public AsyncServerTests(TestServer testServer) { this.testServer = testServer; // Initialize certificate callbacks (only used for Advanced test) clientRemoteCertificateValidationCallback = new RemoteCertificateValidationHandler(ValidateRemoteCert); clientLocalCertificateSelectionCallback = new LocalCertificateSelectionHandler(clientCertificateSelectionCallback); serverRemoteCertificateValidationCallback = new RemoteCertificateValidationHandler(ValidateRemoteCert); }
/// <summary> /// Create an SslStream based on an existing stream. /// </summary> /// <param name="stream"></param> /// <param name="leaveInnerStreamOpen"></param> /// <param name="remote_callback"></param> /// <param name="local_callback"></param> public SslStream( Stream stream, bool leaveInnerStreamOpen, RemoteCertificateValidationHandler remote_callback, LocalCertificateSelectionHandler local_callback) : base(stream, leaveInnerStreamOpen) { remoteCertificateValidationCallback = remote_callback; localCertificateSelectionCallback = local_callback; }
public void AdvancedClientTest() { //Initialize delegates for certificate callbacks clientRemoteCertificateValidationCallback = new RemoteCertificateValidationHandler(ValidateRemoteCert); clientLocalCertificateSelectionCallback = new LocalCertificateSelectionHandler(clientCertificateSelectionCallback); try { testName = "AdvancedClientTest"; client = new TcpClient("localhost", 9000); // Create the SslStream object with the certificate callbacks sslStream = new SslStream(client.GetStream(), false, clientRemoteCertificateValidationCallback, clientLocalCertificateSelectionCallback); // Initialize with client certificate list, and client CA chain sslStream.AuthenticateAsClient("localhost", testServer.clientCertificateList, testServer.clientCAChain, SslProtocols.Tls, SslStrength.Medium | SslStrength.High, true); // Verify mutual authentication if (!sslStream.IsMutuallyAuthenticated) { Console.WriteLine("{0} failed - Stream is not mutally authenticated", testName); Shutdown(false); } // Verify protocol if (sslStream.SslProtocol != SslProtocols.Tls) { Console.WriteLine("{0} failed - negotiated a non Tls connection", testName); Shutdown(false); } // Verify cipher strength if (sslStream.CipherStrength < 256) { Console.WriteLine("{0} failed - negotiated less that 256bit cipher", testName); Console.WriteLine("Cipher={0}\nCipherStrength = {1}", sslStream.CipherAlgorithm.ToString(), sslStream.CipherStrength); Shutdown(false); } // Verify cipher if (sslStream.CipherAlgorithm != CipherAlgorithmType.Aes256) { Console.WriteLine("{0} failed - negotiatied cipher wasn't Aes256", testName); Console.WriteLine("Cipher was {0}, expected {0}", sslStream.CipherAlgorithm.ToString(), CipherAlgorithmType.Aes256.ToString()); Shutdown(false); } if (DoClientReadWrite()) { Shutdown(true); } else { Shutdown(false); } } catch (Exception ex) { Shutdown(false); Console.WriteLine(ex); } }
public SslStreamClient(Stream stream, bool ownStream, string targetHost, X509List clientCertificates, X509Chain caCertificates, SslProtocols enabledSslProtocols, SslStrength sslStrength, bool checkCertificateRevocationStatus, RemoteCertificateValidationHandler remoteCallback, LocalCertificateSelectionHandler localCallback) : base(stream, ownStream) { this.targetHost = targetHost; this.clientCertificates = clientCertificates; this.caCertificates = caCertificates; this.checkCertificateRevocationStatus = checkCertificateRevocationStatus; this.remoteCertificateSelectionCallback = remoteCallback; this.localCertificateSelectionCallback = localCallback; this.internalCertificateSelectionCallback = new ClientCertCallbackHandler(InternalClientCertificateSelectionCallback); InitializeClientContext(clientCertificates, enabledSslProtocols, sslStrength, checkCertificateRevocationStatus); }
/// <summary> /// Create an SslStream based on an existing stream. /// </summary> /// <param name="stream"></param> /// <param name="leaveInnerStreamOpen"></param> public SslStream(Stream stream, bool leaveInnerStreamOpen) : base(stream, leaveInnerStreamOpen) { remoteCertificateValidationCallback = null; localCertificateSelectionCallback = null; }