public AsyncServerTests(TestServer testServer)
{
this.testServer = testServer;
// Initialize certificate callbacks (only used for Advanced test)
clientRemoteCertificateValidationCallback = new RemoteCertificateValidationHandler(ValidateRemoteCert);
clientLocalCertificateSelectionCallback = new LocalCertificateSelectionHandler(clientCertificateSelectionCallback);
serverRemoteCertificateValidationCallback = new RemoteCertificateValidationHandler(ValidateRemoteCert);
}
/// <summary>
/// Create an SslStream based on an existing stream.
/// </summary>
/// <param name="stream"></param>
/// <param name="leaveInnerStreamOpen"></param>
/// <param name="remote_callback"></param>
/// <param name="local_callback"></param>
public SslStream(
Stream stream,
bool leaveInnerStreamOpen,
RemoteCertificateValidationHandler remote_callback,
LocalCertificateSelectionHandler local_callback) : base(stream, leaveInnerStreamOpen)
{
remoteCertificateValidationCallback = remote_callback;
localCertificateSelectionCallback = local_callback;
}
public void AdvancedClientTest()
{
//Initialize delegates for certificate callbacks
clientRemoteCertificateValidationCallback = new RemoteCertificateValidationHandler(ValidateRemoteCert);
clientLocalCertificateSelectionCallback = new LocalCertificateSelectionHandler(clientCertificateSelectionCallback);
try {
testName = "AdvancedClientTest";
client = new TcpClient("localhost", 9000);
// Create the SslStream object with the certificate callbacks
sslStream = new SslStream(client.GetStream(), false, clientRemoteCertificateValidationCallback, clientLocalCertificateSelectionCallback);
// Initialize with client certificate list, and client CA chain
sslStream.AuthenticateAsClient("localhost", testServer.clientCertificateList, testServer.clientCAChain, SslProtocols.Tls, SslStrength.Medium | SslStrength.High, true);
// Verify mutual authentication
if (!sslStream.IsMutuallyAuthenticated)
{
Console.WriteLine("{0} failed - Stream is not mutally authenticated", testName);
Shutdown(false);
}
// Verify protocol
if (sslStream.SslProtocol != SslProtocols.Tls)
{
Console.WriteLine("{0} failed - negotiated a non Tls connection", testName);
Shutdown(false);
}
// Verify cipher strength
if (sslStream.CipherStrength < 256)
{
Console.WriteLine("{0} failed - negotiated less that 256bit cipher", testName);
Console.WriteLine("Cipher={0}\nCipherStrength = {1}", sslStream.CipherAlgorithm.ToString(), sslStream.CipherStrength);
Shutdown(false);
}
// Verify cipher
if (sslStream.CipherAlgorithm != CipherAlgorithmType.Aes256)
{
Console.WriteLine("{0} failed - negotiatied cipher wasn't Aes256", testName);
Console.WriteLine("Cipher was {0}, expected {0}", sslStream.CipherAlgorithm.ToString(), CipherAlgorithmType.Aes256.ToString());
Shutdown(false);
}
if (DoClientReadWrite())
{
Shutdown(true);
}
else
{
Shutdown(false);
}
}
catch (Exception ex) {
Shutdown(false);
Console.WriteLine(ex);
}
}
public SslStreamClient(Stream stream,
bool ownStream,
string targetHost,
X509List clientCertificates,
X509Chain caCertificates,
SslProtocols enabledSslProtocols,
SslStrength sslStrength,
bool checkCertificateRevocationStatus,
RemoteCertificateValidationHandler remoteCallback,
LocalCertificateSelectionHandler localCallback)
: base(stream, ownStream)
{
this.targetHost = targetHost;
this.clientCertificates = clientCertificates;
this.caCertificates = caCertificates;
this.checkCertificateRevocationStatus = checkCertificateRevocationStatus;
this.remoteCertificateSelectionCallback = remoteCallback;
this.localCertificateSelectionCallback = localCallback;
this.internalCertificateSelectionCallback = new ClientCertCallbackHandler(InternalClientCertificateSelectionCallback);
InitializeClientContext(clientCertificates, enabledSslProtocols, sslStrength, checkCertificateRevocationStatus);
}
public SslStreamClient(Stream stream,
bool ownStream,
string targetHost,
X509List clientCertificates,
X509Chain caCertificates,
SslProtocols enabledSslProtocols,
SslStrength sslStrength,
bool checkCertificateRevocationStatus,
RemoteCertificateValidationHandler remoteCallback,
LocalCertificateSelectionHandler localCallback)
: base(stream, ownStream)
{
this.targetHost = targetHost;
this.clientCertificates = clientCertificates;
this.caCertificates = caCertificates;
this.checkCertificateRevocationStatus = checkCertificateRevocationStatus;
this.remoteCertificateSelectionCallback = remoteCallback;
this.localCertificateSelectionCallback = localCallback;
this.internalCertificateSelectionCallback = new ClientCertCallbackHandler(InternalClientCertificateSelectionCallback);
InitializeClientContext(clientCertificates, enabledSslProtocols, sslStrength, checkCertificateRevocationStatus);
}
public AsyncServerTests(TestServer testServer) {
this.testServer = testServer;
// Initialize certificate callbacks (only used for Advanced test)
clientRemoteCertificateValidationCallback = new RemoteCertificateValidationHandler(ValidateRemoteCert);
clientLocalCertificateSelectionCallback = new LocalCertificateSelectionHandler(clientCertificateSelectionCallback);
serverRemoteCertificateValidationCallback = new RemoteCertificateValidationHandler(ValidateRemoteCert);
}
public void AdvancedClientTest() {
//Initialize delegates for certificate callbacks
clientRemoteCertificateValidationCallback = new RemoteCertificateValidationHandler(ValidateRemoteCert);
clientLocalCertificateSelectionCallback = new LocalCertificateSelectionHandler(clientCertificateSelectionCallback);
try {
testName = "AdvancedClientTest";
client = new TcpClient("localhost", 9000);
// Create the SslStream object with the certificate callbacks
sslStream = new SslStream(client.GetStream(), false, clientRemoteCertificateValidationCallback, clientLocalCertificateSelectionCallback);
// Initialize with client certificate list, and client CA chain
sslStream.AuthenticateAsClient("localhost", testServer.clientCertificateList, testServer.clientCAChain, SslProtocols.Tls, SslStrength.Medium | SslStrength.High, true);
// Verify mutual authentication
if (!sslStream.IsMutuallyAuthenticated) {
Console.WriteLine("{0} failed - Stream is not mutally authenticated", testName);
Shutdown(false);
}
// Verify protocol
if (sslStream.SslProtocol != SslProtocols.Tls) {
Console.WriteLine("{0} failed - negotiated a non Tls connection", testName);
Shutdown(false);
}
// Verify cipher strength
if (sslStream.CipherStrength < 256) {
Console.WriteLine("{0} failed - negotiated less that 256bit cipher", testName);
Console.WriteLine("Cipher={0}\nCipherStrength = {1}", sslStream.CipherAlgorithm.ToString(), sslStream.CipherStrength);
Shutdown(false);
}
// Verify cipher
if (sslStream.CipherAlgorithm != CipherAlgorithmType.Aes256) {
Console.WriteLine("{0} failed - negotiatied cipher wasn't Aes256", testName);
Console.WriteLine("Cipher was {0}, expected {0}", sslStream.CipherAlgorithm.ToString(), CipherAlgorithmType.Aes256.ToString());
Shutdown(false);
}
if (DoClientReadWrite()) {
Shutdown(true);
}
else {
Shutdown(false);
}
}
catch (Exception ex) {
Shutdown(false);
Console.WriteLine(ex);
}
}
/// <summary>
/// Create an SslStream based on an existing stream.
/// </summary>
/// <param name="stream"></param>
/// <param name="leaveInnerStreamOpen"></param>
/// <param name="remote_callback"></param>
/// <param name="local_callback"></param>
public SslStream(
Stream stream,
bool leaveInnerStreamOpen,
RemoteCertificateValidationHandler remote_callback,
LocalCertificateSelectionHandler local_callback) : base(stream, leaveInnerStreamOpen)
{
remoteCertificateValidationCallback = remote_callback;
localCertificateSelectionCallback = local_callback;
}
/// <summary>
/// Create an SslStream based on an existing stream.
/// </summary>
/// <param name="stream"></param>
/// <param name="leaveInnerStreamOpen"></param>
public SslStream(Stream stream, bool leaveInnerStreamOpen)
: base(stream, leaveInnerStreamOpen)
{
remoteCertificateValidationCallback = null;
localCertificateSelectionCallback = null;
}
