带充气城堡的 PskTlsClient,System.IO.IOException 连接
PskTlsClient with Bouncy castle, System.IO.IOException on Connect
我正在使用 openssl 的 psk 开发客户端-服务器。
目前服务器端还没有实现,我的 Ubuntu Linux 机器上有一个存根,仅用于测试目的如下:
openssl s_server -accept 9999 -cipher ECDHE-PSK-CHACHA20-POLY1305 -nocert -psk 6161616161 -psk_identity admin
客户端出现了一些问题,我陷入了困境,因为一切似乎都按以下方式实施
class Program
{
private static readonly SecureRandom _secureRandom = new SecureRandom();
internal static TlsClientProtocol OpenTlsConnection(string hostname, int port, Org.BouncyCastle.Crypto.Tls.TlsClient client)
{
var tcp = new TcpClient(hostname, port);
var protocol = new TlsClientProtocol(tcp.GetStream(), _secureRandom);
protocol.Connect(client);
return protocol;
}
static void Main(string[] args)
{
var hostname = "192.168.132.160";
var port = 9999;
var psk_identity = "admin";
// hardcoded psk
var psk = new byte[] { 0x61, 0x61, 0x61, 0x61, 0x61 };
var pskIdentity = new BasicTlsPskIdentity(psk_identity, psk);
var client = new PskTlsClient(null, pskIdentity);
var protocol = OpenTlsConnection(hostname, port, client);
// Tryng to send something
var req = Encoding.UTF8.GetBytes("GET / HTTP/1.1\r\n\r\n");
var tlsStream = protocol.Stream;
tlsStream.Write(req, 0, req.Length);
tlsStream.Flush();
var reader = new StreamReader(tlsStream);
string line;
while ((line = reader.ReadLine()) != null)
{
Console.WriteLine(">>> " + line);
}
protocol.Close();
}
}
我每次都遇到这个异常:
System.IO.IOException: 'Unable to read data from the transport
connection: A connection attempt failed because the connected party
did not properly respond after a period of time, or established
connection failed because connected host has failed to respond.'
此外,这段代码在我的 Linux 机器上有效
openssl s_client -connect 192.168.132.160:9999 -psk 6161616161 -psk_identity admin -tls1_2
我是否遗漏了客户端的某些内容?谁能帮我?我要疯了。
谢谢
PskTlsClient 默认只提供一些密码,为了添加我想要的我开发了一个 PskTlsClient 的小代理(设计模式)覆盖 GetCipherSuites() 如下:
public class PskTlsClientProxy : PskTlsClient
{
public PskTlsClientProxy(TlsPskIdentity pskIdentity) : base(pskIdentity)
{
}
public PskTlsClientProxy(TlsCipherFactory cipherFactory, TlsPskIdentity pskIdentity) : base(cipherFactory, pskIdentity)
{
}
public PskTlsClientProxy(TlsCipherFactory cipherFactory, TlsDHVerifier dhVerifier, TlsPskIdentity pskIdentity) : base(cipherFactory, dhVerifier, pskIdentity)
{
}
public override void NotifyServerVersion(ProtocolVersion serverVersion)
{
base.NotifyServerVersion(serverVersion);
Console.WriteLine("TLS-PSK client negotiated " + serverVersion);
}
public override int[] GetCipherSuites()
{
return new int[] {
CipherSuite.DRAFT_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256,
};
}
}
我正在使用 openssl 的 psk 开发客户端-服务器。
目前服务器端还没有实现,我的 Ubuntu Linux 机器上有一个存根,仅用于测试目的如下:
openssl s_server -accept 9999 -cipher ECDHE-PSK-CHACHA20-POLY1305 -nocert -psk 6161616161 -psk_identity admin
客户端出现了一些问题,我陷入了困境,因为一切似乎都按以下方式实施
class Program
{
private static readonly SecureRandom _secureRandom = new SecureRandom();
internal static TlsClientProtocol OpenTlsConnection(string hostname, int port, Org.BouncyCastle.Crypto.Tls.TlsClient client)
{
var tcp = new TcpClient(hostname, port);
var protocol = new TlsClientProtocol(tcp.GetStream(), _secureRandom);
protocol.Connect(client);
return protocol;
}
static void Main(string[] args)
{
var hostname = "192.168.132.160";
var port = 9999;
var psk_identity = "admin";
// hardcoded psk
var psk = new byte[] { 0x61, 0x61, 0x61, 0x61, 0x61 };
var pskIdentity = new BasicTlsPskIdentity(psk_identity, psk);
var client = new PskTlsClient(null, pskIdentity);
var protocol = OpenTlsConnection(hostname, port, client);
// Tryng to send something
var req = Encoding.UTF8.GetBytes("GET / HTTP/1.1\r\n\r\n");
var tlsStream = protocol.Stream;
tlsStream.Write(req, 0, req.Length);
tlsStream.Flush();
var reader = new StreamReader(tlsStream);
string line;
while ((line = reader.ReadLine()) != null)
{
Console.WriteLine(">>> " + line);
}
protocol.Close();
}
}
我每次都遇到这个异常:
System.IO.IOException: 'Unable to read data from the transport connection: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.'
此外,这段代码在我的 Linux 机器上有效
openssl s_client -connect 192.168.132.160:9999 -psk 6161616161 -psk_identity admin -tls1_2
我是否遗漏了客户端的某些内容?谁能帮我?我要疯了。
谢谢
PskTlsClient 默认只提供一些密码,为了添加我想要的我开发了一个 PskTlsClient 的小代理(设计模式)覆盖 GetCipherSuites() 如下:
public class PskTlsClientProxy : PskTlsClient
{
public PskTlsClientProxy(TlsPskIdentity pskIdentity) : base(pskIdentity)
{
}
public PskTlsClientProxy(TlsCipherFactory cipherFactory, TlsPskIdentity pskIdentity) : base(cipherFactory, pskIdentity)
{
}
public PskTlsClientProxy(TlsCipherFactory cipherFactory, TlsDHVerifier dhVerifier, TlsPskIdentity pskIdentity) : base(cipherFactory, dhVerifier, pskIdentity)
{
}
public override void NotifyServerVersion(ProtocolVersion serverVersion)
{
base.NotifyServerVersion(serverVersion);
Console.WriteLine("TLS-PSK client negotiated " + serverVersion);
}
public override int[] GetCipherSuites()
{
return new int[] {
CipherSuite.DRAFT_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256,
};
}
}