DefaultTlsServer TLS 1.2 Async Handshake Problems.

[BurakEs]

Hello,
Firstly, let me explain what I am trying to do. I have devices that need to communicate with TLS. I need to establish a secure session with these devices and manage them.

For this reason, I am accepting all device connections asynchronously using an async socket acceptor. For each accepted socket, I am preparing the handshake using the Accept method through TlsProtocol (BeginHandshake).

`StartAccept()=>{...
if (!_acceptorSocket.AcceptAsync(e))
ProcessAccept(e);
...}

ProcessAccept()=>{...
session.Connect(e.AcceptSocket);
...}
Connect()=>{...
Protocol.Accept(Server);
...}`

As I want to carry out the operations asynchronously, when creating an instance from TlsProtocol, it does not provide a stream, and I am applying methods like OfferInput, ReadOutput, WriteApplicationData on my socket. In the flow I have designed, if there is no problem (regarding the use of TlsProtocol, DefaultTlsServer, OfferInput, ReadOutput, etc.), I am encountering the errors we see below in the current BC version.

All errors were received by closing the server and resending the requests.


`Org.BouncyCastle.Tls.TlsFatalAlert
HResult=0x80131620
Message=internal_error(80)
Source=BouncyCastle.Cryptography
StackTrace:
at Org.BouncyCastle.Tls.TlsProtocol.SafeReadFullRecord(Byte[] input, Int32 inputOff, Int32 inputLen) in /_/crypto/src/tls/TlsProtocol.cs:line 862

This exception was originally thrown at this call stack:
Org.BouncyCastle.Tls.TlsUtilities.IsTlsV13(Org.BouncyCastle.Tls.ProtocolVersion) in TlsUtilities.cs
Org.BouncyCastle.Tls.AbstractTlsServer.GetSelectedCipherSuite() in AbstractTlsServer.cs
Org.BouncyCastle.Tls.TlsServerProtocol.GenerateServerHello(Org.BouncyCastle.Tls.ClientHello, Org.BouncyCastle.Tls.HandshakeMessageInput) in TlsServerProtocol.cs
Org.BouncyCastle.Tls.TlsServerProtocol.HandleHandshakeMessage(short, Org.BouncyCastle.Tls.HandshakeMessageInput) in TlsServerProtocol.cs
Org.BouncyCastle.Tls.TlsProtocol.ProcessHandshakeQueue(Org.BouncyCastle.Tls.ByteQueue) in TlsProtocol.cs
Org.BouncyCastle.Tls.TlsProtocol.ProcessRecord(short, byte[], int, int) in TlsProtocol.cs
Org.BouncyCastle.Tls.RecordStream.ReadFullRecord(byte[], int, int) in RecordStream.cs
Org.BouncyCastle.Tls.TlsProtocol.SafeReadFullRecord(byte[], int, int) in TlsProtocol.cs

Inner Exception 1:
NullReferenceException: Object reference not set to an instance of an object.
`

`Org.BouncyCastle.Tls.TlsFatalAlert
HResult=0x80131620
Message=internal_error(80)
Source=BouncyCastle.Cryptography
StackTrace:
at Org.BouncyCastle.Tls.TlsProtocol.SafeReadFullRecord(Byte[] input, Int32 inputOff, Int32 inputLen) in /_/crypto/src/tls/TlsProtocol.cs:line 862

This exception was originally thrown at this call stack:
System.ThrowHelper.ThrowInvalidOperationException_ConcurrentOperationsNotSupported() in ThrowHelper.cs
System.Collections.Generic.Dictionary<TKey, TValue>.TryInsert(TKey, TValue, System.Collections.Generic.InsertionBehavior) in Dictionary.cs
System.Collections.Generic.Dictionary<TKey, TValue>.this[TKey].set(TKey, TValue) in Dictionary.cs
Org.BouncyCastle.Tls.TlsExtensionsUtilities.AddEncryptThenMacExtension(System.Collections.Generic.IDictionary<int, byte[]>) in TlsExtensionsUtilities.cs
Org.BouncyCastle.Tls.AbstractTlsServer.GetServerExtensions() in AbstractTlsServer.cs
KecNetworkInterface.TcpServer.GetServerExtensions() in TcpServer.cs
Org.BouncyCastle.Tls.TlsServerProtocol.GenerateServerHello(Org.BouncyCastle.Tls.ClientHello, Org.BouncyCastle.Tls.HandshakeMessageInput) in TlsServerProtocol.cs
Org.BouncyCastle.Tls.TlsServerProtocol.HandleHandshakeMessage(short, Org.BouncyCastle.Tls.HandshakeMessageInput) in TlsServerProtocol.cs
Org.BouncyCastle.Tls.TlsProtocol.ProcessHandshakeQueue(Org.BouncyCastle.Tls.ByteQueue) in TlsProtocol.cs
Org.BouncyCastle.Tls.TlsProtocol.ProcessRecord(short, byte[], int, int) in TlsProtocol.cs
...
[Call Stack Truncated]

Inner Exception 1:
InvalidOperationException: Operations that change non-concurrent collections must have exclusive access. A concurrent update was performed on this collection and corrupted its state. The collection's state is no longer correct.
`

[peterdettman]

I would guess these are all multi-threading issues. TlsProtocol is basically designed for single-threaded usage, including the non-blocking methods you are using (OfferInput, ReadOutput). Possibly it will work OK if called from different threads as long as there is a synchronization guard to ensure only one thread is accessing it at a time.