public void Run() { try { MockTlsServer server = new MockTlsServer(); TlsServerProtocol serverProtocol = new TlsServerProtocol(s.GetStream(), secureRandom); serverProtocol.Accept(server); Stream log = new TeeOutputStream(serverProtocol.Stream, stdout); Streams.PipeAll(serverProtocol.Stream, log); serverProtocol.Close(); } finally { try { s.Close(); } catch (IOException) { } finally { } } }
private static void DoTestClientServer(bool fragment) { SecureRandom secureRandom = new SecureRandom(); TlsClientProtocol clientProtocol = new TlsClientProtocol(secureRandom); TlsServerProtocol serverProtocol = new TlsServerProtocol(secureRandom); clientProtocol.Connect(new MockTlsClient(null)); serverProtocol.Accept(new MockTlsServer()); // pump handshake bool hadDataFromServer = true; bool hadDataFromClient = true; while (hadDataFromServer || hadDataFromClient) { hadDataFromServer = PumpData(serverProtocol, clientProtocol, fragment); hadDataFromClient = PumpData(clientProtocol, serverProtocol, fragment); } // send data in both directions byte[] data = new byte[1024]; secureRandom.NextBytes(data); WriteAndRead(clientProtocol, serverProtocol, data, fragment); WriteAndRead(serverProtocol, clientProtocol, data, fragment); // close the connection clientProtocol.Close(); PumpData(clientProtocol, serverProtocol, fragment); CheckClosed(serverProtocol); CheckClosed(clientProtocol); }
private static void DoTestClientServer(bool fragment) { SecureRandom secureRandom = new SecureRandom(); TlsClientProtocol clientProtocol = new TlsClientProtocol(secureRandom); TlsServerProtocol serverProtocol = new TlsServerProtocol(secureRandom); clientProtocol.Connect(new MockTlsClient(null)); serverProtocol.Accept(new MockTlsServer()); // pump handshake bool hadDataFromServer = true; bool hadDataFromClient = true; while (hadDataFromServer || hadDataFromClient) { hadDataFromServer = PumpData(serverProtocol, clientProtocol, fragment); hadDataFromClient = PumpData(clientProtocol, serverProtocol, fragment); } // send data in both directions byte[] data = new byte[1024]; secureRandom.NextBytes(data); WriteAndRead(clientProtocol, serverProtocol, data, fragment); WriteAndRead(serverProtocol, clientProtocol, data, fragment); // close the connection clientProtocol.Close(); PumpData(clientProtocol, serverProtocol, fragment); serverProtocol.CloseInput(); CheckClosed(serverProtocol); CheckClosed(clientProtocol); }
protected void Disposing(bool dispose) { if (dispose & !disposed) { disposed = true; if (!(State == ChannelState.Closed || State == ChannelState.ClosedReceived)) { try { CloseAsync().GetAwaiter(); //Task task = CloseAsync(); //Task.WaitAll(task); } catch (Exception ex) { Console.WriteLine("Exception Dispose/Closing TCP Server 2 {0}", ex.Message); Console.WriteLine("***** Inner Exception {0} *****", ex.InnerException); Console.WriteLine("***** Stack Trace {0} *****", ex.InnerException.StackTrace); } } protocol = null; client = null; readConnection = null; writeConnection = null; } }
public override async Task OpenAsync() { State = ChannelState.Connecting; readConnection = new SemaphoreSlim(1); writeConnection = new SemaphoreSlim(1); try { localStream = client.GetStream(); } catch (Exception ex) { Console.WriteLine("Fault opening TCP Channel 2 - {0}", ex.Message); OnError?.Invoke(this, new ChannelErrorEventArgs(Id, ex)); } if (pskManager != null) { try { protocol = client.ConnectPskTlsServer(pskManager, localStream); stream = protocol.Stream; IsEncrypted = true; } catch (Exception ex) { Console.WriteLine("Fault opening TLS connection {0}", ex.Message); State = ChannelState.Aborted; Trace.TraceError(ex.Message); OnError?.Invoke(this, new ChannelErrorEventArgs(Id, ex)); return; } } else if (certificate != null) { try { stream = new SslStream(localStream, true, new RemoteCertificateValidationCallback(ValidateCertificate)); IsEncrypted = true; await((SslStream)stream).AuthenticateAsServerAsync(certificate, clientAuth, SslProtocols.Tls12, true); } catch (Exception ex) { Console.WriteLine("Fault opening TCP Channel 2 via Cert - {0}", ex.Message); State = ChannelState.Aborted; Trace.TraceError(ex.Message); OnError?.Invoke(this, new ChannelErrorEventArgs(Id, ex)); return; } } else { stream = localStream; } State = ChannelState.Open; OnOpen?.Invoke(this, new ChannelOpenEventArgs(Id, null)); }
public override async Task CloseAsync() { Console.WriteLine("Starting TCP Channel 2 close action"); if (State == ChannelState.Closed || State == ChannelState.ClosedReceived) { Console.WriteLine("TCP channel 2 is already closed...returning"); return; } State = ChannelState.ClosedReceived; try { if (protocol != null) { protocol.Close(); } } catch { } protocol = null; if (client != null && client.Client != null && (client.Client.Connected && client.Client.Poll(10, SelectMode.SelectRead))) { if (client.Client.UseOnlyOverlappedIO) { client.Client.DuplicateAndClose(Process.GetCurrentProcess().Id); } else { client.Close(); } } client = null; if (readConnection != null) { readConnection.Dispose(); } if (writeConnection != null) { writeConnection.Dispose(); } State = ChannelState.Closed; OnClose?.Invoke(this, new ChannelCloseEventArgs(Id)); await Task.CompletedTask; }
public async Task OnConnectionAsync(ConnectionContext context) { var inputStream = context.Transport.Input.AsStream(); var outputStream = context.Transport.Output.AsStream(); var protocol = new TlsServerProtocol(inputStream, outputStream, new Org.BouncyCastle.Security.SecureRandom()); protocol.Accept(new BlazeTlsServer(_options)); var sslStream = protocol.Stream; var memoryPool = context.Features.Get <IMemoryPoolFeature>()?.MemoryPool; var inputPipeOptions = new StreamPipeReaderOptions ( pool: memoryPool, bufferSize: memoryPool.GetMinimumSegmentSize(), minimumReadSize: memoryPool.GetMinimumAllocSize(), leaveOpen: true ); var outputPipeOptions = new StreamPipeWriterOptions ( pool: memoryPool, leaveOpen: true ); var sslDuplexPipe = new DuplexPipeStreamAdapter <Stream>(context.Transport, inputPipeOptions, outputPipeOptions, sslStream); var originalTransport = context.Transport; try { context.Transport = sslDuplexPipe; // Disposing the stream will dispose the sslDuplexPipe await using (sslStream) await using (sslDuplexPipe) { await _next(context).ConfigureAwait(false); // Dispose the inner stream (SslDuplexPipe) before disposing the SslStream // as the duplex pipe can hit an ODE as it still may be writing. } } finally { context.Transport = originalTransport; } }
public static TlsServerProtocol ConnectPskTlsServer(TlsPskIdentityManager pskManager, Stream stream) { try { PskTlsServer server = new PskTlsServer2(pskManager); TlsServerProtocol protocol = new TlsServerProtocol(stream, new SecureRandom()); protocol.Accept(server); return(protocol); } catch (Exception ex) { Console.WriteLine("Exception in TLS protocol connnection '{0}'", ex.Message); throw ex; } }
/// <summary> /// Start up a session on the server side /// </summary> public void Accept() { TlsServerProtocol serverProtocol = new TlsServerProtocol(new SecureRandom()); TlsServer server = new TlsServer(_signingKeys, _clientKeys); // Make sure we do not startup a listing thread as the correct call is always made // byt the DTLS accept protocol. _stm = _client.GetStream(); serverProtocol.Accept(server); bool sleep = true; while (!server.HandshakeComplete) { sleep = true; if (_stm.DataAvailable) { byte[] data = new byte[1024]; int cbRead = _stm.Read(data, 0, data.Length); Array.Resize(ref data, cbRead); serverProtocol.OfferInput(data); sleep = false; } int cbToRead = serverProtocol.GetAvailableOutputBytes(); if (cbToRead != 0) { byte[] data = new byte[cbToRead]; int cbRead = serverProtocol.ReadOutput(data, 0, cbToRead); _stm.Write(data, 0, cbRead); sleep = false; } if (sleep) { Thread.Sleep(100); } } _tlsServer = serverProtocol; _authKey = server.AuthenticationKey; _stm.BeginRead(_buffer, 0, _buffer.Length, ReadCallback, this); }
public static TlsServerProtocol ConnectPskTlsServerNonBlocking(Dictionary <string, byte[]> psks) { try { TlsPskIdentityManager pskTlsManager = new PskIdentityManager(psks); PskTlsServer2 server = new PskTlsServer2(pskTlsManager); TlsServerProtocol protocol = new TlsServerProtocol(new SecureRandom()); protocol.Accept(server); return(protocol); } catch (Exception ex) { Console.WriteLine("Exception in TLS protocol connnection '{0}'", ex.Message); throw ex; } }
public static TlsServerProtocol ConnectPskTlsServer(this TcpClient client, TlsPskIdentityManager pskManager, Stream stream) { try { PskTlsServer server = new PskTlsServer2(pskManager); TlsServerProtocol protocol = new TlsServerProtocol(stream, new SecureRandom()); protocol.Accept(server); return(protocol); } catch (AggregateException ae) { string msg = String.Format("AggregateException in TLS protocol connnection '{0}'", ae.Flatten().InnerException.Message); Console.WriteLine(msg); throw new Exception(msg, ae.Flatten().InnerException); } catch (Exception ex) { Console.WriteLine("Exception in TLS protocol connnection '{0}'", ex.Message); throw ex; } }
public void TestClientServer() { SecureRandom secureRandom = new SecureRandom(); PipedStream clientPipe = new PipedStream(); PipedStream serverPipe = new PipedStream(clientPipe); TlsClientProtocol clientProtocol = new TlsClientProtocol(clientPipe, secureRandom); TlsServerProtocol serverProtocol = new TlsServerProtocol(serverPipe, secureRandom); Server server = new Server(serverProtocol); Thread serverThread = new Thread(new ThreadStart(server.Run)); serverThread.Start(); MockPskTlsClient client = new MockPskTlsClient(null); clientProtocol.Connect(client); // NOTE: Because we write-all before we read-any, this length can't be more than the pipe capacity int length = 1000; byte[] data = new byte[length]; secureRandom.NextBytes(data); Stream output = clientProtocol.Stream; output.Write(data, 0, data.Length); byte[] echo = new byte[data.Length]; int count = Streams.ReadFully(clientProtocol.Stream, echo); Assert.AreEqual(count, data.Length); Assert.IsTrue(Arrays.AreEqual(data, echo)); output.Close(); serverThread.Join(); }
public void TestClientServer() { SecureRandom secureRandom = new SecureRandom(); PipedStream clientPipe = new PipedStream(); PipedStream serverPipe = new PipedStream(clientPipe); TlsClientProtocol clientProtocol = new TlsClientProtocol(clientPipe, secureRandom); TlsServerProtocol serverProtocol = new TlsServerProtocol(serverPipe, secureRandom); Server server = new Server(serverProtocol); Thread serverThread = new Thread(new ThreadStart(server.Run)); serverThread.Start(); MockSrpTlsClient client = new MockSrpTlsClient(null, MockSrpTlsServer.TEST_IDENTITY, MockSrpTlsServer.TEST_PASSWORD); clientProtocol.Connect(client); // NOTE: Because we write-all before we read-any, this length can't be more than the pipe capacity int length = 1000; byte[] data = new byte[length]; secureRandom.NextBytes(data); Stream output = clientProtocol.Stream; output.Write(data, 0, data.Length); byte[] echo = new byte[data.Length]; int count = Streams.ReadFully(clientProtocol.Stream, echo); Assert.AreEqual(count, data.Length); Assert.IsTrue(Arrays.AreEqual(data, echo)); output.Close(); serverThread.Join(); }
public void RunTest(TlsTestConfig config) { CheckTlsVersion(config.clientMinimumVersion); CheckTlsVersion(config.clientOfferVersion); CheckTlsVersion(config.serverMaximumVersion); CheckTlsVersion(config.serverMinimumVersion); SecureRandom secureRandom = new SecureRandom(); PipedStream clientPipe = new PipedStream(); PipedStream serverPipe = new PipedStream(clientPipe); NetworkStream clientNet = new NetworkStream(clientPipe); NetworkStream serverNet = new NetworkStream(serverPipe); TlsClientProtocol clientProtocol = new TlsClientProtocol(clientNet, secureRandom); TlsServerProtocol serverProtocol = new TlsServerProtocol(serverNet, secureRandom); TlsTestClientImpl clientImpl = new TlsTestClientImpl(config); TlsTestServerImpl serverImpl = new TlsTestServerImpl(config); Server server = new Server(this, serverProtocol, serverImpl); Thread serverThread = new Thread(new ThreadStart(server.Run)); serverThread.Start(); Exception caught = null; try { clientProtocol.Connect(clientImpl); // NOTE: Because we write-all before we read-any, this length can't be more than the pipe capacity int length = 1000; byte[] data = new byte[length]; secureRandom.NextBytes(data); Stream output = clientProtocol.Stream; output.Write(data, 0, data.Length); byte[] echo = new byte[data.Length]; int count = Streams.ReadFully(clientProtocol.Stream, echo); Assert.AreEqual(count, data.Length); Assert.IsTrue(Arrays.AreEqual(data, echo)); output.Close(); } catch (Exception e) { caught = e; LogException(caught); } server.AllowExit(); serverThread.Join(); Assert.IsTrue(clientNet.IsClosed, "Client Stream not closed"); Assert.IsTrue(serverNet.IsClosed, "Server Stream not closed"); Assert.AreEqual(config.expectFatalAlertConnectionEnd, clientImpl.FirstFatalAlertConnectionEnd, "Client fatal alert connection end"); Assert.AreEqual(config.expectFatalAlertConnectionEnd, serverImpl.FirstFatalAlertConnectionEnd, "Server fatal alert connection end"); Assert.AreEqual(config.expectFatalAlertDescription, clientImpl.FirstFatalAlertDescription, "Client fatal alert description"); Assert.AreEqual(config.expectFatalAlertDescription, serverImpl.FirstFatalAlertDescription, "Server fatal alert description"); if (config.expectFatalAlertConnectionEnd == -1) { Assert.IsNull(caught, "Unexpected client exception"); Assert.IsNull(server.mCaught, "Unexpected server exception"); } }
internal Server(TlsServerProtocol serverProtocol) { this.mServerProtocol = serverProtocol; }
private IDataAdapter ConnectServerBC(IDataAdapter adapter, Logger logger, PropertyBag properties) { X509Certificate cert = null; // If server certificate not specified try and auto generate one if (!_config.SpecifyServerCert) { if (_remoteCert != null) { cert = _remoteCert; } else { cert = CertManager.GetCertificate("CN=localhost"); } } else if (_config.ServerCertificate != null) { cert = _config.ServerCertificate.Certificate; } else { // Ideally shouldn't get here, but not necessarily consistent :) cert = CertManager.GetCertificate("CN=localhost"); } DataAdapterToStream stm = new DataAdapterToStream(adapter); TlsServerProtocol server = new TlsServerProtocol(stm, stm, new SecureRandom()); bool setReadTimeout = false; int oldTimeout = -1; try { oldTimeout = stm.ReadTimeout; stm.ReadTimeout = _config.Timeout; setReadTimeout = true; } catch (InvalidOperationException) { } X509Certificate[] certs; // If we have a remote chain then duplicate all certificates if (_remoteChain.Count > 0) { certs = _remoteChain.ToArray(); } else { certs = new X509Certificate[] { cert }; } // Accept with our CA key, doesn't really matter what it is but no point generating each time server.Accept(new CustomTlsServer(certs, CertManager.GetRootCert().PrivateKey, logger)); if (setReadTimeout) { stm.ReadTimeout = oldTimeout; } // Return re-adapted layer return(new StreamDataAdapter(server.Stream, adapter.Description)); }
internal Server(TlsTestCase outer, TlsServerProtocol serverProtocol, TlsTestServerImpl serverImpl) { this.mOuter = outer; this.mServerProtocol = serverProtocol; this.mServerImpl = serverImpl; }