public async Task SslStream_ClientAndServerUsesAuxRecord_Ok() { X509Certificate2 serverCert = CertificateConfiguration.GetServerCertificate(); var server = new SchSendAuxRecordTestServer(serverCert); int port = server.StartServer(); var client = new SchSendAuxRecordTestClient("localhost", port); var tasks = new Task[2]; tasks[0] = server.RunTest(); tasks[1] = client.RunTest(); await Task.WhenAll(tasks).TimeoutAfter(TestConfiguration.PassingTestTimeoutMilliseconds); if (server.IsInconclusive) { _output.WriteLine("Test inconclusive: The Operating system preferred a non-CBC or Null cipher."); } else { Assert.True(server.AuxRecordDetected, "Server reports: Client auxiliary record not detected."); Assert.True(client.AuxRecordDetected, "Client reports: Server auxiliary record not detected."); } }
public static async Task AcceptSocketAsync(Socket server, Func <Socket, Stream, StreamReader, StreamWriter, Task> funcAsync, Options options = null) { options = options ?? new Options(); using (Socket s = await server.AcceptAsync().ConfigureAwait(false)) { Stream stream = new NetworkStream(s, ownsSocket: false); if (options.UseSsl) { var sslStream = new SslStream(stream); using (var cert = CertificateConfiguration.GetServerCertificate()) { await sslStream.AuthenticateAsServerAsync( cert, clientCertificateRequired : false, enabledSslProtocols : options.SslProtocols, checkCertificateRevocation : false).ConfigureAwait(false); } stream = sslStream; } using (var reader = new StreamReader(stream, Encoding.ASCII)) using (var writer = new StreamWriter(stream, Encoding.ASCII)) { await funcAsync(s, stream, reader, writer).ConfigureAwait(false); } } }
public async Task HttpClient_ClientUsesAuxRecord_Ok() { X509Certificate2 serverCert = CertificateConfiguration.GetServerCertificate(); var server = new SchSendAuxRecordTestServer(serverCert); int port = server.StartServer(); string requestString = "https://localhost:" + port.ToString(); using (var handler = new HttpClientHandler() { ServerCertificateCustomValidationCallback = LoopbackServer.AllowAllCertificates }) using (var client = new HttpClient(handler)) { var tasks = new Task[2]; tasks[0] = server.RunTest(); tasks[1] = client.GetStringAsync(requestString); await Task.WhenAll(tasks).TimeoutAfter(15 * 1000); if (server.IsInconclusive) { _output.WriteLine("Test inconclusive: The Operating system preferred a non-CBC or Null cipher."); } else { Assert.True(server.AuxRecordDetected, "Server reports: Client auxiliary record not detected."); } } }
public CertificateValidationClientServer() { _serverCertificateCollection = CertificateConfiguration.GetServerCertificateCollection(); _serverCertificate = CertificateConfiguration.GetServerCertificate(); _clientCertificateCollection = CertificateConfiguration.GetClientCertificateCollection(); _clientCertificate = CertificateConfiguration.GetClientCertificate(); }
public async void SslStream_SendReceiveOverNetworkStream_Ok() { TcpListener listener = new TcpListener(IPAddress.Any, 0); using (X509Certificate2 serverCertificate = CertificateConfiguration.GetServerCertificate()) using (TcpClient client = new TcpClient()) { listener.Start(); Task clientConnectTask = client.ConnectAsync(IPAddress.Loopback, ((IPEndPoint)listener.LocalEndpoint).Port); Task <TcpClient> listenerAcceptTask = listener.AcceptTcpClientAsync(); await Task.WhenAll(clientConnectTask, listenerAcceptTask); TcpClient server = listenerAcceptTask.Result; using (SslStream clientStream = new SslStream( client.GetStream(), false, new RemoteCertificateValidationCallback(ValidateServerCertificate), null, EncryptionPolicy.RequireEncryption)) using (SslStream serverStream = new SslStream( server.GetStream(), false, null, null, EncryptionPolicy.RequireEncryption)) { Task clientAuthenticationTask = clientStream.AuthenticateAsClientAsync( serverCertificate.GetNameInfo(X509NameType.SimpleName, false), null, SslProtocols.Tls12, false); Task serverAuthenticationTask = serverStream.AuthenticateAsServerAsync( serverCertificate, false, SslProtocols.Tls12, false); await Task.WhenAll(clientAuthenticationTask, serverAuthenticationTask); byte[] readBuffer = new byte[256]; Task <int> readTask = clientStream.ReadAsync(readBuffer, 0, readBuffer.Length); byte[] writeBuffer = new byte[256]; Task writeTask = clientStream.WriteAsync(writeBuffer, 0, writeBuffer.Length); bool result = Task.WaitAll( new Task[1] { writeTask }, TestConfiguration.PassingTestTimeoutMilliseconds); Assert.True(result, "WriteAsync timed-out."); } } }
private bool DoHandshake(SslStream clientSslStream, SslStream serverSslStream) { using (X509Certificate2 certificate = CertificateConfiguration.GetServerCertificate()) { Task[] auth = new Task[2]; auth[0] = clientSslStream.AuthenticateAsClientAsync(certificate.GetNameInfo(X509NameType.SimpleName, false)); auth[1] = serverSslStream.AuthenticateAsServerAsync(certificate); bool finished = Task.WaitAll(auth, TestConfiguration.PassingTestTimeoutMilliseconds); return(finished); } }
public void SslStream_StreamToStream_Authentication_Success() { VirtualNetwork network = new VirtualNetwork(); using (var clientStream = new VirtualNetworkStream(network, isServer: false)) using (var serverStream = new VirtualNetworkStream(network, isServer: true)) using (var client = new SslStream(clientStream, false, AllowAnyServerCertificate)) using (var server = new SslStream(serverStream)) using (X509Certificate2 certificate = CertificateConfiguration.GetServerCertificate()) { Task[] auth = new Task[2]; auth[0] = client.AuthenticateAsClientAsync(certificate.GetNameInfo(X509NameType.SimpleName, false)); auth[1] = server.AuthenticateAsServerAsync(certificate); bool finished = Task.WaitAll(auth, TestConfiguration.PassingTestTimeoutMilliseconds); Assert.True(finished, "Handshake completed in the allotted time"); } }
public void SslStream_StreamToStream_Authentication_IncorrectServerName_Fail() { VirtualNetwork network = new VirtualNetwork(); using (var clientStream = new VirtualNetworkStream(network, isServer: false)) using (var serverStream = new VirtualNetworkStream(network, isServer: true)) using (var client = new SslStream(clientStream)) using (var server = new SslStream(serverStream)) using (var certificate = CertificateConfiguration.GetServerCertificate()) { Task[] auth = new Task[2]; auth[0] = client.AuthenticateAsClientAsync("incorrectServer"); auth[1] = server.AuthenticateAsServerAsync(certificate); Assert.Throws <AuthenticationException>(() => { auth[0].GetAwaiter().GetResult(); }); auth[1].GetAwaiter().GetResult(); } }
public ServerAsyncAuthenticateTest() { _log = TestLogging.GetInstance(); _logVerbose = VerboseTestLogging.GetInstance(); _serverCertificate = CertificateConfiguration.GetServerCertificate(); }
private void OnAccept(Task <TcpClient> result) { TcpClient client = null; // Accept current connection try { client = result.Result; } catch { } // If we have a connection, then process it if (client != null) { OnClientAccepted(client); ClientState state; // Start authentication for SSL? if (_useSsl) { state = new ClientState(client, _sslEncryptionPolicy); _log.WriteLine("Server: starting SSL authentication."); SslStream sslStream = null; X509Certificate2 certificate = CertificateConfiguration.GetServerCertificate(); try { sslStream = (SslStream)state.Stream; _log.WriteLine("Server: attempting to open SslStream."); sslStream.AuthenticateAsServerAsync(certificate, false, _sslProtocols, false).ContinueWith(t => { certificate.Dispose(); OnAuthenticate(t, state); }, TaskScheduler.Default); } catch (Exception ex) { _log.WriteLine("Server: Exception: {0}", ex); certificate.Dispose(); state.Dispose(); // close connection to client } } else { state = new ClientState(client); // Start listening for data from the client connection try { state.Stream.BeginRead(state.ReceiveBuffer, 0, state.ReceiveBuffer.Length, OnReceive, state); } catch { } } } // Listen for more client connections try { _listener.AcceptTcpClientAsync().ContinueWith(t => OnAccept(t), TaskScheduler.Default); } catch { } }