6 files changed, 28 insertions, 3 deletions
diff --git a/crypto/BouncyCastle.Android.csproj b/crypto/BouncyCastle.Android.csproj
index 13ca4f05c..541b534cd 100644
--- a/crypto/BouncyCastle.Android.csproj
+++ b/crypto/BouncyCastle.Android.csproj
@@ -1067,6 +1067,7 @@
<Compile Include="src\crypto\tls\TlsHandshakeHash.cs" />
<Compile Include="src\crypto\tls\TlsKeyExchange.cs" />
<Compile Include="src\crypto\tls\TlsMac.cs" />
+ <Compile Include="src\crypto\tls\TlsNoCloseNotifyException.cs" />
<Compile Include="src\crypto\tls\TlsNullCipher.cs" />
<Compile Include="src\crypto\tls\TlsNullCompression.cs" />
<Compile Include="src\crypto\tls\TlsPeer.cs" />
diff --git a/crypto/BouncyCastle.csproj b/crypto/BouncyCastle.csproj
index f72c9c527..31910f963 100644
--- a/crypto/BouncyCastle.csproj
+++ b/crypto/BouncyCastle.csproj
@@ -1061,6 +1061,7 @@
<Compile Include="src\crypto\tls\TlsHandshakeHash.cs" />
<Compile Include="src\crypto\tls\TlsKeyExchange.cs" />
<Compile Include="src\crypto\tls\TlsMac.cs" />
+ <Compile Include="src\crypto\tls\TlsNoCloseNotifyException.cs" />
<Compile Include="src\crypto\tls\TlsNullCipher.cs" />
<Compile Include="src\crypto\tls\TlsNullCompression.cs" />
<Compile Include="src\crypto\tls\TlsPeer.cs" />
diff --git a/crypto/BouncyCastle.iOS.csproj b/crypto/BouncyCastle.iOS.csproj
index b3bf7b4fa..f9269337a 100644
--- a/crypto/BouncyCastle.iOS.csproj
+++ b/crypto/BouncyCastle.iOS.csproj
@@ -1062,6 +1062,7 @@
<Compile Include="src\crypto\tls\TlsHandshakeHash.cs" />
<Compile Include="src\crypto\tls\TlsKeyExchange.cs" />
<Compile Include="src\crypto\tls\TlsMac.cs" />
+ <Compile Include="src\crypto\tls\TlsNoCloseNotifyException.cs" />
<Compile Include="src\crypto\tls\TlsNullCipher.cs" />
<Compile Include="src\crypto\tls\TlsNullCompression.cs" />
<Compile Include="src\crypto\tls\TlsPeer.cs" />
diff --git a/crypto/crypto.csproj b/crypto/crypto.csproj
index 6f1fdcf61..fe6b5fa1c 100644
--- a/crypto/crypto.csproj
+++ b/crypto/crypto.csproj
@@ -5194,6 +5194,11 @@
BuildAction = "Compile"
/>
<File
+ RelPath = "src\crypto\tls\TlsNoCloseNotifyException.cs"
+ SubType = "Code"
+ BuildAction = "Compile"
+ />
+ <File
RelPath = "src\crypto\tls\TlsNullCipher.cs"
SubType = "Code"
BuildAction = "Compile"
diff --git a/crypto/src/crypto/tls/TlsNoCloseNotifyException.cs b/crypto/src/crypto/tls/TlsNoCloseNotifyException.cs
new file mode 100644
index 000000000..72159ba47
--- /dev/null
+++ b/crypto/src/crypto/tls/TlsNoCloseNotifyException.cs
@@ -0,0 +1,19 @@
+using System;
+using System.IO;
+
+namespace Org.BouncyCastle.Crypto.Tls
+{
+ /// <summary>
+ /// This exception will be thrown(only) when the connection is closed by the peer without sending a
+ /// <code cref="AlertDescription.close_notify">close_notify</code> warning alert.
+ /// </summary>
+ /// <remarks>
+ /// If this happens, the TLS protocol cannot rule out truncation of the connection data (potentially
+ /// malicious). It may be possible to check for truncation via some property of a higher level protocol
+ /// built upon TLS, e.g.the Content-Length header for HTTPS.
+ /// </remarks>
+ public class TlsNoCloseNotifyException
+ : EndOfStreamException
+ {
+ }
+}
diff --git a/crypto/src/crypto/tls/TlsProtocol.cs b/crypto/src/crypto/tls/TlsProtocol.cs
index 6d5c93f40..98c6399d3 100644
--- a/crypto/src/crypto/tls/TlsProtocol.cs
+++ b/crypto/src/crypto/tls/TlsProtocol.cs
@@ -488,9 +488,7 @@ namespace Org.BouncyCastle.Crypto.Tls
{
if (!mRecordStream.ReadRecord())
{
- // TODO It would be nicer to allow graceful connection close if between records
- // this.FailWithError(AlertLevel.warning, AlertDescription.close_notify);
- throw new EndOfStreamException();
+ throw new TlsNoCloseNotifyException();
}
}
catch (TlsFatalAlert e)
|
