public CompatibilityLayer(SocketController controller, SecurityOptions options)
{
m_Buffer = new byte[0];
m_MinVersion = GetMinProtocol(options.Protocol);
m_MaxVersion = GetMaxProtocol(options.Protocol);
if (m_MinVersion.GetVersionInt() == 30) // SSL 3.0
{
if (options.Entity == ConnectionEnd.Client)
{
m_MinLayer = new RecordLayer(controller, new Ssl3ClientHandshakeLayer(null, options));
}
else
{
m_MinLayer = new RecordLayer(controller, new Ssl3ServerHandshakeLayer(null, options));
}
}
else // TLS 1.0
{
if (options.Entity == ConnectionEnd.Client)
{
m_MinLayer = new RecordLayer(controller, new Tls1ClientHandshakeLayer(null, options));
}
else
{
m_MinLayer = new RecordLayer(controller, new Tls1ServerHandshakeLayer(null, options));
}
}
m_MinLayer.HandshakeLayer.RecordLayer = m_MinLayer;
m_Options = options;
}
public RecordLayer(SocketController controller, HandshakeLayer handshakeLayer) {
m_IsDisposed = false;
m_Controller = controller;
m_HandshakeLayer = handshakeLayer;
m_IncompleteMessage = new byte[0];
ChangeLocalState(null, null, null);
ChangeRemoteState(null, null, null);
/* if (options.Entity == ConnectionEnd.Server) {
if (options.Protocol == SecureProtocol.Tls1) {
m_HandshakeLayer = new Tls1ServerHandshakeLayer(this, options);
} else if (options.Protocol == SecureProtocol.Ssl3) {
m_HandshakeLayer = new Ssl3ServerHandshakeLayer(this, options);
} else {
throw new NotSupportedException();
}
} else {
if (options.Protocol == SecureProtocol.Tls1) {
m_HandshakeLayer = new Tls1ClientHandshakeLayer(this, options);
} else if (options.Protocol == SecureProtocol.Ssl3) {
m_HandshakeLayer = new Ssl3ClientHandshakeLayer(this, options);
} else {
throw new NotSupportedException();
}
}*/
}
public RecordLayer(SocketController controller, HandshakeLayer handshakeLayer)
{
m_IsDisposed = false;
m_Controller = controller;
m_HandshakeLayer = handshakeLayer;
m_IncompleteMessage = new byte[0];
ChangeLocalState(null, null, null);
ChangeRemoteState(null, null, null);
/* if (options.Entity == ConnectionEnd.Server) {
* if (options.Protocol == SecureProtocol.Tls1) {
* m_HandshakeLayer = new Tls1ServerHandshakeLayer(this, options);
* } else if (options.Protocol == SecureProtocol.Ssl3) {
* m_HandshakeLayer = new Ssl3ServerHandshakeLayer(this, options);
* } else {
* throw new NotSupportedException();
* }
* } else {
* if (options.Protocol == SecureProtocol.Tls1) {
* m_HandshakeLayer = new Tls1ClientHandshakeLayer(this, options);
* } else if (options.Protocol == SecureProtocol.Ssl3) {
* m_HandshakeLayer = new Ssl3ClientHandshakeLayer(this, options);
* } else {
* throw new NotSupportedException();
* }
* }*/
}
public RecordLayer(SocketController controller, HandshakeLayer handshakeLayer)
{
m_IsDisposed = false;
m_Controller = controller;
m_HandshakeLayer = handshakeLayer;
m_IncompleteMessage = new byte[0];
ChangeLocalState(null, null, null);
ChangeRemoteState(null, null, null);
}
public CompatibilityLayer(SocketController controller, SecurityOptions options)
{
m_Buffer = new byte[0];
m_MinVersion = GetMinProtocol(options.Protocol);
m_MaxVersion = GetMaxProtocol(options.Protocol);
this.handshakeMonitor = new SslTlsHandshakeMonitor();
HandshakeLayer layer = null;
if (m_MinVersion.GetVersionInt() == 30)
{ // SSL 3.0
if (options.Entity == ConnectionEnd.Client)
{
layer = new Ssl3ClientHandshakeLayer(null, options);
m_MinLayer = new RecordLayer(controller, layer as ClientHandshakeLayer);
this.handshakeMonitor.Attach(controller.Parent, layer as ClientHandshakeLayer);
}
else
{
layer = new Ssl3ServerHandshakeLayer(null, options);
m_MinLayer = new RecordLayer(controller, layer as ServerHandshakeLayer);
this.handshakeMonitor.Attach(controller.Parent, layer as ServerHandshakeLayer);
}
}
else
{ // TLS 1.0
if (options.Entity == ConnectionEnd.Client)
{
layer = new Tls1ClientHandshakeLayer(null, options);
m_MinLayer = new RecordLayer(controller, layer as ClientHandshakeLayer);
this.handshakeMonitor.Attach(controller.Parent, layer as ClientHandshakeLayer);
}
else
{
layer = new Tls1ServerHandshakeLayer(null, options);
m_MinLayer = new RecordLayer(controller, layer as ServerHandshakeLayer);
this.handshakeMonitor.Attach(controller.Parent, layer as ServerHandshakeLayer);
}
}
m_MinLayer.HandshakeLayer.RecordLayer = m_MinLayer;
m_Options = options;
}
public CompatibilityLayer(SocketController controller, SecurityOptions options)
{
m_Buffer = new byte[0];
m_MinVersion = GetMinProtocol(options.Protocol);
m_MaxVersion = GetMaxProtocol(options.Protocol);
this.handshakeMonitor = new SslTlsHandshakeMonitor();
HandshakeLayer layer = null;
if (m_MinVersion.GetVersionInt() == 30)
{ // SSL 3.0
if (options.Entity == ConnectionEnd.Client)
{
layer = new Ssl3ClientHandshakeLayer(null, options);
m_MinLayer = new RecordLayer(controller, layer as ClientHandshakeLayer);
this.handshakeMonitor.Attach(controller.Parent, layer as ClientHandshakeLayer);
}
else
{
layer = new Ssl3ServerHandshakeLayer(null, options);
m_MinLayer = new RecordLayer(controller, layer as ServerHandshakeLayer);
this.handshakeMonitor.Attach(controller.Parent, layer as ServerHandshakeLayer);
}
}
else
{ // TLS 1.0
if (options.Entity == ConnectionEnd.Client)
{
layer = new Tls1ClientHandshakeLayer(null, options);
m_MinLayer = new RecordLayer(controller, layer as ClientHandshakeLayer);
this.handshakeMonitor.Attach(controller.Parent, layer as ClientHandshakeLayer);
}
else
{
layer = new Tls1ServerHandshakeLayer(null, options);
m_MinLayer = new RecordLayer(controller, layer as ServerHandshakeLayer);
this.handshakeMonitor.Attach(controller.Parent, layer as ServerHandshakeLayer);
}
}
m_MinLayer.HandshakeLayer.RecordLayer = m_MinLayer;
m_Options = options;
}
public CompatibilityLayer(SocketController controller, SecurityOptions options) {
m_Buffer = new byte[0];
m_MinVersion = GetMinProtocol(options.Protocol);
m_MaxVersion = GetMaxProtocol(options.Protocol);
if (m_MinVersion.GetVersionInt() == 30) { // SSL 3.0
if (options.Entity == ConnectionEnd.Client)
m_MinLayer = new RecordLayer(controller, new Ssl3ClientHandshakeLayer(null, options));
else
m_MinLayer = new RecordLayer(controller, new Ssl3ServerHandshakeLayer(null, options));
} else { // TLS 1.0
if (options.Entity == ConnectionEnd.Client)
m_MinLayer = new RecordLayer(controller, new Tls1ClientHandshakeLayer(null, options));
else
m_MinLayer = new RecordLayer(controller, new Tls1ServerHandshakeLayer(null, options));
}
m_MinLayer.HandshakeLayer.RecordLayer = m_MinLayer;
m_Options = options;
}
/// <summary>
/// Changes the security protocol. This method can only be used to 'upgrade' a connection from no-security to either SSL or TLS.
/// </summary>
/// <param name="options">The new <see cref="SecurityOptions"/> parameters.</param>
/// <exception cref="SecurityException">An error occurs while changing the security protocol.</exception>
/// <remarks>
/// Programs should only call this method if there is no active <see cref="Connect"/>, <see cref="Accept"/>, <see cref="Send"/> or <see cref="Receive"/>!
/// </remarks>
public void ChangeSecurityProtocol(SecurityOptions options) {
if (options == null)
throw new ArgumentNullException();
if (m_Options != null && m_Options.Protocol != SecureProtocol.None)
throw new ArgumentException("Only changing from a normal connection to a secure connection is supported.");
if (base.ProtocolType != ProtocolType.Tcp && options.Protocol != SecureProtocol.None)
throw new SecurityException("Security protocols require underlying TCP connections!");
// check SecurityOptions structure
if (options.Protocol != SecureProtocol.None) {
if (options.Entity == ConnectionEnd.Server && options.Certificate == null)
throw new ArgumentException("The certificate cannot be set to a null reference when creating a server socket.");
if (options.Certificate != null && !options.Certificate.HasPrivateKey())
throw new ArgumentException("If a certificate is specified, it must have a private key.");
if (((int)options.AllowedAlgorithms & (int)SslAlgorithms.NULL_COMPRESSION) == 0)
throw new ArgumentException("The allowed algorithms field must contain at least one compression algorithm.");
if (((int)options.AllowedAlgorithms ^ (int)SslAlgorithms.NULL_COMPRESSION) == 0)
throw new ArgumentException("The allowed algorithms field must contain at least one cipher suite.");
if (options.VerificationType == CredentialVerification.Manual && options.Verifier == null)
throw new ArgumentException("A CertVerifyEventHandler is required when using manual certificate verification.");
}
m_Options = (SecurityOptions)options.Clone();
if (options.Protocol != SecureProtocol.None) {
if (this.Connected)
m_Controller = new SocketController(this, base.InternalSocket, options);
}
}
/// <summary>
/// Called then the <see cref="SecureSocket"/> connects to the remote host.
/// </summary>
/// <param name="ar">An <see cref="IAsyncResult"/> instance.</param>
private void OnConnect(IAsyncResult ar) {
try {
base.EndConnect(ar);
m_Controller = new SocketController(this, base.InternalSocket, m_Options);
} catch (Exception e) {
m_ConnectResult.AsyncException = e;
}
m_ConnectResult.Notify();
}
/// <summary>
/// Initializes a new instance of the SecureSocket class.
/// </summary>
/// <param name="addressFamily">One of the <see cref="AddressFamily"/> values.</param>
/// <param name="socketType">One of the <see cref="SocketType"/> values.</param>
/// <param name="protocolType">One of the <see cref="ProtocolType"/> values.</param>
/// <param name="options">The <see cref="SecurityOptions"/> to use.</param>
/// <exception cref="SecurityException">An error occurs while changing the security protocol.</exception>
public SecureSocket(AddressFamily addressFamily, SocketType socketType,
ProtocolType protocolType, SecurityOptions options)
: base(addressFamily, socketType, protocolType)
{
SelectedProtocol = String.Empty;
m_SentShutdownNotification = false;
ChangeSecurityProtocol(options);
this.m_Controller = new SocketController(this, base.InternalSocket, m_Options);
}
/// <summary>
/// Initializes a new instance of the SecureSocket class.
/// </summary>
/// <param name="accepted">The accepted <see cref="Socket"/> instance.</param>
/// <param name="options">The <see cref="SecurityOptions"/> to use.</param>
/// <exception cref="SecurityException">An error occurs while changing the security protocol.</exception>
internal SecureSocket(Socket accepted, SecurityOptions options)
: base(accepted)
{
m_SentShutdownNotification = false;
ChangeSecurityProtocol(options);
this.m_Controller = new SocketController(this, base.InternalSocket, m_Options);
}
public RecordLayer(SocketController controller, HandshakeLayer handshakeLayer)
{
m_IsDisposed = false;
m_Controller = controller;
m_HandshakeLayer = handshakeLayer;
m_IncompleteMessage = new byte[0];
ChangeLocalState(null, null, null);
ChangeRemoteState(null, null, null);
}