带充气城堡的 PskTlsClient,System.IO.IOException 连接

PskTlsClient with Bouncy castle, System.IO.IOException on Connect

我正在使用 openssl 的 psk 开发客户端-服务器。

目前服务器端还没有实现,我的 Ubuntu Linux 机器上有一个存根,仅用于测试目的如下:

openssl s_server -accept 9999 -cipher ECDHE-PSK-CHACHA20-POLY1305 -nocert -psk 6161616161 -psk_identity admin

客户端出现了一些问题,我陷入了困境,因为一切似乎都按以下方式实施

 class Program
    {

        private static readonly SecureRandom _secureRandom = new SecureRandom();


        internal static TlsClientProtocol OpenTlsConnection(string hostname, int port, Org.BouncyCastle.Crypto.Tls.TlsClient client)
        {
            var tcp = new TcpClient(hostname, port);


            var protocol = new TlsClientProtocol(tcp.GetStream(), _secureRandom);

            protocol.Connect(client);


            return protocol;
        }

        static void Main(string[] args)
        {

            var hostname = "192.168.132.160";
            var port = 9999;

            var psk_identity = "admin";


            // hardcoded psk
            var psk = new byte[] { 0x61, 0x61, 0x61, 0x61, 0x61 };

            var pskIdentity = new BasicTlsPskIdentity(psk_identity, psk);



            var client = new PskTlsClient(null, pskIdentity);




            var protocol = OpenTlsConnection(hostname, port, client);


            // Tryng to send something
            var req = Encoding.UTF8.GetBytes("GET / HTTP/1.1\r\n\r\n");

            var tlsStream = protocol.Stream;
            tlsStream.Write(req, 0, req.Length);
            tlsStream.Flush();

            var reader = new StreamReader(tlsStream);

            string line;
            while ((line = reader.ReadLine()) != null)
            {
                Console.WriteLine(">>> " + line);
            }

            protocol.Close();


        }
    }

我每次都遇到这个异常:

System.IO.IOException: 'Unable to read data from the transport connection: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.'

此外,这段代码在我的 Linux 机器上有效

openssl s_client -connect 192.168.132.160:9999 -psk 6161616161  -psk_identity admin -tls1_2

我是否遗漏了客户端的某些内容?谁能帮我?我要疯了。

谢谢

PskTlsClient 默认只提供一些密码,为了添加我想要的我开发了一个 PskTlsClient 的小代理(设计模式)覆盖 GetCipherSuites() 如下:

    public class PskTlsClientProxy : PskTlsClient
{
    public PskTlsClientProxy(TlsPskIdentity pskIdentity) : base(pskIdentity)
    {




    }

    public PskTlsClientProxy(TlsCipherFactory cipherFactory, TlsPskIdentity pskIdentity) : base(cipherFactory, pskIdentity)
    {
    }

    public PskTlsClientProxy(TlsCipherFactory cipherFactory, TlsDHVerifier dhVerifier, TlsPskIdentity pskIdentity) : base(cipherFactory, dhVerifier, pskIdentity)
    {
    }

    public override void NotifyServerVersion(ProtocolVersion serverVersion)
    {
        base.NotifyServerVersion(serverVersion);

        Console.WriteLine("TLS-PSK client negotiated " + serverVersion);
    }


    public override int[] GetCipherSuites()
    {
        return new int[] {
            CipherSuite.DRAFT_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256,
        };

    }



}