[Mono-bugs] [Bug 79986][Maj] New - TlsException at TlsClientCertificate.ProcessAsTls1 using SslServerStream
bugzilla-daemon at bugzilla.ximian.com
bugzilla-daemon at bugzilla.ximian.com
Mon Nov 20 07:09:20 EST 2006
Please do not reply to this email- if you want to comment on the bug, go to the
URL shown below and enter your comments there.
Changed by pawel.sakowski at mindbreeze.com.
http://bugzilla.ximian.com/show_bug.cgi?id=79986
--- shadow/79986 2006-11-20 07:09:20.000000000 -0500
+++ shadow/79986.tmp.5048 2006-11-20 07:09:20.000000000 -0500
@@ -0,0 +1,96 @@
+Bug#: 79986
+Product: Mono: Class Libraries
+Version: 1.2
+OS: GNU/Linux [Other]
+OS Details:
+Status: NEW
+Resolution:
+Severity:
+Priority: Major
+Component: Mono.Security
+AssignedTo: sebastien at ximian.com
+ReportedBy: pawel.sakowski at mindbreeze.com
+QAContact: mono-bugs at ximian.com
+TargetMilestone: ---
+URL:
+Cc:
+Summary: TlsException at TlsClientCertificate.ProcessAsTls1 using SslServerStream
+
+Description of Problem:
+A basic scenario involving a Mono.Security-based TCP/SSL server fails.
+
+Steps to reproduce the problem:
+1. Invoke the following code:
+
+using System;
+using System.Net;
+using System.Net.Sockets;
+using System.Text;
+using System.Security.Cryptography;
+using System.Security.Cryptography.X509Certificates;
+using Mono.Security.Protocol.Tls;
+using MX=Mono.Security.X509;
+class X{
+static AsymmetricAlgorithm key;
+static void Main(){
+MX.PKCS12 p = MX.PKCS12.LoadFromFile("localhost.p12", "");
+X509Certificate x509 = new X509Certificate(p.Certificates[0].RawData);
+key = (RSA) p.Keys[0];
+
+Socket sock = new Socket(AddressFamily.InterNetwork, SocketType.Stream,
+ProtocolType.Tcp);
+sock.Bind(new IPEndPoint(IPAddress.Any, 5555));
+sock.Listen(1);
+
+SslServerStream stream = new SslServerStream(new
+NetworkStream(sock.Accept(), true), x509, true, false);
+stream.PrivateKeyCertSelectionDelegate += KeySelection;
+stream.ClientCertValidationDelegate += CertValidation;
+byte[] resp = Encoding.ASCII.GetBytes("HTTP/1.1 200 OK\r\nContent-Length:
+0\r\n\r\n");
+stream.Write(resp, 0, resp.Length);
+stream.Close();
+}
+static AsymmetricAlgorithm KeySelection(X509Certificate certificate, string
+targetHost) {
+return key;
+}
+static bool CertValidation(X509Certificate certificate, int[]
+certificateErrors) {
+return true;
+}
+}
+
+2. wget https://localhost:5555 --no-check-certificate -O /dev/null
+
+Actual Results:
+Unhandled Exception: System.IO.IOException: The authentication or
+decryption has failed. ---> Mono.Security.Protocol.Tls.TlsException: The
+authentication or decryption has failed.
+ at
+Mono.Security.Protocol.Tls.Handshake.Server.TlsClientCertificate.ProcessAsTls1
+() [0x00000]
+ at Mono.Security.Protocol.Tls.Handshake.HandshakeMessage.Process () [0x00000]
+ at (wrapper remoting-invoke-with-check)
+Mono.Security.Protocol.Tls.Handshake.HandshakeMessage:Process ()
+ at
+Mono.Security.Protocol.Tls.ServerRecordProtocol.ProcessHandshakeMessage
+(Mono.Security.Protocol.Tls.TlsStream handMsg) [0x00000]
+ at
+Mono.Security.Protocol.Tls.RecordProtocol.InternalReceiveRecordCallback
+(IAsyncResult asyncResult) [0x00000] --- End of inner exception stack trace ---
+
+ at Mono.Security.Protocol.Tls.SslStreamBase.AsyncHandshakeCallback
+(IAsyncResult asyncResult) [0x00000]
+Unable to establish SSL connection.
+
+Expected Results:
+a successful communication
+
+How often does this happen?
+100%
+
+Additional Information:
+Mono version 1.2
+wget version 1.10.1
+The certificate file follows.
More information about the mono-bugs
mailing list