/// <summary> /// Create a new HandshakeLayer object given a SecureChannel and which end of the connection it is to be. /// </summary> /// <param name="secureChannel">the SecureChannel that comprises the secure functionality of this layer</param> /// <param name="connectionEnd">this specifies which end of the connection - Server or Client</param> public HandshakeLayer(SecureChannel secureChannel, ConnectionEnd connectionEnd) { // SHA256 is a class that computes the SHA-256 (SHA stands for Standard Hashing Algorithm) of it's input. m_localHash = SHA256.Create(); m_remoteHash = SHA256.Create(); m_secureChannel = secureChannel; SecurityParameters = new SecurityParameters { Entity = connectionEnd, CompressionAlgorithm = CompressionMethod.Null, PRFAlgorithm = PRFAlgorithm.SHA256, CipherType = CipherType.Block }; AllowedCipherSuites = new[] { CipherSuite.TLS_RSA_WITH_AES_256_CBC_SHA256, CipherSuite.TLS_RSA_WITH_AES_256_CBC_SHA, CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA256, CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA }; VerifyCertificate = c => c.Verify(); }
/// <summary> /// Create a new HandshakeLayer object given a SecureChannel and which end of the connection it is to be. /// </summary> /// <param name="secureChannel">the SecureChannel that comprises the secure functionality of this layer</param> /// <param name="connectionEnd">this specifies which end of the connection - Server or Client</param> public HandshakeLayer(SecureChannel secureChannel, ConnectionEnd connectionEnd) { // SHA256 is a class that computes the SHA-256 (SHA stands for Standard Hashing Algorithm) of it's input. m_localHash = IncrementalHash.CreateHash(HashAlgorithmName.SHA256); //SHA256.Create(); m_remoteHash = IncrementalHash.CreateHash(HashAlgorithmName.SHA256); // SHA256.Create(); m_secureChannel = secureChannel; SecurityParameters = new SecurityParameters { Entity = connectionEnd, CompressionAlgorithm = CompressionMethod.Null, PRFAlgorithm = PRFAlgorithm.SHA256, CipherType = CipherType.Block }; AllowedCipherSuites = new[] { CipherSuite.TLS_RSA_WITH_AES_256_CBC_SHA256, CipherSuite.TLS_RSA_WITH_AES_256_CBC_SHA, CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA256, CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA }; #warning This method is not available in .NETStandard 1.6 - planned for 2.0; using X509Chain for now as it has the same functionality in NetFx, where X509Certificate2.Verify() calls the same internal method as X509Chain().Build(c) VerifyCertificate = c => new X509Chain().Build(c); //c.Verify(); }
/// <summary> /// Create a new SecureChannel with the given <see cref="ConnectionEnd"/>. /// </summary> /// <param name="connectionEnd">the ConnectionEnd that this channel is to talk to</param> public static SecureChannel CreateClientSecureChannel(byte[] sesionId = null, Configuration configuration = null) { SecureChannel secureChannel = new SecureChannel(ConnectionEnd.Client, configuration); if (sesionId != null) { secureChannel.UpdateSessionId(sesionId); } return(secureChannel); }
public void Setup() { X509Certificate2 certificate = new X509Certificate2("NetMQ.Testing.pfx", "1"); m_serverSecureChannel = new SecureChannel(ConnectionEnd.Server) { Certificate = certificate }; m_clientSecureChannel = new SecureChannel(ConnectionEnd.Client); m_clientSecureChannel.SetVerifyCertificate(c => true); IList<NetMQMessage> clientOutgoingMessages = new List<NetMQMessage>(); IList<NetMQMessage> serverOutgoingMessages = new List<NetMQMessage>(); bool serverComplete = false; bool clientComplete = m_clientSecureChannel.ProcessMessage(null, clientOutgoingMessages); while (!serverComplete || !clientComplete) { if (!serverComplete) { foreach (var message in clientOutgoingMessages) { serverComplete = m_serverSecureChannel.ProcessMessage(message, serverOutgoingMessages); if (serverComplete) { break; } } clientOutgoingMessages.Clear(); } if (!clientComplete) { foreach (var message in serverOutgoingMessages) { clientComplete = m_clientSecureChannel.ProcessMessage(message, clientOutgoingMessages); if (clientComplete) { break; } } serverOutgoingMessages.Clear(); } } }
public HandshakeLayer(SecureChannel secureChannel, ConnectionEnd connectionEnd) { m_secureChannel = secureChannel; SecurityParameters = new SecurityParameters(); SecurityParameters.Entity = connectionEnd; SecurityParameters.CompressionAlgorithm = CompressionMethod.Null; SecurityParameters.PRFAlgorithm = PRFAlgorithm.SHA256; SecurityParameters.CipherType = CipherType.Block; AllowedCipherSuites = new CipherSuite[] { CipherSuite.TLS_RSA_WITH_AES_256_CBC_SHA256, CipherSuite.TLS_RSA_WITH_AES_256_CBC_SHA, CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA256, CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA, }; VerifyCertificate = c => c.Verify(); }
public HandshakeLayer(SecureChannel secureChannel, ConnectionEnd connectionEnd) { m_localHash = SHA256.Create(); m_remoteHash = SHA256.Create(); m_secureChannel = secureChannel; SecurityParameters = new SecurityParameters(); SecurityParameters.Entity = connectionEnd; SecurityParameters.CompressionAlgorithm = CompressionMethod.Null; SecurityParameters.PRFAlgorithm = PRFAlgorithm.SHA256; SecurityParameters.CipherType = CipherType.Block; AllowedCipherSuites = new CipherSuite[] { CipherSuite.TLS_RSA_WITH_AES_256_CBC_SHA256, CipherSuite.TLS_RSA_WITH_AES_256_CBC_SHA, CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA256, CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA, }; VerifyCertificate = c => c.Verify(); }
/// <summary> /// Create a new instance of an OutgoingMessageBag that will use the given SecureChannel. /// </summary> /// <param name="secureChannel">a SecureChannel object that will serve to encrypt the protocol messages</param> public OutgoingMessageBag(SecureChannel secureChannel) { m_secureChannel = secureChannel; m_messages = new List <NetMQMessage>(); }
/// <summary> /// Create a new instance of an OutgoingMessageBag that will use the given SecureChannel. /// </summary> /// <param name="secureChannel">a SecureChannel object that will serve to encrypt the protocol messages</param> public OutgoingMessageBag(SecureChannel secureChannel) { m_secureChannel = secureChannel; m_messages = new List<NetMQMessage>(); }
/// <summary> /// Create a new SecureChannel with the given <see cref="ConnectionEnd"/>. /// </summary> /// <param name="connectionEnd">the ConnectionEnd that this channel is to talk to</param> public static SecureChannel CreateServerSecureChannel(Configuration configuration = null) { SecureChannel secureChannel = new SecureChannel(ConnectionEnd.Server, configuration); return(secureChannel); }