You've already forked linux-packaging-mono
Imported Upstream version 4.3.2.467
Former-commit-id: 9c2cb47f45fa221e661ab616387c9cda183f283d
This commit is contained in:
@@ -60,6 +60,13 @@ using System.Runtime.InteropServices;
|
||||
[assembly: AssemblyDelaySign (true)]
|
||||
[assembly: AssemblyKeyFile ("../mono.pub")]
|
||||
|
||||
#if MOBILE
|
||||
#if NET_2_1
|
||||
[assembly: InternalsVisibleTo ("System, PublicKey=00240000048000009400000006020000002400005253413100040000010001008D56C76F9E8649383049F383C44BE0EC204181822A6C31CF5EB7EF486944D032188EA1D3920763712CCB12D75FB77E9811149E6148E5D32FBAAB37611C1878DDC19E20EF135D0CB2CFF2BFEC3D115810C3D9069638FE4BE215DBF795861920E5AB6F7DB2E2CEEF136AC23D5DD2BF031700AEC232F6C6B1C785B4305C123B37AB")]
|
||||
#else
|
||||
[assembly: InternalsVisibleTo ("System, PublicKey=00000000000000000400000000000000")]
|
||||
#endif
|
||||
|
||||
[assembly: InternalsVisibleTo ("Mono.Security.Providers.NewTls, PublicKey=002400000480000094000000060200000024000052534131000400000100010079159977d2d03a8e6bea7a2e74e8d1afcc93e8851974952bb480a12c9134474d04062447c37e0e68c080536fcf3c3fbe2ff9c979ce998475e506e8ce82dd5b0f350dc10e93bf2eeecf874b24770c5081dbea7447fddafa277b22de47d6ffea449674a4f9fccf84d15069089380284dbdd35f46cdff12a1bd78e4ef0065d016df")]
|
||||
[assembly: InternalsVisibleTo ("Mono.Security.Providers.OldTls, PublicKey=002400000480000094000000060200000024000052534131000400000100010079159977d2d03a8e6bea7a2e74e8d1afcc93e8851974952bb480a12c9134474d04062447c37e0e68c080536fcf3c3fbe2ff9c979ce998475e506e8ce82dd5b0f350dc10e93bf2eeecf874b24770c5081dbea7447fddafa277b22de47d6ffea449674a4f9fccf84d15069089380284dbdd35f46cdff12a1bd78e4ef0065d016df")]
|
||||
[assembly: InternalsVisibleTo ("Mono.Security.Providers.DotNet, PublicKey=002400000480000094000000060200000024000052534131000400000100010079159977d2d03a8e6bea7a2e74e8d1afcc93e8851974952bb480a12c9134474d04062447c37e0e68c080536fcf3c3fbe2ff9c979ce998475e506e8ce82dd5b0f350dc10e93bf2eeecf874b24770c5081dbea7447fddafa277b22de47d6ffea449674a4f9fccf84d15069089380284dbdd35f46cdff12a1bd78e4ef0065d016df")]
|
||||
[assembly: InternalsVisibleTo ("Mono.Security.Providers.NewSystemSource, PublicKey=002400000480000094000000060200000024000052534131000400000100010079159977d2d03a8e6bea7a2e74e8d1afcc93e8851974952bb480a12c9134474d04062447c37e0e68c080536fcf3c3fbe2ff9c979ce998475e506e8ce82dd5b0f350dc10e93bf2eeecf874b24770c5081dbea7447fddafa277b22de47d6ffea449674a4f9fccf84d15069089380284dbdd35f46cdff12a1bd78e4ef0065d016df")]
|
||||
|
@@ -5,7 +5,7 @@ include ../../build/rules.make
|
||||
LIBRARY = Mono.Security.dll
|
||||
LOCAL_MCS_FLAGS = -lib:$(the_libdir_base)bare
|
||||
LIB_REFS = System
|
||||
LIB_MCS_FLAGS = -unsafe -nowarn:1030
|
||||
LIB_MCS_FLAGS = -unsafe -nowarn:1030,3009
|
||||
TEST_MCS_FLAGS = $(LIB_MCS_FLAGS) -nowarn:169,219,618,672
|
||||
|
||||
include ../../build/library.make
|
||||
@@ -16,3 +16,10 @@ $(the_libdir_base)bare/System.dll:
|
||||
(cd ../System; $(MAKE) $@)
|
||||
|
||||
.NOTPARALLEL: $(the_libdir_base)bare/System.dll
|
||||
|
||||
EXTRA_DISTFILES = Mono.Security.Interface/README.md
|
||||
|
||||
#
|
||||
# Update this comment to trigger a build in System
|
||||
# +1
|
||||
#
|
||||
|
@@ -77,7 +77,7 @@ namespace Mono.Security.Authenticode {
|
||||
public string Hash {
|
||||
get {
|
||||
if (hash == null)
|
||||
hash = "MD5";
|
||||
hash = "SHA1";
|
||||
return hash;
|
||||
}
|
||||
set {
|
||||
|
@@ -88,6 +88,10 @@ namespace Mono.Security.Cryptography {
|
||||
// block size (which isn't their real internal block size)
|
||||
public BlockProcessor (ICryptoTransform transform, int blockSize)
|
||||
{
|
||||
if (transform == null)
|
||||
throw new ArgumentNullException ("transform");
|
||||
if (blockSize <= 0)
|
||||
throw new ArgumentOutOfRangeException ("blockSize");
|
||||
this.transform = transform;
|
||||
this.blockSize = blockSize;
|
||||
block = new byte [blockSize];
|
||||
|
277
mcs/class/Mono.Security/Mono.Security.Interface/Alert.cs
Normal file
277
mcs/class/Mono.Security/Mono.Security.Interface/Alert.cs
Normal file
@@ -0,0 +1,277 @@
|
||||
//
|
||||
// Alert.cs
|
||||
//
|
||||
// Author:
|
||||
// Martin Baulig <martin.baulig@xamarin.com>
|
||||
//
|
||||
// Copyright (c) 2015 Xamarin, Inc.
|
||||
//
|
||||
// Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||
// of this software and associated documentation files (the "Software"), to deal
|
||||
// in the Software without restriction, including without limitation the rights
|
||||
// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||
// copies of the Software, and to permit persons to whom the Software is
|
||||
// furnished to do so, subject to the following conditions:
|
||||
//
|
||||
// The above copyright notice and this permission notice shall be included in
|
||||
// all copies or substantial portions of the Software.
|
||||
//
|
||||
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||
// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||
// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||
// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||
// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
||||
// THE SOFTWARE.
|
||||
|
||||
using System;
|
||||
|
||||
namespace Mono.Security.Interface
|
||||
{
|
||||
#region Enumerations
|
||||
|
||||
public enum AlertLevel : byte
|
||||
{
|
||||
Warning = 1,
|
||||
Fatal = 2
|
||||
}
|
||||
|
||||
public enum AlertDescription : byte
|
||||
{
|
||||
CloseNotify = 0,
|
||||
UnexpectedMessage = 10,
|
||||
BadRecordMAC = 20,
|
||||
DecryptionFailed_RESERVED = 21,
|
||||
RecordOverflow = 22,
|
||||
DecompressionFailure = 30,
|
||||
HandshakeFailure = 40,
|
||||
NoCertificate_RESERVED = 41, // should be used in SSL3
|
||||
BadCertificate = 42,
|
||||
UnsupportedCertificate = 43,
|
||||
CertificateRevoked = 44,
|
||||
CertificateExpired = 45,
|
||||
CertificateUnknown = 46,
|
||||
IlegalParameter = 47,
|
||||
UnknownCA = 48,
|
||||
AccessDenied = 49,
|
||||
DecodeError = 50,
|
||||
DecryptError = 51,
|
||||
ExportRestriction = 60,
|
||||
ProtocolVersion = 70,
|
||||
InsuficientSecurity = 71,
|
||||
InternalError = 80,
|
||||
UserCancelled = 90,
|
||||
NoRenegotiation = 100,
|
||||
UnsupportedExtension = 110
|
||||
}
|
||||
|
||||
#endregion
|
||||
|
||||
public class Alert
|
||||
{
|
||||
#region Fields
|
||||
|
||||
private AlertLevel level;
|
||||
private AlertDescription description;
|
||||
|
||||
#endregion
|
||||
|
||||
#region Properties
|
||||
|
||||
public AlertLevel Level
|
||||
{
|
||||
get { return this.level; }
|
||||
}
|
||||
|
||||
public AlertDescription Description
|
||||
{
|
||||
get { return this.description; }
|
||||
}
|
||||
|
||||
public string Message
|
||||
{
|
||||
get { return Alert.GetAlertMessage(this.description); }
|
||||
}
|
||||
|
||||
public bool IsWarning
|
||||
{
|
||||
get { return this.level == AlertLevel.Warning ? true : false; }
|
||||
}
|
||||
|
||||
/*
|
||||
public bool IsFatal
|
||||
{
|
||||
get { return this.level == AlertLevel.Fatal ? true : false; }
|
||||
}
|
||||
*/
|
||||
|
||||
public bool IsCloseNotify
|
||||
{
|
||||
get
|
||||
{
|
||||
if (this.IsWarning &&
|
||||
this.description == AlertDescription.CloseNotify)
|
||||
{
|
||||
return true;
|
||||
}
|
||||
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
#endregion
|
||||
|
||||
#region Constructors
|
||||
|
||||
public Alert(AlertDescription description)
|
||||
{
|
||||
this.description = description;
|
||||
this.inferAlertLevel();
|
||||
}
|
||||
|
||||
public Alert(
|
||||
AlertLevel level,
|
||||
AlertDescription description)
|
||||
{
|
||||
this.level = level;
|
||||
this.description = description;
|
||||
}
|
||||
|
||||
#endregion
|
||||
|
||||
#region Private Methods
|
||||
|
||||
private void inferAlertLevel()
|
||||
{
|
||||
switch (description)
|
||||
{
|
||||
case AlertDescription.CloseNotify:
|
||||
case AlertDescription.NoRenegotiation:
|
||||
case AlertDescription.UserCancelled:
|
||||
this.level = AlertLevel.Warning;
|
||||
break;
|
||||
|
||||
case AlertDescription.AccessDenied:
|
||||
case AlertDescription.BadCertificate:
|
||||
case AlertDescription.BadRecordMAC:
|
||||
case AlertDescription.CertificateExpired:
|
||||
case AlertDescription.CertificateRevoked:
|
||||
case AlertDescription.CertificateUnknown:
|
||||
case AlertDescription.DecodeError:
|
||||
case AlertDescription.DecompressionFailure:
|
||||
case AlertDescription.DecryptError:
|
||||
case AlertDescription.DecryptionFailed_RESERVED:
|
||||
case AlertDescription.ExportRestriction:
|
||||
case AlertDescription.HandshakeFailure:
|
||||
case AlertDescription.IlegalParameter:
|
||||
case AlertDescription.InsuficientSecurity:
|
||||
case AlertDescription.InternalError:
|
||||
case AlertDescription.ProtocolVersion:
|
||||
case AlertDescription.RecordOverflow:
|
||||
case AlertDescription.UnexpectedMessage:
|
||||
case AlertDescription.UnknownCA:
|
||||
case AlertDescription.UnsupportedCertificate:
|
||||
case AlertDescription.UnsupportedExtension:
|
||||
default:
|
||||
this.level = AlertLevel.Fatal;
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
#endregion
|
||||
|
||||
public override string ToString ()
|
||||
{
|
||||
return string.Format ("[Alert: {0}:{1}]", Level, Description);
|
||||
}
|
||||
|
||||
#region Static Methods
|
||||
|
||||
public static string GetAlertMessage(AlertDescription description)
|
||||
{
|
||||
#if (DEBUG)
|
||||
switch (description)
|
||||
{
|
||||
case AlertDescription.AccessDenied:
|
||||
return "An inappropriate message was received.";
|
||||
|
||||
case AlertDescription.BadCertificate:
|
||||
return "TLSCiphertext decrypted in an invalid way.";
|
||||
|
||||
case AlertDescription.BadRecordMAC:
|
||||
return "Record with an incorrect MAC.";
|
||||
|
||||
case AlertDescription.CertificateExpired:
|
||||
return "Certificate has expired or is not currently valid";
|
||||
|
||||
case AlertDescription.CertificateRevoked:
|
||||
return "Certificate was revoked by its signer.";
|
||||
|
||||
case AlertDescription.CertificateUnknown:
|
||||
return "Certificate Unknown.";
|
||||
|
||||
case AlertDescription.CloseNotify:
|
||||
return "Connection closed";
|
||||
|
||||
case AlertDescription.DecodeError:
|
||||
return "A message could not be decoded because some field was out of the specified range or the length of the message was incorrect.";
|
||||
|
||||
case AlertDescription.DecompressionFailure:
|
||||
return "The decompression function received improper input (e.g. data that would expand to excessive length).";
|
||||
|
||||
case AlertDescription.DecryptError:
|
||||
return "TLSCiphertext decrypted in an invalid way: either it wasn`t an even multiple of the block length or its padding values, when checked, weren`t correct.";
|
||||
|
||||
case AlertDescription.DecryptionFailed_RESERVED:
|
||||
return "Handshake cryptographic operation failed, including being unable to correctly verify a signature, decrypt a key exchange, or validate finished message.";
|
||||
|
||||
case AlertDescription.ExportRestriction:
|
||||
return "Negotiation not in compliance with export restrictions was detected.";
|
||||
|
||||
case AlertDescription.HandshakeFailure:
|
||||
return "Unable to negotiate an acceptable set of security parameters given the options available.";
|
||||
|
||||
case AlertDescription.IlegalParameter:
|
||||
return "A field in the handshake was out of range or inconsistent with other fields.";
|
||||
|
||||
case AlertDescription.InsuficientSecurity:
|
||||
return "Negotiation has failed specifically because the server requires ciphers more secure than those supported by the client.";
|
||||
|
||||
case AlertDescription.InternalError:
|
||||
return "Internal error unrelated to the peer or the correctness of the protocol makes it impossible to continue.";
|
||||
|
||||
case AlertDescription.NoRenegotiation:
|
||||
return "Invalid renegotiation.";
|
||||
|
||||
case AlertDescription.ProtocolVersion:
|
||||
return "Unsupported protocol version.";
|
||||
|
||||
case AlertDescription.RecordOverflow:
|
||||
return "Invalid length on TLSCiphertext record or TLSCompressed record.";
|
||||
|
||||
case AlertDescription.UnexpectedMessage:
|
||||
return "Invalid message received.";
|
||||
|
||||
case AlertDescription.UnknownCA:
|
||||
return "CA can't be identified as a trusted CA.";
|
||||
|
||||
case AlertDescription.UnsupportedCertificate:
|
||||
return "Certificate was of an unsupported type.";
|
||||
|
||||
case AlertDescription.UserCancelled:
|
||||
return "Handshake cancelled by user.";
|
||||
|
||||
case AlertDescription.UnsupportedExtension:
|
||||
return "Unsupported extension.";
|
||||
|
||||
default:
|
||||
return "";
|
||||
}
|
||||
#else
|
||||
return "The authentication or decryption has failed.";
|
||||
#endif
|
||||
}
|
||||
|
||||
#endregion
|
||||
}
|
||||
}
|
@@ -0,0 +1,96 @@
|
||||
//
|
||||
// BufferOffsetSize.cs
|
||||
//
|
||||
// Author:
|
||||
// Martin Baulig <martin.baulig@xamarin.com>
|
||||
//
|
||||
// Copyright (c) 2014-2016 Xamarin Inc. (http://www.xamarin.com)
|
||||
//
|
||||
// Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||
// of this software and associated documentation files (the "Software"), to deal
|
||||
// in the Software without restriction, including without limitation the rights
|
||||
// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||
// copies of the Software, and to permit persons to whom the Software is
|
||||
// furnished to do so, subject to the following conditions:
|
||||
//
|
||||
// The above copyright notice and this permission notice shall be included in
|
||||
// all copies or substantial portions of the Software.
|
||||
//
|
||||
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||
// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||
// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||
// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||
// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
||||
// THE SOFTWARE.
|
||||
using System;
|
||||
|
||||
namespace Mono.Security.Interface
|
||||
{
|
||||
public class BufferOffsetSize : SecretParameters, IBufferOffsetSize
|
||||
{
|
||||
public byte[] Buffer {
|
||||
get;
|
||||
private set;
|
||||
}
|
||||
|
||||
public int Offset {
|
||||
get;
|
||||
internal set;
|
||||
}
|
||||
|
||||
public int Size {
|
||||
get { return EndOffset - Offset; }
|
||||
}
|
||||
|
||||
public int EndOffset {
|
||||
get;
|
||||
internal set;
|
||||
}
|
||||
|
||||
public BufferOffsetSize (byte[] buffer, int offset, int size)
|
||||
{
|
||||
Buffer = buffer;
|
||||
Offset = offset;
|
||||
EndOffset = offset + size;
|
||||
}
|
||||
|
||||
public BufferOffsetSize (byte[] buffer)
|
||||
: this (buffer, 0, buffer.Length)
|
||||
{
|
||||
}
|
||||
|
||||
public BufferOffsetSize (int size)
|
||||
: this (new byte [size])
|
||||
{
|
||||
}
|
||||
|
||||
public byte[] GetBuffer ()
|
||||
{
|
||||
var copy = new byte [Size];
|
||||
Array.Copy (Buffer, Offset, copy, 0, Size);
|
||||
return copy;
|
||||
}
|
||||
|
||||
public void TruncateTo (int newSize)
|
||||
{
|
||||
if (newSize > Size)
|
||||
throw new ArgumentException ("newSize");
|
||||
EndOffset = Offset + newSize;
|
||||
}
|
||||
|
||||
protected void SetBuffer (byte[] buffer, int offset, int size)
|
||||
{
|
||||
Buffer = buffer;
|
||||
Offset = offset;
|
||||
EndOffset = offset + size;
|
||||
}
|
||||
|
||||
protected override void Clear ()
|
||||
{
|
||||
Buffer = null;
|
||||
Offset = EndOffset = 0;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@@ -0,0 +1,161 @@
|
||||
//
|
||||
// CertificateValidationHelper.cs
|
||||
//
|
||||
// Author:
|
||||
// Martin Baulig <martin.baulig@xamarin.com>
|
||||
//
|
||||
// Copyright (c) 2015 Xamarin, Inc.
|
||||
//
|
||||
// Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||
// of this software and associated documentation files (the "Software"), to deal
|
||||
// in the Software without restriction, including without limitation the rights
|
||||
// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||
// copies of the Software, and to permit persons to whom the Software is
|
||||
// furnished to do so, subject to the following conditions:
|
||||
//
|
||||
// The above copyright notice and this permission notice shall be included in
|
||||
// all copies or substantial portions of the Software.
|
||||
//
|
||||
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||
// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||
// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||
// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||
// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
||||
// THE SOFTWARE.
|
||||
|
||||
using System;
|
||||
using System.IO;
|
||||
using System.Net;
|
||||
using System.Net.Security;
|
||||
using System.Threading;
|
||||
using System.Security.Cryptography.X509Certificates;
|
||||
using Mono.Security.Protocol.Tls;
|
||||
using MX = Mono.Security.X509;
|
||||
using Mono.Net.Security;
|
||||
|
||||
namespace Mono.Security.Interface
|
||||
{
|
||||
public class ValidationResult
|
||||
{
|
||||
bool trusted;
|
||||
bool user_denied;
|
||||
int error_code;
|
||||
MonoSslPolicyErrors? policy_errors;
|
||||
|
||||
public ValidationResult (bool trusted, bool user_denied, int error_code, MonoSslPolicyErrors? policy_errors)
|
||||
{
|
||||
this.trusted = trusted;
|
||||
this.user_denied = user_denied;
|
||||
this.error_code = error_code;
|
||||
this.policy_errors = policy_errors;
|
||||
}
|
||||
|
||||
internal ValidationResult (bool trusted, bool user_denied, int error_code)
|
||||
{
|
||||
this.trusted = trusted;
|
||||
this.user_denied = user_denied;
|
||||
this.error_code = error_code;
|
||||
}
|
||||
|
||||
public bool Trusted {
|
||||
get { return trusted; }
|
||||
}
|
||||
|
||||
public bool UserDenied {
|
||||
get { return user_denied; }
|
||||
}
|
||||
|
||||
public int ErrorCode {
|
||||
get { return error_code; }
|
||||
}
|
||||
|
||||
public MonoSslPolicyErrors? PolicyErrors {
|
||||
get { return policy_errors; }
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Internal interface - do not implement
|
||||
*/
|
||||
public interface ICertificateValidator
|
||||
{
|
||||
MonoTlsSettings Settings {
|
||||
get;
|
||||
}
|
||||
|
||||
/*
|
||||
* Returns `true` if a client certificate has been selected (which could be `null`).
|
||||
*/
|
||||
bool SelectClientCertificate (
|
||||
string targetHost, X509CertificateCollection localCertificates, X509Certificate remoteCertificate,
|
||||
string[] acceptableIssuers, out X509Certificate clientCertificate);
|
||||
|
||||
/*
|
||||
* If @serverMode is true, then we're a server and want to validate a certificate that we received from a client.
|
||||
*/
|
||||
ValidationResult ValidateCertificate (string targetHost, bool serverMode, X509CertificateCollection certificates);
|
||||
|
||||
/*
|
||||
* On OS X and Mobile, the @chain will be initialized with the @certificates, but not actually built.
|
||||
*/
|
||||
bool InvokeSystemValidator (
|
||||
string targetHost, bool serverMode, X509CertificateCollection certificates,
|
||||
X509Chain chain, ref MonoSslPolicyErrors errors, ref int status11);
|
||||
}
|
||||
|
||||
public static class CertificateValidationHelper
|
||||
{
|
||||
const string SecurityLibrary = "/System/Library/Frameworks/Security.framework/Security";
|
||||
static readonly bool noX509Chain;
|
||||
static readonly bool supportsTrustAnchors;
|
||||
|
||||
static CertificateValidationHelper ()
|
||||
{
|
||||
#if MONOTOUCH || XAMMAC
|
||||
noX509Chain = true;
|
||||
supportsTrustAnchors = true;
|
||||
#elif MONODROID
|
||||
noX509Chain = true;
|
||||
supportsTrustAnchors = false;
|
||||
#else
|
||||
if (File.Exists (SecurityLibrary)) {
|
||||
noX509Chain = true;
|
||||
supportsTrustAnchors = true;
|
||||
} else {
|
||||
noX509Chain = false;
|
||||
supportsTrustAnchors = false;
|
||||
}
|
||||
#endif
|
||||
}
|
||||
|
||||
public static bool SupportsX509Chain {
|
||||
get { return !noX509Chain; }
|
||||
}
|
||||
|
||||
public static bool SupportsTrustAnchors {
|
||||
get { return supportsTrustAnchors; }
|
||||
}
|
||||
|
||||
static ICertificateValidator GetDefaultValidator (MonoTlsProvider provider, MonoTlsSettings settings)
|
||||
{
|
||||
return (ICertificateValidator)NoReflectionHelper.GetDefaultCertificateValidator (provider, settings);
|
||||
}
|
||||
|
||||
/*
|
||||
* Internal API, intended to be used by MonoTlsProvider implementations.
|
||||
*/
|
||||
public static ICertificateValidator GetValidator (MonoTlsProvider provider, MonoTlsSettings settings)
|
||||
{
|
||||
return GetDefaultValidator (provider, settings);
|
||||
}
|
||||
|
||||
/*
|
||||
* Use this overloaded version in user code.
|
||||
*/
|
||||
public static ICertificateValidator GetValidator (MonoTlsSettings settings)
|
||||
{
|
||||
return GetDefaultValidator (null, settings);
|
||||
}
|
||||
}
|
||||
}
|
@@ -0,0 +1,39 @@
|
||||
//
|
||||
// CipherAlgorithmType.cs
|
||||
//
|
||||
// Author:
|
||||
// Martin Baulig <martin.baulig@xamarin.com>
|
||||
//
|
||||
// Copyright (c) 2015 Xamarin Inc. (http://www.xamarin.com)
|
||||
//
|
||||
// Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||
// of this software and associated documentation files (the "Software"), to deal
|
||||
// in the Software without restriction, including without limitation the rights
|
||||
// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||
// copies of the Software, and to permit persons to whom the Software is
|
||||
// furnished to do so, subject to the following conditions:
|
||||
//
|
||||
// The above copyright notice and this permission notice shall be included in
|
||||
// all copies or substantial portions of the Software.
|
||||
//
|
||||
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||
// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||
// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||
// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||
// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
||||
// THE SOFTWARE.
|
||||
|
||||
using System;
|
||||
|
||||
namespace Mono.Security.Interface
|
||||
{
|
||||
public enum CipherAlgorithmType
|
||||
{
|
||||
None,
|
||||
Aes128,
|
||||
Aes256,
|
||||
AesGcm128,
|
||||
AesGcm256
|
||||
}
|
||||
}
|
@@ -0,0 +1,398 @@
|
||||
//
|
||||
// CipherSuiteCode.cs
|
||||
//
|
||||
// Author:
|
||||
// Martin Baulig <martin.baulig@xamarin.com>
|
||||
//
|
||||
// Copyright (c) 2015 Xamarin, Inc.
|
||||
//
|
||||
// Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||
// of this software and associated documentation files (the "Software"), to deal
|
||||
// in the Software without restriction, including without limitation the rights
|
||||
// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||
// copies of the Software, and to permit persons to whom the Software is
|
||||
// furnished to do so, subject to the following conditions:
|
||||
//
|
||||
// The above copyright notice and this permission notice shall be included in
|
||||
// all copies or substantial portions of the Software.
|
||||
//
|
||||
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||
// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||
// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||
// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||
// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
||||
// THE SOFTWARE.
|
||||
|
||||
using System;
|
||||
|
||||
namespace Mono.Security.Interface
|
||||
{
|
||||
/// <summary>
|
||||
/// RFC 2246 A.5
|
||||
/// </summary>
|
||||
public enum CipherSuiteCode : ushort
|
||||
{
|
||||
TLS_NULL_WITH_NULL_NULL = 0x0000,
|
||||
TLS_RSA_WITH_NULL_MD5 = 0x0001,
|
||||
TLS_RSA_WITH_NULL_SHA = 0x0002,
|
||||
TLS_RSA_EXPORT_WITH_RC4_40_MD5 = 0x0003,
|
||||
TLS_RSA_WITH_RC4_128_MD5 = 0x0004,
|
||||
TLS_RSA_WITH_RC4_128_SHA = 0x0005,
|
||||
TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 = 0x0006,
|
||||
TLS_RSA_WITH_IDEA_CBC_SHA = 0x0007,
|
||||
TLS_RSA_EXPORT_WITH_DES40_CBC_SHA = 0x0008,
|
||||
TLS_RSA_WITH_DES_CBC_SHA = 0x0009,
|
||||
TLS_RSA_WITH_3DES_EDE_CBC_SHA = 0x000A,
|
||||
TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA = 0x000B,
|
||||
TLS_DH_DSS_WITH_DES_CBC_SHA = 0x000C,
|
||||
TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA = 0x000D,
|
||||
TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA = 0x000E,
|
||||
TLS_DH_RSA_WITH_DES_CBC_SHA = 0x000F,
|
||||
TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA = 0x0010,
|
||||
TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA = 0x0011,
|
||||
TLS_DHE_DSS_WITH_DES_CBC_SHA = 0x0012,
|
||||
TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA = 0x0013,
|
||||
TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA = 0x0014,
|
||||
TLS_DHE_RSA_WITH_DES_CBC_SHA = 0x0015,
|
||||
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA = 0x0016,
|
||||
TLS_DH_anon_EXPORT_WITH_RC4_40_MD5 = 0x0017,
|
||||
TLS_DH_anon_WITH_RC4_128_MD5 = 0x0018,
|
||||
TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA = 0x0019,
|
||||
TLS_DH_anon_WITH_DES_CBC_SHA = 0x001A,
|
||||
TLS_DH_anon_WITH_3DES_EDE_CBC_SHA = 0x001B,
|
||||
|
||||
/*
|
||||
* Note: The cipher suite values { 0x00, 0x1C } and { 0x00, 0x1D } are reserved to avoid
|
||||
* collision with Fortezza-based cipher suites in SSL 3.
|
||||
*/
|
||||
|
||||
/*
|
||||
* RFC 3268
|
||||
*/
|
||||
TLS_RSA_WITH_AES_128_CBC_SHA = 0x002F,
|
||||
TLS_DH_DSS_WITH_AES_128_CBC_SHA = 0x0030,
|
||||
TLS_DH_RSA_WITH_AES_128_CBC_SHA = 0x0031,
|
||||
TLS_DHE_DSS_WITH_AES_128_CBC_SHA = 0x0032,
|
||||
TLS_DHE_RSA_WITH_AES_128_CBC_SHA = 0x0033,
|
||||
TLS_DH_anon_WITH_AES_128_CBC_SHA = 0x0034,
|
||||
TLS_RSA_WITH_AES_256_CBC_SHA = 0x0035,
|
||||
TLS_DH_DSS_WITH_AES_256_CBC_SHA = 0x0036,
|
||||
TLS_DH_RSA_WITH_AES_256_CBC_SHA = 0x0037,
|
||||
TLS_DHE_DSS_WITH_AES_256_CBC_SHA = 0x0038,
|
||||
TLS_DHE_RSA_WITH_AES_256_CBC_SHA = 0x0039,
|
||||
TLS_DH_anon_WITH_AES_256_CBC_SHA = 0x003A,
|
||||
|
||||
/*
|
||||
* RFC 5932
|
||||
*/
|
||||
TLS_RSA_WITH_CAMELLIA_128_CBC_SHA = 0x0041,
|
||||
TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA = 0x0042,
|
||||
TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA = 0x0043,
|
||||
TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA = 0x0044,
|
||||
TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA = 0x0045,
|
||||
TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA = 0x0046,
|
||||
|
||||
TLS_RSA_WITH_CAMELLIA_256_CBC_SHA = 0x0084,
|
||||
TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA = 0x0085,
|
||||
TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA = 0x0086,
|
||||
TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA = 0x0087,
|
||||
TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA = 0x0088,
|
||||
TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA = 0x0089,
|
||||
|
||||
TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 0x00BA,
|
||||
TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256 = 0x00BB,
|
||||
TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 0x00BC,
|
||||
TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 = 0x00BD,
|
||||
TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 0x00BE,
|
||||
TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256 = 0x00BF,
|
||||
|
||||
TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 = 0x00C0,
|
||||
TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256 = 0x00C1,
|
||||
TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256 = 0x00C2,
|
||||
TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 = 0x00C3,
|
||||
TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 = 0x00C4,
|
||||
TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256 = 0x00C5,
|
||||
|
||||
/*
|
||||
* RFC 4162
|
||||
*/
|
||||
TLS_RSA_WITH_SEED_CBC_SHA = 0x0096,
|
||||
TLS_DH_DSS_WITH_SEED_CBC_SHA = 0x0097,
|
||||
TLS_DH_RSA_WITH_SEED_CBC_SHA = 0x0098,
|
||||
TLS_DHE_DSS_WITH_SEED_CBC_SHA = 0x0099,
|
||||
TLS_DHE_RSA_WITH_SEED_CBC_SHA = 0x009A,
|
||||
TLS_DH_anon_WITH_SEED_CBC_SHA = 0x009B,
|
||||
|
||||
/*
|
||||
* RFC 4279
|
||||
*/
|
||||
TLS_PSK_WITH_RC4_128_SHA = 0x008A,
|
||||
TLS_PSK_WITH_3DES_EDE_CBC_SHA = 0x008B,
|
||||
TLS_PSK_WITH_AES_128_CBC_SHA = 0x008C,
|
||||
TLS_PSK_WITH_AES_256_CBC_SHA = 0x008D,
|
||||
TLS_DHE_PSK_WITH_RC4_128_SHA = 0x008E,
|
||||
TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA = 0x008F,
|
||||
TLS_DHE_PSK_WITH_AES_128_CBC_SHA = 0x0090,
|
||||
TLS_DHE_PSK_WITH_AES_256_CBC_SHA = 0x0091,
|
||||
TLS_RSA_PSK_WITH_RC4_128_SHA = 0x0092,
|
||||
TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA = 0x0093,
|
||||
TLS_RSA_PSK_WITH_AES_128_CBC_SHA = 0x0094,
|
||||
TLS_RSA_PSK_WITH_AES_256_CBC_SHA = 0x0095,
|
||||
|
||||
/*
|
||||
* RFC 4492
|
||||
*/
|
||||
TLS_ECDH_ECDSA_WITH_NULL_SHA = 0xC001,
|
||||
TLS_ECDH_ECDSA_WITH_RC4_128_SHA = 0xC002,
|
||||
TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA = 0xC003,
|
||||
TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA = 0xC004,
|
||||
TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA = 0xC005,
|
||||
TLS_ECDHE_ECDSA_WITH_NULL_SHA = 0xC006,
|
||||
TLS_ECDHE_ECDSA_WITH_RC4_128_SHA = 0xC007,
|
||||
TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA = 0xC008,
|
||||
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA = 0xC009,
|
||||
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA = 0xC00A,
|
||||
TLS_ECDH_RSA_WITH_NULL_SHA = 0xC00B,
|
||||
TLS_ECDH_RSA_WITH_RC4_128_SHA = 0xC00C,
|
||||
TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA = 0xC00D,
|
||||
TLS_ECDH_RSA_WITH_AES_128_CBC_SHA = 0xC00E,
|
||||
TLS_ECDH_RSA_WITH_AES_256_CBC_SHA = 0xC00F,
|
||||
TLS_ECDHE_RSA_WITH_NULL_SHA = 0xC010,
|
||||
TLS_ECDHE_RSA_WITH_RC4_128_SHA = 0xC011,
|
||||
TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA = 0xC012,
|
||||
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA = 0xC013,
|
||||
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA = 0xC014,
|
||||
TLS_ECDH_anon_WITH_NULL_SHA = 0xC015,
|
||||
TLS_ECDH_anon_WITH_RC4_128_SHA = 0xC016,
|
||||
TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA = 0xC017,
|
||||
TLS_ECDH_anon_WITH_AES_128_CBC_SHA = 0xC018,
|
||||
TLS_ECDH_anon_WITH_AES_256_CBC_SHA = 0xC019,
|
||||
|
||||
/*
|
||||
* RFC 4785
|
||||
*/
|
||||
TLS_PSK_WITH_NULL_SHA = 0x002C,
|
||||
TLS_DHE_PSK_WITH_NULL_SHA = 0x002D,
|
||||
TLS_RSA_PSK_WITH_NULL_SHA = 0x002E,
|
||||
|
||||
/*
|
||||
* RFC 5054
|
||||
*/
|
||||
TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA = 0xC01A,
|
||||
TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA = 0xC01B,
|
||||
TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA = 0xC01C,
|
||||
TLS_SRP_SHA_WITH_AES_128_CBC_SHA = 0xC01D,
|
||||
TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA = 0xC01E,
|
||||
TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA = 0xC01F,
|
||||
TLS_SRP_SHA_WITH_AES_256_CBC_SHA = 0xC020,
|
||||
TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA = 0xC021,
|
||||
TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA = 0xC022,
|
||||
|
||||
/*
|
||||
* RFC 5246
|
||||
*/
|
||||
TLS_RSA_WITH_NULL_SHA256 = 0x003B,
|
||||
TLS_RSA_WITH_AES_128_CBC_SHA256 = 0x003C,
|
||||
TLS_RSA_WITH_AES_256_CBC_SHA256 = 0x003D,
|
||||
TLS_DH_DSS_WITH_AES_128_CBC_SHA256 = 0x003E,
|
||||
TLS_DH_RSA_WITH_AES_128_CBC_SHA256 = 0x003F,
|
||||
TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 = 0x0040,
|
||||
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 = 0x0067,
|
||||
TLS_DH_DSS_WITH_AES_256_CBC_SHA256 = 0x0068,
|
||||
TLS_DH_RSA_WITH_AES_256_CBC_SHA256 = 0x0069,
|
||||
TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 = 0x006A,
|
||||
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 = 0x006B,
|
||||
TLS_DH_anon_WITH_AES_128_CBC_SHA256 = 0x006C,
|
||||
TLS_DH_anon_WITH_AES_256_CBC_SHA256 = 0x006D,
|
||||
|
||||
/*
|
||||
* RFC 5288
|
||||
*/
|
||||
TLS_RSA_WITH_AES_128_GCM_SHA256 = 0x009C,
|
||||
TLS_RSA_WITH_AES_256_GCM_SHA384 = 0x009D,
|
||||
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 = 0x009E,
|
||||
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 = 0x009F,
|
||||
TLS_DH_RSA_WITH_AES_128_GCM_SHA256 = 0x00A0,
|
||||
TLS_DH_RSA_WITH_AES_256_GCM_SHA384 = 0x00A1,
|
||||
TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 = 0x00A2,
|
||||
TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 = 0x00A3,
|
||||
TLS_DH_DSS_WITH_AES_128_GCM_SHA256 = 0x00A4,
|
||||
TLS_DH_DSS_WITH_AES_256_GCM_SHA384 = 0x00A5,
|
||||
TLS_DH_anon_WITH_AES_128_GCM_SHA256 = 0x00A6,
|
||||
TLS_DH_anon_WITH_AES_256_GCM_SHA384 = 0x00A7,
|
||||
|
||||
/*
|
||||
* RFC 5289
|
||||
*/
|
||||
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 = 0xC023,
|
||||
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 = 0xC024,
|
||||
TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 = 0xC025,
|
||||
TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 = 0xC026,
|
||||
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 = 0xC027,
|
||||
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 = 0xC028,
|
||||
TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 = 0xC029,
|
||||
TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 = 0xC02A,
|
||||
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 = 0xC02B,
|
||||
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 = 0xC02C,
|
||||
TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 = 0xC02D,
|
||||
TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 = 0xC02E,
|
||||
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 = 0xC02F,
|
||||
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 = 0xC030,
|
||||
TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 = 0xC031,
|
||||
TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 = 0xC032,
|
||||
|
||||
/*
|
||||
* RFC 5487
|
||||
*/
|
||||
TLS_PSK_WITH_AES_128_GCM_SHA256 = 0x00A8,
|
||||
TLS_PSK_WITH_AES_256_GCM_SHA384 = 0x00A9,
|
||||
TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 = 0x00AA,
|
||||
TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 = 0x00AB,
|
||||
TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 = 0x00AC,
|
||||
TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 = 0x00AD,
|
||||
TLS_PSK_WITH_AES_128_CBC_SHA256 = 0x00AE,
|
||||
TLS_PSK_WITH_AES_256_CBC_SHA384 = 0x00AF,
|
||||
TLS_PSK_WITH_NULL_SHA256 = 0x00B0,
|
||||
TLS_PSK_WITH_NULL_SHA384 = 0x00B1,
|
||||
TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 = 0x00B2,
|
||||
TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 = 0x00B3,
|
||||
TLS_DHE_PSK_WITH_NULL_SHA256 = 0x00B4,
|
||||
TLS_DHE_PSK_WITH_NULL_SHA384 = 0x00B5,
|
||||
TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 = 0x00B6,
|
||||
TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 = 0x00B7,
|
||||
TLS_RSA_PSK_WITH_NULL_SHA256 = 0x00B8,
|
||||
TLS_RSA_PSK_WITH_NULL_SHA384 = 0x00B9,
|
||||
|
||||
/*
|
||||
* RFC 5489
|
||||
*/
|
||||
TLS_ECDHE_PSK_WITH_RC4_128_SHA = 0xC033,
|
||||
TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA = 0xC034,
|
||||
TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA = 0xC035,
|
||||
TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA = 0xC036,
|
||||
TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 = 0xC037,
|
||||
TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 = 0xC038,
|
||||
TLS_ECDHE_PSK_WITH_NULL_SHA = 0xC039,
|
||||
TLS_ECDHE_PSK_WITH_NULL_SHA256 = 0xC03A,
|
||||
TLS_ECDHE_PSK_WITH_NULL_SHA384 = 0xC03B,
|
||||
|
||||
/*
|
||||
* RFC 5746
|
||||
*/
|
||||
TLS_EMPTY_RENEGOTIATION_INFO_SCSV = 0x00FF,
|
||||
|
||||
/*
|
||||
* RFC 6367
|
||||
*/
|
||||
TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 = 0xC072,
|
||||
TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 = 0xC073,
|
||||
TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 = 0xC074,
|
||||
TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 = 0xC075,
|
||||
TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 0xC076,
|
||||
TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 = 0xC077,
|
||||
TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 0xC078,
|
||||
TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 = 0xC079,
|
||||
|
||||
TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 = 0xC07A,
|
||||
TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 = 0xC07B,
|
||||
TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 = 0xC07C,
|
||||
TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 = 0xC07D,
|
||||
TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256 = 0xC07E,
|
||||
TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384 = 0xC07F,
|
||||
TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256 = 0xC080,
|
||||
TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384 = 0xC081,
|
||||
TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256 = 0xC082,
|
||||
TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384 = 0xC083,
|
||||
TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256 = 0xC084,
|
||||
TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384 = 0xC085,
|
||||
TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 = 0xC086,
|
||||
TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 = 0xC087,
|
||||
TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 = 0xC088,
|
||||
TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 = 0xC089,
|
||||
TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 = 0xC08A,
|
||||
TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 = 0xC08B,
|
||||
TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 = 0xC08C,
|
||||
TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 = 0xC08D,
|
||||
|
||||
TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 = 0xC08E,
|
||||
TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 = 0xC08F,
|
||||
TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 = 0xC090,
|
||||
TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 = 0xC091,
|
||||
TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 = 0xC092,
|
||||
TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 = 0xC093,
|
||||
TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 = 0xC094,
|
||||
TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 = 0xC095,
|
||||
TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 = 0xC096,
|
||||
TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 = 0xC097,
|
||||
TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 = 0xC098,
|
||||
TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 = 0xC099,
|
||||
TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 = 0xC09A,
|
||||
TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 = 0xC09B,
|
||||
|
||||
/*
|
||||
* RFC 6655
|
||||
*/
|
||||
TLS_RSA_WITH_AES_128_CCM = 0xC09C,
|
||||
TLS_RSA_WITH_AES_256_CCM = 0xC09D,
|
||||
TLS_DHE_RSA_WITH_AES_128_CCM = 0xC09E,
|
||||
TLS_DHE_RSA_WITH_AES_256_CCM = 0xC09F,
|
||||
TLS_RSA_WITH_AES_128_CCM_8 = 0xC0A0,
|
||||
TLS_RSA_WITH_AES_256_CCM_8 = 0xC0A1,
|
||||
TLS_DHE_RSA_WITH_AES_128_CCM_8 = 0xC0A2,
|
||||
TLS_DHE_RSA_WITH_AES_256_CCM_8 = 0xC0A3,
|
||||
TLS_PSK_WITH_AES_128_CCM = 0xC0A4,
|
||||
TLS_PSK_WITH_AES_256_CCM = 0xC0A5,
|
||||
TLS_DHE_PSK_WITH_AES_128_CCM = 0xC0A6,
|
||||
TLS_DHE_PSK_WITH_AES_256_CCM = 0xC0A7,
|
||||
TLS_PSK_WITH_AES_128_CCM_8 = 0xC0A8,
|
||||
TLS_PSK_WITH_AES_256_CCM_8 = 0xC0A9,
|
||||
TLS_PSK_DHE_WITH_AES_128_CCM_8 = 0xC0AA,
|
||||
TLS_PSK_DHE_WITH_AES_256_CCM_8 = 0xC0AB,
|
||||
|
||||
/*
|
||||
* draft-agl-tls-chacha20poly1305-04
|
||||
*/
|
||||
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 = 0xCC13,
|
||||
TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 = 0xCC14,
|
||||
TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 = 0xCC15,
|
||||
|
||||
/*
|
||||
* draft-josefsson-salsa20-tls-04
|
||||
*/
|
||||
TLS_RSA_WITH_ESTREAM_SALSA20_SHA1 = 0xE410,
|
||||
TLS_RSA_WITH_SALSA20_SHA1 = 0xE411,
|
||||
TLS_ECDHE_RSA_WITH_ESTREAM_SALSA20_SHA1 = 0xE412,
|
||||
TLS_ECDHE_RSA_WITH_SALSA20_SHA1 = 0xE413,
|
||||
TLS_ECDHE_ECDSA_WITH_ESTREAM_SALSA20_SHA1 = 0xE414,
|
||||
TLS_ECDHE_ECDSA_WITH_SALSA20_SHA1 = 0xE415,
|
||||
TLS_PSK_WITH_ESTREAM_SALSA20_SHA1 = 0xE416,
|
||||
TLS_PSK_WITH_SALSA20_SHA1 = 0xE417,
|
||||
TLS_ECDHE_PSK_WITH_ESTREAM_SALSA20_SHA1 = 0xE418,
|
||||
TLS_ECDHE_PSK_WITH_SALSA20_SHA1 = 0xE419,
|
||||
TLS_RSA_PSK_WITH_ESTREAM_SALSA20_SHA1 = 0xE41A,
|
||||
TLS_RSA_PSK_WITH_SALSA20_SHA1 = 0xE41B,
|
||||
TLS_DHE_PSK_WITH_ESTREAM_SALSA20_SHA1 = 0xE41C,
|
||||
TLS_DHE_PSK_WITH_SALSA20_SHA1 = 0xE41D,
|
||||
TLS_DHE_RSA_WITH_ESTREAM_SALSA20_SHA1 = 0xE41E,
|
||||
TLS_DHE_RSA_WITH_SALSA20_SHA1 = 0xE41F,
|
||||
|
||||
/*
|
||||
* draft-ietf-tls-downgrade-scsv-00
|
||||
*/
|
||||
TLS_FALLBACK_SCSV = 0x5600,
|
||||
|
||||
/*
|
||||
public static bool IsScsv (int cipherSuite)
|
||||
{
|
||||
switch (cipherSuite) {
|
||||
case TLS_EMPTY_RENEGOTIATION_INFO_SCSV:
|
||||
case TLS_FALLBACK_SCSV:
|
||||
return true,
|
||||
default:
|
||||
return false,
|
||||
}
|
||||
}
|
||||
*/
|
||||
}
|
||||
}
|
@@ -0,0 +1,38 @@
|
||||
//
|
||||
// ExchangeAlgorithmType.cs
|
||||
//
|
||||
// Author:
|
||||
// Martin Baulig <martin.baulig@xamarin.com>
|
||||
//
|
||||
// Copyright (c) 2015 Xamarin Inc. (http://www.xamarin.com)
|
||||
//
|
||||
// Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||
// of this software and associated documentation files (the "Software"), to deal
|
||||
// in the Software without restriction, including without limitation the rights
|
||||
// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||
// copies of the Software, and to permit persons to whom the Software is
|
||||
// furnished to do so, subject to the following conditions:
|
||||
//
|
||||
// The above copyright notice and this permission notice shall be included in
|
||||
// all copies or substantial portions of the Software.
|
||||
//
|
||||
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||
// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||
// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||
// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||
// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
||||
// THE SOFTWARE.
|
||||
|
||||
using System;
|
||||
|
||||
namespace Mono.Security.Interface
|
||||
{
|
||||
public enum ExchangeAlgorithmType
|
||||
{
|
||||
None,
|
||||
Dhe,
|
||||
Rsa,
|
||||
EcDhe
|
||||
}
|
||||
}
|
@@ -0,0 +1,44 @@
|
||||
//
|
||||
// HashAlgorithmType.cs
|
||||
//
|
||||
// Author:
|
||||
// Martin Baulig <martin.baulig@xamarin.com>
|
||||
//
|
||||
// Copyright (c) 2015 Xamarin, Inc.
|
||||
//
|
||||
// Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||
// of this software and associated documentation files (the "Software"), to deal
|
||||
// in the Software without restriction, including without limitation the rights
|
||||
// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||
// copies of the Software, and to permit persons to whom the Software is
|
||||
// furnished to do so, subject to the following conditions:
|
||||
//
|
||||
// The above copyright notice and this permission notice shall be included in
|
||||
// all copies or substantial portions of the Software.
|
||||
//
|
||||
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||
// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||
// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||
// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||
// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
||||
// THE SOFTWARE.
|
||||
|
||||
namespace Mono.Security.Interface
|
||||
{
|
||||
public enum HashAlgorithmType
|
||||
{
|
||||
// These values refer to the @HashAlgorithm enumeration in the TLS 1.2 spec.
|
||||
None = 0,
|
||||
Md5 = 1,
|
||||
Sha1 = 2,
|
||||
Sha224 = 3,
|
||||
Sha256 = 4,
|
||||
Sha384 = 5,
|
||||
Sha512 = 6,
|
||||
Unknown = 255,
|
||||
|
||||
// Mono-specific addition, allowing us to reuse it IHashAlgorithm API for TLS 1.0 / 1.1.
|
||||
Md5Sha1 = 254
|
||||
}
|
||||
}
|
@@ -0,0 +1,43 @@
|
||||
//
|
||||
// IBufferOffsetSize.cs
|
||||
//
|
||||
// Author:
|
||||
// Martin Baulig <martin.baulig@xamarin.com>
|
||||
//
|
||||
// Copyright (c) 2015 Xamarin, Inc.
|
||||
//
|
||||
// Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||
// of this software and associated documentation files (the "Software"), to deal
|
||||
// in the Software without restriction, including without limitation the rights
|
||||
// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||
// copies of the Software, and to permit persons to whom the Software is
|
||||
// furnished to do so, subject to the following conditions:
|
||||
//
|
||||
// The above copyright notice and this permission notice shall be included in
|
||||
// all copies or substantial portions of the Software.
|
||||
//
|
||||
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||
// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||
// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||
// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||
// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
||||
// THE SOFTWARE.
|
||||
namespace Mono.Security.Interface
|
||||
{
|
||||
public interface IBufferOffsetSize
|
||||
{
|
||||
byte[] Buffer {
|
||||
get;
|
||||
}
|
||||
|
||||
int Offset {
|
||||
get;
|
||||
}
|
||||
|
||||
int Size {
|
||||
get;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@@ -0,0 +1,195 @@
|
||||
//
|
||||
// IMonoSslStream.cs
|
||||
//
|
||||
// Author:
|
||||
// Martin Baulig <martin.baulig@xamarin.com>
|
||||
//
|
||||
// Copyright (c) 2015 Xamarin, Inc.
|
||||
//
|
||||
// Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||
// of this software and associated documentation files (the "Software"), to deal
|
||||
// in the Software without restriction, including without limitation the rights
|
||||
// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||
// copies of the Software, and to permit persons to whom the Software is
|
||||
// furnished to do so, subject to the following conditions:
|
||||
//
|
||||
// The above copyright notice and this permission notice shall be included in
|
||||
// all copies or substantial portions of the Software.
|
||||
//
|
||||
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||
// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||
// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||
// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||
// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
||||
// THE SOFTWARE.
|
||||
using System;
|
||||
using System.IO;
|
||||
using System.Net;
|
||||
using System.Net.Security;
|
||||
using System.Threading.Tasks;
|
||||
using SSA = System.Security.Authentication;
|
||||
using System.Security.Cryptography.X509Certificates;
|
||||
using System.Security.Principal;
|
||||
using System.Security.Cryptography;
|
||||
using Mono.Net.Security;
|
||||
|
||||
namespace Mono.Security.Interface
|
||||
{
|
||||
public interface IMonoSslStream : IDisposable
|
||||
{
|
||||
void AuthenticateAsClient (string targetHost);
|
||||
|
||||
void AuthenticateAsClient (string targetHost, X509CertificateCollection clientCertificates, SSA.SslProtocols enabledSslProtocols, bool checkCertificateRevocation);
|
||||
|
||||
IAsyncResult BeginAuthenticateAsClient (string targetHost, AsyncCallback asyncCallback, object asyncState);
|
||||
|
||||
IAsyncResult BeginAuthenticateAsClient (string targetHost, X509CertificateCollection clientCertificates, SSA.SslProtocols enabledSslProtocols, bool checkCertificateRevocation, AsyncCallback asyncCallback, object asyncState);
|
||||
|
||||
void EndAuthenticateAsClient (IAsyncResult asyncResult);
|
||||
|
||||
void AuthenticateAsServer (X509Certificate serverCertificate);
|
||||
|
||||
void AuthenticateAsServer (X509Certificate serverCertificate, bool clientCertificateRequired, SSA.SslProtocols enabledSslProtocols, bool checkCertificateRevocation);
|
||||
|
||||
IAsyncResult BeginAuthenticateAsServer (X509Certificate serverCertificate, AsyncCallback asyncCallback, object asyncState);
|
||||
|
||||
IAsyncResult BeginAuthenticateAsServer (X509Certificate serverCertificate, bool clientCertificateRequired, SSA.SslProtocols enabledSslProtocols, bool checkCertificateRevocation, AsyncCallback asyncCallback, object asyncState);
|
||||
|
||||
void EndAuthenticateAsServer (IAsyncResult asyncResult);
|
||||
|
||||
Task AuthenticateAsClientAsync (string targetHost);
|
||||
|
||||
Task AuthenticateAsClientAsync (string targetHost, X509CertificateCollection clientCertificates, SSA.SslProtocols enabledSslProtocols, bool checkCertificateRevocation);
|
||||
|
||||
Task AuthenticateAsServerAsync (X509Certificate serverCertificate);
|
||||
|
||||
Task AuthenticateAsServerAsync (X509Certificate serverCertificate, bool clientCertificateRequired, SSA.SslProtocols enabledSslProtocols, bool checkCertificateRevocation);
|
||||
|
||||
void Flush ();
|
||||
|
||||
int Read (byte[] buffer, int offset, int count);
|
||||
|
||||
void Write (byte[] buffer);
|
||||
|
||||
void Write (byte[] buffer, int offset, int count);
|
||||
|
||||
IAsyncResult BeginRead (byte[] buffer, int offset, int count, AsyncCallback asyncCallback, object asyncState);
|
||||
|
||||
int EndRead (IAsyncResult asyncResult);
|
||||
|
||||
IAsyncResult BeginWrite (byte[] buffer, int offset, int count, AsyncCallback asyncCallback, object asyncState);
|
||||
|
||||
void EndWrite (IAsyncResult asyncResult);
|
||||
|
||||
TransportContext TransportContext {
|
||||
get;
|
||||
}
|
||||
|
||||
bool IsAuthenticated {
|
||||
get;
|
||||
}
|
||||
|
||||
bool IsMutuallyAuthenticated {
|
||||
get;
|
||||
}
|
||||
|
||||
bool IsEncrypted {
|
||||
get;
|
||||
}
|
||||
|
||||
bool IsSigned {
|
||||
get;
|
||||
}
|
||||
|
||||
bool IsServer {
|
||||
get;
|
||||
}
|
||||
|
||||
SSA.CipherAlgorithmType CipherAlgorithm {
|
||||
get;
|
||||
}
|
||||
|
||||
int CipherStrength {
|
||||
get;
|
||||
}
|
||||
|
||||
SSA.HashAlgorithmType HashAlgorithm {
|
||||
get;
|
||||
}
|
||||
|
||||
int HashStrength {
|
||||
get;
|
||||
}
|
||||
|
||||
SSA.ExchangeAlgorithmType KeyExchangeAlgorithm {
|
||||
get;
|
||||
}
|
||||
|
||||
int KeyExchangeStrength {
|
||||
get;
|
||||
}
|
||||
|
||||
bool CanRead {
|
||||
get;
|
||||
}
|
||||
|
||||
bool CanTimeout {
|
||||
get;
|
||||
}
|
||||
|
||||
bool CanWrite {
|
||||
get;
|
||||
}
|
||||
|
||||
long Length {
|
||||
get;
|
||||
}
|
||||
|
||||
long Position {
|
||||
get;
|
||||
}
|
||||
|
||||
void SetLength (long value);
|
||||
|
||||
AuthenticatedStream AuthenticatedStream {
|
||||
get;
|
||||
}
|
||||
|
||||
int ReadTimeout {
|
||||
get; set;
|
||||
}
|
||||
|
||||
int WriteTimeout {
|
||||
get; set;
|
||||
}
|
||||
|
||||
bool CheckCertRevocationStatus {
|
||||
get;
|
||||
}
|
||||
|
||||
X509Certificate InternalLocalCertificate {
|
||||
get;
|
||||
}
|
||||
|
||||
X509Certificate LocalCertificate {
|
||||
get;
|
||||
}
|
||||
|
||||
X509Certificate RemoteCertificate {
|
||||
get;
|
||||
}
|
||||
|
||||
SSA.SslProtocols SslProtocol {
|
||||
get;
|
||||
}
|
||||
|
||||
MonoTlsProvider Provider {
|
||||
get;
|
||||
}
|
||||
|
||||
|
||||
MonoTlsConnectionInfo GetConnectionInfo ();
|
||||
}
|
||||
}
|
||||
|
@@ -0,0 +1,71 @@
|
||||
//
|
||||
// IMonoTlsContext.cs
|
||||
//
|
||||
// Author:
|
||||
// Martin Baulig <martin.baulig@xamarin.com>
|
||||
//
|
||||
// Copyright (c) 2015 Xamarin, Inc.
|
||||
//
|
||||
// Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||
// of this software and associated documentation files (the "Software"), to deal
|
||||
// in the Software without restriction, including without limitation the rights
|
||||
// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||
// copies of the Software, and to permit persons to whom the Software is
|
||||
// furnished to do so, subject to the following conditions:
|
||||
//
|
||||
// The above copyright notice and this permission notice shall be included in
|
||||
// all copies or substantial portions of the Software.
|
||||
//
|
||||
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||
// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||
// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||
// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||
// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
||||
// THE SOFTWARE.
|
||||
using System;
|
||||
using System.Security.Cryptography;
|
||||
using System.Security.Cryptography.X509Certificates;
|
||||
|
||||
namespace Mono.Security.Interface
|
||||
{
|
||||
interface IMonoTlsContext : IDisposable
|
||||
{
|
||||
bool IsServer {
|
||||
get;
|
||||
}
|
||||
|
||||
bool IsValid {
|
||||
get;
|
||||
}
|
||||
|
||||
void Initialize (IMonoTlsEventSink eventSink);
|
||||
|
||||
bool HasCredentials {
|
||||
get;
|
||||
}
|
||||
|
||||
void SetCertificate (X509Certificate certificate, AsymmetricAlgorithm privateKey);
|
||||
|
||||
int GenerateNextToken (IBufferOffsetSize incoming, out IBufferOffsetSize outgoing);
|
||||
|
||||
int EncryptMessage (ref IBufferOffsetSize incoming);
|
||||
|
||||
int DecryptMessage (ref IBufferOffsetSize incoming);
|
||||
|
||||
bool ReceivedCloseNotify {
|
||||
get;
|
||||
}
|
||||
|
||||
byte[] CreateCloseNotify ();
|
||||
|
||||
byte[] CreateHelloRequest ();
|
||||
|
||||
X509Certificate GetRemoteCertificate (out X509CertificateCollection remoteCertificateStore);
|
||||
|
||||
bool VerifyRemoteCertificate ();
|
||||
|
||||
MonoTlsConnectionInfo GetConnectionInfo ();
|
||||
}
|
||||
}
|
||||
|
@@ -0,0 +1,37 @@
|
||||
//
|
||||
// IMonoTlsEventSink.cs
|
||||
//
|
||||
// Author:
|
||||
// Martin Baulig <martin.baulig@xamarin.com>
|
||||
//
|
||||
// Copyright (c) 2015 Xamarin, Inc.
|
||||
//
|
||||
// Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||
// of this software and associated documentation files (the "Software"), to deal
|
||||
// in the Software without restriction, including without limitation the rights
|
||||
// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||
// copies of the Software, and to permit persons to whom the Software is
|
||||
// furnished to do so, subject to the following conditions:
|
||||
//
|
||||
// The above copyright notice and this permission notice shall be included in
|
||||
// all copies or substantial portions of the Software.
|
||||
//
|
||||
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||
// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||
// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||
// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||
// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
||||
// THE SOFTWARE.
|
||||
using System;
|
||||
|
||||
namespace Mono.Security.Interface
|
||||
{
|
||||
public interface IMonoTlsEventSink
|
||||
{
|
||||
void Error (Exception exception);
|
||||
|
||||
void ReceivedCloseNotify ();
|
||||
}
|
||||
}
|
||||
|
@@ -0,0 +1,58 @@
|
||||
//
|
||||
// MonoTlsConnectionInfo.cs
|
||||
//
|
||||
// Author:
|
||||
// Martin Baulig <martin.baulig@xamarin.com>
|
||||
//
|
||||
// Copyright (c) 2015 Xamarin, Inc.
|
||||
//
|
||||
// Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||
// of this software and associated documentation files (the "Software"), to deal
|
||||
// in the Software without restriction, including without limitation the rights
|
||||
// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||
// copies of the Software, and to permit persons to whom the Software is
|
||||
// furnished to do so, subject to the following conditions:
|
||||
//
|
||||
// The above copyright notice and this permission notice shall be included in
|
||||
// all copies or substantial portions of the Software.
|
||||
//
|
||||
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||
// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||
// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||
// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||
// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
||||
// THE SOFTWARE.
|
||||
using System;
|
||||
|
||||
namespace Mono.Security.Interface
|
||||
{
|
||||
public class MonoTlsConnectionInfo
|
||||
{
|
||||
public CipherSuiteCode CipherSuiteCode {
|
||||
get; set;
|
||||
}
|
||||
|
||||
public TlsProtocols ProtocolVersion {
|
||||
get; set;
|
||||
}
|
||||
|
||||
public CipherAlgorithmType CipherAlgorithmType {
|
||||
get; set;
|
||||
}
|
||||
|
||||
public HashAlgorithmType HashAlgorithmType {
|
||||
get; set;
|
||||
}
|
||||
|
||||
public ExchangeAlgorithmType ExchangeAlgorithmType {
|
||||
get; set;
|
||||
}
|
||||
|
||||
public override string ToString ()
|
||||
{
|
||||
return string.Format ("[MonoTlsConnectionInfo: {0}:{1}]", ProtocolVersion, CipherSuiteCode);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@@ -0,0 +1,174 @@
|
||||
//
|
||||
// MonoTlsProvider.cs
|
||||
//
|
||||
// Author:
|
||||
// Martin Baulig <martin.baulig@xamarin.com>
|
||||
//
|
||||
// Copyright (c) 2015 Xamarin, Inc.
|
||||
//
|
||||
// Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||
// of this software and associated documentation files (the "Software"), to deal
|
||||
// in the Software without restriction, including without limitation the rights
|
||||
// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||
// copies of the Software, and to permit persons to whom the Software is
|
||||
// furnished to do so, subject to the following conditions:
|
||||
//
|
||||
// The above copyright notice and this permission notice shall be included in
|
||||
// all copies or substantial portions of the Software.
|
||||
//
|
||||
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||
// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||
// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||
// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||
// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
||||
// THE SOFTWARE.
|
||||
|
||||
using System;
|
||||
using System.IO;
|
||||
using System.Net;
|
||||
using System.Net.Security;
|
||||
using System.Security.Authentication;
|
||||
using System.Security.Cryptography.X509Certificates;
|
||||
using Mono.Security.Protocol.Tls;
|
||||
|
||||
namespace Mono.Security.Interface
|
||||
{
|
||||
/*
|
||||
* Unfortunately, we can't use the public definitions from System.dll here, so we need to
|
||||
* copy these.
|
||||
*
|
||||
* The @MonoRemoteCertificateValidationCallback also has an additional 'targetHost' argument.
|
||||
*
|
||||
*/
|
||||
|
||||
[Flags]
|
||||
public enum MonoSslPolicyErrors
|
||||
{
|
||||
None = 0,
|
||||
RemoteCertificateNotAvailable = 1,
|
||||
RemoteCertificateNameMismatch = 2,
|
||||
RemoteCertificateChainErrors = 4,
|
||||
}
|
||||
|
||||
public enum MonoEncryptionPolicy
|
||||
{
|
||||
// Prohibit null ciphers (current system defaults)
|
||||
RequireEncryption = 0,
|
||||
|
||||
// Add null ciphers to current system defaults
|
||||
AllowNoEncryption,
|
||||
|
||||
// Request null ciphers only
|
||||
NoEncryption
|
||||
}
|
||||
|
||||
public delegate bool MonoRemoteCertificateValidationCallback (
|
||||
string targetHost, X509Certificate certificate, X509Chain chain, MonoSslPolicyErrors sslPolicyErrors);
|
||||
|
||||
public delegate X509Certificate MonoLocalCertificateSelectionCallback (
|
||||
string targetHost, X509CertificateCollection localCertificates, X509Certificate remoteCertificate,
|
||||
string[] acceptableIssuers);
|
||||
|
||||
public abstract class MonoTlsProvider
|
||||
{
|
||||
internal MonoTlsProvider ()
|
||||
{
|
||||
}
|
||||
|
||||
public abstract Guid ID {
|
||||
get;
|
||||
}
|
||||
|
||||
public abstract string Name {
|
||||
get;
|
||||
}
|
||||
|
||||
#region SslStream
|
||||
|
||||
/*
|
||||
* This section abstracts the @SslStream class.
|
||||
*
|
||||
*/
|
||||
|
||||
public abstract bool SupportsSslStream {
|
||||
get;
|
||||
}
|
||||
|
||||
/*
|
||||
* Does this provider support IMonoSslStream.GetConnectionInfo() ?
|
||||
*/
|
||||
public abstract bool SupportsConnectionInfo {
|
||||
get;
|
||||
}
|
||||
|
||||
/*
|
||||
* Whether or not this TLS Provider supports Mono-specific extensions
|
||||
* (via @MonoTlsSettings).
|
||||
*/
|
||||
public abstract bool SupportsMonoExtensions {
|
||||
get;
|
||||
}
|
||||
|
||||
public abstract SslProtocols SupportedProtocols {
|
||||
get;
|
||||
}
|
||||
|
||||
/*
|
||||
* Obtain a @IMonoSslStream instance.
|
||||
*
|
||||
*/
|
||||
public abstract IMonoSslStream CreateSslStream (
|
||||
Stream innerStream, bool leaveInnerStreamOpen,
|
||||
MonoTlsSettings settings = null);
|
||||
|
||||
#endregion
|
||||
|
||||
#region Certificate Validation
|
||||
|
||||
/*
|
||||
* Allows a TLS provider to provide a custom system certificiate validator.
|
||||
*/
|
||||
public virtual bool HasCustomSystemCertificateValidator {
|
||||
get { return false; }
|
||||
}
|
||||
|
||||
/*
|
||||
* If @serverMode is true, then we're a server and want to validate a certificate
|
||||
* that we received from a client.
|
||||
*
|
||||
* On OS X and Mobile, the @chain will be initialized with the @certificates, but not actually built.
|
||||
*
|
||||
* Returns `true` if certificate validation has been performed and `false` to invoke the
|
||||
* default system validator.
|
||||
*/
|
||||
public virtual bool InvokeSystemCertificateValidator (
|
||||
ICertificateValidator validator, string targetHost, bool serverMode,
|
||||
X509CertificateCollection certificates, X509Chain chain, out bool success,
|
||||
ref MonoSslPolicyErrors errors, ref int status11)
|
||||
{
|
||||
success = false;
|
||||
return false;
|
||||
}
|
||||
|
||||
#endregion
|
||||
|
||||
#region Manged SSPI
|
||||
|
||||
/*
|
||||
* The managed SSPI implementation from the new TLS code.
|
||||
*/
|
||||
|
||||
internal abstract bool SupportsTlsContext {
|
||||
get;
|
||||
}
|
||||
|
||||
internal abstract IMonoTlsContext CreateTlsContext (
|
||||
string hostname, bool serverMode, TlsProtocols protocolFlags,
|
||||
X509Certificate serverCertificate, X509CertificateCollection clientCertificates,
|
||||
bool remoteCertRequired, MonoEncryptionPolicy encryptionPolicy,
|
||||
MonoTlsSettings settings);
|
||||
|
||||
#endregion
|
||||
}
|
||||
}
|
@@ -0,0 +1,113 @@
|
||||
//
|
||||
// MonoTlsProviderFactory.cs
|
||||
//
|
||||
// Author:
|
||||
// Martin Baulig <martin.baulig@xamarin.com>
|
||||
//
|
||||
// Copyright (c) 2015 Xamarin, Inc.
|
||||
//
|
||||
// Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||
// of this software and associated documentation files (the "Software"), to deal
|
||||
// in the Software without restriction, including without limitation the rights
|
||||
// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||
// copies of the Software, and to permit persons to whom the Software is
|
||||
// furnished to do so, subject to the following conditions:
|
||||
//
|
||||
// The above copyright notice and this permission notice shall be included in
|
||||
// all copies or substantial portions of the Software.
|
||||
//
|
||||
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||
// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||
// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||
// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||
// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
||||
// THE SOFTWARE.
|
||||
using System;
|
||||
using System.Net;
|
||||
using System.Net.Security;
|
||||
using System.Security.Cryptography.X509Certificates;
|
||||
using Mono.Net.Security;
|
||||
|
||||
namespace Mono.Security.Interface
|
||||
{
|
||||
/*
|
||||
* Public API front-end to System.dll's version.
|
||||
*
|
||||
* Keep in sync with System/Mono.Net.Security/MonoTlsProviderFactory.cs.
|
||||
*/
|
||||
public static partial class MonoTlsProviderFactory
|
||||
{
|
||||
/*
|
||||
* Returns the currently installed @MonoTlsProvider, falling back to the default one.
|
||||
*
|
||||
* This method throws @NotSupportedException if no TLS Provider can be found.
|
||||
*/
|
||||
public static MonoTlsProvider GetProvider ()
|
||||
{
|
||||
return (MonoTlsProvider)NoReflectionHelper.GetProvider ();
|
||||
}
|
||||
|
||||
/*
|
||||
* Returns the default @MonoTlsProvider.
|
||||
*
|
||||
* This method throws @NotSupportedException if no TLS Provider can be found.
|
||||
*/
|
||||
public static MonoTlsProvider GetDefaultProvider ()
|
||||
{
|
||||
return (MonoTlsProvider)NoReflectionHelper.GetDefaultProvider ();
|
||||
}
|
||||
|
||||
/*
|
||||
* GetProvider() attempts to load and install the default provider and throws on error.
|
||||
*
|
||||
* This property checks whether a provider has previously been installed by a call
|
||||
* to either GetProvider() or InstallProvider().
|
||||
*
|
||||
*/
|
||||
public static bool HasProvider {
|
||||
get {
|
||||
return NoReflectionHelper.HasProvider;
|
||||
}
|
||||
}
|
||||
|
||||
/*
|
||||
* Selects the default TLS Provider.
|
||||
*
|
||||
* May only be called at application startup and will throw
|
||||
* @InvalidOperationException if a provider has already been installed.
|
||||
*/
|
||||
public static void SetDefaultProvider (string name)
|
||||
{
|
||||
NoReflectionHelper.SetDefaultProvider (name);
|
||||
}
|
||||
|
||||
public static MonoTlsProvider GetProvider (string name)
|
||||
{
|
||||
return (MonoTlsProvider)NoReflectionHelper.GetProvider (name);
|
||||
}
|
||||
|
||||
/*
|
||||
* Create @HttpWebRequest with the specified @provider (may be null to use the default one).
|
||||
*
|
||||
* NOTE: This needs to be written as "System.Uri" to avoid ambiguity with Mono.Security.Uri in the
|
||||
* mobile build.
|
||||
*
|
||||
*/
|
||||
public static HttpWebRequest CreateHttpsRequest (System.Uri requestUri, MonoTlsProvider provider, MonoTlsSettings settings = null)
|
||||
{
|
||||
return NoReflectionHelper.CreateHttpsRequest (requestUri, provider, settings);
|
||||
}
|
||||
|
||||
public static HttpListener CreateHttpListener (X509Certificate certificate, MonoTlsProvider provider = null, MonoTlsSettings settings = null)
|
||||
{
|
||||
return (HttpListener)NoReflectionHelper.CreateHttpListener (certificate, provider, settings);
|
||||
}
|
||||
|
||||
public static IMonoSslStream GetMonoSslStream (SslStream stream)
|
||||
{
|
||||
return (IMonoSslStream)NoReflectionHelper.GetMonoSslStream (stream);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@@ -0,0 +1,170 @@
|
||||
//
|
||||
// MonoTlsSettings.cs
|
||||
//
|
||||
// Author:
|
||||
// Martin Baulig <martin.baulig@xamarin.com>
|
||||
//
|
||||
// Copyright (c) 2015 Xamarin, Inc.
|
||||
//
|
||||
// Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||
// of this software and associated documentation files (the "Software"), to deal
|
||||
// in the Software without restriction, including without limitation the rights
|
||||
// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||
// copies of the Software, and to permit persons to whom the Software is
|
||||
// furnished to do so, subject to the following conditions:
|
||||
//
|
||||
// The above copyright notice and this permission notice shall be included in
|
||||
// all copies or substantial portions of the Software.
|
||||
//
|
||||
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||
// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||
// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||
// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||
// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
||||
// THE SOFTWARE.
|
||||
using System;
|
||||
using System.Threading;
|
||||
using System.Security.Cryptography.X509Certificates;
|
||||
|
||||
namespace Mono.Security.Interface
|
||||
{
|
||||
public sealed class MonoTlsSettings
|
||||
{
|
||||
public MonoRemoteCertificateValidationCallback RemoteCertificateValidationCallback {
|
||||
get; set;
|
||||
}
|
||||
|
||||
public MonoLocalCertificateSelectionCallback ClientCertificateSelectionCallback {
|
||||
get; set;
|
||||
}
|
||||
|
||||
public bool CheckCertificateName {
|
||||
get { return checkCertName; }
|
||||
set { checkCertName = value; }
|
||||
}
|
||||
|
||||
public bool CheckCertificateRevocationStatus {
|
||||
get { return checkCertRevocationStatus; }
|
||||
set { checkCertRevocationStatus = value; }
|
||||
}
|
||||
|
||||
public bool UseServicePointManagerCallback {
|
||||
get { return useServicePointManagerCallback; }
|
||||
set { useServicePointManagerCallback = value; }
|
||||
}
|
||||
|
||||
public bool SkipSystemValidators {
|
||||
get { return skipSystemValidators; }
|
||||
set { skipSystemValidators = value; }
|
||||
}
|
||||
|
||||
public bool CallbackNeedsCertificateChain {
|
||||
get { return callbackNeedsChain; }
|
||||
set { callbackNeedsChain = value; }
|
||||
}
|
||||
|
||||
/*
|
||||
* This is only supported if CertificateValidationHelper.SupportsTrustAnchors is true.
|
||||
*/
|
||||
public X509CertificateCollection TrustAnchors {
|
||||
get; set;
|
||||
}
|
||||
|
||||
public object UserSettings {
|
||||
get; set;
|
||||
}
|
||||
|
||||
/*
|
||||
* If you set this here, then it will override 'ServicePointManager.SecurityProtocol'.
|
||||
*/
|
||||
public TlsProtocols? EnabledProtocols {
|
||||
get; set;
|
||||
}
|
||||
|
||||
public CipherSuiteCode[] EnabledCiphers {
|
||||
get; set;
|
||||
}
|
||||
|
||||
bool cloned = false;
|
||||
bool checkCertName = true;
|
||||
bool checkCertRevocationStatus = false;
|
||||
bool useServicePointManagerCallback = true;
|
||||
bool skipSystemValidators = false;
|
||||
bool callbackNeedsChain = true;
|
||||
ICertificateValidator certificateValidator;
|
||||
|
||||
public MonoTlsSettings ()
|
||||
{
|
||||
}
|
||||
|
||||
static MonoTlsSettings defaultSettings;
|
||||
|
||||
public static MonoTlsSettings DefaultSettings {
|
||||
get {
|
||||
if (defaultSettings == null)
|
||||
Interlocked.CompareExchange (ref defaultSettings, new MonoTlsSettings (), null);
|
||||
return defaultSettings;
|
||||
}
|
||||
set {
|
||||
defaultSettings = value ?? new MonoTlsSettings ();
|
||||
}
|
||||
}
|
||||
|
||||
public static MonoTlsSettings CopyDefaultSettings ()
|
||||
{
|
||||
return DefaultSettings.Clone ();
|
||||
}
|
||||
|
||||
#region Private APIs
|
||||
|
||||
/*
|
||||
* Private APIs - do not use!
|
||||
*
|
||||
* This is only public to avoid making our internals visible to System.dll.
|
||||
*
|
||||
*/
|
||||
|
||||
[Obsolete ("Do not use outside System.dll!")]
|
||||
public ICertificateValidator CertificateValidator {
|
||||
get { return certificateValidator; }
|
||||
}
|
||||
|
||||
[Obsolete ("Do not use outside System.dll!")]
|
||||
public MonoTlsSettings CloneWithValidator (ICertificateValidator validator)
|
||||
{
|
||||
if (cloned) {
|
||||
this.certificateValidator = validator;
|
||||
return this;
|
||||
}
|
||||
|
||||
var copy = new MonoTlsSettings (this);
|
||||
copy.certificateValidator = validator;
|
||||
return copy;
|
||||
}
|
||||
|
||||
public MonoTlsSettings Clone ()
|
||||
{
|
||||
return new MonoTlsSettings (this);
|
||||
}
|
||||
|
||||
MonoTlsSettings (MonoTlsSettings other)
|
||||
{
|
||||
RemoteCertificateValidationCallback = other.RemoteCertificateValidationCallback;
|
||||
ClientCertificateSelectionCallback = other.ClientCertificateSelectionCallback;
|
||||
checkCertName = other.checkCertName;
|
||||
checkCertRevocationStatus = other.checkCertRevocationStatus;
|
||||
UseServicePointManagerCallback = other.useServicePointManagerCallback;
|
||||
skipSystemValidators = other.skipSystemValidators;
|
||||
callbackNeedsChain = other.callbackNeedsChain;
|
||||
UserSettings = other.UserSettings;
|
||||
EnabledProtocols = other.EnabledProtocols;
|
||||
EnabledCiphers = other.EnabledCiphers;
|
||||
TrustAnchors = other.TrustAnchors;
|
||||
cloned = true;
|
||||
}
|
||||
|
||||
#endregion
|
||||
}
|
||||
}
|
||||
|
@@ -0,0 +1 @@
|
||||
See mcs/class/Mono.Security.Providers.NewSystemSource/README.md for a detailed README.
|
Some files were not shown because too many files have changed in this diff Show More
Reference in New Issue
Block a user