Пример #1
0
        internal TlsSessionImpl(byte[] sessionID, SessionParameters sessionParameters)
        {
            if (sessionID == null)
                throw new ArgumentNullException("sessionID");
            if (sessionID.Length < 1 || sessionID.Length > 32)
                throw new ArgumentException("must have length between 1 and 32 bytes, inclusive", "sessionID");

            this.mSessionID = Arrays.Clone(sessionID);
            this.mSessionParameters = sessionParameters;
        }
Пример #2
0
 public virtual void Invalidate()
 {
     lock (this)
     {
         if (this.mSessionParameters != null)
         {
             this.mSessionParameters.Clear();
             this.mSessionParameters = null;
         }
     }
 }
Пример #3
0
        protected virtual void InvalidateSession()
        {
            if (this.mSessionParameters != null)
            {
                this.mSessionParameters.Clear();
                this.mSessionParameters = null;
            }

            if (this.mTlsSession != null)
            {
                this.mTlsSession.Invalidate();
                this.mTlsSession = null;
            }
        }
Пример #4
0
        internal TlsSessionImpl(byte[] sessionID, SessionParameters sessionParameters)
        {
            if (sessionID == null)
            {
                throw new ArgumentNullException("sessionID");
            }
            if (sessionID.Length < 1 || sessionID.Length > 32)
            {
                throw new ArgumentException("must have length between 1 and 32 bytes, inclusive", "sessionID");
            }

            this.mSessionID         = Arrays.Clone(sessionID);
            this.mSessionParameters = sessionParameters;
        }
Пример #5
0
 internal TlsSessionImpl(byte[] sessionID, SessionParameters sessionParameters)
 {
     //IL_000e: Unknown result type (might be due to invalid IL or missing references)
     //IL_002b: Unknown result type (might be due to invalid IL or missing references)
     if (sessionID == null)
     {
         throw new ArgumentNullException("sessionID");
     }
     if (sessionID.Length < 1 || sessionID.Length > 32)
     {
         throw new ArgumentException("must have length between 1 and 32 bytes, inclusive", "sessionID");
     }
     mSessionID         = Arrays.Clone(sessionID);
     mSessionParameters = sessionParameters;
 }
Пример #6
0
        internal TlsSessionImpl(byte[] sessionID, SessionParameters sessionParameters)
        {
            if (sessionID == null)
            {
                throw new ArgumentNullException("sessionID");
            }
            if (sessionID.Length > 32)
            {
                throw new ArgumentException("cannot be longer than 32 bytes", "sessionID");
            }

            this.mSessionID         = Arrays.Clone(sessionID);
            this.mSessionParameters = sessionParameters;
            this.mResumable         = sessionID.Length > 0 &&
                                      null != sessionParameters &&
                                      sessionParameters.IsExtendedMasterSecret;
        }
Пример #7
0
        /**
         * Initiates a TLS handshake in the role of client.<br/>
         * <br/>
         * In blocking mode, this will not return until the handshake is complete.
         * In non-blocking mode, use {@link TlsPeer#NotifyHandshakeComplete()} to
         * receive a callback when the handshake is complete.
         *
         * @param tlsClient The {@link TlsClient} to use for the handshake.
         * @throws IOException If in blocking mode and handshake was not successful.
         */
        public virtual void Connect(TlsClient tlsClient)
        {
            if (tlsClient == null)
            {
                throw new ArgumentNullException("tlsClient");
            }
            if (this.mTlsClient != null)
            {
                throw new InvalidOperationException("'Connect' can only be called once");
            }

            this.mTlsClient = tlsClient;

            this.mSecurityParameters        = new SecurityParameters();
            this.mSecurityParameters.entity = ConnectionEnd.client;

            this.mTlsClientContext = new TlsClientContextImpl(mSecureRandom, mSecurityParameters);

            this.mSecurityParameters.clientRandom = CreateRandomBlock(tlsClient.ShouldUseGmtUnixTime(),
                                                                      mTlsClientContext.NonceRandomGenerator);

            this.mTlsClient.Init(mTlsClientContext);
            this.mRecordStream.Init(mTlsClientContext);

            tlsClient.NotifyCloseHandle(this);

            TlsSession sessionToResume = tlsClient.GetSessionToResume();

            if (sessionToResume != null && sessionToResume.IsResumable)
            {
                SessionParameters sessionParameters = sessionToResume.ExportSessionParameters();
                if (sessionParameters != null && sessionParameters.IsExtendedMasterSecret)
                {
                    this.mTlsSession        = sessionToResume;
                    this.mSessionParameters = sessionParameters;
                }
            }

            SendClientHelloMessage();
            this.mConnectionState = CS_CLIENT_HELLO;

            BlockForHandshake();
        }
Пример #8
0
 protected virtual void CompleteHandshake()
 {
     try
     {
         while (mConnectionState != 16)
         {
             if (mClosed)
             {
             }
             SafeReadRecord();
         }
         mRecordStream.FinaliseHandshake();
         mSplitApplicationDataRecords = !TlsUtilities.IsTlsV11(Context);
         if (!mAppDataReady)
         {
             mAppDataReady = true;
             mTlsStream    = new TlsStream(this);
         }
         if (mTlsSession != null)
         {
             if (mSessionParameters == null)
             {
                 mSessionParameters = new SessionParameters.Builder().SetCipherSuite(mSecurityParameters.CipherSuite).SetCompressionAlgorithm(mSecurityParameters.CompressionAlgorithm).SetMasterSecret(mSecurityParameters.MasterSecret)
                                      .SetPeerCertificate(mPeerCertificate)
                                      .SetPskIdentity(mSecurityParameters.PskIdentity)
                                      .SetSrpIdentity(mSecurityParameters.SrpIdentity)
                                      .SetServerExtensions(mServerExtensions)
                                      .Build();
                 mTlsSession = new TlsSessionImpl(mTlsSession.SessionID, mSessionParameters);
             }
             ContextAdmin.SetResumableSession(mTlsSession);
         }
         Peer.NotifyHandshakeComplete();
     }
     finally
     {
         CleanupHandshake();
     }
 }
        protected virtual void InvalidateSession()
        {
            if (this.mSessionParameters != null)
            {
                this.mSessionParameters.Clear();
                this.mSessionParameters = null;
            }

            if (this.mTlsSession != null)
            {
                this.mTlsSession.Invalidate();
                this.mTlsSession = null;
            }
        }
        protected virtual void CompleteHandshake()
        {
            try
            {
                /*
                 * We will now read data, until we have completed the handshake.
                 */
                while (this.mConnectionState != CS_END)
                {
                    if (this.mClosed)
                    {
                        // TODO What kind of exception/alert?
                    }

                    SafeReadRecord();
                }

                this.mRecordStream.FinaliseHandshake();

                this.mSplitApplicationDataRecords = !TlsUtilities.IsTlsV11(Context);

                /*
                 * If this was an initial handshake, we are now ready to send and receive application data.
                 */
                if (!mAppDataReady)
                {
                    this.mAppDataReady = true;

                    this.mTlsStream = new TlsStream(this);
                }

                if (this.mTlsSession != null)
                {
                    if (this.mSessionParameters == null)
                    {
                        this.mSessionParameters = new SessionParameters.Builder()
                            .SetCipherSuite(this.mSecurityParameters.CipherSuite)
                            .SetCompressionAlgorithm(this.mSecurityParameters.CompressionAlgorithm)
                            .SetMasterSecret(this.mSecurityParameters.MasterSecret)
                            .SetPeerCertificate(this.mPeerCertificate)
                            .SetPskIdentity(this.mSecurityParameters.PskIdentity)
                            .SetSrpIdentity(this.mSecurityParameters.SrpIdentity)
                            // TODO Consider filtering extensions that aren't relevant to resumed sessions
                            .SetServerExtensions(this.mServerExtensions)
                            .Build();

                        this.mTlsSession = new TlsSessionImpl(this.mTlsSession.SessionID, this.mSessionParameters);
                    }

                    ContextAdmin.SetResumableSession(this.mTlsSession);
                }

                Peer.NotifyHandshakeComplete();
            }
            finally
            {
                CleanupHandshake();
            }
        }
Пример #11
0
        public virtual DtlsTransport Connect(TlsClient client, DatagramTransport transport)
        {
            if (client == null)
            {
                throw new ArgumentNullException("client");
            }
            if (transport == null)
            {
                throw new ArgumentNullException("transport");
            }

            SecurityParameters securityParameters = new SecurityParameters();

            securityParameters.entity = ConnectionEnd.client;

            ClientHandshakeState state = new ClientHandshakeState();

            state.client        = client;
            state.clientContext = new TlsClientContextImpl(mSecureRandom, securityParameters);

            securityParameters.clientRandom = TlsProtocol.CreateRandomBlock(client.ShouldUseGmtUnixTime(),
                                                                            state.clientContext.NonceRandomGenerator);

            client.Init(state.clientContext);

            DtlsRecordLayer recordLayer = new DtlsRecordLayer(transport, state.clientContext, client, ContentType.handshake);

            TlsSession sessionToResume = state.client.GetSessionToResume();

            if (sessionToResume != null && sessionToResume.IsResumable)
            {
                SessionParameters sessionParameters = sessionToResume.ExportSessionParameters();
                if (sessionParameters != null)
                {
                    state.tlsSession        = sessionToResume;
                    state.sessionParameters = sessionParameters;
                }
            }

            try
            {
                return(ClientHandshake(state, recordLayer));
            }
            catch (TlsFatalAlert fatalAlert)
            {
                AbortClientHandshake(state, recordLayer, fatalAlert.AlertDescription);
                throw fatalAlert;
            }
            catch (IOException e)
            {
                AbortClientHandshake(state, recordLayer, AlertDescription.internal_error);
                throw e;
            }
            catch (Exception e)
            {
                AbortClientHandshake(state, recordLayer, AlertDescription.internal_error);
                throw new TlsFatalAlert(AlertDescription.internal_error, e);
            }
            finally
            {
                securityParameters.Clear();
            }
        }
Пример #12
0
 public static TlsSession ImportSession(byte[] sessionID, SessionParameters sessionParameters)
 {
     return new TlsSessionImpl(sessionID, sessionParameters);
 }
Пример #13
0
        protected virtual void CompleteHandshake()
        {
            try
            {
                this.mRecordStream.FinaliseHandshake();

                this.mAppDataSplitEnabled = !TlsUtilities.IsTlsV11(Context);

                /*
                 * If this was an initial handshake, we are now ready to send and receive application data.
                 */
                if (!mAppDataReady)
                {
                    this.mAppDataReady = true;

                    if (mBlocking)
                    {
                        this.mTlsStream = new TlsStream(this);
                    }
                }

                if (this.mTlsSession != null)
                {
                    if (this.mSessionParameters == null)
                    {
                        this.mSessionParameters = new SessionParameters.Builder()
                            .SetCipherSuite(this.mSecurityParameters.CipherSuite)
                            .SetCompressionAlgorithm(this.mSecurityParameters.CompressionAlgorithm)
                            .SetMasterSecret(this.mSecurityParameters.MasterSecret)
                            .SetPeerCertificate(this.mPeerCertificate)
                            .SetPskIdentity(this.mSecurityParameters.PskIdentity)
                            .SetSrpIdentity(this.mSecurityParameters.SrpIdentity)
                            // TODO Consider filtering extensions that aren't relevant to resumed sessions
                            .SetServerExtensions(this.mServerExtensions)
                            .Build();

                        this.mTlsSession = new TlsSessionImpl(this.mTlsSession.SessionID, this.mSessionParameters);
                    }

                    ContextAdmin.SetResumableSession(this.mTlsSession);
                }

                Peer.NotifyHandshakeComplete();
            }
            finally
            {
                CleanupHandshake();
            }
        }