public virtual void NotifyServerCertificate(AbstractCertificate serverCertificateIn) { Certificate serverCertificate = serverCertificateIn as Certificate; bool isEmpty = serverCertificate == null || serverCertificate.IsEmpty; X509CertificateStructure[] chain = serverCertificate.GetCertificateList(); // TODO Cache test resources? if (isEmpty || !(chain[0].Equals(TlsTestUtilities.LoadCertificateResource("x509-server.pem")) || chain[0].Equals(TlsTestUtilities.LoadCertificateResource("x509-server-dsa.pem")) || chain[0].Equals(TlsTestUtilities.LoadCertificateResource("x509-server-ecdsa.pem")))) { throw new TlsFatalAlert(AlertDescription.bad_certificate); } if (TlsTestConfig.DEBUG) { Console.WriteLine("TLS client received server certificate chain of length " + chain.Length); for (int i = 0; i != chain.Length; i++) { X509CertificateStructure entry = chain[i]; // TODO Create fingerprint based on certificate signature algorithm digest Console.WriteLine(" fingerprint:SHA-256 " + TlsTestUtilities.Fingerprint(entry) + " (" + entry.Subject + ")"); } } }
public virtual void NotifyServerCertificate(AbstractCertificate serverCertificate) { if (serverCertificate is RawPublicKey) { GetRpkKey((RawPublicKey)serverCertificate); } #if SUPPORT_TLS_CWT else if (serverCertificate is CwtPublicKey) { GetCwtKey((CwtPublicKey)serverCertificate); } #endif else { TlsEvent e = new TlsEvent(TlsEvent.EventCode.ServerCertificate) { Certificate = serverCertificate }; EventHandler <TlsEvent> handler = TlsEventHandler; if (handler != null) { handler(this, e); } if (!e.Processed) { throw new TlsFatalAlert(AlertDescription.certificate_unknown); } } }
public override void NotifyClientCertificate(AbstractCertificate clientCertificate) { if (clientCertificate is RawPublicKey) { mPskIdentityManager.GetRpkKey((RawPublicKey)clientCertificate); } else { TlsEvent e = new TlsEvent(TlsEvent.EventCode.ClientCertificate) { Certificate = clientCertificate }; EventHandler <TlsEvent> handler = TlsEventHandler; if (handler != null) { handler(this, e); } if (!e.Processed) { throw new TlsFatalAlert(AlertDescription.certificate_unknown); } } }
public override void NotifyServerCertificate(AbstractCertificate serverCertificateIn) { Certificate serverCertificate = serverCertificateIn as Certificate; if (serverCertificate == null) { throw new TlsFatalAlert(AlertDescription.bad_certificate); } X509CertificateStructure[] chain = serverCertificate.GetCertificateList(); Console.WriteLine("TLS-SRP client received server certificate chain of length " + chain.Length); for (int i = 0; i != chain.Length; i++) { X509CertificateStructure entry = chain[i]; // TODO Create fingerprint based on certificate signature algorithm digest Console.WriteLine(" fingerprint:SHA-256 " + TlsTestUtilities.Fingerprint(entry) + " (" + entry.Subject + ")"); } }
public override void NotifyClientCertificate(AbstractCertificate clientCertificate) { if (clientCertificate is RawPublicKey) { mPskIdentityManager.GetRpkKey((RawPublicKey)clientCertificate); } #if SUPPORT_TLS_CWT else if (clientCertificate is CwtPublicKey) { mPskIdentityManager.CwtTrustRoots = CwtTrustKeySet; mPskIdentityManager.GetCwtKey((CwtPublicKey)clientCertificate); } #endif else if (clientCertificate is Certificate) { TlsEvent e = new TlsEvent(TlsEvent.EventCode.ClientCertificate) { Certificate = clientCertificate, CertificateType = CertificateType.X509 }; EventHandler <TlsEvent> handler = TlsEventHandler; if (handler != null) { handler(this, e); } if (!e.Processed) { throw new TlsFatalAlert(AlertDescription.certificate_unknown); } AuthenticationCertificate = (Certificate)clientCertificate; } else { throw new TlsFatalAlert(AlertDescription.certificate_unknown); } }
public override void NotifyClientCertificate(AbstractCertificate clientCertificateIn) { Certificate clientCertificate = clientCertificateIn as Certificate; bool isEmpty = (clientCertificate == null || clientCertificate.IsEmpty); if (isEmpty != (mConfig.clientAuth == TlsTestConfig.CLIENT_AUTH_NONE)) { throw new InvalidOperationException(); } if (isEmpty && (mConfig.serverCertReq == TlsTestConfig.SERVER_CERT_REQ_MANDATORY)) { throw new TlsFatalAlert(AlertDescription.handshake_failure); } X509CertificateStructure[] chain = clientCertificate.GetCertificateList(); // TODO Cache test resources? if (!isEmpty && !(chain[0].Equals(TlsTestUtilities.LoadCertificateResource("x509-client.pem")) || chain[0].Equals(TlsTestUtilities.LoadCertificateResource("x509-client-dsa.pem")) || chain[0].Equals(TlsTestUtilities.LoadCertificateResource("x509-client-ecdsa.pem")))) { throw new TlsFatalAlert(AlertDescription.bad_certificate); } if (TlsTestConfig.DEBUG) { Console.WriteLine("TLS server received client certificate chain of length " + chain.Length); for (int i = 0; i != chain.Length; i++) { X509CertificateStructure entry = chain[i]; // TODO Create fingerprint based on certificate signature algorithm digest Console.WriteLine(" fingerprint:SHA-256 " + TlsTestUtilities.Fingerprint(entry) + " (" + entry.Subject + ")"); } } }
public virtual void NotifyServerCertificate(AbstractCertificate x) { }