From 36a32f5f7b2e22e3bc0f93c3919d52debd2bad90 Mon Sep 17 00:00:00 2001 From: Martin Baulig Date: Sat, 7 Mar 2015 00:10:51 +0100 Subject: [PATCH] Cleanup the certificate code. --- .../OpenSslServer.cs | 11 +-- .../CertificateAndKeyAsPFX.cs | 20 ---- .../CertificateAsPEM.cs | 15 --- .../ClientCertificate.cs | 16 --- .../DotNetClient.cs | 4 +- .../DotNetServer.cs | 14 +-- .../Mono.Security.NewTls.TestProvider.csproj | 5 - .../MonoClient.cs | 4 +- .../MonoServer.cs | 15 ++- .../PrivateFile.cs | 97 ------------------- .../ServerCertificate.cs | 20 ---- 11 files changed, 18 insertions(+), 203 deletions(-) delete mode 100644 Mono.Security.NewTls.TestProvider/CertificateAndKeyAsPFX.cs delete mode 100644 Mono.Security.NewTls.TestProvider/CertificateAsPEM.cs delete mode 100644 Mono.Security.NewTls.TestProvider/ClientCertificate.cs delete mode 100644 Mono.Security.NewTls.TestProvider/PrivateFile.cs delete mode 100644 Mono.Security.NewTls.TestProvider/ServerCertificate.cs diff --git a/Mono.Security.NewTls.TestProvider.OpenSsl/OpenSslServer.cs b/Mono.Security.NewTls.TestProvider.OpenSsl/OpenSslServer.cs index 96693cf..1792748 100644 --- a/Mono.Security.NewTls.TestProvider.OpenSsl/OpenSslServer.cs +++ b/Mono.Security.NewTls.TestProvider.OpenSsl/OpenSslServer.cs @@ -8,18 +8,14 @@ using System.Collections.Generic; using System.Security.Cryptography.X509Certificates; using Mono.Security.NewTls.TestFramework; using Mono.Security.NewTls.TestProvider; +using Xamarin.AsyncTests; namespace Mono.Security.NewTls.TestProvider { public class OpenSslServer : OpenSslConnection, IServer { - public ServerCertificate Certificate { - get; - private set; - } - - IServerCertificate IServer.Certificate { - get { return Certificate; } + public IServerCertificate Certificate { + get { return Parameters.ServerCertificate; } } new public IServerParameters Parameters { @@ -29,7 +25,6 @@ namespace Mono.Security.NewTls.TestProvider public OpenSslServer (IPEndPoint endpoint, IServerParameters parameters) : base (endpoint, parameters) { - Certificate = new ServerCertificate (parameters.ServerCertificate); } protected override void Initialize () diff --git a/Mono.Security.NewTls.TestProvider/CertificateAndKeyAsPFX.cs b/Mono.Security.NewTls.TestProvider/CertificateAndKeyAsPFX.cs deleted file mode 100644 index d73e1a2..0000000 --- a/Mono.Security.NewTls.TestProvider/CertificateAndKeyAsPFX.cs +++ /dev/null @@ -1,20 +0,0 @@ -using System; -using System.Security.Cryptography.X509Certificates; - -namespace Mono.Security.NewTls.TestProvider -{ - public class CertificateAndKeyAsPFX : PrivateFile - { - public X509Certificate2 Certificate { - get; - private set; - } - - public CertificateAndKeyAsPFX (byte[] data, string password) - : base (data, password) - { - Certificate = new X509Certificate2 (data, password); - } - } -} - diff --git a/Mono.Security.NewTls.TestProvider/CertificateAsPEM.cs b/Mono.Security.NewTls.TestProvider/CertificateAsPEM.cs deleted file mode 100644 index 50b2d07..0000000 --- a/Mono.Security.NewTls.TestProvider/CertificateAsPEM.cs +++ /dev/null @@ -1,15 +0,0 @@ -using System; - -namespace Mono.Security.NewTls.TestProvider -{ - using TestFramework; - - public class CertificateAsPEM : PrivateFile, ICertificateAsPEM - { - public CertificateAsPEM (byte[] data) - : base (data, null) - { - } - } -} - diff --git a/Mono.Security.NewTls.TestProvider/ClientCertificate.cs b/Mono.Security.NewTls.TestProvider/ClientCertificate.cs deleted file mode 100644 index e4b4946..0000000 --- a/Mono.Security.NewTls.TestProvider/ClientCertificate.cs +++ /dev/null @@ -1,16 +0,0 @@ -using System; - -namespace Mono.Security.NewTls.TestProvider -{ - using TestFramework; - - public sealed class ClientCertificate : CertificateAndKeyAsPFX, IClientCertificate - { - public ClientCertificate (byte[] data, string password) - : base (data, password) - { - } - - } -} - diff --git a/Mono.Security.NewTls.TestProvider/DotNetClient.cs b/Mono.Security.NewTls.TestProvider/DotNetClient.cs index 07324b2..c0e1466 100644 --- a/Mono.Security.NewTls.TestProvider/DotNetClient.cs +++ b/Mono.Security.NewTls.TestProvider/DotNetClient.cs @@ -32,8 +32,8 @@ namespace Mono.Security.NewTls.TestProvider var clientCerts = new X509Certificate2Collection (); if (Parameters.ClientCertificate != null) { - var clientCert = (ClientCertificate)Parameters.ClientCertificate; - clientCerts.Add (clientCert.Certificate); + var clientCert = new X509Certificate2 (Parameters.ClientCertificate.Data, Parameters.ClientCertificate.Password); + clientCerts.Add (clientCert); } var targetHost = "Hamiller-Tube.local"; diff --git a/Mono.Security.NewTls.TestProvider/DotNetServer.cs b/Mono.Security.NewTls.TestProvider/DotNetServer.cs index efe2f62..9af5498 100644 --- a/Mono.Security.NewTls.TestProvider/DotNetServer.cs +++ b/Mono.Security.NewTls.TestProvider/DotNetServer.cs @@ -17,13 +17,8 @@ namespace Mono.Security.NewTls.TestProvider { public class DotNetServer : DotNetConnection, IServer { - public ServerCertificate Certificate { - get; - private set; - } - - IServerCertificate IServer.Certificate { - get { return Certificate; } + public IServerCertificate Certificate { + get { return Parameters.ServerCertificate; } } new public IServerParameters Parameters { @@ -33,7 +28,6 @@ namespace Mono.Security.NewTls.TestProvider public DotNetServer (IPEndPoint endpoint, IServerParameters parameters) : base (endpoint, parameters) { - Certificate = new ServerCertificate (parameters.ServerCertificate); } protected override async Task Start (TestContext ctx, Socket socket, CancellationToken cancellationToken) @@ -43,9 +37,11 @@ namespace Mono.Security.NewTls.TestProvider if (Parameters.AskForClientCertificate || Parameters.RequireClientCertificate) throw new NotSupportedException (); + var serverCert = new X509Certificate2 (Certificate.Data, Certificate.Password); + var stream = new NetworkStream (socket); var server = new SslStream (stream, false); - await server.AuthenticateAsServerAsync (Certificate.Certificate, false, SslProtocols.Tls12, false); + await server.AuthenticateAsServerAsync (serverCert, false, SslProtocols.Tls12, false); ctx.LogMessage ("Successfully authenticated."); diff --git a/Mono.Security.NewTls.TestProvider/Mono.Security.NewTls.TestProvider.csproj b/Mono.Security.NewTls.TestProvider/Mono.Security.NewTls.TestProvider.csproj index d80d651..4d65db1 100644 --- a/Mono.Security.NewTls.TestProvider/Mono.Security.NewTls.TestProvider.csproj +++ b/Mono.Security.NewTls.TestProvider/Mono.Security.NewTls.TestProvider.csproj @@ -35,17 +35,12 @@ - - - - - diff --git a/Mono.Security.NewTls.TestProvider/MonoClient.cs b/Mono.Security.NewTls.TestProvider/MonoClient.cs index 56423b8..31945d3 100644 --- a/Mono.Security.NewTls.TestProvider/MonoClient.cs +++ b/Mono.Security.NewTls.TestProvider/MonoClient.cs @@ -57,8 +57,8 @@ namespace Mono.Security.NewTls.TestProvider var clientCerts = new X509Certificate2Collection (); if (Parameters.ClientCertificate != null) { - var clientCert = new ClientCertificate (Parameters.ClientCertificate.Data, Parameters.ClientCertificate.Password); - clientCerts.Add (clientCert.Certificate); + var clientCert = new X509Certificate2 (Parameters.ClientCertificate.Data, Parameters.ClientCertificate.Password); + clientCerts.Add (clientCert); } var targetHost = "Hamiller-Tube.local"; diff --git a/Mono.Security.NewTls.TestProvider/MonoServer.cs b/Mono.Security.NewTls.TestProvider/MonoServer.cs index e17fd6f..0c9aac3 100644 --- a/Mono.Security.NewTls.TestProvider/MonoServer.cs +++ b/Mono.Security.NewTls.TestProvider/MonoServer.cs @@ -20,18 +20,14 @@ using Mono.Security.Providers.NewTls; using SSCX = System.Security.Cryptography.X509Certificates; using MX = Mono.Security.X509; +using Xamarin.AsyncTests; namespace Mono.Security.NewTls.TestProvider { public class MonoServer : MonoConnection, IServer { - public ServerCertificate Certificate { - get; - private set; - } - - IServerCertificate IServer.Certificate { - get { return Certificate; } + public IServerCertificate Certificate { + get { return Parameters.ServerCertificate; } } new public IServerParameters Parameters { @@ -41,7 +37,6 @@ namespace Mono.Security.NewTls.TestProvider public MonoServer (IPEndPoint endpoint, IServerParameters parameters) : base (endpoint, parameters) { - Certificate = new ServerCertificate (parameters.ServerCertificate); } protected override TlsSettings GetSettings () @@ -65,10 +60,12 @@ namespace Mono.Security.NewTls.TestProvider settings.ClientCertValidationCallback = ClientCertValidationCallback; + var serverCert = new SSCX.X509Certificate2 (Certificate.Data, Certificate.Password); + var stream = new NetworkStream (socket); return MonoNewTlsStreamFactory.CreateServer ( stream, false, null, null, EncryptionPolicy.RequireEncryption, settings, - Certificate.Certificate, false, SslProtocols.Tls12, false); + serverCert, false, SslProtocols.Tls12, false); } bool ClientCertValidationCallback (ClientCertificateParameters certParams, MX.X509Certificate certificate, MX.X509Chain chain, SslPolicyErrors sslPolicyErrors) diff --git a/Mono.Security.NewTls.TestProvider/PrivateFile.cs b/Mono.Security.NewTls.TestProvider/PrivateFile.cs deleted file mode 100644 index d72bb37..0000000 --- a/Mono.Security.NewTls.TestProvider/PrivateFile.cs +++ /dev/null @@ -1,97 +0,0 @@ -using System; -using System.IO; - -namespace Mono.Security.NewTls.TestProvider -{ - public abstract class PrivateFile : IDisposable - { - string filename; - byte[] data; - - public string Password { - get; - private set; - } - - public PrivateFile (string filename, string password) - { - this.filename = filename; - Password = password; - } - - public PrivateFile (byte[] data, string password) - { - this.data = data; - Password = password; - } - - public byte[] Data { - get { - if (data == null) - data = ReadFromFile (filename); - return data; - } - } - - public string FileName { - get { - if (filename == null) - filename = WriteToTempFile (data); - return filename; - } - } - - static byte[] ReadFromFile (string path) - { - using (var stream = new FileStream (path, FileMode.Open)) { - var buffer = new byte [stream.Length]; - var ret = stream.Read (buffer, 0, buffer.Length); - if (ret != buffer.Length) - throw new IOException (); - return buffer; - } - } - - static string WriteToTempFile (byte[] bytes) - { - var path = Path.GetTempFileName (); - using (var stream = new FileStream (path, FileMode.Create, FileAccess.Write)) - stream.Write (bytes, 0, bytes.Length); - return path; - } - - void DeleteFile (string filename) - { - try { - if (File.Exists (filename)) - File.Delete (filename); - } catch { - } - } - - public void Dispose () - { - Dispose (true); - GC.SuppressFinalize (this); - } - - protected virtual void Dispose (bool disposing) - { - if (data != null) { - Array.Clear (data, 0, data.Length); - data = null; - } - Password = null; - if (filename != null) { - DeleteFile (filename); - filename = null; - } - } - - ~PrivateFile () - { - Dispose (false); - } - } -} - diff --git a/Mono.Security.NewTls.TestProvider/ServerCertificate.cs b/Mono.Security.NewTls.TestProvider/ServerCertificate.cs deleted file mode 100644 index e8e0576..0000000 --- a/Mono.Security.NewTls.TestProvider/ServerCertificate.cs +++ /dev/null @@ -1,20 +0,0 @@ -using System; - -namespace Mono.Security.NewTls.TestProvider -{ - using TestFramework; - - public sealed class ServerCertificate : CertificateAndKeyAsPFX, IServerCertificate - { - public ServerCertificate (byte[] data, string password) - : base (data, password) - { - } - - public ServerCertificate (IServerCertificate certificate) - : base (certificate.Data, certificate.Password) - { - } - } -} -