static SignatureInstrumentParameters Create( TestContext ctx, InstrumentationCategory category, SignatureInstrumentType type, SignatureAndHashAlgorithm algorithm, CipherSuiteCode cipher) { var parameters = CreateParameters(category, type, algorithm.Hash, algorithm.Signature, cipher); parameters.ClientCertificate = ResourceManager.MonkeyCertificate; parameters.RequireClientCertificate = true; var signatureParameters = new SignatureParameters(); signatureParameters.Add(algorithm); switch (type) { case SignatureInstrumentType.ClientSignatureAlgorithmAndCipher: parameters.ClientSignatureParameters = signatureParameters; parameters.ClientCiphers = new CipherSuiteCode[] { cipher }; break; case SignatureInstrumentType.ServerSignatureAlgorithmAndCipher: parameters.ServerSignatureAlgorithm = algorithm; parameters.ServerCiphers = new CipherSuiteCode[] { cipher }; break; default: ctx.AssertFail("Unsupported signature instrument: '{0}'.", type); break; } return(parameters); }
protected SignatureInstrumentParameters (SignatureInstrumentParameters other) : base (other) { Type = other.Type; ClientSignatureParameters = other.ClientSignatureParameters; ServerSignatureParameters = other.ServerSignatureParameters; ClientSignatureAlgorithm = other.ClientSignatureAlgorithm; ServerSignatureAlgorithm = other.ServerSignatureAlgorithm; ExpectClientSignatureAlgorithm = other.ExpectClientSignatureAlgorithm; ExpectServerSignatureAlgorithm = other.ExpectServerSignatureAlgorithm; ServerCertificateParameters = other.ServerCertificateParameters; CertificateVerifySignatureAlgorithm = other.CertificateVerifySignatureAlgorithm; ExpectCertificateVerifySignatureAlgorithm = other.ExpectCertificateVerifySignatureAlgorithm; }
protected SignatureInstrumentParameters(SignatureInstrumentParameters other) : base(other) { Type = other.Type; ClientSignatureParameters = other.ClientSignatureParameters; ServerSignatureParameters = other.ServerSignatureParameters; ClientSignatureAlgorithm = other.ClientSignatureAlgorithm; ServerSignatureAlgorithm = other.ServerSignatureAlgorithm; ExpectClientSignatureAlgorithm = other.ExpectClientSignatureAlgorithm; ExpectServerSignatureAlgorithm = other.ExpectServerSignatureAlgorithm; ServerCertificateParameters = other.ServerCertificateParameters; CertificateVerifySignatureAlgorithm = other.CertificateVerifySignatureAlgorithm; ExpectCertificateVerifySignatureAlgorithm = other.ExpectCertificateVerifySignatureAlgorithm; }
public SignatureInstrumentParameters (InstrumentationCategory category, SignatureInstrumentType type, ClientParameters clientParameters, ServerParameters serverParameters) : base (category, clientParameters, serverParameters) { Type = type; }
public SignatureInstrumentParameters (InstrumentationCategory category, SignatureInstrumentType type, string identifier, IServerCertificate certificate) : base (category, identifier, certificate) { Type = type; }
public SignatureInstrumentParametersAttribute(SignatureInstrumentType type) : base(null, TestFlags.Browsable | TestFlags.ContinueOnError) { Type = type; }
static SignatureInstrumentParameters Create (TestContext ctx, InstrumentationCategory category, SignatureInstrumentType type) { var parameters = CreateParameters (category, type); parameters.ClientCertificate = ResourceManager.MonkeyCertificate; parameters.RequireClientCertificate = true; switch (type) { case SignatureInstrumentType.NoClientSignatureAlgorithms: parameters.ExpectServerSignatureAlgorithm = new SignatureAndHashAlgorithm (HashAlgorithmType.Sha1); parameters.ClientCiphers = new CipherSuiteCode[] { CipherSuiteCode.TLS_DHE_RSA_WITH_AES_128_CBC_SHA }; break; case SignatureInstrumentType.VerifyClientSignatureAlgorithms: parameters.ExpectClientAlert = AlertDescription.IlegalParameter; goto case SignatureInstrumentType.ClientProvidesSomeUnsupportedSignatureAlgorithms; case SignatureInstrumentType.ClientProvidesSomeUnsupportedSignatureAlgorithms: parameters.ClientSignatureParameters = new SignatureParameters (); parameters.ClientSignatureParameters.Add (HashAlgorithmType.Sha1, SignatureAlgorithmType.Dsa); parameters.ClientSignatureParameters.Add (HashAlgorithmType.Unknown, SignatureAlgorithmType.Unknown); parameters.ClientSignatureParameters.Add (HashAlgorithmType.Sha256, SignatureAlgorithmType.Rsa); parameters.ClientCiphers = new CipherSuiteCode[] { CipherSuiteCode.TLS_DHE_RSA_WITH_AES_128_CBC_SHA }; break; case SignatureInstrumentType.ClientProvidesNoSupportedSignatureAlgorithms: parameters.ClientSignatureParameters = new SignatureParameters (); parameters.ClientSignatureParameters.Add (HashAlgorithmType.Unknown, SignatureAlgorithmType.Dsa); parameters.ExpectServerSignatureAlgorithm = new SignatureAndHashAlgorithm (HashAlgorithmType.Sha1); parameters.ClientCiphers = new CipherSuiteCode[] { CipherSuiteCode.TLS_DHE_RSA_WITH_AES_128_CBC_SHA }; parameters.ExpectServerAlert = AlertDescription.IlegalParameter; break; case SignatureInstrumentType.Tls10WithRsaExchange: parameters.ClientCiphers = parameters.ServerCiphers = new CipherSuiteCode[] { CipherSuiteCode.TLS_RSA_WITH_AES_256_CBC_SHA }; parameters.ProtocolVersion = ProtocolVersions.Tls10; break; case SignatureInstrumentType.Tls10WithDheExchange: parameters.ClientCiphers = parameters.ServerCiphers = new CipherSuiteCode[] { CipherSuiteCode.TLS_DHE_RSA_WITH_AES_128_CBC_SHA }; parameters.ProtocolVersion = ProtocolVersions.Tls10; break; case SignatureInstrumentType.ServerUsesUnsupportedSignatureAlgorithm: parameters.ClientCiphers = new CipherSuiteCode[] { CipherSuiteCode.TLS_DHE_RSA_WITH_AES_128_CBC_SHA }; parameters.ClientSignatureParameters = new SignatureParameters (); parameters.ClientSignatureParameters.Add (HashAlgorithmType.Sha384); parameters.ServerSignatureAlgorithm = new SignatureAndHashAlgorithm (HashAlgorithmType.Sha512); parameters.ExpectClientAlert = AlertDescription.IlegalParameter; break; case SignatureInstrumentType.ServerUsesUnsupportedSignatureAlgorithm2: // MD5SHA1 is never allowed for TLS 1.2. parameters.ClientCiphers = new CipherSuiteCode[] { CipherSuiteCode.TLS_DHE_RSA_WITH_AES_128_CBC_SHA }; parameters.ClientSignatureParameters = new SignatureParameters (); parameters.ClientSignatureParameters.Add (HashAlgorithmType.Sha1); // we'd normally not be allowed to request this from user settings, but there's an instrumentation override // in place for this test. parameters.ClientSignatureParameters.Add (HashAlgorithmType.Md5Sha1); // Instrumentation override lets us force set this. parameters.ServerSignatureAlgorithm = new SignatureAndHashAlgorithm (HashAlgorithmType.Md5Sha1); parameters.ExpectClientAlert = AlertDescription.IlegalParameter; parameters.ProtocolVersion = ProtocolVersions.Tls12; break; case SignatureInstrumentType.ServerSendsCertificateParametersWithoutAlgorithms: parameters.ServerCertificateParameters = new ClientCertificateParameters (); parameters.ExpectCertificateVerifySignatureAlgorithm = SignatureParameters.DefaultAlgorithm; break; case SignatureInstrumentType.ServerSendsCertificateParametersWithSomeUnsupportedAlgorithms: parameters.ServerCertificateParameters = new ClientCertificateParameters (); parameters.ServerCertificateParameters.SignatureParameters.Add (HashAlgorithmType.Unknown); parameters.ServerCertificateParameters.SignatureParameters.Add (HashAlgorithmType.Sha384); parameters.ExpectCertificateVerifySignatureAlgorithm = new SignatureAndHashAlgorithm (HashAlgorithmType.Sha384); break; case SignatureInstrumentType.ServerSendsCertificateParametersWithNoSupportedAlgorithms: parameters.ServerCertificateParameters = new ClientCertificateParameters (); parameters.ServerCertificateParameters.SignatureParameters.Add (HashAlgorithmType.Unknown); parameters.ExpectCertificateVerifySignatureAlgorithm = SignatureParameters.DefaultAlgorithm; parameters.ExpectClientAlert = AlertDescription.IlegalParameter; break; case SignatureInstrumentType.ClientSendsCertificateVerifyWithUnrequestedAlgorithm: parameters.ServerCertificateParameters = new ClientCertificateParameters (); parameters.ServerCertificateParameters.SignatureParameters.Add (HashAlgorithmType.Sha384); parameters.ServerCertificateParameters.SignatureParameters.Add (HashAlgorithmType.Sha512); parameters.ClientSignatureAlgorithm = new SignatureAndHashAlgorithm (HashAlgorithmType.Sha256); parameters.ExpectServerAlert = AlertDescription.IlegalParameter; break; case SignatureInstrumentType.CertificateVerifySignatureAlgorithmSelectionOrder: parameters.ServerCertificateParameters = new ClientCertificateParameters (); parameters.ServerCertificateParameters.SignatureParameters.Add (HashAlgorithmType.Sha384); parameters.ServerCertificateParameters.SignatureParameters.Add (HashAlgorithmType.Sha512); parameters.ExpectCertificateVerifySignatureAlgorithm = new SignatureAndHashAlgorithm (HashAlgorithmType.Sha384); break; case SignatureInstrumentType.CertificateVerifySignatureAlgorithmSelectionOrder2: parameters.ServerCertificateParameters = new ClientCertificateParameters (); parameters.ServerCertificateParameters.SignatureParameters.Add (HashAlgorithmType.Sha512); parameters.ServerCertificateParameters.SignatureParameters.Add (HashAlgorithmType.Sha384); parameters.ExpectCertificateVerifySignatureAlgorithm = new SignatureAndHashAlgorithm (HashAlgorithmType.Sha512); break; default: ctx.AssertFail ("Unsupported signature instrument: '{0}'.", type); break; } return parameters; }
static SignatureInstrumentParameters Create ( TestContext ctx, InstrumentationCategory category, SignatureInstrumentType type, SignatureAndHashAlgorithm algorithm, CipherSuiteCode cipher) { var parameters = CreateParameters (category, type, algorithm.Hash, algorithm.Signature, cipher); parameters.ClientCertificate = ResourceManager.MonkeyCertificate; parameters.RequireClientCertificate = true; var signatureParameters = new SignatureParameters (); signatureParameters.Add (algorithm); switch (type) { case SignatureInstrumentType.ClientSignatureAlgorithmAndCipher: parameters.ClientSignatureParameters = signatureParameters; parameters.ClientCiphers = new CipherSuiteCode[] { cipher }; break; case SignatureInstrumentType.ServerSignatureAlgorithmAndCipher: parameters.ServerSignatureAlgorithm = algorithm; parameters.ServerCiphers = new CipherSuiteCode[] { cipher }; break; default: ctx.AssertFail ("Unsupported signature instrument: '{0}'.", type); break; } return parameters; }
static SignatureInstrumentParameters CreateParameters (InstrumentationCategory category, SignatureInstrumentType type, params object[] args) { var sb = new StringBuilder (); sb.Append (type); foreach (var arg in args) { sb.AppendFormat (":{0}", arg); } var name = sb.ToString (); return new SignatureInstrumentParameters (category, type, name, ResourceManager.SelfSignedServerCertificate) { ClientCertificateValidator = AcceptAnyCertificate, ServerCertificateValidator = AcceptAnyCertificate, ProtocolVersion = ProtocolVersions.Tls12 }; }
static SignatureInstrumentParameters Create(TestContext ctx, InstrumentationCategory category, SignatureInstrumentType type) { var parameters = CreateParameters(category, type); parameters.ClientCertificate = ResourceManager.MonkeyCertificate; parameters.RequireClientCertificate = true; switch (type) { case SignatureInstrumentType.NoClientSignatureAlgorithms: parameters.ExpectServerSignatureAlgorithm = new SignatureAndHashAlgorithm(HashAlgorithmType.Sha1); parameters.ClientCiphers = new CipherSuiteCode[] { CipherSuiteCode.TLS_DHE_RSA_WITH_AES_128_CBC_SHA }; break; case SignatureInstrumentType.VerifyClientSignatureAlgorithms: parameters.ExpectClientAlert = AlertDescription.IlegalParameter; goto case SignatureInstrumentType.ClientProvidesSomeUnsupportedSignatureAlgorithms; case SignatureInstrumentType.ClientProvidesSomeUnsupportedSignatureAlgorithms: parameters.ClientSignatureParameters = new SignatureParameters(); parameters.ClientSignatureParameters.Add(HashAlgorithmType.Sha1, SignatureAlgorithmType.Dsa); parameters.ClientSignatureParameters.Add(HashAlgorithmType.Unknown, SignatureAlgorithmType.Unknown); parameters.ClientSignatureParameters.Add(HashAlgorithmType.Sha256, SignatureAlgorithmType.Rsa); parameters.ClientCiphers = new CipherSuiteCode[] { CipherSuiteCode.TLS_DHE_RSA_WITH_AES_128_CBC_SHA }; break; case SignatureInstrumentType.ClientProvidesNoSupportedSignatureAlgorithms: parameters.ClientSignatureParameters = new SignatureParameters(); parameters.ClientSignatureParameters.Add(HashAlgorithmType.Unknown, SignatureAlgorithmType.Dsa); parameters.ExpectServerSignatureAlgorithm = new SignatureAndHashAlgorithm(HashAlgorithmType.Sha1); parameters.ClientCiphers = new CipherSuiteCode[] { CipherSuiteCode.TLS_DHE_RSA_WITH_AES_128_CBC_SHA }; parameters.ExpectServerAlert = AlertDescription.IlegalParameter; break; case SignatureInstrumentType.Tls10WithRsaExchange: parameters.ClientCiphers = parameters.ServerCiphers = new CipherSuiteCode[] { CipherSuiteCode.TLS_RSA_WITH_AES_256_CBC_SHA }; parameters.ProtocolVersion = ProtocolVersions.Tls10; break; case SignatureInstrumentType.Tls10WithDheExchange: parameters.ClientCiphers = parameters.ServerCiphers = new CipherSuiteCode[] { CipherSuiteCode.TLS_DHE_RSA_WITH_AES_128_CBC_SHA }; parameters.ProtocolVersion = ProtocolVersions.Tls10; break; case SignatureInstrumentType.ServerUsesUnsupportedSignatureAlgorithm: parameters.ClientCiphers = new CipherSuiteCode[] { CipherSuiteCode.TLS_DHE_RSA_WITH_AES_128_CBC_SHA }; parameters.ClientSignatureParameters = new SignatureParameters(); parameters.ClientSignatureParameters.Add(HashAlgorithmType.Sha384); parameters.ServerSignatureAlgorithm = new SignatureAndHashAlgorithm(HashAlgorithmType.Sha512); parameters.ExpectClientAlert = AlertDescription.IlegalParameter; break; case SignatureInstrumentType.ServerUsesUnsupportedSignatureAlgorithm2: // MD5SHA1 is never allowed for TLS 1.2. parameters.ClientCiphers = new CipherSuiteCode[] { CipherSuiteCode.TLS_DHE_RSA_WITH_AES_128_CBC_SHA }; parameters.ClientSignatureParameters = new SignatureParameters(); parameters.ClientSignatureParameters.Add(HashAlgorithmType.Sha1); // we'd normally not be allowed to request this from user settings, but there's an instrumentation override // in place for this test. parameters.ClientSignatureParameters.Add(HashAlgorithmType.Md5Sha1); // Instrumentation override lets us force set this. parameters.ServerSignatureAlgorithm = new SignatureAndHashAlgorithm(HashAlgorithmType.Md5Sha1); parameters.ExpectClientAlert = AlertDescription.IlegalParameter; parameters.ProtocolVersion = ProtocolVersions.Tls12; break; case SignatureInstrumentType.ServerSendsCertificateParametersWithoutAlgorithms: parameters.ServerCertificateParameters = new ClientCertificateParameters(); parameters.ExpectCertificateVerifySignatureAlgorithm = SignatureParameters.DefaultAlgorithm; break; case SignatureInstrumentType.ServerSendsCertificateParametersWithSomeUnsupportedAlgorithms: parameters.ServerCertificateParameters = new ClientCertificateParameters(); parameters.ServerCertificateParameters.SignatureParameters.Add(HashAlgorithmType.Unknown); parameters.ServerCertificateParameters.SignatureParameters.Add(HashAlgorithmType.Sha384); parameters.ExpectCertificateVerifySignatureAlgorithm = new SignatureAndHashAlgorithm(HashAlgorithmType.Sha384); break; case SignatureInstrumentType.ServerSendsCertificateParametersWithNoSupportedAlgorithms: parameters.ServerCertificateParameters = new ClientCertificateParameters(); parameters.ServerCertificateParameters.SignatureParameters.Add(HashAlgorithmType.Unknown); parameters.ExpectCertificateVerifySignatureAlgorithm = SignatureParameters.DefaultAlgorithm; parameters.ExpectClientAlert = AlertDescription.IlegalParameter; break; case SignatureInstrumentType.ClientSendsCertificateVerifyWithUnrequestedAlgorithm: parameters.ServerCertificateParameters = new ClientCertificateParameters(); parameters.ServerCertificateParameters.SignatureParameters.Add(HashAlgorithmType.Sha384); parameters.ServerCertificateParameters.SignatureParameters.Add(HashAlgorithmType.Sha512); parameters.ClientSignatureAlgorithm = new SignatureAndHashAlgorithm(HashAlgorithmType.Sha256); parameters.ExpectServerAlert = AlertDescription.IlegalParameter; break; case SignatureInstrumentType.CertificateVerifySignatureAlgorithmSelectionOrder: parameters.ServerCertificateParameters = new ClientCertificateParameters(); parameters.ServerCertificateParameters.SignatureParameters.Add(HashAlgorithmType.Sha384); parameters.ServerCertificateParameters.SignatureParameters.Add(HashAlgorithmType.Sha512); parameters.ExpectCertificateVerifySignatureAlgorithm = new SignatureAndHashAlgorithm(HashAlgorithmType.Sha384); break; case SignatureInstrumentType.CertificateVerifySignatureAlgorithmSelectionOrder2: parameters.ServerCertificateParameters = new ClientCertificateParameters(); parameters.ServerCertificateParameters.SignatureParameters.Add(HashAlgorithmType.Sha512); parameters.ServerCertificateParameters.SignatureParameters.Add(HashAlgorithmType.Sha384); parameters.ExpectCertificateVerifySignatureAlgorithm = new SignatureAndHashAlgorithm(HashAlgorithmType.Sha512); break; default: ctx.AssertFail("Unsupported signature instrument: '{0}'.", type); break; } return(parameters); }
static SignatureInstrumentParameters CreateParameters(InstrumentationCategory category, SignatureInstrumentType type, params object[] args) { var sb = new StringBuilder(); sb.Append(type); foreach (var arg in args) { sb.AppendFormat(":{0}", arg); } var name = sb.ToString(); return(new SignatureInstrumentParameters(category, type, name, ResourceManager.SelfSignedServerCertificate) { ClientCertificateValidator = AcceptAnyCertificate, ServerCertificateValidator = AcceptAnyCertificate, ProtocolVersion = ProtocolVersions.Tls12 }); }
public SignatureInstrumentParameters(InstrumentationCategory category, SignatureInstrumentType type, string identifier, IServerCertificate certificate) : base(category, identifier, certificate) { Type = type; }