Exemple #1
0
        public void Setup()
        {
            Configuration configuration = new Configuration()
            {
                VerifyCertificate = false, StandardTLSFormat = false
            };
            X509Certificate2 certificate = new X509Certificate2(NUnit.Framework.TestContext.CurrentContext.TestDirectory + "\\server.pfx", "1234");

            m_serverSecureChannel             = SecureChannel.CreateServerSecureChannel(configuration);
            m_serverSecureChannel.Certificate = certificate;

            m_clientSecureChannel = SecureChannel.CreateClientSecureChannel(null, configuration);

            IList <NetMQMessage> clientOutgoingMessages = new List <NetMQMessage>();
            IList <NetMQMessage> serverOutgoingMessages = new List <NetMQMessage>();

            bool serverComplete = false;

            bool clientComplete = m_clientSecureChannel.ProcessMessage(null, clientOutgoingMessages);

            while (!serverComplete || !clientComplete)
            {
                if (!serverComplete)
                {
                    foreach (var message in clientOutgoingMessages)
                    {
                        serverComplete = m_serverSecureChannel.ProcessMessage(message, serverOutgoingMessages);

                        if (serverComplete)
                        {
                            break;
                        }
                    }

                    clientOutgoingMessages.Clear();
                }

                if (!clientComplete)
                {
                    foreach (var message in serverOutgoingMessages)
                    {
                        clientComplete = m_clientSecureChannel.ProcessMessage(message, clientOutgoingMessages);

                        if (clientComplete)
                        {
                            break;
                        }
                    }

                    serverOutgoingMessages.Clear();
                }
            }
        }
Exemple #2
0
        public void StandardTest()
        {
            Configuration configuration = new Configuration()
            {
                VerifyCertificate = false, StandardTLSFormat = true
            };
            X509Certificate2 certificate = new X509Certificate2(NUnit.Framework.TestContext.CurrentContext.TestDirectory + "\\server.pfx", "1234");

            SecureChannel serverSecureChannel = SecureChannel.CreateServerSecureChannel(configuration);

            serverSecureChannel.Certificate = certificate;

            SecureChannel        clientSecureChannel    = SecureChannel.CreateClientSecureChannel(null, configuration);
            IList <NetMQMessage> clientOutgoingMessages = new List <NetMQMessage>();
            IList <NetMQMessage> serverOutgoingMessages = new List <NetMQMessage>();
            bool serverComplete = false;

            bool clientComplete = clientSecureChannel.ProcessMessage(null, clientOutgoingMessages);

            Assert.AreEqual(clientOutgoingMessages.Count, 1);
            string clientHelloHex = BitConverter.ToString(clientOutgoingMessages[0].Last.Buffer, 0).Replace("-", string.Empty).ToLower();

            Assert.AreEqual(clientHelloHex, "16030300820100007e03035ec254f6faccf140beec3b43441c72c325ed437a5dcfa21733269448f7cb34f9000012c02cc02bc02fc030c013c014009c002f003501000043000a001600140017001800190009000a000b000c000d000e0016000b00020100000d00160014060306010503050104030401040202030201020200170000ff01000100");
            //第一次握手处理 client hello
            List <NetMQMessage> sslMessages;
            int  offset;
            bool result = serverSecureChannel.ResolveRecordLayer(clientOutgoingMessages[0].First.Buffer, out offset, out sslMessages);

            Assert.IsTrue(result);
            Assert.AreEqual(sslMessages.Count, 1);

            Assert.AreEqual(offset, clientOutgoingMessages[0].First.BufferSize);
            serverComplete = serverSecureChannel.ProcessMessage(sslMessages[0], serverOutgoingMessages);
            Assert.IsFalse(serverComplete);
            clientOutgoingMessages.Clear();


            //server hello , certificate,serverHelloDon
            Assert.AreEqual(serverOutgoingMessages.Count, 3);

            string serverHelloHex = BitConverter.ToString(serverOutgoingMessages[0].Last.Buffer, 0).Replace("-", string.Empty).ToLower();

            Assert.AreEqual(serverHelloHex, "160303004a020000460303aef1ba123a543c517b3d498705806e6745c57677742601d9b9da6979e2841d37203761363635643738366261363432626438366162326163393631353437343361002f00");
            string certificateHex = BitConverter.ToString(serverOutgoingMessages[1].Last.Buffer, 0).Replace("-", string.Empty).ToLower();

            Assert.AreEqual(certificateHex, "16030303640b00036000035d00035a308203563082023ea003020102020900e32c1aec6d99fd28300d06092a864886f70d01010b05003066310b3009060355040613026361310b300906035504080c026361310b3009060355040a0c026361310b3009060355040b0c026361310b300906035504030c0263613123302106092a864886f70d01090116146c696e676a4066696e676172642e636f6d2e636e301e170d3138303530313036343233325a170d3139303530313036343233325a3076310b3009060355040613027a68310b300906035504080c027a6a310b300906035504070c02687a310b3009060355040a0c026667310b3009060355040b0c026667310e300c06035504030c05446d5f63613123302106092a864886f70d01090116146c696e676a4066696e676172642e636f6d2e636e30819f300d06092a864886f70d010101050003818d0030818902818100cdd6bc2664dd1f3b835ddf69c72b28718f19e877b381a2e040d9e85f259434c0dd26e8cd22b2baf17ab2507f452e54a45e1fbc2f6ad0ef22fabd8e46829ffed48a6a373208fcccdc6714b4893d367d6d6fc2d698101091c81192762cc3c6ddbe96e0e90229c521a60e2972a096b8c1693d90d3e4a2ce8d35bff4cfd8b10a2c8b0203010001a37b307930090603551d1304023000302c06096086480186f842010d041f161d4f70656e53534c2047656e657261746564204365727469666963617465301d0603551d0e04160414ca14c9b21535c341863ac254b0ff79d3f77c4fc8301f0603551d2304183016801419dfa8bec9576e3f5eff9132b9a5358f36e46350300d06092a864886f70d01010b0500038201010034886beda4cb62a0cf69db7009bec9bbd475170f222d9af291774f9301e58598c342796c348c3dbc491261a778bce2294738caddece9bcfc608dcd89112ffad1615f4197dbf10d391cc28e2f349e2251f121f4298a494ddf9649b028c7244f081176fd298b598fe9421aa8b852fe147e04f7a2cd093feb6841184bf9bce19d17b4528409d437077b1ae2e3672e5c3db0c074fe71440dc33a18ffba67d5837a207fba2459aa9acc92af6bf303829b51811f262223ef97a6a6951a7a6852b4330ecca85370718b348aab525878750d11ba564ccbcc9b05783654f1ff971d79fde829ec309df91ef55c0b6f99679bff742fe3dc04e5b817d88a0b692f7cf232c10b");
            string serverHelloDonHex = BitConverter.ToString(serverOutgoingMessages[2].Last.Buffer, 0).Replace("-", string.Empty).ToLower();

            Assert.AreEqual(serverHelloDonHex, "16030300040e000000");

            //server hello
            result = clientSecureChannel.ResolveRecordLayer(serverOutgoingMessages[0].First.Buffer, out offset, out sslMessages);
            Assert.IsTrue(result);
            Assert.AreEqual(sslMessages.Count, 1);
            serverComplete = clientSecureChannel.ProcessMessage(sslMessages[0], clientOutgoingMessages);
            Assert.IsFalse(serverComplete);
            Assert.AreEqual(clientOutgoingMessages.Count, 0);


            result = clientSecureChannel.ResolveRecordLayer(serverOutgoingMessages[1].First.Buffer, out offset, out sslMessages);
            Assert.IsTrue(result);
            Assert.AreEqual(sslMessages.Count, 1);
            serverComplete = clientSecureChannel.ProcessMessage(sslMessages[0], clientOutgoingMessages);
            Assert.IsFalse(serverComplete);
            Assert.AreEqual(clientOutgoingMessages.Count, 0);

            result = clientSecureChannel.ResolveRecordLayer(serverOutgoingMessages[2].First.Buffer, out offset, out sslMessages);
            Assert.IsTrue(result);
            Assert.AreEqual(sslMessages.Count, 1);
            serverComplete = clientSecureChannel.ProcessMessage(sslMessages[0], clientOutgoingMessages);
            Assert.IsFalse(serverComplete);
            Assert.AreEqual(clientOutgoingMessages.Count, 3);
            serverOutgoingMessages.Clear();

            //Client Key Exchange, Change Cipher Spec, Encrypted Handshake Message
            string clientKeyExchangeHex = BitConverter.ToString(clientOutgoingMessages[0].Last.Buffer, 0).Replace("-", string.Empty).ToLower();
            //Assert.AreEqual(clientKeyExchangeHex, "16030300861000008200808235f62f3440e787404386cbbe865031cee225b50317950753280c6d9f433e396efacd0d92dd32052b5e9ea9e5b373d79c2bfaa81bcdeef842c4f549558a6248163b9a3c4cc7a8aea57fe479ed0577221a391f268c06bc3f0371d4d9fcbc135ee5060c0dd90f621e5519757e30f54cc21dc3a852ca2696522d3337b512117a6f");

            string changeCipherSpecHex = BitConverter.ToString(clientOutgoingMessages[1].Last.Buffer, 0).Replace("-", string.Empty).ToLower();

            Assert.AreEqual(changeCipherSpecHex, "140303000101");
            string encryptedHandshakeMessage = BitConverter.ToString(clientOutgoingMessages[2].Last.Buffer, 0).Replace("-", string.Empty).ToLower();

            //Assert.AreEqual(encryptedHandshakeMessage, "1603030040b5aae84a8ca06fcfc4a7a1974daf6cacc822e7286beb9ef161a5020b7cf2b2e2a024dc514059114016b05100c03ddd73bbca01bb72a939773bba2c9cd4497c89");

            result = serverSecureChannel.ResolveRecordLayer(clientOutgoingMessages[0].First.Buffer, out offset, out sslMessages);
            Assert.IsTrue(result);
            Assert.AreEqual(sslMessages.Count, 1);
            serverComplete = serverSecureChannel.ProcessMessage(sslMessages[0], serverOutgoingMessages);
            Assert.IsFalse(serverComplete);
            Assert.AreEqual(serverOutgoingMessages.Count, 1);
            changeCipherSpecHex = BitConverter.ToString(serverOutgoingMessages[0].Last.Buffer, 0).Replace("-", string.Empty).ToLower();
            Assert.AreEqual(changeCipherSpecHex, "140303000101");

            result = serverSecureChannel.ResolveRecordLayer(clientOutgoingMessages[1].First.Buffer, out offset, out sslMessages);
            Assert.IsTrue(result);
            Assert.AreEqual(sslMessages.Count, 1);
            serverComplete = serverSecureChannel.ProcessMessage(sslMessages[0], serverOutgoingMessages);
            Assert.IsFalse(serverComplete);
            Assert.IsTrue(serverSecureChannel.ChangeSuiteChangeArrived);
            Assert.AreEqual(serverOutgoingMessages.Count, 0);
            result = serverSecureChannel.ResolveRecordLayer(clientOutgoingMessages[2].First.Buffer, out offset, out sslMessages);
            Assert.IsTrue(result);
            Assert.AreEqual(sslMessages.Count, 1);
            serverComplete = serverSecureChannel.ProcessMessage(sslMessages[0], serverOutgoingMessages);
            Assert.IsFalse(serverComplete);
            Assert.AreEqual(serverOutgoingMessages.Count, 1);
            clientOutgoingMessages.Clear();

            clientSecureChannel.Dispose();
            serverSecureChannel.Dispose();
        }
        public void Do()
        {
            // we are using dealer here, but we can use router as well, we just have to manager
            // SecureChannel for each identity
            using (var socket = new StreamSocket())
            {
                socket.Connect("tcp://127.0.0.1:9696");

                using (SecureChannel secureChannel = SecureChannel.CreateClientSecureChannel(null, m_configuration))
                {
                    secureChannel.AllowedCipherSuites = new [] { CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA };
                    // we need to set X509Certificate with a private key for the server
                    X509Certificate2 certificate = new X509Certificate2(
                        System.IO.Path.Combine(AppDomain.CurrentDomain.BaseDirectory, "server.pfx"), "1234");
                    secureChannel.Certificate = certificate;
                    List <NetMQMessage> outgoingMessages = new List <NetMQMessage>();
                    bool clientComplete = secureChannel.ProcessMessage(null, outgoingMessages);

                    SendMessages(socket, outgoingMessages);
                    bool done = false;
                    // waiting for message from client
                    byte[] cache = null;
                    do
                    {
                        outgoingMessages.Clear();
                        NetMQMessage incomingMessage = socket.ReceiveMultipartMessage();
                        if (cache == null || cache.Length <= 0)
                        {
                            cache = incomingMessage.Last.Buffer;
                        }
                        else
                        {
                            cache = CombineV2(cache, incomingMessage.Last.Buffer);
                        }
                        //SplitInMessage
                        int offset;
                        List <NetMQMessage> sslMessages;
                        secureChannel.ResolveRecordLayer(cache, out offset, out sslMessages);
                        if (cache.Length == offset)
                        {
                            cache = null;
                        }
                        else if (cache.Length > offset)
                        {
                            byte[] temp = new byte[cache.Length - offset];
                            Buffer.BlockCopy(cache, offset, temp, 0, temp.Length);
                            cache = temp;
                        }
                        foreach (var sslMessage in sslMessages)
                        {
                            // calling ProcessMessage until ProcessMessage return true
                            // and the SecureChannel is ready to encrypt and decrypt messages
                            done = secureChannel.ProcessMessage(sslMessage, outgoingMessages);
                            SendMessages(socket, outgoingMessages);
                        }
                    } while (!done);
                    SendMessages(socket, outgoingMessages);
                    for (int i = 0; i < 10; i++)
                    {
                        outgoingMessages.Clear();

                        NetMQMessage plainMessage = new NetMQMessage();
                        byte[]       data         = Encoding.GetEncoding("GBK").GetBytes("10009<Root><Head><CommandCode>10009</CommandCode><TransSeqID>2020051514384165</TransSeqID><VerifyCode>MbzZvbTp9Cnw9iqvRjJ3in6wNry59ZB1ubSCpWxeRiov9eU0c8MCGTE+u+7ED7NlU4EA8mf+OATBvS6OlgYzggKmsEt6CoPhQB3V/xzMZzlLGwym7r1arrNYIUjW6oJKXWNe84SYTe8Mqfw1+gmzEcj72QpadujHdDTJ9WNEsmg=</VerifyCode><ZipType></ZipType><CorpBankCode>103</CorpBankCode><FGCommandCode>11111</FGCommandCode><EnterpriseNum>AS330106</EnterpriseNum><TransKeyEncryptFlag>0</TransKeyEncryptFlag><FGVerifyCode>nQuCJ41Gp1wuankSkCvscwFVISkdI0XoGUJwKTB9IS7dbg+OgxpHe/zdSQkIZQjZbS5rzkFlmx31mrR8cmZa/jXJ+r4xeBfncS6qKJdYEH4jJra4/JyFkcb2mE8yolxN3v1C/M/Kq2+d532oXuQfiBqkEAv3gSb30zjurtVs3+I=</FGVerifyCode></Head><RealTimeSingleTransReq><MoneyWay>2</MoneyWay><TransDate>20200515</TransDate><Trans><TransNo>testClwTLS20200515003</TransNo><ProtocolCode></ProtocolCode><EnterpriseAccNum>19030101040014391</EnterpriseAccNum><CustBankCode>103</CustBankCode><CustAccNum>12312312</CustAccNum><CustAccName>陈大帅逼</CustAccName><AreaCode></AreaCode><BankLocationCode></BankLocationCode><BankLocationName></BankLocationName><CardType></CardType><IsPrivate>0</IsPrivate><IsUrgent></IsUrgent><Amount>232.00</Amount><Currency>CNY</Currency><CertType>0</CertType><CertNum></CertNum><Mobile></Mobile><Purpose></Purpose><Memo></Memo><PolicyNumber></PolicyNumber><Extent1></Extent1><Extent2></Extent2><SourceTransNo>testClwTLS20200515003</SourceTransNo></Trans></RealTimeSingleTransReq></Root>");
                        string       length       = data.Length.ToString().PadLeft(8, ' ');
                        plainMessage.Append(length);
                        plainMessage.Append(data);

                        socket.SendMoreFrame(socket.Options.Identity);
                        socket.SendFrame(secureChannel.EncryptApplicationMessage(plainMessage)[0].Buffer);

                        // this message is now encrypted
                        NetMQMessage        cipherMessage = socket.ReceiveMultipartMessage();
                        int                 offset2;
                        List <NetMQMessage> sslMessages2;
                        secureChannel.ResolveRecordLayer(cipherMessage.Last.Buffer, out offset2, out sslMessages2);
                        // decrypting the message
                        plainMessage = secureChannel.DecryptApplicationMessage(sslMessages2[0]);
                        System.Console.WriteLine(plainMessage.First.ConvertToString());
                    }
                    // encrypting the message and sending it over the socket
                }
            }
        }
Exemple #4
0
        public void Do()
        {
            using (var socket = new DealerSocket())
            {
                socket.Connect("tcp://127.0.0.1:5556");

                SecureChannel secureChannel = SecureChannel.CreateClientSecureChannel(null, m_configuration);

                // we are not using signed certificate so we need to validate
                // the certificate of the server, by default the secure channel
                // is checking that the source of the
                // certitiface is a root certificate authority
                //secureChannel.SetVerifyCertificate(c => true);

                // we need to set X509Certificate with a private key for the server
                X509Certificate2 certificate = new X509Certificate2(
                    System.IO.Path.Combine(AppDomain.CurrentDomain.BaseDirectory, "server.crt"), "1234");
                secureChannel.Certificate = certificate;

                List <NetMQMessage> outgoingMessages = new List <NetMQMessage>();

                // call the process message with null as the incoming message
                // because the client is initiating the connection
                secureChannel.ProcessMessage(null, outgoingMessages);
                //Server.SendMessages(socket, outgoingMessages);

                foreach (NetMQMessage message in outgoingMessages)
                {
                    socket.SendMultipartMessage(message);
                }
                outgoingMessages.Clear();
                // waiting for a message from the server
                NetMQMessage incomingMessage = socket.ReceiveMultipartMessage();

                // calling ProcessMessage until ProcessMessage return true
                // and the SecureChannel is ready to encrypt and decrypt messages
                while (!secureChannel.ProcessMessage(incomingMessage, outgoingMessages))
                {
                    foreach (NetMQMessage message in outgoingMessages)
                    {
                        socket.SendMultipartMessage(message);
                    }
                    outgoingMessages.Clear();
                    //Server.SendMessages(socket, outgoingMessages);
                    incomingMessage = socket.ReceiveMultipartMessage();
                }

                foreach (NetMQMessage message in outgoingMessages)
                {
                    socket.SendMultipartMessage(message);
                }
                outgoingMessages.Clear();
                //Server.SendMessages(socket, outgoingMessages);
                // you can now use the secure channel to encrypt messages
                NetMQMessage plainMessage = new NetMQMessage();
                plainMessage.Append("Hello");

                // encrypting the message and sending it over the socket
                socket.SendMultipartMessage(secureChannel.EncryptApplicationMessage(plainMessage));
                NetMQMessage cipherMessage = socket.ReceiveMultipartMessage();

                // decrypting the message
                plainMessage = secureChannel.DecryptApplicationMessage(cipherMessage);
                System.Console.WriteLine(plainMessage.First.ConvertToString());
            }
        }
        public void HandShakePacketSplicingTest()
        {
            Configuration configuration = new Configuration()
            {
                VerifyCertificate = false, StandardTLSFormat = true
            };
            X509Certificate2 certificate = new X509Certificate2(NUnit.Framework.TestContext.CurrentContext.TestDirectory + "\\server.pfx", "1234");

            SecureChannel serverSecureChannel = SecureChannel.CreateServerSecureChannel(configuration);

            serverSecureChannel.Certificate = certificate;

            SecureChannel clientSecureChannel = SecureChannel.CreateClientSecureChannel(null, configuration);

            IList <NetMQMessage> clientOutgoingMessages = new List <NetMQMessage>();
            IList <NetMQMessage> serverOutgoingMessages = new List <NetMQMessage>();

            bool serverComplete = false;

            bool clientComplete = clientSecureChannel.ProcessMessage(null, clientOutgoingMessages);

            while (!serverComplete || !clientComplete)
            {
                if (!serverComplete)
                {
                    List <NetMQMessage> sslMessages;
                    int    offset       = 0;
                    byte[] combineBytes = new byte[clientOutgoingMessages.Sum(c => c.First.BufferSize)];
                    foreach (NetMQMessage clientOutgoingMessage in clientOutgoingMessages)
                    {
                        Buffer.BlockCopy(clientOutgoingMessage.First.Buffer, 0, combineBytes, offset, clientOutgoingMessage.First.BufferSize);
                        offset += clientOutgoingMessage.First.BufferSize;
                    }
                    bool result = serverSecureChannel.ResolveRecordLayer(combineBytes, out offset, out sslMessages);
                    Assert.IsTrue(result);
                    Assert.AreEqual(offset, combineBytes.Length);
                    foreach (var message in sslMessages)
                    {
                        serverComplete = serverSecureChannel.ProcessMessage(message, serverOutgoingMessages);

                        if (serverComplete)
                        {
                            break;
                        }
                    }
                    if (serverComplete)
                    {
                        break;
                    }
                    clientOutgoingMessages.Clear();
                }

                if (!clientComplete)
                {
                    List <NetMQMessage> sslMessages;
                    int    offset       = 0;
                    byte[] combineBytes = new byte[serverOutgoingMessages.Sum(c => c.First.BufferSize)];
                    foreach (NetMQMessage clientOutgoingMessage in serverOutgoingMessages)
                    {
                        Buffer.BlockCopy(clientOutgoingMessage.First.Buffer, 0, combineBytes, offset, clientOutgoingMessage.First.BufferSize);
                        offset += clientOutgoingMessage.First.BufferSize;
                    }
                    bool result = clientSecureChannel.ResolveRecordLayer(combineBytes, out offset, out sslMessages);
                    Assert.AreEqual(offset, combineBytes.Length);
                    Assert.IsTrue(result);
                    foreach (var message in sslMessages)
                    {
                        clientComplete = clientSecureChannel.ProcessMessage(message, clientOutgoingMessages);

                        if (clientComplete)
                        {
                            break;
                        }
                    }
                    if (clientComplete)
                    {
                        break;
                    }

                    serverOutgoingMessages.Clear();
                }
            }
            clientSecureChannel.Dispose();
            serverSecureChannel.Dispose();
        }
        public void AES128SHAHandShakeTest()
        {
            Configuration configuration = new Configuration()
            {
                VerifyCertificate = false, StandardTLSFormat = true
            };
            X509Certificate2 certificate = new X509Certificate2(NUnit.Framework.TestContext.CurrentContext.TestDirectory + "\\server.pfx", "1234");

            SecureChannel serverSecureChannel = SecureChannel.CreateServerSecureChannel(configuration);

            serverSecureChannel.Certificate = certificate;

            SecureChannel clientSecureChannel = SecureChannel.CreateClientSecureChannel(null, configuration);

            clientSecureChannel.AllowedCipherSuites = new[] { CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA };
            IList <NetMQMessage> clientOutgoingMessages = new List <NetMQMessage>();
            IList <NetMQMessage> serverOutgoingMessages = new List <NetMQMessage>();

            bool serverComplete = false;

            bool clientComplete = clientSecureChannel.ProcessMessage(null, clientOutgoingMessages);

            while (!serverComplete || !clientComplete)
            {
                if (!serverComplete)
                {
                    List <NetMQMessage> sslMessages;
                    int offset;
                    foreach (NetMQMessage clientOutgoingMessage in clientOutgoingMessages)
                    {
                        bool result = serverSecureChannel.ResolveRecordLayer(clientOutgoingMessage.First.Buffer, out offset, out sslMessages);
                        Assert.IsTrue(result);
                        Assert.AreEqual(offset, clientOutgoingMessage.First.BufferSize);
                        foreach (var message in sslMessages)
                        {
                            serverComplete = serverSecureChannel.ProcessMessage(message, serverOutgoingMessages);

                            if (serverComplete)
                            {
                                break;
                            }
                        }
                        if (serverComplete)
                        {
                            break;
                        }
                    }
                    clientOutgoingMessages.Clear();
                }

                if (!clientComplete)
                {
                    List <NetMQMessage> sslMessages;
                    int offset;
                    foreach (NetMQMessage serverOutgoingMessage in serverOutgoingMessages)
                    {
                        bool result = clientSecureChannel.ResolveRecordLayer(serverOutgoingMessage.First.Buffer, out offset, out sslMessages);
                        Assert.AreEqual(offset, serverOutgoingMessage.First.BufferSize);
                        Assert.IsTrue(result);
                        foreach (var message in sslMessages)
                        {
                            clientComplete = clientSecureChannel.ProcessMessage(message, clientOutgoingMessages);

                            if (clientComplete)
                            {
                                break;
                            }
                        }
                        if (clientComplete)
                        {
                            break;
                        }
                    }

                    serverOutgoingMessages.Clear();
                }
            }
            clientSecureChannel.Dispose();
            serverSecureChannel.Dispose();
        }
        public void AlertTest()
        {
            Configuration configuration = new Configuration()
            {
                VerifyCertificate = false, StandardTLSFormat = true
            };
            X509Certificate2 certificate = new X509Certificate2(NUnit.Framework.TestContext.CurrentContext.TestDirectory + "\\server.pfx", "1234");

            byte []       sessionId           = Encoding.ASCII.GetBytes(Guid.NewGuid().ToString("N"));
            SecureChannel serverSecureChannel = SecureChannel.CreateServerSecureChannel(configuration);

            serverSecureChannel.Certificate = certificate;

            SecureChannel        clientSecureChannel    = SecureChannel.CreateClientSecureChannel(sessionId, configuration);
            IList <NetMQMessage> clientOutgoingMessages = new List <NetMQMessage>();
            IList <NetMQMessage> serverOutgoingMessages = new List <NetMQMessage>();
            bool clientComplete = clientSecureChannel.ProcessMessage(null, clientOutgoingMessages);
            bool serverComplete = false;
            int  offset;
            List <NetMQMessage> sslMessages;

            foreach (var message in clientOutgoingMessages)
            {
                serverSecureChannel.ResolveRecordLayer(message.Last.Buffer, out offset, out sslMessages);
                foreach (var sslMessage in sslMessages)
                {
                    serverComplete = serverSecureChannel.ProcessMessage(sslMessage, serverOutgoingMessages);

                    Assert.IsTrue(serverSecureChannel.SessionId.SequenceEqual(sessionId));
                    if (serverComplete)
                    {
                        break;
                    }
                }
                if (serverComplete)
                {
                    break;
                }
            }
            var alertMessage = serverSecureChannel.Alert(AlertLevel.Warning, AlertDescription.DecryptError);

            Assert.AreEqual(alertMessage.FrameCount, 5);
            Assert.AreEqual(alertMessage.First.BufferSize, 1);
            Assert.AreEqual((int)alertMessage.First.Buffer[0], 21);
            Assert.AreEqual(alertMessage[3].BufferSize, 1);
            Assert.AreEqual((AlertLevel)alertMessage[3].Buffer[0], AlertLevel.Warning);
            Assert.AreEqual(alertMessage[4].BufferSize, 1);
            Assert.AreEqual((AlertDescription)alertMessage[4].Buffer[0], AlertDescription.DecryptError);


            byte[] combineBytes = new byte[0];
            int    sum          = 0;

            foreach (var frame in alertMessage)
            {
                combineBytes = combineBytes.Combine(frame.Buffer);
                sum         += frame.BufferSize;
            }
            Assert.AreEqual(sum, combineBytes.Length);
            bool result = clientSecureChannel.ResolveRecordLayer(combineBytes, out offset, out sslMessages);

            Assert.AreEqual(offset, combineBytes.Length);
            Assert.IsTrue(result);
            Assert.AreEqual(sslMessages.Count, 1);
            for (int j = 0; j < sslMessages[0].FrameCount; j++)
            {
                Assert.AreEqual(sslMessages[0][j].Buffer, alertMessage[j].Buffer);
            }
            alertMessage = clientSecureChannel.Alert(AlertLevel.Warning, AlertDescription.DecryptError);
            Assert.AreEqual(alertMessage.FrameCount, 5);
            Assert.AreEqual(alertMessage.First.BufferSize, 1);
            Assert.AreEqual((int)alertMessage.First.Buffer[0], 21);
            Assert.AreEqual(alertMessage[3].BufferSize, 1);
            Assert.AreEqual((AlertLevel)alertMessage[3].Buffer[0], AlertLevel.Warning);
            Assert.AreEqual(alertMessage[4].BufferSize, 1);
            Assert.AreEqual((AlertDescription)alertMessage[4].Buffer[0], AlertDescription.DecryptError);
            clientSecureChannel.Dispose();
            serverSecureChannel.Dispose();
        }
        public void SessionRecoverTest()
        {
            Configuration configuration = new Configuration()
            {
                VerifyCertificate = false, StandardTLSFormat = true
            };
            X509Certificate2 certificate = new X509Certificate2(NUnit.Framework.TestContext.CurrentContext.TestDirectory + "\\server.pfx", "1234");

            byte []       sessionId           = Encoding.ASCII.GetBytes(Guid.NewGuid().ToString("N"));
            SecureChannel serverSecureChannel = SecureChannel.CreateServerSecureChannel(configuration);

            serverSecureChannel.Certificate = certificate;

            SecureChannel clientSecureChannel = SecureChannel.CreateClientSecureChannel(sessionId, configuration);

            IList <NetMQMessage> clientOutgoingMessages = new List <NetMQMessage>();
            IList <NetMQMessage> serverOutgoingMessages = new List <NetMQMessage>();

            bool serverComplete = false;

            bool clientComplete = clientSecureChannel.ProcessMessage(null, clientOutgoingMessages);

            Assert.IsTrue(clientSecureChannel.SessionId.SequenceEqual(sessionId));
            while (!serverComplete || !clientComplete)
            {
                if (!serverComplete)
                {
                    foreach (var message in clientOutgoingMessages)
                    {
                        List <NetMQMessage> sslMessages;
                        int  offset;
                        bool result = serverSecureChannel.ResolveRecordLayer(message.Last.Buffer, out offset, out sslMessages);
                        Assert.IsTrue(result);
                        foreach (var sslMessage in sslMessages)
                        {
                            serverComplete = serverSecureChannel.ProcessMessage(sslMessage, serverOutgoingMessages);

                            Assert.IsTrue(serverSecureChannel.SessionId.SequenceEqual(sessionId));
                            if (serverComplete)
                            {
                                break;
                            }
                        }
                    }

                    clientOutgoingMessages.Clear();
                }

                if (!clientComplete)
                {
                    foreach (var message in serverOutgoingMessages)
                    {
                        List <NetMQMessage> sslMessages;
                        int  offset;
                        bool result = clientSecureChannel.ResolveRecordLayer(message.Last.Buffer, out offset, out sslMessages);
                        Assert.IsTrue(result);

                        foreach (var sslMessage in sslMessages)
                        {
                            clientComplete = clientSecureChannel.ProcessMessage(sslMessage, clientOutgoingMessages);

                            Assert.IsTrue(clientSecureChannel.SessionId.SequenceEqual(sessionId));
                            if (clientComplete)
                            {
                                break;
                            }
                        }
                    }
                    serverOutgoingMessages.Clear();
                }
            }
            clientSecureChannel.Dispose();
            serverSecureChannel.Dispose();
        }