Esempio n. 1
0
        public static void Main(string[] args)
        {
            // http://www.oracle.com/technetwork/java/javase/downloads/jce-7-download-432124.html

            // https://alesaudate.wordpress.com/2010/08/09/how-to-dynamically-select-a-certificate-alias-when-invoking-web-services/

            // https://sites.google.com/a/jsc-solutions.net/backlog/knowledge-base/2015/201510/20151010

            try
            {
                // first lets print into console the aliases we could be choosing from
                // it should show the CA and the host alias on windows.
                // once this works. lets do an example that works with JVM keystore

                var keystore = new FileInfo(typeof(Program).Assembly.Location.TakeUntilIfAny(".") + ".keystore");
                var portpath = new FileInfo(typeof(Program).Assembly.Location.TakeUntilIfAny(".") + ".port");

                if (!portpath.Exists)
                {
                    System.IO.File.WriteAllText(portpath.FullName, "" + 8443);
                }

                var port = Convert.ToInt32(
                    System.IO.File.ReadAllText(portpath.FullName).Trim()
                    );

                Console.WriteLine(new { keystore, port });

                // now lets start a ssl server and convince jvm to use the first friendly name we found..

                var xSSLContext = javax.net.ssl.SSLContext.getInstance("TLSv1.2");
                Console.WriteLine(new { xSSLContext });
                var xTrustEveryoneManager = new[] { new TrustEveryoneManager() };
                var xKeyManager           = new[] { new localKeyManager(keystorepath: keystore.FullName) };

                xSSLContext.init(
                    // SunMSCAPI ?
                    xKeyManager,
                    xTrustEveryoneManager,
                    new java.security.SecureRandom()
                    );

                var xSSLServerSocketFactory = xSSLContext.getServerSocketFactory();
                //var ss443 = xSSLServerSocketFactory.createServerSocket(8443);

                // { Message = Address already in use: JVM_Bind, StackTrace = java.net.BindException: Address already in use: JVM_Bind
                // stop AppHostSvc

                //[svchost.exe]
                // TCP    0.0.0.0:443            red:0                  LISTENING       4

                //var ss443 = xSSLServerSocketFactory.createServerSocket(443);
                //var ss443 = xSSLServerSocketFactory.createServerSocket(8443);
                var ss443 = xSSLServerSocketFactory.createServerSocket(port);
                Console.WriteLine(new { ss443 });

                // http://developer.android.com/reference/javax/net/ssl/SSLServerSocket.html
                var xSSLServerSocket = ss443 as javax.net.ssl.SSLServerSocket;
                xSSLServerSocket.setEnabledProtocols(new[] { "TLSv1.2", "SSLv2Hello" });


                var ok = true;
                while (ok)
                {
                    //Console.WriteLine("accept...");
                    var xSSLSocket = ss443.accept() as javax.net.ssl.SSLSocket;



                    //Console.WriteLine(new { xSSLSocket });

                    // http://security.stackexchange.com/questions/76993/now-that-it-is-2015-what-ssl-tls-cipher-suites-should-be-used-in-a-high-securit
                    // java u suck.

                    //Console.WriteLine("startHandshake...");
                    try
                    {
                        // http://developer.android.com/reference/javax/net/ssl/HandshakeCompletedEvent.html

                        Func <string> getdata = () =>
                                                "HTTP/1.0 200 OK\r\nConnection: close\r\n\r\n<h1>hello world</h1>";

                        // can we await for it?
                        #region getPeerCertificates
                        xSSLSocket.addHandshakeCompletedListener(
                            new xHandshakeCompletedListener
                        {
                            yield = e =>
                            {
                                try
                                {
                                    Console.WriteLine("xHandshakeCompletedListener " + new { e.getPeerCertificates().Length });

                                    var c = e.getPeerCertificates().FirstOrDefault() as X509Certificate;

                                    var x509 = new ScriptCoreLibJava.BCLImplementation.System.Security.Cryptography.X509Certificates.__X509Certificate2 {
                                        InternalElement = c
                                    };


                                    if (c != null)
                                    {
                                        getdata = () =>
                                                  "HTTP/1.0 200 OK\r\nConnection: close\r\n\r\n<h1>authenticated!</h1>"
                                                  + new XElement("pre", new { x509.Subject, x509.SerialNumber }.ToString()
                                                                 );
                                    }
                                }
                                catch (Exception fault)
                                {
                                    //Caused by: javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
                                    //        at sun.security.ssl.SSLSessionImpl.getPeerCertificates(Unknown Source)
                                    //        at javax.net.ssl.HandshakeCompletedEvent.getPeerCertificates(Unknown Source)

                                    //throw;

                                    Console.WriteLine("getPeerCertificates " + new { fault.Message });
                                }
                            }
                        }
                            );
                        #endregion

                        xSSLSocket.startHandshake();



                        //Cipher Suites: [
                        //    TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
                        //    TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
                        //    TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
                        //    Unknown 0xcc:0x14,
                        //Unknown 0xcc:0x13,
                        //TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
                        //TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
                        //TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
                        //TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
                        //TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
                        //TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
                        //TLS_RSA_WITH_AES_128_GCM_SHA256,
                        //TLS_RSA_WITH_AES_256_CBC_SHA,
                        //TLS_RSA_WITH_AES_128_CBC_SHA,
                        //SSL_RSA_WITH_3DES_EDE_CBC_SHA]

                        // http://www.e2college.com/blogs/java_security/ssl_handshake_failure_due_to_unsupported_cipher_su.html



                        // Error	573	The type 'ScriptCoreLib.Shared.BCLImplementation.System.IO.__Stream' is defined in an assembly that is not referenced. You must add a reference to assembly 'ScriptCoreLib, Version=4.6.0.0, Culture=neutral, PublicKeyToken=null'.	Z:\jsc.svn\examples\java\hybrid\Test\JVMCLRSSLServerSocket\JVMCLRSSLServerSocket\Program.cs	68	17	JVMCLRSSLServerSocket

                        var xNetworkStream = new ScriptCoreLibJava.BCLImplementation.System.Net.Sockets.__NetworkStream
                        {
                            InternalInputStream  = xSSLSocket.getInputStream(),
                            InternalOutputStream = xSSLSocket.getOutputStream()
                        };

                        //Console.WriteLine(new { xNetworkStream });

                        // http://stackoverflow.com/questions/13874387/create-app-with-sslsocket-java

                        // http://www.java2s.com/Tutorial/Java/0320__Network/CreatinganSSLServerSocket.htm
                        // http://192.168.1.12:8443/
                        // chrome does a download of NAK EXT SOH NUL STX STX ??

                        // { byte0 = 71 }
                        //var byte0 = xNetworkStream.ReadByte();

                        //{ cf = sun.security.ssl.SSLSocketFactoryImpl@93f13f }
                        //{ ssf = sun.security.ssl.SSLServerSocketFactoryImpl@15dc721 }
                        //{ ss443 = [SSL: ServerSocket[addr=0.0.0.0/0.0.0.0,localport=8443]] }
                        //{ xSSLSocket = 1747f59[SSL_NULL_WITH_NULL_NULL: Socket[addr=/192.168.1.196,port=55953,localport=8443]] }
                        //{ xNetworkStream = ScriptCoreLibJava.BCLImplementation.System.Net.Sockets.__NetworkStream@538cc2 }
                        //{ byte0 = -1 }

                        //Console.WriteLine(new { byte0 });
                        //Console.WriteLine(new { byte0 });



                        //{ Message = Java heap space, StackTrace = java.lang.OutOfMemoryError: Java heap space
                        //        at ScriptCoreLibJava.BCLImplementation.System.IO.__MemoryStream.set_Capacity(__MemoryStream.java:110)
                        //        at ScriptCoreLibJava.BCLImplementation.System.IO.__MemoryStream.InternalEnsureCapacity(__MemoryStream.java:156)
                        //        at ScriptCoreLibJava.BCLImplementation.System.IO.__MemoryStream.WriteByte(__MemoryStream.java:140)
                        //        at ScriptCoreLibJava.BCLImplementation.System.IO.__StreamReader.ReadLine(__StreamReader.java:51)
                        //        at JVMCLRSSLServerSocket.Program.main(Program.java:145)

                        var xStreamReader = new StreamReader(xNetworkStream);
                        var line0         = xStreamReader.ReadLine();
                        //Console.WriteLine(new { line0 });

                        // { line0 = GET / HTTP/1.1 }


                        // http://stackoverflow.com/questions/3662837/java-no-cipher-suites-in-common-issue-when-trying-to-securely-connect-to-serve
                        // http://stackoverflow.com/questions/15076820/java-sslhandshakeexception-no-cipher-suites-in-common


                        //Implementation not found for type import :
                        //type: System.IO.StreamWriter
                        //method: Void .ctor(System.IO.Stream)
                        //var xStreamWriter = new StreamWriter(xNetworkStream);

                        var data =
                            getdata();

                        var bytes = Encoding.UTF8.GetBytes(data);

                        xNetworkStream.Write(bytes, 0, bytes.Length);


                        xNetworkStream.Close();
                    }
                    catch (Exception fault)
                    {
                        reportHansshakeFault(fault);
                    }

                    //Thread.Sleep(5000);
                }
            }
            catch (Exception err)
            {
                Console.WriteLine(
                    new
                {
                    err.Message,
                    err.StackTrace
                }
                    );
            }

            Console.WriteLine("done");
            Console.ReadLine();
        }
Esempio n. 2
0
        public static void Main(string[] args)
        {
            // http://www.oracle.com/technetwork/java/javase/downloads/jce-7-download-432124.html

            // https://alesaudate.wordpress.com/2010/08/09/how-to-dynamically-select-a-certificate-alias-when-invoking-web-services/

            // https://sites.google.com/a/jsc-solutions.net/backlog/knowledge-base/2015/201510/20151010

            try
            {
                // first lets print into console the aliases we could be choosing from
                // it should show the CA and the host alias on windows.
                // once this works. lets do an example that works with JVM keystore

                var keystore = new FileInfo(typeof(Program).Assembly.Location.TakeUntilIfAny(".") + ".keystore");
                var portpath = new FileInfo(typeof(Program).Assembly.Location.TakeUntilIfAny(".") + ".port");

                if (!portpath.Exists)
                    System.IO.File.WriteAllText(portpath.FullName, "" + 8443);

                var port = Convert.ToInt32(
                    System.IO.File.ReadAllText(portpath.FullName).Trim()
                    );

                Console.WriteLine(new { keystore, port });

                // now lets start a ssl server and convince jvm to use the first friendly name we found..

                var xSSLContext = javax.net.ssl.SSLContext.getInstance("TLSv1.2");
                Console.WriteLine(new { xSSLContext });
                var xTrustEveryoneManager = new[] { new TrustEveryoneManager() };
                var xKeyManager = new[] { new localKeyManager(keystorepath: keystore.FullName) };

                xSSLContext.init(
                    // SunMSCAPI ?
                    xKeyManager,
                    xTrustEveryoneManager,
                    new java.security.SecureRandom()
                );

                var xSSLServerSocketFactory = xSSLContext.getServerSocketFactory();
                //var ss443 = xSSLServerSocketFactory.createServerSocket(8443);

                // { Message = Address already in use: JVM_Bind, StackTrace = java.net.BindException: Address already in use: JVM_Bind
                // stop AppHostSvc

                //[svchost.exe]
                // TCP    0.0.0.0:443            red:0                  LISTENING       4

                //var ss443 = xSSLServerSocketFactory.createServerSocket(443);
                //var ss443 = xSSLServerSocketFactory.createServerSocket(8443);
                var ss443 = xSSLServerSocketFactory.createServerSocket(port);
                Console.WriteLine(new { ss443 });

                // http://developer.android.com/reference/javax/net/ssl/SSLServerSocket.html
                var xSSLServerSocket = ss443 as javax.net.ssl.SSLServerSocket;
                xSSLServerSocket.setEnabledProtocols(new[] { "TLSv1.2", "SSLv2Hello" });


                var ok = true;
                while (ok)
                {
                    //Console.WriteLine("accept...");
                    var xSSLSocket = ss443.accept() as javax.net.ssl.SSLSocket;




                    //Console.WriteLine(new { xSSLSocket });

                    // http://security.stackexchange.com/questions/76993/now-that-it-is-2015-what-ssl-tls-cipher-suites-should-be-used-in-a-high-securit
                    // java u suck.

                    //Console.WriteLine("startHandshake...");
                    try
                    {
                        // http://developer.android.com/reference/javax/net/ssl/HandshakeCompletedEvent.html

                        Func<string> getdata = () =>
                             "HTTP/1.0 200 OK\r\nConnection: close\r\n\r\n<h1>hello world</h1>";

                        // can we await for it?
                        #region getPeerCertificates
                        xSSLSocket.addHandshakeCompletedListener(
                            new xHandshakeCompletedListener
                            {
                                yield = e =>
                                {
                                    try
                                    {
                                        Console.WriteLine("xHandshakeCompletedListener " + new { e.getPeerCertificates().Length });

                                        var c = e.getPeerCertificates().FirstOrDefault() as X509Certificate;

                                        var x509 = new ScriptCoreLibJava.BCLImplementation.System.Security.Cryptography.X509Certificates.__X509Certificate2 { InternalElement = c };


                                        if (c != null)
                                        {

                                            getdata = () =>
                                                "HTTP/1.0 200 OK\r\nConnection: close\r\n\r\n<h1>authenticated!</h1>"
                                                + new XElement("pre", new { x509.Subject, x509.SerialNumber }.ToString()
                                                    );
                                        }
                                    }
                                    catch (Exception fault)
                                    {
                                        //Caused by: javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
                                        //        at sun.security.ssl.SSLSessionImpl.getPeerCertificates(Unknown Source)
                                        //        at javax.net.ssl.HandshakeCompletedEvent.getPeerCertificates(Unknown Source)

                                        //throw;

                                        Console.WriteLine("getPeerCertificates " + new { fault.Message });
                                    }
                                }
                            }
                        );
                        #endregion

                        xSSLSocket.startHandshake();



                        //Cipher Suites: [
                        //    TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, 
                        //    TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, 
                        //    TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, 
                        //    Unknown 0xcc:0x14, 
                        //Unknown 0xcc:0x13, 
                        //TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, 
                        //TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, 
                        //TLS_DHE_RSA_WITH_AES_256_CBC_SHA, 
                        //TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, 
                        //TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, 
                        //TLS_DHE_RSA_WITH_AES_128_CBC_SHA, 
                        //TLS_RSA_WITH_AES_128_GCM_SHA256, 
                        //TLS_RSA_WITH_AES_256_CBC_SHA, 
                        //TLS_RSA_WITH_AES_128_CBC_SHA, 
                        //SSL_RSA_WITH_3DES_EDE_CBC_SHA]

                        // http://www.e2college.com/blogs/java_security/ssl_handshake_failure_due_to_unsupported_cipher_su.html






                        // Error	573	The type 'ScriptCoreLib.Shared.BCLImplementation.System.IO.__Stream' is defined in an assembly that is not referenced. You must add a reference to assembly 'ScriptCoreLib, Version=4.6.0.0, Culture=neutral, PublicKeyToken=null'.	Z:\jsc.svn\examples\java\hybrid\Test\JVMCLRSSLServerSocket\JVMCLRSSLServerSocket\Program.cs	68	17	JVMCLRSSLServerSocket

                        var xNetworkStream = new ScriptCoreLibJava.BCLImplementation.System.Net.Sockets.__NetworkStream
                        {
                            InternalInputStream = xSSLSocket.getInputStream(),
                            InternalOutputStream = xSSLSocket.getOutputStream()
                        };

                        //Console.WriteLine(new { xNetworkStream });

                        // http://stackoverflow.com/questions/13874387/create-app-with-sslsocket-java

                        // http://www.java2s.com/Tutorial/Java/0320__Network/CreatinganSSLServerSocket.htm
                        // http://192.168.1.12:8443/
                        // chrome does a download of NAK EXT SOH NUL STX STX ??

                        // { byte0 = 71 }
                        //var byte0 = xNetworkStream.ReadByte();

                        //{ cf = sun.security.ssl.SSLSocketFactoryImpl@93f13f }
                        //{ ssf = sun.security.ssl.SSLServerSocketFactoryImpl@15dc721 }
                        //{ ss443 = [SSL: ServerSocket[addr=0.0.0.0/0.0.0.0,localport=8443]] }
                        //{ xSSLSocket = 1747f59[SSL_NULL_WITH_NULL_NULL: Socket[addr=/192.168.1.196,port=55953,localport=8443]] }
                        //{ xNetworkStream = ScriptCoreLibJava.BCLImplementation.System.Net.Sockets.__NetworkStream@538cc2 }
                        //{ byte0 = -1 }

                        //Console.WriteLine(new { byte0 });
                        //Console.WriteLine(new { byte0 });




                        //{ Message = Java heap space, StackTrace = java.lang.OutOfMemoryError: Java heap space
                        //        at ScriptCoreLibJava.BCLImplementation.System.IO.__MemoryStream.set_Capacity(__MemoryStream.java:110)
                        //        at ScriptCoreLibJava.BCLImplementation.System.IO.__MemoryStream.InternalEnsureCapacity(__MemoryStream.java:156)
                        //        at ScriptCoreLibJava.BCLImplementation.System.IO.__MemoryStream.WriteByte(__MemoryStream.java:140)
                        //        at ScriptCoreLibJava.BCLImplementation.System.IO.__StreamReader.ReadLine(__StreamReader.java:51)
                        //        at JVMCLRSSLServerSocket.Program.main(Program.java:145)

                        var xStreamReader = new StreamReader(xNetworkStream);
                        var line0 = xStreamReader.ReadLine();
                        //Console.WriteLine(new { line0 });

                        // { line0 = GET / HTTP/1.1 }


                        // http://stackoverflow.com/questions/3662837/java-no-cipher-suites-in-common-issue-when-trying-to-securely-connect-to-serve
                        // http://stackoverflow.com/questions/15076820/java-sslhandshakeexception-no-cipher-suites-in-common


                        //Implementation not found for type import :
                        //type: System.IO.StreamWriter
                        //method: Void .ctor(System.IO.Stream)
                        //var xStreamWriter = new StreamWriter(xNetworkStream);

                        var data =
                           getdata();

                        var bytes = Encoding.UTF8.GetBytes(data);

                        xNetworkStream.Write(bytes, 0, bytes.Length);


                        xNetworkStream.Close();

                    }
                    catch (Exception fault)
                    {
                        reportHansshakeFault(fault);


                    }

                    //Thread.Sleep(5000);
                }


            }
            catch (Exception err)
            {
                Console.WriteLine(
                    new
                    {
                        err.Message,
                        err.StackTrace
                    }
                );

            }

            Console.WriteLine("done");
            Console.ReadLine();
        }