Imported Upstream version 5.18.0.142

Former-commit-id: 7467d4b717762eeaf652d77f1486dd11ffb1ff1f

mcs/class/System/Mono.AppleTls/AppleTlsContext.cs

@@ -1,4 +1,3 @@
-#if SECURITY_DEP && MONO_FEATURE_APPLETLS
 //
 // AppleTlsContext.cs
 //
@@ -48,8 +47,8 @@ namespace Mono.AppleTls
 		SslReadFunc readFunc;
 		SslWriteFunc writeFunc;
 
-		SecIdentity serverIdentity;
-		SecIdentity clientIdentity;
+		SafeSecIdentityHandle serverIdentity;
+		SafeSecIdentityHandle clientIdentity;
 
 		X509Certificate remoteCertificate;
 		X509Certificate localClientCertificate;
@@ -168,9 +167,9 @@ namespace Mono.AppleTls
 			SetSessionOption (SslSessionOption.BreakOnServerAuth, true);
 
 			if (IsServer) {
-				SecCertificate[] intermediateCerts;
+				SafeSecCertificateHandle[] intermediateCerts;
 				serverIdentity = AppleCertificateHelper.GetIdentity (LocalServerCertificate, out intermediateCerts);
-				if (serverIdentity == null)
+				if (serverIdentity.IsInvalid)
 					throw new SSA.AuthenticationException ("Unable to get server certificate from keychain.");
 
 				SetCertificate (serverIdentity, intermediateCerts);
@@ -225,9 +224,9 @@ namespace Mono.AppleTls
 			if (localClientCertificate == null)
 				return;
 			clientIdentity = AppleCertificateHelper.GetIdentity (localClientCertificate);
-			if (clientIdentity == null)
+			if (clientIdentity.IsInvalid)
 				throw new TlsException (AlertDescription.CertificateUnknown);
-			SetCertificate (clientIdentity, new SecCertificate [0]);
+			SetCertificate (clientIdentity, new SafeSecCertificateHandle [0]);
 		}
 
 		void EvaluateTrust ()
@@ -662,26 +661,21 @@ namespace Mono.AppleTls
 		[DllImport (SecurityLibrary)]
 		extern unsafe static /* OSStatus */ SslStatus SSLSetCertificate (/* SSLContextRef */ IntPtr context, /* CFArrayRef */ IntPtr certRefs);
 
-		CFArray Bundle (SecIdentity identity, IEnumerable<SecCertificate> certificates)
+		CFArray Bundle (SafeSecIdentityHandle identity, IList<SafeSecCertificateHandle> certificates)
 		{
-			if (identity == null)
-				throw new ArgumentNullException ("identity");
-			int i = 0;
+			if (identity == null || identity.IsInvalid)
+				throw new ArgumentNullException (nameof (identity));
+			if (certificates == null)
+				throw new ArgumentNullException (nameof (certificates));
 
-			int n = 0;
-			if (certificates != null) {
-				foreach (var obj in certificates)
-					n++;
-			}
-
-			var ptrs = new IntPtr [n + 1];
-			ptrs [0] = identity.Handle;
-			foreach (var certificate in certificates)
-				ptrs [++i] = certificate.Handle;
+			var ptrs = new IntPtr [certificates.Count + 1];
+			ptrs [0] = identity.DangerousGetHandle ();
+			for (int i = 0; i < certificates.Count; i++)
+				ptrs [i + 1] = certificates [i].DangerousGetHandle ();
 			return CFArray.CreateArray (ptrs);
 		}
 
-		public void SetCertificate (SecIdentity identify, IEnumerable<SecCertificate> certificates)
+		void SetCertificate (SafeSecIdentityHandle identify, IList<SafeSecCertificateHandle> certificates)
 		{
 			using (var array = Bundle (identify, certificates)) {
 				var result = SSLSetCertificate (Handle, array.Handle);
@@ -1020,4 +1014,3 @@ namespace Mono.AppleTls
 		}
 	}
 }
-#endif