void AppendNegotiationMessageXml(XmlReader reader, TlsServerSessionInfo tlsInfo) { XmlDsigExcC14NTransform t = new XmlDsigExcC14NTransform(); XmlDocument doc = new XmlDocument(); doc.PreserveWhitespace = true; reader.MoveToContent(); doc.AppendChild(doc.ReadNode(reader)); t.LoadInput(doc); MemoryStream stream = (MemoryStream)t.GetOutput(); byte [] bytes = stream.ToArray(); tlsInfo.Messages.Write(bytes, 0, bytes.Length); }
// FIXME: use timeout Message ProcessClientHello(Message request, TimeSpan timeout) { // FIXME: use correct buffer size MessageBuffer buffer = request.CreateBufferedCopy(0x10000); WSTrustRequestSecurityTokenReader reader = new WSTrustRequestSecurityTokenReader(buffer.CreateMessage().GetReaderAtBodyContents(), SecurityTokenSerializer); reader.Read(); if (sessions.ContainsKey(reader.Value.Context)) { throw new SecurityNegotiationException(String.Format("The context '{0}' already exists in this SSL negotiation manager", reader.Value.Context)); } // FIXME: it seems .NET retrieves X509 Certificate through CreateSecurityTokenProvider(somex509requirement).GetToken().SecurityKeys[0] // (should result in X509AsymmetricSecurityKey) and continues tlsstart. // That's not very required feature so I ignore it. TlsServerSession tls = new TlsServerSession(owner.Manager.ServiceCredentials.ServiceCertificate.Certificate, owner.IsMutual); TlsServerSessionInfo tlsInfo = new TlsServerSessionInfo( reader.Value.Context, tls); AppendNegotiationMessageXml(buffer.CreateMessage().GetReaderAtBodyContents(), tlsInfo); tls.ProcessClientHello(reader.Value.BinaryExchange.Value); WstRequestSecurityTokenResponse rstr = new WstRequestSecurityTokenResponse(SecurityTokenSerializer); rstr.Context = reader.Value.Context; rstr.BinaryExchange = new WstBinaryExchange(Constants.WstBinaryExchangeValueTls); rstr.BinaryExchange.Value = tls.ProcessServerHello(); Message reply = Message.CreateMessage(request.Version, Constants.WstIssueReplyAction, rstr); reply.Headers.RelatesTo = request.Headers.MessageId; // FIXME: use correct buffer size buffer = reply.CreateBufferedCopy(0x10000); AppendNegotiationMessageXml(buffer.CreateMessage().GetReaderAtBodyContents(), tlsInfo); sessions [reader.Value.Context] = tlsInfo; return(buffer.CreateMessage()); }
Message ProcessClientHello(Message request) { // FIXME: use correct buffer size MessageBuffer buffer = request.CreateBufferedCopy(0x10000); WSTrustRequestSecurityTokenReader reader = new WSTrustRequestSecurityTokenReader(buffer.CreateMessage().GetReaderAtBodyContents(), SecurityTokenSerializer); reader.Read(); if (sessions.ContainsKey(reader.Value.Context)) { throw new SecurityNegotiationException(String.Format("The context '{0}' already exists in this SSL negotiation manager", reader.Value.Context)); } TlsServerSession tls = new TlsServerSession(owner.Manager.ServiceCredentials.ServiceCertificate.Certificate, owner.IsMutual); TlsServerSessionInfo tlsInfo = new TlsServerSessionInfo( reader.Value.Context, tls); AppendNegotiationMessageXml(buffer.CreateMessage().GetReaderAtBodyContents(), tlsInfo); tls.ProcessClientHello(reader.Value.BinaryExchange.Value); WstRequestSecurityTokenResponse rstr = new WstRequestSecurityTokenResponse(SecurityTokenSerializer); rstr.Context = reader.Value.Context; rstr.BinaryExchange = new WstBinaryExchange(Constants.WstBinaryExchangeValueTls); rstr.BinaryExchange.Value = tls.ProcessServerHello(); Message reply = Message.CreateMessage(request.Version, Constants.WstIssueReplyAction, rstr); reply.Headers.RelatesTo = request.Headers.MessageId; // FIXME: use correct buffer size buffer = reply.CreateBufferedCopy(0x10000); AppendNegotiationMessageXml(buffer.CreateMessage().GetReaderAtBodyContents(), tlsInfo); sessions [reader.Value.Context] = tlsInfo; return(buffer.CreateMessage()); }
Message ProcessClientHello (Message request) { // FIXME: use correct buffer size MessageBuffer buffer = request.CreateBufferedCopy (0x10000); WSTrustRequestSecurityTokenReader reader = new WSTrustRequestSecurityTokenReader (buffer.CreateMessage ().GetReaderAtBodyContents (), SecurityTokenSerializer); reader.Read (); if (sessions.ContainsKey (reader.Value.Context)) throw new SecurityNegotiationException (String.Format ("The context '{0}' already exists in this SSL negotiation manager", reader.Value.Context)); TlsServerSession tls = new TlsServerSession (owner.Manager.ServiceCredentials.ServiceCertificate.Certificate, owner.IsMutual); TlsServerSessionInfo tlsInfo = new TlsServerSessionInfo ( reader.Value.Context, tls); AppendNegotiationMessageXml (buffer.CreateMessage ().GetReaderAtBodyContents (), tlsInfo); tls.ProcessClientHello (reader.Value.BinaryExchange.Value); WstRequestSecurityTokenResponse rstr = new WstRequestSecurityTokenResponse (SecurityTokenSerializer); rstr.Context = reader.Value.Context; rstr.BinaryExchange = new WstBinaryExchange (Constants.WstBinaryExchangeValueTls); rstr.BinaryExchange.Value = tls.ProcessServerHello (); Message reply = Message.CreateMessage (request.Version, Constants.WstIssueReplyAction, rstr); reply.Headers.RelatesTo = request.Headers.MessageId; // FIXME: use correct buffer size buffer = reply.CreateBufferedCopy (0x10000); AppendNegotiationMessageXml (buffer.CreateMessage ().GetReaderAtBodyContents (), tlsInfo); sessions [reader.Value.Context] = tlsInfo; return buffer.CreateMessage (); }
void AppendNegotiationMessageXml (XmlReader reader, TlsServerSessionInfo tlsInfo) { XmlDsigExcC14NTransform t = new XmlDsigExcC14NTransform (); XmlDocument doc = new XmlDocument (); doc.PreserveWhitespace = true; reader.MoveToContent (); doc.AppendChild (doc.ReadNode (reader)); t.LoadInput (doc); MemoryStream stream = (MemoryStream) t.GetOutput (); byte [] bytes = stream.ToArray (); tlsInfo.Messages.Write (bytes, 0, bytes.Length); }
// FIXME: use timeout Message ProcessClientHello (Message request, TimeSpan timeout) { // FIXME: use correct buffer size MessageBuffer buffer = request.CreateBufferedCopy (0x10000); WSTrustRequestSecurityTokenReader reader = new WSTrustRequestSecurityTokenReader (buffer.CreateMessage ().GetReaderAtBodyContents (), SecurityTokenSerializer); reader.Read (); if (sessions.ContainsKey (reader.Value.Context)) throw new SecurityNegotiationException (String.Format ("The context '{0}' already exists in this SSL negotiation manager", reader.Value.Context)); // FIXME: it seems .NET retrieves X509 Certificate through CreateSecurityTokenProvider(somex509requirement).GetToken().SecurityKeys[0] // (should result in X509AsymmetricSecurityKey) and continues tlsstart. // That's not very required feature so I ignore it. TlsServerSession tls = new TlsServerSession (owner.Manager.ServiceCredentials.ServiceCertificate.Certificate, owner.IsMutual); TlsServerSessionInfo tlsInfo = new TlsServerSessionInfo ( reader.Value.Context, tls); AppendNegotiationMessageXml (buffer.CreateMessage ().GetReaderAtBodyContents (), tlsInfo); tls.ProcessClientHello (reader.Value.BinaryExchange.Value); WstRequestSecurityTokenResponse rstr = new WstRequestSecurityTokenResponse (SecurityTokenSerializer); rstr.Context = reader.Value.Context; rstr.BinaryExchange = new WstBinaryExchange (Constants.WstBinaryExchangeValueTls); rstr.BinaryExchange.Value = tls.ProcessServerHello (); Message reply = Message.CreateMessage (request.Version, Constants.WstIssueReplyAction, rstr); reply.Headers.RelatesTo = request.Headers.MessageId; // FIXME: use correct buffer size buffer = reply.CreateBufferedCopy (0x10000); AppendNegotiationMessageXml (buffer.CreateMessage ().GetReaderAtBodyContents (), tlsInfo); sessions [reader.Value.Context] = tlsInfo; return buffer.CreateMessage (); }