95 lines
3.0 KiB
C#
95 lines
3.0 KiB
C#
using Org.BouncyCastle.Security;
|
|
using Org.BouncyCastle.Tls;
|
|
using Org.BouncyCastle.Tls.Crypto;
|
|
using Org.BouncyCastle.Tls.Crypto.Impl.BC;
|
|
using System.Collections;
|
|
using System.IO;
|
|
using System.Linq;
|
|
using System.Net.Sockets;
|
|
|
|
namespace Cryville.Common.Network {
|
|
public class TlsTcpClient {
|
|
readonly TcpClient _tcpClient;
|
|
readonly TlsClientProtocol _protocol;
|
|
readonly TlsClient _tlsClient;
|
|
public Stream Stream { get; private set; }
|
|
public TlsTcpClient(string hostname, int port) {
|
|
_tcpClient = new TcpClient(hostname, port);
|
|
_protocol = new TlsClientProtocol(_tcpClient.GetStream());
|
|
_tlsClient = new InternalTlsClient(new BcTlsCrypto(new SecureRandom()));
|
|
}
|
|
|
|
public void Connect() {
|
|
_protocol.Connect(_tlsClient);
|
|
Stream = _protocol.Stream;
|
|
}
|
|
|
|
public void Close() {
|
|
_protocol.Close();
|
|
}
|
|
|
|
private class InternalTlsClient : DefaultTlsClient {
|
|
public InternalTlsClient(TlsCrypto crypto) : base(crypto) { }
|
|
|
|
protected override ProtocolVersion[] GetSupportedVersions() {
|
|
return ProtocolVersion.TLSv13.DownTo(ProtocolVersion.TLSv12);
|
|
}
|
|
|
|
protected override IList GetProtocolNames() {
|
|
IList list = new ArrayList {
|
|
ProtocolName.Http_1_1,
|
|
ProtocolName.Http_2_Tls
|
|
};
|
|
return list;
|
|
}
|
|
|
|
private static readonly int[] supportedCipherSuites = {
|
|
CipherSuite.TLS_AES_128_GCM_SHA256,
|
|
CipherSuite.TLS_AES_256_GCM_SHA384,
|
|
CipherSuite.TLS_CHACHA20_POLY1305_SHA256,
|
|
CipherSuite.TLS_AES_128_CCM_SHA256,
|
|
CipherSuite.TLS_AES_128_CCM_8_SHA256,
|
|
};
|
|
protected override int[] GetSupportedCipherSuites() {
|
|
return base.GetSupportedCipherSuites().Union(supportedCipherSuites).ToArray();
|
|
}
|
|
|
|
protected override IList GetSupportedSignatureAlgorithms() {
|
|
var result = base.GetSupportedSignatureAlgorithms();
|
|
result.Add(SignatureAndHashAlgorithm.ecdsa_brainpoolP256r1tls13_sha256);
|
|
result.Add(SignatureAndHashAlgorithm.ecdsa_brainpoolP384r1tls13_sha384);
|
|
result.Add(SignatureAndHashAlgorithm.ecdsa_brainpoolP512r1tls13_sha512);
|
|
return result;
|
|
}
|
|
|
|
public override TlsAuthentication GetAuthentication() {
|
|
return new NullTlsAuthentication();
|
|
}
|
|
|
|
public override void NotifyAlertReceived(short alertLevel, short alertDescription) {
|
|
Logger.Log("main", 0, "Network/TLS", "TLS Alert {0} {1}", alertLevel, alertDescription);
|
|
}
|
|
|
|
public override void NotifyServerVersion(ProtocolVersion serverVersion) {
|
|
base.NotifyServerVersion(serverVersion);
|
|
Logger.Log("main", 0, "Network/TLS", "NotifyServerVersion {0}", serverVersion);
|
|
}
|
|
|
|
public override void NotifySelectedCipherSuite(int selectedCipherSuite) {
|
|
base.NotifySelectedCipherSuite(selectedCipherSuite);
|
|
Logger.Log("main", 0, "Network/TLS", "NotifySelectedCipherSuite {0}", selectedCipherSuite);
|
|
}
|
|
}
|
|
|
|
private class NullTlsAuthentication : TlsAuthentication {
|
|
public TlsCredentials GetClientCredentials(CertificateRequest certificateRequest) {
|
|
return null;
|
|
}
|
|
|
|
public void NotifyServerCertificate(TlsServerCertificate serverCertificate) {
|
|
// Do nothing
|
|
}
|
|
}
|
|
}
|
|
}
|