public virtual void NotifyServerCertificate(AbstractCertificate serverCertificateIn)
{
Certificate serverCertificate = serverCertificateIn as Certificate;
bool isEmpty = serverCertificate == null || serverCertificate.IsEmpty;
X509CertificateStructure[] chain = serverCertificate.GetCertificateList();
// TODO Cache test resources?
if (isEmpty || !(chain[0].Equals(TlsTestUtilities.LoadCertificateResource("x509-server.pem")) ||
chain[0].Equals(TlsTestUtilities.LoadCertificateResource("x509-server-dsa.pem")) ||
chain[0].Equals(TlsTestUtilities.LoadCertificateResource("x509-server-ecdsa.pem"))))
{
throw new TlsFatalAlert(AlertDescription.bad_certificate);
}
if (TlsTestConfig.DEBUG)
{
Console.WriteLine("TLS client received server certificate chain of length " + chain.Length);
for (int i = 0; i != chain.Length; i++)
{
X509CertificateStructure entry = chain[i];
// TODO Create fingerprint based on certificate signature algorithm digest
Console.WriteLine(" fingerprint:SHA-256 " + TlsTestUtilities.Fingerprint(entry) + " ("
+ entry.Subject + ")");
}
}
}
public virtual void NotifyServerCertificate(AbstractCertificate serverCertificate)
{
if (serverCertificate is RawPublicKey)
{
GetRpkKey((RawPublicKey)serverCertificate);
}
#if SUPPORT_TLS_CWT
else if (serverCertificate is CwtPublicKey)
{
GetCwtKey((CwtPublicKey)serverCertificate);
}
#endif
else
{
TlsEvent e = new TlsEvent(TlsEvent.EventCode.ServerCertificate)
{
Certificate = serverCertificate
};
EventHandler <TlsEvent> handler = TlsEventHandler;
if (handler != null)
{
handler(this, e);
}
if (!e.Processed)
{
throw new TlsFatalAlert(AlertDescription.certificate_unknown);
}
}
}
public override void NotifyClientCertificate(AbstractCertificate clientCertificate)
{
if (clientCertificate is RawPublicKey)
{
mPskIdentityManager.GetRpkKey((RawPublicKey)clientCertificate);
}
else
{
TlsEvent e = new TlsEvent(TlsEvent.EventCode.ClientCertificate)
{
Certificate = clientCertificate
};
EventHandler <TlsEvent> handler = TlsEventHandler;
if (handler != null)
{
handler(this, e);
}
if (!e.Processed)
{
throw new TlsFatalAlert(AlertDescription.certificate_unknown);
}
}
}
public override void NotifyServerCertificate(AbstractCertificate serverCertificateIn)
{
Certificate serverCertificate = serverCertificateIn as Certificate;
if (serverCertificate == null)
{
throw new TlsFatalAlert(AlertDescription.bad_certificate);
}
X509CertificateStructure[] chain = serverCertificate.GetCertificateList();
Console.WriteLine("TLS-SRP client received server certificate chain of length " + chain.Length);
for (int i = 0; i != chain.Length; i++)
{
X509CertificateStructure entry = chain[i];
// TODO Create fingerprint based on certificate signature algorithm digest
Console.WriteLine(" fingerprint:SHA-256 " + TlsTestUtilities.Fingerprint(entry) + " ("
+ entry.Subject + ")");
}
}
public override void NotifyClientCertificate(AbstractCertificate clientCertificate)
{
if (clientCertificate is RawPublicKey)
{
mPskIdentityManager.GetRpkKey((RawPublicKey)clientCertificate);
}
#if SUPPORT_TLS_CWT
else if (clientCertificate is CwtPublicKey)
{
mPskIdentityManager.CwtTrustRoots = CwtTrustKeySet;
mPskIdentityManager.GetCwtKey((CwtPublicKey)clientCertificate);
}
#endif
else if (clientCertificate is Certificate)
{
TlsEvent e = new TlsEvent(TlsEvent.EventCode.ClientCertificate)
{
Certificate = clientCertificate,
CertificateType = CertificateType.X509
};
EventHandler <TlsEvent> handler = TlsEventHandler;
if (handler != null)
{
handler(this, e);
}
if (!e.Processed)
{
throw new TlsFatalAlert(AlertDescription.certificate_unknown);
}
AuthenticationCertificate = (Certificate)clientCertificate;
}
else
{
throw new TlsFatalAlert(AlertDescription.certificate_unknown);
}
}
public override void NotifyClientCertificate(AbstractCertificate clientCertificateIn)
{
Certificate clientCertificate = clientCertificateIn as Certificate;
bool isEmpty = (clientCertificate == null || clientCertificate.IsEmpty);
if (isEmpty != (mConfig.clientAuth == TlsTestConfig.CLIENT_AUTH_NONE))
{
throw new InvalidOperationException();
}
if (isEmpty && (mConfig.serverCertReq == TlsTestConfig.SERVER_CERT_REQ_MANDATORY))
{
throw new TlsFatalAlert(AlertDescription.handshake_failure);
}
X509CertificateStructure[] chain = clientCertificate.GetCertificateList();
// TODO Cache test resources?
if (!isEmpty && !(chain[0].Equals(TlsTestUtilities.LoadCertificateResource("x509-client.pem")) ||
chain[0].Equals(TlsTestUtilities.LoadCertificateResource("x509-client-dsa.pem")) ||
chain[0].Equals(TlsTestUtilities.LoadCertificateResource("x509-client-ecdsa.pem"))))
{
throw new TlsFatalAlert(AlertDescription.bad_certificate);
}
if (TlsTestConfig.DEBUG)
{
Console.WriteLine("TLS server received client certificate chain of length " + chain.Length);
for (int i = 0; i != chain.Length; i++)
{
X509CertificateStructure entry = chain[i];
// TODO Create fingerprint based on certificate signature algorithm digest
Console.WriteLine(" fingerprint:SHA-256 " + TlsTestUtilities.Fingerprint(entry) + " ("
+ entry.Subject + ")");
}
}
}
public virtual void NotifyServerCertificate(AbstractCertificate x)
{
}
