Example #1
0
        protected HandshakeSession(SecurityParameters securityParameters)
        {
            string path = System.Reflection.Assembly.GetAssembly(typeof(HandshakeSession)).Location;
            string directory = Path.GetDirectoryName(path);

            _pluginManager = new CipherSuitePluginManager(directory);
            _state = HandshakeState.Initial;

            _minVersion = securityParameters.MinimumVersion;
            _maxVersion = securityParameters.MaximumVersion;
            _supportedCipherSuites = securityParameters.CipherSuiteIDs.ToArray();
            _supportedCompressions = securityParameters.CompressionIDs.ToArray();

            _availableCertificates = new List<X509CertificateCollection>(securityParameters.AvailableCertificates);
            _availablePrivateKeys = new List<CertificatePrivateKey>(securityParameters.AvailablePrivateKeys);

            _clientCertificates = new X509CertificateCollection();
            _serverCertificates = new X509CertificateCollection();

            // Initialize the default ClientHello version, to
            // be as compatible as possible based on maxVersion
            if (_maxVersion == ProtocolVersion.SSL3_0) {
                _version = ProtocolVersion.SSL3_0;
            } else if (_maxVersion.IsUsingDatagrams) {
                _version = ProtocolVersion.DTLS1_0;
            } else {
                _version = ProtocolVersion.TLS1_0;
            }
            _cipherSuite = new CipherSuite(_version);
        }
Example #2
0
        public TLSRecordHandlerTest(string server, int port)
        {
            string path = System.Reflection.Assembly.GetAssembly(typeof(TLSRecordHandlerTest)).Location;
            string directory = Path.GetDirectoryName(path);

            _server = server;
            _port = port;

            _pluginManager = new CipherSuitePluginManager(directory);
            _cipherSuite = _pluginManager.GetCipherSuite(VERSION, CIPHER_SUITE);
            if (_cipherSuite != null) {
                Console.WriteLine("Got cipher suite");
            } else {
                throw new Exception("Error finding cipher suite!");
            }
            _recordHandler = new RecordHandler(VERSION, true);
        }
        private static CipherSuite SelectCipherSuite(CipherSuitePluginManager pluginManager,
			ProtocolVersion clientVersion, ProtocolVersion minVersion, ProtocolVersion maxVersion,
			List<UInt16> clientSuites, List<UInt16> serverSuites,
			ServerCertificateSelectionCallback certificateSelectionCallback,
			List<X509CertificateCollection> availableCertificates)
        {
            if (clientVersion < minVersion) {
                throw new AlertException(AlertDescription.ProtocolVersion,
                                         "Offered client version " + clientVersion +
                                         " lower than minimum supported version " + minVersion);
            }

            // Initialize our return value as null
            CipherSuite selectedCipherSuite = null;

            // Run as long as we either select a cipher suite or run out of versions
            ProtocolVersion selectedVersion = clientVersion < maxVersion ? clientVersion : maxVersion;
            while (selectedCipherSuite == null) {
                foreach (UInt16 id in clientSuites) {
                    if (!serverSuites.Contains(id))
                        continue;

                    // Try initializing the cipher suite based on ID
                    selectedCipherSuite = pluginManager.GetCipherSuite(selectedVersion, id);
                    if (selectedCipherSuite == null)
                        continue;

                    // Try selecting a suitable certificate for this cipher suite
                    int certificateIndex = certificateSelectionCallback(selectedCipherSuite, availableCertificates.ToArray());
                    if (certificateIndex >= 0 && certificateIndex < availableCertificates.Count) {
                        // We finally found the valid suite, break out from the loop
                        break;
                    }
                    // No certificate was found for the suite, ignore
                    selectedCipherSuite = null;
                }

                if (selectedCipherSuite != null) break;
                if (selectedVersion == minVersion) break;
                selectedVersion = selectedVersion.PreviousProtocolVersion;
            }

            if (selectedCipherSuite == null) {
                throw new AlertException(AlertDescription.HandshakeFailure,
                                         "None of the cipher suites offered by client is accepted");
            }
            return selectedCipherSuite;
        }