diff options
| author | Peter Dettman <peter.dettman@bouncycastle.org> | 2022-05-30 00:36:32 +0700 |
|---|---|---|
| committer | Peter Dettman <peter.dettman@bouncycastle.org> | 2022-05-30 00:36:32 +0700 |
| commit | 2cb589c0cbd7188ef3f2f70305f13d2eab9ffe60 (patch) | |
| tree | 203822e7e601694d5f9ccaece3657c56581c4bb3 /crypto/test/src/tls | |
| parent | bzip2 fixes and perf. opts. (diff) | |
| download | BouncyCastle.NET-ed25519-2cb589c0cbd7188ef3f2f70305f13d2eab9ffe60.tar.xz | |
Set randoms before extensions processing
- see https://github.com/bcgit/bc-java/issues/1167
Diffstat (limited to 'crypto/test/src/tls')
| -rw-r--r-- | crypto/test/src/tls/test/MockDtlsClient.cs | 17 | ||||
| -rw-r--r-- | crypto/test/src/tls/test/MockDtlsServer.cs | 24 | ||||
| -rw-r--r-- | crypto/test/src/tls/test/MockPskDtlsClient.cs | 17 | ||||
| -rw-r--r-- | crypto/test/src/tls/test/MockPskDtlsServer.cs | 25 | ||||
| -rw-r--r-- | crypto/test/src/tls/test/MockPskTls13Client.cs | 16 | ||||
| -rw-r--r-- | crypto/test/src/tls/test/MockPskTls13Server.cs | 24 | ||||
| -rw-r--r-- | crypto/test/src/tls/test/MockPskTlsClient.cs | 11 | ||||
| -rw-r--r-- | crypto/test/src/tls/test/MockPskTlsServer.cs | 24 | ||||
| -rw-r--r-- | crypto/test/src/tls/test/MockSrpTlsClient.cs | 11 | ||||
| -rw-r--r-- | crypto/test/src/tls/test/MockSrpTlsServer.cs | 24 | ||||
| -rw-r--r-- | crypto/test/src/tls/test/MockTlsClient.cs | 11 | ||||
| -rw-r--r-- | crypto/test/src/tls/test/MockTlsServer.cs | 24 | ||||
| -rw-r--r-- | crypto/test/src/tls/test/TlsTestClientImpl.cs | 11 | ||||
| -rw-r--r-- | crypto/test/src/tls/test/TlsTestServerImpl.cs | 24 |
14 files changed, 263 insertions, 0 deletions
diff --git a/crypto/test/src/tls/test/MockDtlsClient.cs b/crypto/test/src/tls/test/MockDtlsClient.cs index deef119ca..e758639ec 100644 --- a/crypto/test/src/tls/test/MockDtlsClient.cs +++ b/crypto/test/src/tls/test/MockDtlsClient.cs @@ -7,6 +7,7 @@ using Org.BouncyCastle.Tls.Crypto.Impl.BC; using Org.BouncyCastle.Security; using Org.BouncyCastle.Utilities; using Org.BouncyCastle.Utilities.Encoders; +using System.Collections; namespace Org.BouncyCastle.Tls.Tests { @@ -102,6 +103,22 @@ namespace Org.BouncyCastle.Tls.Tests } } + public override IDictionary GetClientExtensions() + { + if (m_context.SecurityParameters.ClientRandom == null) + throw new TlsFatalAlert(AlertDescription.internal_error); + + return base.GetClientExtensions(); + } + + public override void ProcessServerExtensions(IDictionary serverExtensions) + { + if (m_context.SecurityParameters.ServerRandom == null) + throw new TlsFatalAlert(AlertDescription.internal_error); + + base.ProcessServerExtensions(serverExtensions); + } + protected virtual string ToHexString(byte[] data) { return data == null ? "(null)" : Hex.ToHexString(data); diff --git a/crypto/test/src/tls/test/MockDtlsServer.cs b/crypto/test/src/tls/test/MockDtlsServer.cs index b3ea7f91c..28498de07 100644 --- a/crypto/test/src/tls/test/MockDtlsServer.cs +++ b/crypto/test/src/tls/test/MockDtlsServer.cs @@ -121,6 +121,30 @@ namespace Org.BouncyCastle.Tls.Tests Console.WriteLine("Server 'tls-unique': " + ToHexString(tlsUnique)); } + public override void ProcessClientExtensions(IDictionary clientExtensions) + { + if (m_context.SecurityParameters.ClientRandom == null) + throw new TlsFatalAlert(AlertDescription.internal_error); + + base.ProcessClientExtensions(clientExtensions); + } + + public override IDictionary GetServerExtensions() + { + if (m_context.SecurityParameters.ServerRandom == null) + throw new TlsFatalAlert(AlertDescription.internal_error); + + return base.GetServerExtensions(); + } + + public override void GetServerExtensionsForConnection(IDictionary serverExtensions) + { + if (m_context.SecurityParameters.ServerRandom == null) + throw new TlsFatalAlert(AlertDescription.internal_error); + + base.GetServerExtensionsForConnection(serverExtensions); + } + protected override TlsCredentialedDecryptor GetRsaEncryptionCredentials() { return TlsTestUtilities.LoadEncryptionCredentials(m_context, diff --git a/crypto/test/src/tls/test/MockPskDtlsClient.cs b/crypto/test/src/tls/test/MockPskDtlsClient.cs index c83c9e7fd..be40be87a 100644 --- a/crypto/test/src/tls/test/MockPskDtlsClient.cs +++ b/crypto/test/src/tls/test/MockPskDtlsClient.cs @@ -1,4 +1,5 @@ using System; +using System.Collections; using System.IO; using Org.BouncyCastle.Asn1.X509; @@ -107,6 +108,22 @@ namespace Org.BouncyCastle.Tls.Tests } } + public override IDictionary GetClientExtensions() + { + if (m_context.SecurityParameters.ClientRandom == null) + throw new TlsFatalAlert(AlertDescription.internal_error); + + return base.GetClientExtensions(); + } + + public override void ProcessServerExtensions(IDictionary serverExtensions) + { + if (m_context.SecurityParameters.ServerRandom == null) + throw new TlsFatalAlert(AlertDescription.internal_error); + + base.ProcessServerExtensions(serverExtensions); + } + protected virtual string ToHexString(byte[] data) { return data == null ? "(null)" : Hex.ToHexString(data); diff --git a/crypto/test/src/tls/test/MockPskDtlsServer.cs b/crypto/test/src/tls/test/MockPskDtlsServer.cs index bb084535a..d7a161c6f 100644 --- a/crypto/test/src/tls/test/MockPskDtlsServer.cs +++ b/crypto/test/src/tls/test/MockPskDtlsServer.cs @@ -1,4 +1,5 @@ using System; +using System.Collections; using System.IO; using Org.BouncyCastle.Tls.Crypto.Impl.BC; @@ -72,6 +73,30 @@ namespace Org.BouncyCastle.Tls.Tests } } + public override void ProcessClientExtensions(IDictionary clientExtensions) + { + if (m_context.SecurityParameters.ClientRandom == null) + throw new TlsFatalAlert(AlertDescription.internal_error); + + base.ProcessClientExtensions(clientExtensions); + } + + public override IDictionary GetServerExtensions() + { + if (m_context.SecurityParameters.ServerRandom == null) + throw new TlsFatalAlert(AlertDescription.internal_error); + + return base.GetServerExtensions(); + } + + public override void GetServerExtensionsForConnection(IDictionary serverExtensions) + { + if (m_context.SecurityParameters.ServerRandom == null) + throw new TlsFatalAlert(AlertDescription.internal_error); + + base.GetServerExtensionsForConnection(serverExtensions); + } + protected override TlsCredentialedDecryptor GetRsaEncryptionCredentials() { return TlsTestUtilities.LoadEncryptionCredentials(m_context, diff --git a/crypto/test/src/tls/test/MockPskTls13Client.cs b/crypto/test/src/tls/test/MockPskTls13Client.cs index d8be1fddd..1ed19e969 100644 --- a/crypto/test/src/tls/test/MockPskTls13Client.cs +++ b/crypto/test/src/tls/test/MockPskTls13Client.cs @@ -106,5 +106,21 @@ namespace Org.BouncyCastle.Tls.Tests Console.WriteLine("Client ALPN: " + protocolName.GetUtf8Decoding()); } } + + public override IDictionary GetClientExtensions() + { + if (m_context.SecurityParameters.ClientRandom == null) + throw new TlsFatalAlert(AlertDescription.internal_error); + + return base.GetClientExtensions(); + } + + public override void ProcessServerExtensions(IDictionary serverExtensions) + { + if (m_context.SecurityParameters.ServerRandom == null) + throw new TlsFatalAlert(AlertDescription.internal_error); + + base.ProcessServerExtensions(serverExtensions); + } } } diff --git a/crypto/test/src/tls/test/MockPskTls13Server.cs b/crypto/test/src/tls/test/MockPskTls13Server.cs index d1ea69b95..b084bec99 100644 --- a/crypto/test/src/tls/test/MockPskTls13Server.cs +++ b/crypto/test/src/tls/test/MockPskTls13Server.cs @@ -104,5 +104,29 @@ namespace Org.BouncyCastle.Tls.Tests Console.WriteLine("Server ALPN: " + protocolName.GetUtf8Decoding()); } } + + public override void ProcessClientExtensions(IDictionary clientExtensions) + { + if (m_context.SecurityParameters.ClientRandom == null) + throw new TlsFatalAlert(AlertDescription.internal_error); + + base.ProcessClientExtensions(clientExtensions); + } + + public override IDictionary GetServerExtensions() + { + if (m_context.SecurityParameters.ServerRandom == null) + throw new TlsFatalAlert(AlertDescription.internal_error); + + return base.GetServerExtensions(); + } + + public override void GetServerExtensionsForConnection(IDictionary serverExtensions) + { + if (m_context.SecurityParameters.ServerRandom == null) + throw new TlsFatalAlert(AlertDescription.internal_error); + + base.GetServerExtensionsForConnection(serverExtensions); + } } } diff --git a/crypto/test/src/tls/test/MockPskTlsClient.cs b/crypto/test/src/tls/test/MockPskTlsClient.cs index 46774266b..e01dd74df 100644 --- a/crypto/test/src/tls/test/MockPskTlsClient.cs +++ b/crypto/test/src/tls/test/MockPskTlsClient.cs @@ -65,6 +65,9 @@ namespace Org.BouncyCastle.Tls.Tests public override IDictionary GetClientExtensions() { + if (m_context.SecurityParameters.ClientRandom == null) + throw new TlsFatalAlert(AlertDescription.internal_error); + IDictionary clientExtensions = TlsExtensionsUtilities.EnsureExtensionsInitialised( base.GetClientExtensions()); @@ -132,6 +135,14 @@ namespace Org.BouncyCastle.Tls.Tests } } + public override void ProcessServerExtensions(IDictionary serverExtensions) + { + if (m_context.SecurityParameters.ServerRandom == null) + throw new TlsFatalAlert(AlertDescription.internal_error); + + base.ProcessServerExtensions(serverExtensions); + } + protected virtual string ToHexString(byte[] data) { return data == null ? "(null)" : Hex.ToHexString(data); diff --git a/crypto/test/src/tls/test/MockPskTlsServer.cs b/crypto/test/src/tls/test/MockPskTlsServer.cs index 743073b04..acfa1bc56 100644 --- a/crypto/test/src/tls/test/MockPskTlsServer.cs +++ b/crypto/test/src/tls/test/MockPskTlsServer.cs @@ -81,6 +81,30 @@ namespace Org.BouncyCastle.Tls.Tests } } + public override void ProcessClientExtensions(IDictionary clientExtensions) + { + if (m_context.SecurityParameters.ClientRandom == null) + throw new TlsFatalAlert(AlertDescription.internal_error); + + base.ProcessClientExtensions(clientExtensions); + } + + public override IDictionary GetServerExtensions() + { + if (m_context.SecurityParameters.ServerRandom == null) + throw new TlsFatalAlert(AlertDescription.internal_error); + + return base.GetServerExtensions(); + } + + public override void GetServerExtensionsForConnection(IDictionary serverExtensions) + { + if (m_context.SecurityParameters.ServerRandom == null) + throw new TlsFatalAlert(AlertDescription.internal_error); + + base.GetServerExtensionsForConnection(serverExtensions); + } + protected override TlsCredentialedDecryptor GetRsaEncryptionCredentials() { return TlsTestUtilities.LoadEncryptionCredentials(m_context, diff --git a/crypto/test/src/tls/test/MockSrpTlsClient.cs b/crypto/test/src/tls/test/MockSrpTlsClient.cs index 3d2232893..ac7340ca1 100644 --- a/crypto/test/src/tls/test/MockSrpTlsClient.cs +++ b/crypto/test/src/tls/test/MockSrpTlsClient.cs @@ -60,6 +60,9 @@ namespace Org.BouncyCastle.Tls.Tests public override IDictionary GetClientExtensions() { + if (m_context.SecurityParameters.ClientRandom == null) + throw new TlsFatalAlert(AlertDescription.internal_error); + IDictionary clientExtensions = TlsExtensionsUtilities.EnsureExtensionsInitialised( base.GetClientExtensions()); @@ -127,6 +130,14 @@ namespace Org.BouncyCastle.Tls.Tests } } + public override void ProcessServerExtensions(IDictionary serverExtensions) + { + if (m_context.SecurityParameters.ServerRandom == null) + throw new TlsFatalAlert(AlertDescription.internal_error); + + base.ProcessServerExtensions(serverExtensions); + } + protected virtual string ToHexString(byte[] data) { return data == null ? "(null)" : Hex.ToHexString(data); diff --git a/crypto/test/src/tls/test/MockSrpTlsServer.cs b/crypto/test/src/tls/test/MockSrpTlsServer.cs index 725901811..fc643af89 100644 --- a/crypto/test/src/tls/test/MockSrpTlsServer.cs +++ b/crypto/test/src/tls/test/MockSrpTlsServer.cs @@ -93,6 +93,30 @@ namespace Org.BouncyCastle.Tls.Tests } } + public override void ProcessClientExtensions(IDictionary clientExtensions) + { + if (m_context.SecurityParameters.ClientRandom == null) + throw new TlsFatalAlert(AlertDescription.internal_error); + + base.ProcessClientExtensions(clientExtensions); + } + + public override IDictionary GetServerExtensions() + { + if (m_context.SecurityParameters.ServerRandom == null) + throw new TlsFatalAlert(AlertDescription.internal_error); + + return base.GetServerExtensions(); + } + + public override void GetServerExtensionsForConnection(IDictionary serverExtensions) + { + if (m_context.SecurityParameters.ServerRandom == null) + throw new TlsFatalAlert(AlertDescription.internal_error); + + base.GetServerExtensionsForConnection(serverExtensions); + } + protected override TlsCredentialedSigner GetDsaSignerCredentials() { IList clientSigAlgs = m_context.SecurityParameters.ClientSigAlgs; diff --git a/crypto/test/src/tls/test/MockTlsClient.cs b/crypto/test/src/tls/test/MockTlsClient.cs index 62b699590..71ac4d3f4 100644 --- a/crypto/test/src/tls/test/MockTlsClient.cs +++ b/crypto/test/src/tls/test/MockTlsClient.cs @@ -60,6 +60,9 @@ namespace Org.BouncyCastle.Tls.Tests public override IDictionary GetClientExtensions() { + if (m_context.SecurityParameters.ClientRandom == null) + throw new TlsFatalAlert(AlertDescription.internal_error); + IDictionary clientExtensions = TlsExtensionsUtilities.EnsureExtensionsInitialised( base.GetClientExtensions()); @@ -127,6 +130,14 @@ namespace Org.BouncyCastle.Tls.Tests } } + public override void ProcessServerExtensions(IDictionary serverExtensions) + { + if (m_context.SecurityParameters.ServerRandom == null) + throw new TlsFatalAlert(AlertDescription.internal_error); + + base.ProcessServerExtensions(serverExtensions); + } + protected virtual string ToHexString(byte[] data) { return data == null ? "(null)" : Hex.ToHexString(data); diff --git a/crypto/test/src/tls/test/MockTlsServer.cs b/crypto/test/src/tls/test/MockTlsServer.cs index f7c197342..18494df12 100644 --- a/crypto/test/src/tls/test/MockTlsServer.cs +++ b/crypto/test/src/tls/test/MockTlsServer.cs @@ -157,6 +157,30 @@ namespace Org.BouncyCastle.Tls.Tests Console.WriteLine("Server 'tls-unique': " + ToHexString(tlsUnique)); } + public override void ProcessClientExtensions(IDictionary clientExtensions) + { + if (m_context.SecurityParameters.ClientRandom == null) + throw new TlsFatalAlert(AlertDescription.internal_error); + + base.ProcessClientExtensions(clientExtensions); + } + + public override IDictionary GetServerExtensions() + { + if (m_context.SecurityParameters.ServerRandom == null) + throw new TlsFatalAlert(AlertDescription.internal_error); + + return base.GetServerExtensions(); + } + + public override void GetServerExtensionsForConnection(IDictionary serverExtensions) + { + if (m_context.SecurityParameters.ServerRandom == null) + throw new TlsFatalAlert(AlertDescription.internal_error); + + base.GetServerExtensionsForConnection(serverExtensions); + } + protected override TlsCredentialedDecryptor GetRsaEncryptionCredentials() { return TlsTestUtilities.LoadEncryptionCredentials(m_context, diff --git a/crypto/test/src/tls/test/TlsTestClientImpl.cs b/crypto/test/src/tls/test/TlsTestClientImpl.cs index ca5175a73..760dab038 100644 --- a/crypto/test/src/tls/test/TlsTestClientImpl.cs +++ b/crypto/test/src/tls/test/TlsTestClientImpl.cs @@ -70,6 +70,9 @@ namespace Org.BouncyCastle.Tls.Tests public override IDictionary GetClientExtensions() { + if (m_context.SecurityParameters.ClientRandom == null) + throw new TlsFatalAlert(AlertDescription.internal_error); + IDictionary clientExtensions = base.GetClientExtensions(); if (clientExtensions != null) { @@ -187,6 +190,14 @@ namespace Org.BouncyCastle.Tls.Tests return new MyTlsAuthentication(this, m_context); } + public override void ProcessServerExtensions(IDictionary serverExtensions) + { + if (m_context.SecurityParameters.ServerRandom == null) + throw new TlsFatalAlert(AlertDescription.internal_error); + + base.ProcessServerExtensions(serverExtensions); + } + protected virtual Certificate CorruptCertificate(Certificate cert) { CertificateEntry[] certEntryList = cert.GetCertificateEntryList(); diff --git a/crypto/test/src/tls/test/TlsTestServerImpl.cs b/crypto/test/src/tls/test/TlsTestServerImpl.cs index 273de3d31..22e05ffcc 100644 --- a/crypto/test/src/tls/test/TlsTestServerImpl.cs +++ b/crypto/test/src/tls/test/TlsTestServerImpl.cs @@ -254,6 +254,30 @@ namespace Org.BouncyCastle.Tls.Tests } } + public override void ProcessClientExtensions(IDictionary clientExtensions) + { + if (m_context.SecurityParameters.ClientRandom == null) + throw new TlsFatalAlert(AlertDescription.internal_error); + + base.ProcessClientExtensions(clientExtensions); + } + + public override IDictionary GetServerExtensions() + { + if (m_context.SecurityParameters.ServerRandom == null) + throw new TlsFatalAlert(AlertDescription.internal_error); + + return base.GetServerExtensions(); + } + + public override void GetServerExtensionsForConnection(IDictionary serverExtensions) + { + if (m_context.SecurityParameters.ServerRandom == null) + throw new TlsFatalAlert(AlertDescription.internal_error); + + base.GetServerExtensionsForConnection(serverExtensions); + } + protected virtual IList GetSupportedSignatureAlgorithms() { if (TlsUtilities.IsTlsV12(m_context) && m_config.serverAuthSigAlg != null) |