Example #1
0
        public override CertificateRequest GetCertificateRequest()
        {
            IList serverSigAlgs = null;

            if (TlsUtilities.IsSignatureAlgorithmsExtensionAllowed(mServerVersion))
            {
                byte[] hashAlgorithms = new byte[] { HashAlgorithm.sha512, HashAlgorithm.sha384, HashAlgorithm.sha256,
                                                     HashAlgorithm.sha224, HashAlgorithm.sha1 };
                byte[] signatureAlgorithms = new byte[] { SignatureAlgorithm.rsa };

                serverSigAlgs = new ArrayList();
                for (int i = 0; i < hashAlgorithms.Length; ++i)
                {
                    for (int j = 0; j < signatureAlgorithms.Length; ++j)
                    {
                        serverSigAlgs.Add(new SignatureAndHashAlgorithm(hashAlgorithms[i],
                                                                        signatureAlgorithms[j]));
                    }
                }
            }

            IList certificateAuthorities = new ArrayList();

            certificateAuthorities.Add(TlsTestUtilities.LoadCertificateResource("x509-ca.pem").Subject);

            return(new CertificateRequest(new byte[] { ClientCertificateType.rsa_sign }, serverSigAlgs, certificateAuthorities));
        }
Example #2
0
        public override CertificateRequest GetCertificateRequest()
        {
            List <SignatureAndHashAlgorithm> serverSigAlgs = new List <SignatureAndHashAlgorithm>();

            if (TlsUtilities.IsSignatureAlgorithmsExtensionAllowed(mServerVersion))
            {
                byte[] hashAlgorithms = new byte[]
                {
                    HashAlgorithm.sha512, HashAlgorithm.sha384, HashAlgorithm.sha256, HashAlgorithm.sha224,
                    HashAlgorithm.sha1
                };
                byte[] signatureAlgorithms = new byte[] { SignatureAlgorithm.rsa, SignatureAlgorithm.ecdsa };

                serverSigAlgs = new List <SignatureAndHashAlgorithm>();
                for (int i = 0; i < hashAlgorithms.Length; ++i)
                {
                    for (int j = 0; j < signatureAlgorithms.Length; ++j)
                    {
                        serverSigAlgs.Add(new SignatureAndHashAlgorithm(hashAlgorithms[i], signatureAlgorithms[j]));
                    }
                }
            }

            return(new CertificateRequest(new byte[] { ClientCertificateType.rsa_sign }, serverSigAlgs, null));
        }
Example #3
0
        public override CertificateRequest GetCertificateRequest()
        {
            if (mConfig.serverCertReq == TlsTestConfig.SERVER_CERT_REQ_NONE)
            {
                return(null);
            }

            byte[] certificateTypes = new byte[] { ClientCertificateType.rsa_sign,
                                                   ClientCertificateType.dss_sign, ClientCertificateType.ecdsa_sign };

            IList serverSigAlgs = null;

            if (TlsUtilities.IsSignatureAlgorithmsExtensionAllowed(mServerVersion))
            {
                serverSigAlgs = mConfig.serverCertReqSigAlgs;
                if (serverSigAlgs == null)
                {
                    serverSigAlgs = TlsUtilities.GetDefaultSupportedSignatureAlgorithms();
                }
            }

            IList certificateAuthorities = new ArrayList();

            certificateAuthorities.Add(TlsTestUtilities.LoadCertificateResource("x509-ca.pem").Subject);

            return(new CertificateRequest(certificateTypes, serverSigAlgs, certificateAuthorities));
        }
Example #4
0
    public virtual IDictionary GetClientExtensions()
    {
        IDictionary     dictionary    = null;
        ProtocolVersion clientVersion = mContext.ClientVersion;

        if (TlsUtilities.IsSignatureAlgorithmsExtensionAllowed(clientVersion))
        {
            mSupportedSignatureAlgorithms = TlsUtilities.GetDefaultSupportedSignatureAlgorithms();
            dictionary = TlsExtensionsUtilities.EnsureExtensionsInitialised(dictionary);
            TlsUtilities.AddSignatureAlgorithmsExtension(dictionary, mSupportedSignatureAlgorithms);
        }
        if (TlsEccUtilities.ContainsEccCipherSuites(GetCipherSuites()))
        {
            mNamedCurves = new int[2]
            {
                23,
                24
            };
            mClientECPointFormats = new byte[3]
            {
                0,
                1,
                2
            };
            dictionary = TlsExtensionsUtilities.EnsureExtensionsInitialised(dictionary);
            TlsEccUtilities.AddSupportedEllipticCurvesExtension(dictionary, mNamedCurves);
            TlsEccUtilities.AddSupportedPointFormatsExtension(dictionary, mClientECPointFormats);
        }
        return(dictionary);
    }
Example #5
0
        public virtual IDictionary GetClientExtensions()
        {
            IDictionary clientExtensions = null;

            ProtocolVersion clientVersion = mContext.ClientVersion;

            /*
             * RFC 5246 7.4.1.4.1. Note: this extension is not meaningful for TLS versions prior to 1.2.
             * Clients MUST NOT offer it if they are offering prior versions.
             */
            if (TlsUtilities.IsSignatureAlgorithmsExtensionAllowed(clientVersion))
            {
                // TODO Provide a way for the user to specify the acceptable hash/signature algorithms.

                this.mSupportedSignatureAlgorithms = TlsUtilities.GetDefaultSupportedSignatureAlgorithms();

                clientExtensions = TlsExtensionsUtilities.EnsureExtensionsInitialised(clientExtensions);

                TlsUtilities.AddSignatureAlgorithmsExtension(clientExtensions, mSupportedSignatureAlgorithms);
            }

            if (TlsEccUtilities.ContainsEccCipherSuites(GetCipherSuites()))
            {
                /*
                 * RFC 4492 5.1. A client that proposes ECC cipher suites in its ClientHello message
                 * appends these extensions (along with any others), enumerating the curves it supports
                 * and the point formats it can parse. Clients SHOULD send both the Supported Elliptic
                 * Curves Extension and the Supported Point Formats Extension.
                 */
                /*
                 * TODO Could just add all the curves since we support them all, but users may not want
                 * to use unnecessarily large fields. Need configuration options.
                 */
                this.mNamedCurves          = new int[] { NamedCurve.secp256r1, NamedCurve.secp384r1 };
                this.mClientECPointFormats = new byte[] { ECPointFormat.uncompressed,
                                                          ECPointFormat.ansiX962_compressed_prime, ECPointFormat.ansiX962_compressed_char2, };

                clientExtensions = TlsExtensionsUtilities.EnsureExtensionsInitialised(clientExtensions);

                TlsEccUtilities.AddSupportedEllipticCurvesExtension(clientExtensions, mNamedCurves);
                TlsEccUtilities.AddSupportedPointFormatsExtension(clientExtensions, mClientECPointFormats);
            }

            if (this.HostNames != null && this.HostNames.Count > 0)
            {
                var list = new System.Collections.Generic.List <ServerName>(this.HostNames.Count);

                for (int i = 0; i < this.HostNames.Count; ++i)
                {
                    list.Add(new ServerName(Tls.NameType.host_name, this.HostNames[i]));
                }

                TlsExtensionsUtilities.AddServerNameExtension(clientExtensions, new ServerNameList(list));
            }

            return(clientExtensions);
        }
Example #6
0
        public override CertificateRequest GetCertificateRequest()
        {
            byte[] certificateTypes = new byte[] { ClientCertificateType.rsa_sign,
                                                   ClientCertificateType.ecdsa_sign };

            IList serverSigAlgs = null;

            if (TlsUtilities.IsSignatureAlgorithmsExtensionAllowed(mServerVersion))
            {
                serverSigAlgs = TlsUtilities.GetDefaultSupportedSignatureAlgorithms();
            }

            return(new CertificateRequest(certificateTypes, serverSigAlgs, null));
        }
Example #7
0
    public virtual void Init(TlsContext context)
    {
        mContext = context;
        ProtocolVersion clientVersion = context.ClientVersion;

        if (TlsUtilities.IsSignatureAlgorithmsExtensionAllowed(clientVersion))
        {
            if (mSupportedSignatureAlgorithms == null)
            {
                switch (mKeyExchange)
                {
                case 13:
                case 14:
                case 21:
                case 24:
                    break;

                case 3:
                case 7:
                case 22:
                    mSupportedSignatureAlgorithms = TlsUtilities.GetDefaultDssSignatureAlgorithms();
                    break;

                case 16:
                case 17:
                    mSupportedSignatureAlgorithms = TlsUtilities.GetDefaultECDsaSignatureAlgorithms();
                    break;

                case 1:
                case 5:
                case 9:
                case 15:
                case 18:
                case 19:
                case 23:
                    mSupportedSignatureAlgorithms = TlsUtilities.GetDefaultRsaSignatureAlgorithms();
                    break;

                default:
                    throw new InvalidOperationException("unsupported key exchange algorithm");
                }
            }
        }
        else if (mSupportedSignatureAlgorithms != null)
        {
            throw new InvalidOperationException("supported_signature_algorithms not allowed for " + clientVersion);
        }
    }
Example #8
0
        public virtual void ProcessClientExtensions(IDictionary clientExtensions)
        {
            this.mClientExtensions = clientExtensions;

            if (clientExtensions != null)
            {
                this.mEncryptThenMacOffered = TlsExtensionsUtilities.HasEncryptThenMacExtension(clientExtensions);

                this.mMaxFragmentLengthOffered = TlsExtensionsUtilities.GetMaxFragmentLengthExtension(clientExtensions);
                if (mMaxFragmentLengthOffered >= 0 && !MaxFragmentLength.IsValid((byte)mMaxFragmentLengthOffered))
                {
                    throw new TlsFatalAlert(AlertDescription.illegal_parameter);
                }

                this.mTruncatedHMacOffered = TlsExtensionsUtilities.HasTruncatedHMacExtension(clientExtensions);

                this.mSupportedSignatureAlgorithms = TlsUtilities.GetSignatureAlgorithmsExtension(clientExtensions);
                if (this.mSupportedSignatureAlgorithms != null)
                {
                    /*
                     * RFC 5246 7.4.1.4.1. Note: this extension is not meaningful for TLS versions prior
                     * to 1.2. Clients MUST NOT offer it if they are offering prior versions.
                     */
                    if (!TlsUtilities.IsSignatureAlgorithmsExtensionAllowed(mClientVersion))
                    {
                        throw new TlsFatalAlert(AlertDescription.illegal_parameter);
                    }
                }

                this.mNamedCurves          = TlsEccUtilities.GetSupportedEllipticCurvesExtension(clientExtensions);
                this.mClientECPointFormats = TlsEccUtilities.GetSupportedPointFormatsExtension(clientExtensions);
            }

            /*
             * RFC 4429 4. The client MUST NOT include these extensions in the ClientHello message if it
             * does not propose any ECC cipher suites.
             *
             * NOTE: This was overly strict as there may be ECC cipher suites that we don't recognize.
             * Also, draft-ietf-tls-negotiated-ff-dhe will be overloading the 'elliptic_curves'
             * extension to explicitly allow FFDHE (i.e. non-ECC) groups.
             */
            //if (!this.mEccCipherSuitesOffered && (this.mNamedCurves != null || this.mClientECPointFormats != null))
            //    throw new TlsFatalAlert(AlertDescription.illegal_parameter);
        }
Example #9
0
 public virtual void ProcessClientExtensions(IDictionary clientExtensions)
 {
     mClientExtensions = clientExtensions;
     if (clientExtensions != null)
     {
         mEncryptThenMacOffered    = TlsExtensionsUtilities.HasEncryptThenMacExtension(clientExtensions);
         mMaxFragmentLengthOffered = TlsExtensionsUtilities.GetMaxFragmentLengthExtension(clientExtensions);
         if (mMaxFragmentLengthOffered >= 0 && !MaxFragmentLength.IsValid((byte)mMaxFragmentLengthOffered))
         {
             throw new TlsFatalAlert(47);
         }
         mTruncatedHMacOffered         = TlsExtensionsUtilities.HasTruncatedHMacExtension(clientExtensions);
         mSupportedSignatureAlgorithms = TlsUtilities.GetSignatureAlgorithmsExtension(clientExtensions);
         if (mSupportedSignatureAlgorithms != null && !TlsUtilities.IsSignatureAlgorithmsExtensionAllowed(mClientVersion))
         {
             throw new TlsFatalAlert(47);
         }
         mNamedCurves          = TlsEccUtilities.GetSupportedEllipticCurvesExtension(clientExtensions);
         mClientECPointFormats = TlsEccUtilities.GetSupportedPointFormatsExtension(clientExtensions);
     }
 }
Example #10
0
        public virtual void Init(TlsContext context)
        {
            this.mContext = context;

            ProtocolVersion clientVersion = context.ClientVersion;

            if (TlsUtilities.IsSignatureAlgorithmsExtensionAllowed(clientVersion))
            {
                /*
                 * RFC 5246 7.4.1.4.1. If the client does not send the signature_algorithms extension,
                 * the server MUST do the following:
                 *
                 * - If the negotiated key exchange algorithm is one of (RSA, DHE_RSA, DH_RSA, RSA_PSK,
                 * ECDH_RSA, ECDHE_RSA), behave as if client had sent the value {sha1,rsa}.
                 *
                 * - If the negotiated key exchange algorithm is one of (DHE_DSS, DH_DSS), behave as if
                 * the client had sent the value {sha1,dsa}.
                 *
                 * - If the negotiated key exchange algorithm is one of (ECDH_ECDSA, ECDHE_ECDSA),
                 * behave as if the client had sent value {sha1,ecdsa}.
                 */
                if (this.mSupportedSignatureAlgorithms == null)
                {
                    switch (mKeyExchange)
                    {
                    case KeyExchangeAlgorithm.DH_DSS:
                    case KeyExchangeAlgorithm.DHE_DSS:
                    case KeyExchangeAlgorithm.SRP_DSS:
                    {
                        this.mSupportedSignatureAlgorithms = TlsUtilities.GetDefaultDssSignatureAlgorithms();
                        break;
                    }

                    case KeyExchangeAlgorithm.ECDH_ECDSA:
                    case KeyExchangeAlgorithm.ECDHE_ECDSA:
                    {
                        this.mSupportedSignatureAlgorithms = TlsUtilities.GetDefaultECDsaSignatureAlgorithms();
                        break;
                    }

                    case KeyExchangeAlgorithm.DH_RSA:
                    case KeyExchangeAlgorithm.DHE_RSA:
                    case KeyExchangeAlgorithm.ECDH_RSA:
                    case KeyExchangeAlgorithm.ECDHE_RSA:
                    case KeyExchangeAlgorithm.RSA:
                    case KeyExchangeAlgorithm.RSA_PSK:
                    case KeyExchangeAlgorithm.SRP_RSA:
                    {
                        this.mSupportedSignatureAlgorithms = TlsUtilities.GetDefaultRsaSignatureAlgorithms();
                        break;
                    }

                    case KeyExchangeAlgorithm.DHE_PSK:
                    case KeyExchangeAlgorithm.ECDHE_PSK:
                    case KeyExchangeAlgorithm.PSK:
                    case KeyExchangeAlgorithm.SRP:
                        break;

                    default:
                        throw new InvalidOperationException("unsupported key exchange algorithm");
                    }
                }
            }
            else if (this.mSupportedSignatureAlgorithms != null)
            {
                throw new InvalidOperationException("supported_signature_algorithms not allowed for " + clientVersion);
            }
        }