[英]PskTlsClient with Bouncy castle, System.IO.IOException on Connect
我正在通過 openssl 開發帶有 psk 的客戶端服務器。
目前服務器端尚未實現,我的 Ubuntu Linux 機器上有一個僅用於測試目的的存根,如下所示:
openssl s_server -accept 9999 -cipher ECDHE-PSK-CHACHA20-POLY1305 -nocert -psk 6161616161 -psk_identity admin
客戶端存在一些問題,我陷入困境,因為一切似乎都按以下方式實現
class Program
{
private static readonly SecureRandom _secureRandom = new SecureRandom();
internal static TlsClientProtocol OpenTlsConnection(string hostname, int port, Org.BouncyCastle.Crypto.Tls.TlsClient client)
{
var tcp = new TcpClient(hostname, port);
var protocol = new TlsClientProtocol(tcp.GetStream(), _secureRandom);
protocol.Connect(client);
return protocol;
}
static void Main(string[] args)
{
var hostname = "192.168.132.160";
var port = 9999;
var psk_identity = "admin";
// hardcoded psk
var psk = new byte[] { 0x61, 0x61, 0x61, 0x61, 0x61 };
var pskIdentity = new BasicTlsPskIdentity(psk_identity, psk);
var client = new PskTlsClient(null, pskIdentity);
var protocol = OpenTlsConnection(hostname, port, client);
// Tryng to send something
var req = Encoding.UTF8.GetBytes("GET / HTTP/1.1\r\n\r\n");
var tlsStream = protocol.Stream;
tlsStream.Write(req, 0, req.Length);
tlsStream.Flush();
var reader = new StreamReader(tlsStream);
string line;
while ((line = reader.ReadLine()) != null)
{
Console.WriteLine(">>> " + line);
}
protocol.Close();
}
}
我每次都會收到此異常:
System.IO.IOException: '無法從傳輸連接讀取數據:連接嘗試失敗,因為連接方在一段時間后沒有正確響應,或者由於連接的主機未能響應而建立的連接失敗。
此外,此代碼在我的 Linux 機器上有效
openssl s_client -connect 192.168.132.160:9999 -psk 6161616161 -psk_identity admin -tls1_2
我在客戶端錯過了什么嗎? 誰能幫我? 我要瘋了。
謝謝
PskTlsClient 默認僅提供一些密碼,為了添加我想要的內容,我開發了一個 PskTlsClient 覆蓋 GetCipherSuites() 的小代理(設計模式),如下所示:
public class PskTlsClientProxy : PskTlsClient
{
public PskTlsClientProxy(TlsPskIdentity pskIdentity) : base(pskIdentity)
{
}
public PskTlsClientProxy(TlsCipherFactory cipherFactory, TlsPskIdentity pskIdentity) : base(cipherFactory, pskIdentity)
{
}
public PskTlsClientProxy(TlsCipherFactory cipherFactory, TlsDHVerifier dhVerifier, TlsPskIdentity pskIdentity) : base(cipherFactory, dhVerifier, pskIdentity)
{
}
public override void NotifyServerVersion(ProtocolVersion serverVersion)
{
base.NotifyServerVersion(serverVersion);
Console.WriteLine("TLS-PSK client negotiated " + serverVersion);
}
public override int[] GetCipherSuites()
{
return new int[] {
CipherSuite.DRAFT_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256,
};
}
}
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.