameters.ExpectServerAlert = AlertDescription.IlegalParameter; break; case SignatureInstrumentType.CertificateVerifySignatureAlgorithmSelectionOrder: parameters.ServerCertificateParameters = new ClientCertificateParameters(); parameters.ServerCertificateParameters.SignatureParameters.Add(HashAlgorithmType.Sha384); parameters.ServerCertificateParameters.SignatureParameters.Add(HashAlgorithmType.Sha512); parameters.ExpectCertificateVerifySignatureAlgorithm = new SignatureAndHashAlgorithm(HashAlgorithmType.Sha384); break; case SignatureInstrumentType.CertificateVerifySignatureAlgorithmSelectionOrder2: parameters.ServerCertificateParameters = new ClientCertificateParameters(); parameters.ServerCertificateParameters.SignatureParameters.Add(HashAlgorithmType.Sha512); parameters.ServerCertificateParameters.SignatureParameters.Add(HashAlgorithmType.Sha384); parameters.ExpectCertificateVerifySignatureAlgorithm = new SignatureAndHashAlgorithm(HashAlgorithmType.Sha512); break; default: ctx.AssertFail("Unsupported signature instrument: '{0}'.", type); break; } return(parameters); }
public ConnectionInstrumentParameters(InstrumentationCategory category, string identifier, IServerCertificate certificate) : base(category, identifier, certificate) { }
public InstrumentationConnectionFilter (InstrumentationCategory category, InstrumentationConnectionFlags flags) { Category = category; Flags = flags; }
public RenegotiationInstrumentParameters(InstrumentationCategory category, RenegotiationInstrumentType type, string identifier, IServerCertificate certificate) : base(category, identifier, certificate) { Type = type; }
public SimpleConnectionParameters(InstrumentationCategory category, SimpleConnectionType type, string identifier, X509Certificate certificate) : base(category, identifier, certificate) { Type = type; }
public SignatureInstrumentParameters (InstrumentationCategory category, SignatureInstrumentType type, ClientParameters clientParameters, ServerParameters serverParameters) : base (category, clientParameters, serverParameters) { Type = type; }
static SignatureInstrumentParameters Create (TestContext ctx, InstrumentationCategory category, SignatureInstrumentType type) { var parameters = CreateParameters (category, type); parameters.ClientCertificate = ResourceManager.MonkeyCertificate; parameters.RequireClientCertificate = true; switch (type) { case SignatureInstrumentType.NoClientSignatureAlgorithms: parameters.ExpectServerSignatureAlgorithm = new SignatureAndHashAlgorithm (HashAlgorithmType.Sha1); parameters.ClientCiphers = new CipherSuiteCode[] { CipherSuiteCode.TLS_DHE_RSA_WITH_AES_128_CBC_SHA }; break; case SignatureInstrumentType.VerifyClientSignatureAlgorithms: parameters.ExpectClientAlert = AlertDescription.IlegalParameter; goto case SignatureInstrumentType.ClientProvidesSomeUnsupportedSignatureAlgorithms; case SignatureInstrumentType.ClientProvidesSomeUnsupportedSignatureAlgorithms: parameters.ClientSignatureParameters = new SignatureParameters (); parameters.ClientSignatureParameters.Add (HashAlgorithmType.Sha1, SignatureAlgorithmType.Dsa); parameters.ClientSignatureParameters.Add (HashAlgorithmType.Unknown, SignatureAlgorithmType.Unknown); parameters.ClientSignatureParameters.Add (HashAlgorithmType.Sha256, SignatureAlgorithmType.Rsa); parameters.ClientCiphers = new CipherSuiteCode[] { CipherSuiteCode.TLS_DHE_RSA_WITH_AES_128_CBC_SHA }; break; case SignatureInstrumentType.ClientProvidesNoSupportedSignatureAlgorithms: parameters.ClientSignatureParameters = new SignatureParameters (); parameters.ClientSignatureParameters.Add (HashAlgorithmType.Unknown, SignatureAlgorithmType.Dsa); parameters.ExpectServerSignatureAlgorithm = new SignatureAndHashAlgorithm (HashAlgorithmType.Sha1); parameters.ClientCiphers = new CipherSuiteCode[] { CipherSuiteCode.TLS_DHE_RSA_WITH_AES_128_CBC_SHA }; parameters.ExpectServerAlert = AlertDescription.IlegalParameter; break; case SignatureInstrumentType.Tls10WithRsaExchange: parameters.ClientCiphers = parameters.ServerCiphers = new CipherSuiteCode[] { CipherSuiteCode.TLS_RSA_WITH_AES_256_CBC_SHA }; parameters.ProtocolVersion = ProtocolVersions.Tls10; break; case SignatureInstrumentType.Tls10WithDheExchange: parameters.ClientCiphers = parameters.ServerCiphers = new CipherSuiteCode[] { CipherSuiteCode.TLS_DHE_RSA_WITH_AES_128_CBC_SHA }; parameters.ProtocolVersion = ProtocolVersions.Tls10; break; case SignatureInstrumentType.ServerUsesUnsupportedSignatureAlgorithm: parameters.ClientCiphers = new CipherSuiteCode[] { CipherSuiteCode.TLS_DHE_RSA_WITH_AES_128_CBC_SHA }; parameters.ClientSignatureParameters = new SignatureParameters (); parameters.ClientSignatureParameters.Add (HashAlgorithmType.Sha384); parameters.ServerSignatureAlgorithm = new SignatureAndHashAlgorithm (HashAlgorithmType.Sha512); parameters.ExpectClientAlert = AlertDescription.IlegalParameter; break; case SignatureInstrumentType.ServerUsesUnsupportedSignatureAlgorithm2: // MD5SHA1 is never allowed for TLS 1.2. parameters.ClientCiphers = new CipherSuiteCode[] { CipherSuiteCode.TLS_DHE_RSA_WITH_AES_128_CBC_SHA }; parameters.ClientSignatureParameters = new SignatureParameters (); parameters.ClientSignatureParameters.Add (HashAlgorithmType.Sha1); // we'd normally not be allowed to request this from user settings, but there's an instrumentation override // in place for this test. parameters.ClientSignatureParameters.Add (HashAlgorithmType.Md5Sha1); // Instrumentation override lets us force set this. parameters.ServerSignatureAlgorithm = new SignatureAndHashAlgorithm (HashAlgorithmType.Md5Sha1); parameters.ExpectClientAlert = AlertDescription.IlegalParameter; parameters.ProtocolVersion = ProtocolVersions.Tls12; break; case SignatureInstrumentType.ServerSendsCertificateParametersWithoutAlgorithms: parameters.ServerCertificateParameters = new ClientCertificateParameters (); parameters.ExpectCertificateVerifySignatureAlgorithm = SignatureParameters.DefaultAlgorithm; break; case SignatureInstrumentType.ServerSendsCertificateParametersWithSomeUnsupportedAlgorithms: parameters.ServerCertificateParameters = new ClientCertificateParameters (); parameters.ServerCertificateParameters.SignatureParameters.Add (HashAlgorithmType.Unknown); parameters.ServerCertificateParameters.SignatureParameters.Add (HashAlgorithmType.Sha384); parameters.ExpectCertificateVerifySignatureAlgorithm = new SignatureAndHashAlgorithm (HashAlgorithmType.Sha384); break; case SignatureInstrumentType.ServerSendsCertificateParametersWithNoSupportedAlgorithms: parameters.ServerCertificateParameters = new ClientCertificateParameters (); parameters.ServerCertificateParameters.SignatureParameters.Add (HashAlgorithmType.Unknown); parameters.ExpectCertificateVerifySignatureAlgorithm = SignatureParameters.DefaultAlgorithm; parameters.ExpectClientAlert = AlertDescription.IlegalParameter; break; case SignatureInstrumentType.ClientSendsCertificateVerifyWithUnrequestedAlgorithm: parameters.ServerCertificateParameters = new ClientCertificateParameters (); parameters.ServerCertificateParameters.SignatureParameters.Add (HashAlgorithmType.Sha384); parameters.ServerCertificateParameters.SignatureParameters.Add (HashAlgorithmType.Sha512); parameters.ClientSignatureAlgorithm = new SignatureAndHashAlgorithm (HashAlgorithmType.Sha256); parameters.ExpectServerAlert = AlertDescription.IlegalParameter; break; case SignatureInstrumentType.CertificateVerifySignatureAlgorithmSelectionOrder: parameters.ServerCertificateParameters = new ClientCertificateParameters (); parameters.ServerCertificateParameters.SignatureParameters.Add (HashAlgorithmType.Sha384); parameters.ServerCertificateParameters.SignatureParameters.Add (HashAlgorithmType.Sha512); parameters.ExpectCertificateVerifySignatureAlgorithm = new SignatureAndHashAlgorithm (HashAlgorithmType.Sha384); break; case SignatureInstrumentType.CertificateVerifySignatureAlgorithmSelectionOrder2: parameters.ServerCertificateParameters = new ClientCertificateParameters (); parameters.ServerCertificateParameters.SignatureParameters.Add (HashAlgorithmType.Sha512); parameters.ServerCertificateParameters.SignatureParameters.Add (HashAlgorithmType.Sha384); parameters.ExpectCertificateVerifySignatureAlgorithm = new SignatureAndHashAlgorithm (HashAlgorithmType.Sha512); break; default: ctx.AssertFail ("Unsupported signature instrument: '{0}'.", type); break; } return parameters; }
public CipherInstrumentParameters(InstrumentationCategory category, CipherInstrumentType type, string identifier, X509Certificate certificate) : base(category, identifier, certificate) { Type = type; }
internal static Payload GetDerivedDefinitions(InstrumentationCategory instrumentationFilter = InstrumentationCategory.Tracing) { return(GetDerivedDefinitionsArray(instrumentationFilter)); }
static SimpleConnectionParameters Create (TestContext ctx, InstrumentationCategory category, SimpleConnectionType type) { var parameters = CreateParameters (category, type); var provider = DependencyInjector.Get<ICertificateProvider> (); var acceptSelfSigned = provider.AcceptThisCertificate (ResourceManager.SelfSignedServerCertificate); var acceptFromCA = provider.AcceptFromCA (ResourceManager.LocalCACertificate); switch (type) { case SimpleConnectionType.Simple: break; case SimpleConnectionType.ValidateCertificate: parameters.ServerParameters.ServerCertificate = ResourceManager.ServerCertificateFromCA; parameters.ClientCertificateValidator = acceptFromCA; break; case SimpleConnectionType.CheckDefaultCipher: parameters.ExpectedCipher = CipherSuiteCode.TLS_DHE_RSA_WITH_AES_256_GCM_SHA384; break; case SimpleConnectionType.SimpleTls10: parameters.ProtocolVersion = ProtocolVersions.Tls10; parameters.ExpectedCipher = CipherSuiteCode.TLS_DHE_RSA_WITH_AES_256_CBC_SHA; break; case SimpleConnectionType.SimpleTls11: parameters.ProtocolVersion = ProtocolVersions.Tls11; parameters.ExpectedCipher = CipherSuiteCode.TLS_DHE_RSA_WITH_AES_256_CBC_SHA; break; case SimpleConnectionType.SimpleTls12: parameters.ProtocolVersion = ProtocolVersions.Tls12; parameters.ExpectedCipher = CipherSuiteCode.TLS_DHE_RSA_WITH_AES_256_GCM_SHA384; break; case SimpleConnectionType.SelectCiphersTls10: parameters.ProtocolVersion = ProtocolVersions.Tls10; break; case SimpleConnectionType.SelectCiphersTls11: parameters.ProtocolVersion = ProtocolVersions.Tls11; break; case SimpleConnectionType.SelectCiphersTls12: parameters.ProtocolVersion = ProtocolVersions.Tls12; break; case SimpleConnectionType.RequestClientCertificate: /* * Request client certificate, but do not require it. * * FIXME: * SslStream with Mono's old implementation fails here. */ parameters.ClientCertificate = ResourceManager.MonkeyCertificate; parameters.ClientCertificateValidator = acceptSelfSigned; parameters.ServerFlags = ServerFlags.AskForClientCertificate; parameters.ServerCertificateValidator = acceptFromCA; break; case SimpleConnectionType.RequireClientCertificateRSA: /* * Require client certificate. * */ parameters.ClientCertificate = ResourceManager.MonkeyCertificate; parameters.ClientCertificateValidator = acceptSelfSigned; parameters.ServerFlags = ServerFlags.RequireClientCertificate; parameters.ServerCertificateValidator = acceptFromCA; parameters.ServerCiphers = new CipherSuiteCode[] { CipherSuiteCode.TLS_RSA_WITH_AES_128_CBC_SHA }; break; case SimpleConnectionType.RequireClientCertificateDHE: /* * Require client certificate. * */ parameters.ClientCertificate = ResourceManager.MonkeyCertificate; parameters.ClientCertificateValidator = acceptSelfSigned; parameters.ServerFlags = ServerFlags.RequireClientCertificate; parameters.ServerCertificateValidator = acceptFromCA; parameters.ServerCiphers = new CipherSuiteCode[] { CipherSuiteCode.TLS_DHE_RSA_WITH_AES_256_CBC_SHA }; break; case SimpleConnectionType.MartinTest: break; default: ctx.AssertFail ("Unsupported connection type: '{0}'.", type); break; } return parameters; }
static RenegotiationInstrumentParameters CreateParameters (InstrumentationCategory category, RenegotiationInstrumentType type, params object[] args) { var sb = new StringBuilder (); sb.Append (type); foreach (var arg in args) { sb.AppendFormat (":{0}", arg); } var name = sb.ToString (); return new RenegotiationInstrumentParameters (category, type, name, ResourceManager.SelfSignedServerCertificate) { ClientCertificateValidator = AcceptAnyCertificate, ServerCertificateValidator = AcceptAnyCertificate, ProtocolVersion = ProtocolVersions.Tls12 }; }
public static IEnumerable<RenegotiationInstrumentParameters> GetParameters (TestContext ctx, InstrumentationCategory category) { return GetInstrumentationTypes (ctx, category).Select (t => Create (ctx, category, t)); }
public InstrumentationCategoryAttribute(InstrumentationCategory category) { this.category = category; this.identifier = Type.Name; }
static RenegotiationInstrumentParameters Create(TestContext ctx, InstrumentationCategory category, RenegotiationInstrumentType type) { var parameters = CreateParameters(category, type); switch (type) { case RenegotiationInstrumentType.RequestRenegotiation: parameters.Add(HandshakeInstrumentType.RequestServerRenegotiation); break; case RenegotiationInstrumentType.SendBlobBeforeHelloRequest: parameters.Add(HandshakeInstrumentType.RequestServerRenegotiation, HandshakeInstrumentType.SendBlobBeforeHelloRequest); break; case RenegotiationInstrumentType.SendBlobAfterHelloRequest: parameters.Add(HandshakeInstrumentType.RequestServerRenegotiation, HandshakeInstrumentType.SendBlobAfterHelloRequest); break; case RenegotiationInstrumentType.SendBlobBeforeAndAfterHelloRequest: parameters.Add(HandshakeInstrumentType.RequestServerRenegotiation); parameters.Add(HandshakeInstrumentType.SendBlobBeforeHelloRequest, HandshakeInstrumentType.SendBlobAfterHelloRequest); break; case RenegotiationInstrumentType.SendDuplicateHelloRequest: parameters.Add(HandshakeInstrumentType.RequestServerRenegotiation, HandshakeInstrumentType.SendDuplicateHelloRequest); break; case RenegotiationInstrumentType.RequestServerRenegotiation: parameters.RequestServerRenegotiation = true; break; case RenegotiationInstrumentType.RequestServerRenegotiationWithPendingRead: parameters.RequestServerRenegotiation = true; parameters.QueueServerReadFirst = true; break; case RenegotiationInstrumentType.SendBlobBeforeRenegotiatingHello: parameters.RequestServerRenegotiation = true; parameters.QueueServerReadFirst = true; parameters.Add(HandshakeInstrumentType.SendBlobBeforeRenegotiatingHello); break; case RenegotiationInstrumentType.SendBlobBeforeRenegotiatingHelloNoPendingRead: parameters.RequestServerRenegotiation = true; parameters.Add(HandshakeInstrumentType.SendBlobBeforeRenegotiatingHello); break; case RenegotiationInstrumentType.RequestClientRenegotiation: parameters.RequestClientRenegotiation = true; break; case RenegotiationInstrumentType.RequestClientRenegotiationWithPendingWrite: parameters.RequestClientRenegotiation = true; parameters.ServerWriteDuringClientRenegotiation = true; parameters.UseStreamInstrumentation = true; break; case RenegotiationInstrumentType.MartinTest: parameters.RequestServerRenegotiation = true; parameters.Add(HandshakeInstrumentType.AskForClientCertificate); parameters.NeedCustomCertificateSelectionCallback = true; parameters.EnableDebugging = true; break; default: ctx.AssertFail("Unsupported connection instrument: '{0}'.", type); break; } return(parameters); }
public SignatureInstrumentParameters (InstrumentationCategory category, SignatureInstrumentType type, string identifier, IServerCertificate certificate) : base (category, identifier, certificate) { Type = type; }
public static IEnumerable <RenegotiationInstrumentParameters> GetParameters(TestContext ctx, InstrumentationCategory category) { return(GetInstrumentationTypes(ctx, category).Select(t => Create(ctx, category, t))); }
public InstrumentationParameters(InstrumentationCategory category, string identifier, X509Certificate certificate) : base((MonoConnectionTestCategory)category, identifier, certificate) { }
public static IEnumerable <RenegotiationInstrumentType> GetInstrumentationTypes(TestContext ctx, InstrumentationCategory category) { switch (category) { case InstrumentationCategory.ClientRenegotiation: yield return(RenegotiationInstrumentType.RequestClientRenegotiation); break; case InstrumentationCategory.ServerRenegotiation: yield return(RenegotiationInstrumentType.RequestRenegotiation); yield return(RenegotiationInstrumentType.SendBlobBeforeHelloRequest); yield return(RenegotiationInstrumentType.SendBlobAfterHelloRequest); yield return(RenegotiationInstrumentType.SendBlobBeforeAndAfterHelloRequest); yield return(RenegotiationInstrumentType.SendDuplicateHelloRequest); yield return(RenegotiationInstrumentType.RequestServerRenegotiation); yield return(RenegotiationInstrumentType.RequestServerRenegotiationWithPendingRead); break; case InstrumentationCategory.Renegotiation: yield return(RenegotiationInstrumentType.SendBlobBeforeRenegotiatingHello); yield return(RenegotiationInstrumentType.SendBlobBeforeRenegotiatingHelloNoPendingRead); yield return(RenegotiationInstrumentType.RequestClientRenegotiationWithPendingWrite); break; case InstrumentationCategory.MartinTest: case InstrumentationCategory.MartinTestClient: case InstrumentationCategory.MartinTestServer: yield return(RenegotiationInstrumentType.MartinTest); break; default: ctx.AssertFail("Unsupported instrumentation category: '{0}'.", category); break; } }
static SimpleConnectionParameters CreateParameters (InstrumentationCategory category, SimpleConnectionType type, params object[] args) { var sb = new StringBuilder (); sb.Append (type); foreach (var arg in args) { sb.AppendFormat (":{0}", arg); } var name = sb.ToString (); return new SimpleConnectionParameters (category, type, name, ResourceManager.SelfSignedServerCertificate) { ClientCertificateValidator = AcceptAnyCertificate }; }
public InstrumentationParameters(InstrumentationCategory category, string identifier, IServerCertificate certificate) : base(identifier, certificate) { Category = category; }
static CipherInstrumentParameters Create (TestContext ctx, InstrumentationCategory category, CipherInstrumentType type) { var parameters = CreateParameters (category, type); switch (type) { case CipherInstrumentType.InvalidCipher: parameters.ServerCiphers = new CipherSuiteCode[] { CipherSuiteCode.TLS_DHE_RSA_WITH_AES_128_CBC_SHA }; parameters.ClientCiphers = new CipherSuiteCode[] { CipherSuiteCode.TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 }; parameters.ProtocolVersion = ProtocolVersions.Tls12; parameters.ExpectServerAlert = AlertDescription.HandshakeFailure; break; default: ctx.AssertFail ("Unsupported cipher instrument: '{0}'.", type); break; } return parameters; }
public GenericConnectionInstrumentParameters(InstrumentationCategory category, GenericConnectionInstrumentType type, string identifier, X509Certificate certificate) : base(category, identifier, certificate) { Type = type; }