Imported Upstream version 4.3.2.467

Former-commit-id: 9c2cb47f45fa221e661ab616387c9cda183f283d
This commit is contained in:
Xamarin Public Jenkins
2016-02-22 11:00:01 -05:00
parent f302175246
commit f3e3aab35a
4097 changed files with 122406 additions and 82300 deletions

View File

@@ -60,6 +60,13 @@ using System.Runtime.InteropServices;
[assembly: AssemblyDelaySign (true)]
[assembly: AssemblyKeyFile ("../mono.pub")]
#if MOBILE
#if NET_2_1
[assembly: InternalsVisibleTo ("System, PublicKey=00240000048000009400000006020000002400005253413100040000010001008D56C76F9E8649383049F383C44BE0EC204181822A6C31CF5EB7EF486944D032188EA1D3920763712CCB12D75FB77E9811149E6148E5D32FBAAB37611C1878DDC19E20EF135D0CB2CFF2BFEC3D115810C3D9069638FE4BE215DBF795861920E5AB6F7DB2E2CEEF136AC23D5DD2BF031700AEC232F6C6B1C785B4305C123B37AB")]
#else
[assembly: InternalsVisibleTo ("System, PublicKey=00000000000000000400000000000000")]
#endif
[assembly: InternalsVisibleTo ("Mono.Security.Providers.NewTls, PublicKey=002400000480000094000000060200000024000052534131000400000100010079159977d2d03a8e6bea7a2e74e8d1afcc93e8851974952bb480a12c9134474d04062447c37e0e68c080536fcf3c3fbe2ff9c979ce998475e506e8ce82dd5b0f350dc10e93bf2eeecf874b24770c5081dbea7447fddafa277b22de47d6ffea449674a4f9fccf84d15069089380284dbdd35f46cdff12a1bd78e4ef0065d016df")]
[assembly: InternalsVisibleTo ("Mono.Security.Providers.OldTls, PublicKey=002400000480000094000000060200000024000052534131000400000100010079159977d2d03a8e6bea7a2e74e8d1afcc93e8851974952bb480a12c9134474d04062447c37e0e68c080536fcf3c3fbe2ff9c979ce998475e506e8ce82dd5b0f350dc10e93bf2eeecf874b24770c5081dbea7447fddafa277b22de47d6ffea449674a4f9fccf84d15069089380284dbdd35f46cdff12a1bd78e4ef0065d016df")]
[assembly: InternalsVisibleTo ("Mono.Security.Providers.DotNet, PublicKey=002400000480000094000000060200000024000052534131000400000100010079159977d2d03a8e6bea7a2e74e8d1afcc93e8851974952bb480a12c9134474d04062447c37e0e68c080536fcf3c3fbe2ff9c979ce998475e506e8ce82dd5b0f350dc10e93bf2eeecf874b24770c5081dbea7447fddafa277b22de47d6ffea449674a4f9fccf84d15069089380284dbdd35f46cdff12a1bd78e4ef0065d016df")]
[assembly: InternalsVisibleTo ("Mono.Security.Providers.NewSystemSource, PublicKey=002400000480000094000000060200000024000052534131000400000100010079159977d2d03a8e6bea7a2e74e8d1afcc93e8851974952bb480a12c9134474d04062447c37e0e68c080536fcf3c3fbe2ff9c979ce998475e506e8ce82dd5b0f350dc10e93bf2eeecf874b24770c5081dbea7447fddafa277b22de47d6ffea449674a4f9fccf84d15069089380284dbdd35f46cdff12a1bd78e4ef0065d016df")]

View File

@@ -5,7 +5,7 @@ include ../../build/rules.make
LIBRARY = Mono.Security.dll
LOCAL_MCS_FLAGS = -lib:$(the_libdir_base)bare
LIB_REFS = System
LIB_MCS_FLAGS = -unsafe -nowarn:1030
LIB_MCS_FLAGS = -unsafe -nowarn:1030,3009
TEST_MCS_FLAGS = $(LIB_MCS_FLAGS) -nowarn:169,219,618,672
include ../../build/library.make
@@ -16,3 +16,10 @@ $(the_libdir_base)bare/System.dll:
(cd ../System; $(MAKE) $@)
.NOTPARALLEL: $(the_libdir_base)bare/System.dll
EXTRA_DISTFILES = Mono.Security.Interface/README.md
#
# Update this comment to trigger a build in System
# +1
#

View File

@@ -77,7 +77,7 @@ namespace Mono.Security.Authenticode {
public string Hash {
get {
if (hash == null)
hash = "MD5";
hash = "SHA1";
return hash;
}
set {

View File

@@ -88,6 +88,10 @@ namespace Mono.Security.Cryptography {
// block size (which isn't their real internal block size)
public BlockProcessor (ICryptoTransform transform, int blockSize)
{
if (transform == null)
throw new ArgumentNullException ("transform");
if (blockSize <= 0)
throw new ArgumentOutOfRangeException ("blockSize");
this.transform = transform;
this.blockSize = blockSize;
block = new byte [blockSize];

View File

@@ -0,0 +1,277 @@
//
// Alert.cs
//
// Author:
// Martin Baulig <martin.baulig@xamarin.com>
//
// Copyright (c) 2015 Xamarin, Inc.
//
// Permission is hereby granted, free of charge, to any person obtaining a copy
// of this software and associated documentation files (the "Software"), to deal
// in the Software without restriction, including without limitation the rights
// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
// copies of the Software, and to permit persons to whom the Software is
// furnished to do so, subject to the following conditions:
//
// The above copyright notice and this permission notice shall be included in
// all copies or substantial portions of the Software.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
// THE SOFTWARE.
using System;
namespace Mono.Security.Interface
{
#region Enumerations
public enum AlertLevel : byte
{
Warning = 1,
Fatal = 2
}
public enum AlertDescription : byte
{
CloseNotify = 0,
UnexpectedMessage = 10,
BadRecordMAC = 20,
DecryptionFailed_RESERVED = 21,
RecordOverflow = 22,
DecompressionFailure = 30,
HandshakeFailure = 40,
NoCertificate_RESERVED = 41, // should be used in SSL3
BadCertificate = 42,
UnsupportedCertificate = 43,
CertificateRevoked = 44,
CertificateExpired = 45,
CertificateUnknown = 46,
IlegalParameter = 47,
UnknownCA = 48,
AccessDenied = 49,
DecodeError = 50,
DecryptError = 51,
ExportRestriction = 60,
ProtocolVersion = 70,
InsuficientSecurity = 71,
InternalError = 80,
UserCancelled = 90,
NoRenegotiation = 100,
UnsupportedExtension = 110
}
#endregion
public class Alert
{
#region Fields
private AlertLevel level;
private AlertDescription description;
#endregion
#region Properties
public AlertLevel Level
{
get { return this.level; }
}
public AlertDescription Description
{
get { return this.description; }
}
public string Message
{
get { return Alert.GetAlertMessage(this.description); }
}
public bool IsWarning
{
get { return this.level == AlertLevel.Warning ? true : false; }
}
/*
public bool IsFatal
{
get { return this.level == AlertLevel.Fatal ? true : false; }
}
*/
public bool IsCloseNotify
{
get
{
if (this.IsWarning &&
this.description == AlertDescription.CloseNotify)
{
return true;
}
return false;
}
}
#endregion
#region Constructors
public Alert(AlertDescription description)
{
this.description = description;
this.inferAlertLevel();
}
public Alert(
AlertLevel level,
AlertDescription description)
{
this.level = level;
this.description = description;
}
#endregion
#region Private Methods
private void inferAlertLevel()
{
switch (description)
{
case AlertDescription.CloseNotify:
case AlertDescription.NoRenegotiation:
case AlertDescription.UserCancelled:
this.level = AlertLevel.Warning;
break;
case AlertDescription.AccessDenied:
case AlertDescription.BadCertificate:
case AlertDescription.BadRecordMAC:
case AlertDescription.CertificateExpired:
case AlertDescription.CertificateRevoked:
case AlertDescription.CertificateUnknown:
case AlertDescription.DecodeError:
case AlertDescription.DecompressionFailure:
case AlertDescription.DecryptError:
case AlertDescription.DecryptionFailed_RESERVED:
case AlertDescription.ExportRestriction:
case AlertDescription.HandshakeFailure:
case AlertDescription.IlegalParameter:
case AlertDescription.InsuficientSecurity:
case AlertDescription.InternalError:
case AlertDescription.ProtocolVersion:
case AlertDescription.RecordOverflow:
case AlertDescription.UnexpectedMessage:
case AlertDescription.UnknownCA:
case AlertDescription.UnsupportedCertificate:
case AlertDescription.UnsupportedExtension:
default:
this.level = AlertLevel.Fatal;
break;
}
}
#endregion
public override string ToString ()
{
return string.Format ("[Alert: {0}:{1}]", Level, Description);
}
#region Static Methods
public static string GetAlertMessage(AlertDescription description)
{
#if (DEBUG)
switch (description)
{
case AlertDescription.AccessDenied:
return "An inappropriate message was received.";
case AlertDescription.BadCertificate:
return "TLSCiphertext decrypted in an invalid way.";
case AlertDescription.BadRecordMAC:
return "Record with an incorrect MAC.";
case AlertDescription.CertificateExpired:
return "Certificate has expired or is not currently valid";
case AlertDescription.CertificateRevoked:
return "Certificate was revoked by its signer.";
case AlertDescription.CertificateUnknown:
return "Certificate Unknown.";
case AlertDescription.CloseNotify:
return "Connection closed";
case AlertDescription.DecodeError:
return "A message could not be decoded because some field was out of the specified range or the length of the message was incorrect.";
case AlertDescription.DecompressionFailure:
return "The decompression function received improper input (e.g. data that would expand to excessive length).";
case AlertDescription.DecryptError:
return "TLSCiphertext decrypted in an invalid way: either it wasn`t an even multiple of the block length or its padding values, when checked, weren`t correct.";
case AlertDescription.DecryptionFailed_RESERVED:
return "Handshake cryptographic operation failed, including being unable to correctly verify a signature, decrypt a key exchange, or validate finished message.";
case AlertDescription.ExportRestriction:
return "Negotiation not in compliance with export restrictions was detected.";
case AlertDescription.HandshakeFailure:
return "Unable to negotiate an acceptable set of security parameters given the options available.";
case AlertDescription.IlegalParameter:
return "A field in the handshake was out of range or inconsistent with other fields.";
case AlertDescription.InsuficientSecurity:
return "Negotiation has failed specifically because the server requires ciphers more secure than those supported by the client.";
case AlertDescription.InternalError:
return "Internal error unrelated to the peer or the correctness of the protocol makes it impossible to continue.";
case AlertDescription.NoRenegotiation:
return "Invalid renegotiation.";
case AlertDescription.ProtocolVersion:
return "Unsupported protocol version.";
case AlertDescription.RecordOverflow:
return "Invalid length on TLSCiphertext record or TLSCompressed record.";
case AlertDescription.UnexpectedMessage:
return "Invalid message received.";
case AlertDescription.UnknownCA:
return "CA can't be identified as a trusted CA.";
case AlertDescription.UnsupportedCertificate:
return "Certificate was of an unsupported type.";
case AlertDescription.UserCancelled:
return "Handshake cancelled by user.";
case AlertDescription.UnsupportedExtension:
return "Unsupported extension.";
default:
return "";
}
#else
return "The authentication or decryption has failed.";
#endif
}
#endregion
}
}

View File

@@ -0,0 +1,96 @@
//
// BufferOffsetSize.cs
//
// Author:
// Martin Baulig <martin.baulig@xamarin.com>
//
// Copyright (c) 2014-2016 Xamarin Inc. (http://www.xamarin.com)
//
// Permission is hereby granted, free of charge, to any person obtaining a copy
// of this software and associated documentation files (the "Software"), to deal
// in the Software without restriction, including without limitation the rights
// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
// copies of the Software, and to permit persons to whom the Software is
// furnished to do so, subject to the following conditions:
//
// The above copyright notice and this permission notice shall be included in
// all copies or substantial portions of the Software.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
// THE SOFTWARE.
using System;
namespace Mono.Security.Interface
{
public class BufferOffsetSize : SecretParameters, IBufferOffsetSize
{
public byte[] Buffer {
get;
private set;
}
public int Offset {
get;
internal set;
}
public int Size {
get { return EndOffset - Offset; }
}
public int EndOffset {
get;
internal set;
}
public BufferOffsetSize (byte[] buffer, int offset, int size)
{
Buffer = buffer;
Offset = offset;
EndOffset = offset + size;
}
public BufferOffsetSize (byte[] buffer)
: this (buffer, 0, buffer.Length)
{
}
public BufferOffsetSize (int size)
: this (new byte [size])
{
}
public byte[] GetBuffer ()
{
var copy = new byte [Size];
Array.Copy (Buffer, Offset, copy, 0, Size);
return copy;
}
public void TruncateTo (int newSize)
{
if (newSize > Size)
throw new ArgumentException ("newSize");
EndOffset = Offset + newSize;
}
protected void SetBuffer (byte[] buffer, int offset, int size)
{
Buffer = buffer;
Offset = offset;
EndOffset = offset + size;
}
protected override void Clear ()
{
Buffer = null;
Offset = EndOffset = 0;
}
}
}

View File

@@ -0,0 +1,161 @@
//
// CertificateValidationHelper.cs
//
// Author:
// Martin Baulig <martin.baulig@xamarin.com>
//
// Copyright (c) 2015 Xamarin, Inc.
//
// Permission is hereby granted, free of charge, to any person obtaining a copy
// of this software and associated documentation files (the "Software"), to deal
// in the Software without restriction, including without limitation the rights
// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
// copies of the Software, and to permit persons to whom the Software is
// furnished to do so, subject to the following conditions:
//
// The above copyright notice and this permission notice shall be included in
// all copies or substantial portions of the Software.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
// THE SOFTWARE.
using System;
using System.IO;
using System.Net;
using System.Net.Security;
using System.Threading;
using System.Security.Cryptography.X509Certificates;
using Mono.Security.Protocol.Tls;
using MX = Mono.Security.X509;
using Mono.Net.Security;
namespace Mono.Security.Interface
{
public class ValidationResult
{
bool trusted;
bool user_denied;
int error_code;
MonoSslPolicyErrors? policy_errors;
public ValidationResult (bool trusted, bool user_denied, int error_code, MonoSslPolicyErrors? policy_errors)
{
this.trusted = trusted;
this.user_denied = user_denied;
this.error_code = error_code;
this.policy_errors = policy_errors;
}
internal ValidationResult (bool trusted, bool user_denied, int error_code)
{
this.trusted = trusted;
this.user_denied = user_denied;
this.error_code = error_code;
}
public bool Trusted {
get { return trusted; }
}
public bool UserDenied {
get { return user_denied; }
}
public int ErrorCode {
get { return error_code; }
}
public MonoSslPolicyErrors? PolicyErrors {
get { return policy_errors; }
}
}
/**
* Internal interface - do not implement
*/
public interface ICertificateValidator
{
MonoTlsSettings Settings {
get;
}
/*
* Returns `true` if a client certificate has been selected (which could be `null`).
*/
bool SelectClientCertificate (
string targetHost, X509CertificateCollection localCertificates, X509Certificate remoteCertificate,
string[] acceptableIssuers, out X509Certificate clientCertificate);
/*
* If @serverMode is true, then we're a server and want to validate a certificate that we received from a client.
*/
ValidationResult ValidateCertificate (string targetHost, bool serverMode, X509CertificateCollection certificates);
/*
* On OS X and Mobile, the @chain will be initialized with the @certificates, but not actually built.
*/
bool InvokeSystemValidator (
string targetHost, bool serverMode, X509CertificateCollection certificates,
X509Chain chain, ref MonoSslPolicyErrors errors, ref int status11);
}
public static class CertificateValidationHelper
{
const string SecurityLibrary = "/System/Library/Frameworks/Security.framework/Security";
static readonly bool noX509Chain;
static readonly bool supportsTrustAnchors;
static CertificateValidationHelper ()
{
#if MONOTOUCH || XAMMAC
noX509Chain = true;
supportsTrustAnchors = true;
#elif MONODROID
noX509Chain = true;
supportsTrustAnchors = false;
#else
if (File.Exists (SecurityLibrary)) {
noX509Chain = true;
supportsTrustAnchors = true;
} else {
noX509Chain = false;
supportsTrustAnchors = false;
}
#endif
}
public static bool SupportsX509Chain {
get { return !noX509Chain; }
}
public static bool SupportsTrustAnchors {
get { return supportsTrustAnchors; }
}
static ICertificateValidator GetDefaultValidator (MonoTlsProvider provider, MonoTlsSettings settings)
{
return (ICertificateValidator)NoReflectionHelper.GetDefaultCertificateValidator (provider, settings);
}
/*
* Internal API, intended to be used by MonoTlsProvider implementations.
*/
public static ICertificateValidator GetValidator (MonoTlsProvider provider, MonoTlsSettings settings)
{
return GetDefaultValidator (provider, settings);
}
/*
* Use this overloaded version in user code.
*/
public static ICertificateValidator GetValidator (MonoTlsSettings settings)
{
return GetDefaultValidator (null, settings);
}
}
}

View File

@@ -0,0 +1,39 @@
//
// CipherAlgorithmType.cs
//
// Author:
// Martin Baulig <martin.baulig@xamarin.com>
//
// Copyright (c) 2015 Xamarin Inc. (http://www.xamarin.com)
//
// Permission is hereby granted, free of charge, to any person obtaining a copy
// of this software and associated documentation files (the "Software"), to deal
// in the Software without restriction, including without limitation the rights
// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
// copies of the Software, and to permit persons to whom the Software is
// furnished to do so, subject to the following conditions:
//
// The above copyright notice and this permission notice shall be included in
// all copies or substantial portions of the Software.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
// THE SOFTWARE.
using System;
namespace Mono.Security.Interface
{
public enum CipherAlgorithmType
{
None,
Aes128,
Aes256,
AesGcm128,
AesGcm256
}
}

View File

@@ -0,0 +1,398 @@
//
// CipherSuiteCode.cs
//
// Author:
// Martin Baulig <martin.baulig@xamarin.com>
//
// Copyright (c) 2015 Xamarin, Inc.
//
// Permission is hereby granted, free of charge, to any person obtaining a copy
// of this software and associated documentation files (the "Software"), to deal
// in the Software without restriction, including without limitation the rights
// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
// copies of the Software, and to permit persons to whom the Software is
// furnished to do so, subject to the following conditions:
//
// The above copyright notice and this permission notice shall be included in
// all copies or substantial portions of the Software.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
// THE SOFTWARE.
using System;
namespace Mono.Security.Interface
{
/// <summary>
/// RFC 2246 A.5
/// </summary>
public enum CipherSuiteCode : ushort
{
TLS_NULL_WITH_NULL_NULL = 0x0000,
TLS_RSA_WITH_NULL_MD5 = 0x0001,
TLS_RSA_WITH_NULL_SHA = 0x0002,
TLS_RSA_EXPORT_WITH_RC4_40_MD5 = 0x0003,
TLS_RSA_WITH_RC4_128_MD5 = 0x0004,
TLS_RSA_WITH_RC4_128_SHA = 0x0005,
TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 = 0x0006,
TLS_RSA_WITH_IDEA_CBC_SHA = 0x0007,
TLS_RSA_EXPORT_WITH_DES40_CBC_SHA = 0x0008,
TLS_RSA_WITH_DES_CBC_SHA = 0x0009,
TLS_RSA_WITH_3DES_EDE_CBC_SHA = 0x000A,
TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA = 0x000B,
TLS_DH_DSS_WITH_DES_CBC_SHA = 0x000C,
TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA = 0x000D,
TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA = 0x000E,
TLS_DH_RSA_WITH_DES_CBC_SHA = 0x000F,
TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA = 0x0010,
TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA = 0x0011,
TLS_DHE_DSS_WITH_DES_CBC_SHA = 0x0012,
TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA = 0x0013,
TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA = 0x0014,
TLS_DHE_RSA_WITH_DES_CBC_SHA = 0x0015,
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA = 0x0016,
TLS_DH_anon_EXPORT_WITH_RC4_40_MD5 = 0x0017,
TLS_DH_anon_WITH_RC4_128_MD5 = 0x0018,
TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA = 0x0019,
TLS_DH_anon_WITH_DES_CBC_SHA = 0x001A,
TLS_DH_anon_WITH_3DES_EDE_CBC_SHA = 0x001B,
/*
* Note: The cipher suite values { 0x00, 0x1C } and { 0x00, 0x1D } are reserved to avoid
* collision with Fortezza-based cipher suites in SSL 3.
*/
/*
* RFC 3268
*/
TLS_RSA_WITH_AES_128_CBC_SHA = 0x002F,
TLS_DH_DSS_WITH_AES_128_CBC_SHA = 0x0030,
TLS_DH_RSA_WITH_AES_128_CBC_SHA = 0x0031,
TLS_DHE_DSS_WITH_AES_128_CBC_SHA = 0x0032,
TLS_DHE_RSA_WITH_AES_128_CBC_SHA = 0x0033,
TLS_DH_anon_WITH_AES_128_CBC_SHA = 0x0034,
TLS_RSA_WITH_AES_256_CBC_SHA = 0x0035,
TLS_DH_DSS_WITH_AES_256_CBC_SHA = 0x0036,
TLS_DH_RSA_WITH_AES_256_CBC_SHA = 0x0037,
TLS_DHE_DSS_WITH_AES_256_CBC_SHA = 0x0038,
TLS_DHE_RSA_WITH_AES_256_CBC_SHA = 0x0039,
TLS_DH_anon_WITH_AES_256_CBC_SHA = 0x003A,
/*
* RFC 5932
*/
TLS_RSA_WITH_CAMELLIA_128_CBC_SHA = 0x0041,
TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA = 0x0042,
TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA = 0x0043,
TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA = 0x0044,
TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA = 0x0045,
TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA = 0x0046,
TLS_RSA_WITH_CAMELLIA_256_CBC_SHA = 0x0084,
TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA = 0x0085,
TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA = 0x0086,
TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA = 0x0087,
TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA = 0x0088,
TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA = 0x0089,
TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 0x00BA,
TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256 = 0x00BB,
TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 0x00BC,
TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 = 0x00BD,
TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 0x00BE,
TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256 = 0x00BF,
TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 = 0x00C0,
TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256 = 0x00C1,
TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256 = 0x00C2,
TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 = 0x00C3,
TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 = 0x00C4,
TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256 = 0x00C5,
/*
* RFC 4162
*/
TLS_RSA_WITH_SEED_CBC_SHA = 0x0096,
TLS_DH_DSS_WITH_SEED_CBC_SHA = 0x0097,
TLS_DH_RSA_WITH_SEED_CBC_SHA = 0x0098,
TLS_DHE_DSS_WITH_SEED_CBC_SHA = 0x0099,
TLS_DHE_RSA_WITH_SEED_CBC_SHA = 0x009A,
TLS_DH_anon_WITH_SEED_CBC_SHA = 0x009B,
/*
* RFC 4279
*/
TLS_PSK_WITH_RC4_128_SHA = 0x008A,
TLS_PSK_WITH_3DES_EDE_CBC_SHA = 0x008B,
TLS_PSK_WITH_AES_128_CBC_SHA = 0x008C,
TLS_PSK_WITH_AES_256_CBC_SHA = 0x008D,
TLS_DHE_PSK_WITH_RC4_128_SHA = 0x008E,
TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA = 0x008F,
TLS_DHE_PSK_WITH_AES_128_CBC_SHA = 0x0090,
TLS_DHE_PSK_WITH_AES_256_CBC_SHA = 0x0091,
TLS_RSA_PSK_WITH_RC4_128_SHA = 0x0092,
TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA = 0x0093,
TLS_RSA_PSK_WITH_AES_128_CBC_SHA = 0x0094,
TLS_RSA_PSK_WITH_AES_256_CBC_SHA = 0x0095,
/*
* RFC 4492
*/
TLS_ECDH_ECDSA_WITH_NULL_SHA = 0xC001,
TLS_ECDH_ECDSA_WITH_RC4_128_SHA = 0xC002,
TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA = 0xC003,
TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA = 0xC004,
TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA = 0xC005,
TLS_ECDHE_ECDSA_WITH_NULL_SHA = 0xC006,
TLS_ECDHE_ECDSA_WITH_RC4_128_SHA = 0xC007,
TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA = 0xC008,
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA = 0xC009,
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA = 0xC00A,
TLS_ECDH_RSA_WITH_NULL_SHA = 0xC00B,
TLS_ECDH_RSA_WITH_RC4_128_SHA = 0xC00C,
TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA = 0xC00D,
TLS_ECDH_RSA_WITH_AES_128_CBC_SHA = 0xC00E,
TLS_ECDH_RSA_WITH_AES_256_CBC_SHA = 0xC00F,
TLS_ECDHE_RSA_WITH_NULL_SHA = 0xC010,
TLS_ECDHE_RSA_WITH_RC4_128_SHA = 0xC011,
TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA = 0xC012,
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA = 0xC013,
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA = 0xC014,
TLS_ECDH_anon_WITH_NULL_SHA = 0xC015,
TLS_ECDH_anon_WITH_RC4_128_SHA = 0xC016,
TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA = 0xC017,
TLS_ECDH_anon_WITH_AES_128_CBC_SHA = 0xC018,
TLS_ECDH_anon_WITH_AES_256_CBC_SHA = 0xC019,
/*
* RFC 4785
*/
TLS_PSK_WITH_NULL_SHA = 0x002C,
TLS_DHE_PSK_WITH_NULL_SHA = 0x002D,
TLS_RSA_PSK_WITH_NULL_SHA = 0x002E,
/*
* RFC 5054
*/
TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA = 0xC01A,
TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA = 0xC01B,
TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA = 0xC01C,
TLS_SRP_SHA_WITH_AES_128_CBC_SHA = 0xC01D,
TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA = 0xC01E,
TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA = 0xC01F,
TLS_SRP_SHA_WITH_AES_256_CBC_SHA = 0xC020,
TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA = 0xC021,
TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA = 0xC022,
/*
* RFC 5246
*/
TLS_RSA_WITH_NULL_SHA256 = 0x003B,
TLS_RSA_WITH_AES_128_CBC_SHA256 = 0x003C,
TLS_RSA_WITH_AES_256_CBC_SHA256 = 0x003D,
TLS_DH_DSS_WITH_AES_128_CBC_SHA256 = 0x003E,
TLS_DH_RSA_WITH_AES_128_CBC_SHA256 = 0x003F,
TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 = 0x0040,
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 = 0x0067,
TLS_DH_DSS_WITH_AES_256_CBC_SHA256 = 0x0068,
TLS_DH_RSA_WITH_AES_256_CBC_SHA256 = 0x0069,
TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 = 0x006A,
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 = 0x006B,
TLS_DH_anon_WITH_AES_128_CBC_SHA256 = 0x006C,
TLS_DH_anon_WITH_AES_256_CBC_SHA256 = 0x006D,
/*
* RFC 5288
*/
TLS_RSA_WITH_AES_128_GCM_SHA256 = 0x009C,
TLS_RSA_WITH_AES_256_GCM_SHA384 = 0x009D,
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 = 0x009E,
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 = 0x009F,
TLS_DH_RSA_WITH_AES_128_GCM_SHA256 = 0x00A0,
TLS_DH_RSA_WITH_AES_256_GCM_SHA384 = 0x00A1,
TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 = 0x00A2,
TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 = 0x00A3,
TLS_DH_DSS_WITH_AES_128_GCM_SHA256 = 0x00A4,
TLS_DH_DSS_WITH_AES_256_GCM_SHA384 = 0x00A5,
TLS_DH_anon_WITH_AES_128_GCM_SHA256 = 0x00A6,
TLS_DH_anon_WITH_AES_256_GCM_SHA384 = 0x00A7,
/*
* RFC 5289
*/
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 = 0xC023,
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 = 0xC024,
TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 = 0xC025,
TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 = 0xC026,
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 = 0xC027,
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 = 0xC028,
TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 = 0xC029,
TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 = 0xC02A,
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 = 0xC02B,
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 = 0xC02C,
TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 = 0xC02D,
TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 = 0xC02E,
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 = 0xC02F,
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 = 0xC030,
TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 = 0xC031,
TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 = 0xC032,
/*
* RFC 5487
*/
TLS_PSK_WITH_AES_128_GCM_SHA256 = 0x00A8,
TLS_PSK_WITH_AES_256_GCM_SHA384 = 0x00A9,
TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 = 0x00AA,
TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 = 0x00AB,
TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 = 0x00AC,
TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 = 0x00AD,
TLS_PSK_WITH_AES_128_CBC_SHA256 = 0x00AE,
TLS_PSK_WITH_AES_256_CBC_SHA384 = 0x00AF,
TLS_PSK_WITH_NULL_SHA256 = 0x00B0,
TLS_PSK_WITH_NULL_SHA384 = 0x00B1,
TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 = 0x00B2,
TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 = 0x00B3,
TLS_DHE_PSK_WITH_NULL_SHA256 = 0x00B4,
TLS_DHE_PSK_WITH_NULL_SHA384 = 0x00B5,
TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 = 0x00B6,
TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 = 0x00B7,
TLS_RSA_PSK_WITH_NULL_SHA256 = 0x00B8,
TLS_RSA_PSK_WITH_NULL_SHA384 = 0x00B9,
/*
* RFC 5489
*/
TLS_ECDHE_PSK_WITH_RC4_128_SHA = 0xC033,
TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA = 0xC034,
TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA = 0xC035,
TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA = 0xC036,
TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 = 0xC037,
TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 = 0xC038,
TLS_ECDHE_PSK_WITH_NULL_SHA = 0xC039,
TLS_ECDHE_PSK_WITH_NULL_SHA256 = 0xC03A,
TLS_ECDHE_PSK_WITH_NULL_SHA384 = 0xC03B,
/*
* RFC 5746
*/
TLS_EMPTY_RENEGOTIATION_INFO_SCSV = 0x00FF,
/*
* RFC 6367
*/
TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 = 0xC072,
TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 = 0xC073,
TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 = 0xC074,
TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 = 0xC075,
TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 0xC076,
TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 = 0xC077,
TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 0xC078,
TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 = 0xC079,
TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 = 0xC07A,
TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 = 0xC07B,
TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 = 0xC07C,
TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 = 0xC07D,
TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256 = 0xC07E,
TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384 = 0xC07F,
TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256 = 0xC080,
TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384 = 0xC081,
TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256 = 0xC082,
TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384 = 0xC083,
TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256 = 0xC084,
TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384 = 0xC085,
TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 = 0xC086,
TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 = 0xC087,
TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 = 0xC088,
TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 = 0xC089,
TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 = 0xC08A,
TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 = 0xC08B,
TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 = 0xC08C,
TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 = 0xC08D,
TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 = 0xC08E,
TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 = 0xC08F,
TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 = 0xC090,
TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 = 0xC091,
TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 = 0xC092,
TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 = 0xC093,
TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 = 0xC094,
TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 = 0xC095,
TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 = 0xC096,
TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 = 0xC097,
TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 = 0xC098,
TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 = 0xC099,
TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 = 0xC09A,
TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 = 0xC09B,
/*
* RFC 6655
*/
TLS_RSA_WITH_AES_128_CCM = 0xC09C,
TLS_RSA_WITH_AES_256_CCM = 0xC09D,
TLS_DHE_RSA_WITH_AES_128_CCM = 0xC09E,
TLS_DHE_RSA_WITH_AES_256_CCM = 0xC09F,
TLS_RSA_WITH_AES_128_CCM_8 = 0xC0A0,
TLS_RSA_WITH_AES_256_CCM_8 = 0xC0A1,
TLS_DHE_RSA_WITH_AES_128_CCM_8 = 0xC0A2,
TLS_DHE_RSA_WITH_AES_256_CCM_8 = 0xC0A3,
TLS_PSK_WITH_AES_128_CCM = 0xC0A4,
TLS_PSK_WITH_AES_256_CCM = 0xC0A5,
TLS_DHE_PSK_WITH_AES_128_CCM = 0xC0A6,
TLS_DHE_PSK_WITH_AES_256_CCM = 0xC0A7,
TLS_PSK_WITH_AES_128_CCM_8 = 0xC0A8,
TLS_PSK_WITH_AES_256_CCM_8 = 0xC0A9,
TLS_PSK_DHE_WITH_AES_128_CCM_8 = 0xC0AA,
TLS_PSK_DHE_WITH_AES_256_CCM_8 = 0xC0AB,
/*
* draft-agl-tls-chacha20poly1305-04
*/
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 = 0xCC13,
TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 = 0xCC14,
TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 = 0xCC15,
/*
* draft-josefsson-salsa20-tls-04
*/
TLS_RSA_WITH_ESTREAM_SALSA20_SHA1 = 0xE410,
TLS_RSA_WITH_SALSA20_SHA1 = 0xE411,
TLS_ECDHE_RSA_WITH_ESTREAM_SALSA20_SHA1 = 0xE412,
TLS_ECDHE_RSA_WITH_SALSA20_SHA1 = 0xE413,
TLS_ECDHE_ECDSA_WITH_ESTREAM_SALSA20_SHA1 = 0xE414,
TLS_ECDHE_ECDSA_WITH_SALSA20_SHA1 = 0xE415,
TLS_PSK_WITH_ESTREAM_SALSA20_SHA1 = 0xE416,
TLS_PSK_WITH_SALSA20_SHA1 = 0xE417,
TLS_ECDHE_PSK_WITH_ESTREAM_SALSA20_SHA1 = 0xE418,
TLS_ECDHE_PSK_WITH_SALSA20_SHA1 = 0xE419,
TLS_RSA_PSK_WITH_ESTREAM_SALSA20_SHA1 = 0xE41A,
TLS_RSA_PSK_WITH_SALSA20_SHA1 = 0xE41B,
TLS_DHE_PSK_WITH_ESTREAM_SALSA20_SHA1 = 0xE41C,
TLS_DHE_PSK_WITH_SALSA20_SHA1 = 0xE41D,
TLS_DHE_RSA_WITH_ESTREAM_SALSA20_SHA1 = 0xE41E,
TLS_DHE_RSA_WITH_SALSA20_SHA1 = 0xE41F,
/*
* draft-ietf-tls-downgrade-scsv-00
*/
TLS_FALLBACK_SCSV = 0x5600,
/*
public static bool IsScsv (int cipherSuite)
{
switch (cipherSuite) {
case TLS_EMPTY_RENEGOTIATION_INFO_SCSV:
case TLS_FALLBACK_SCSV:
return true,
default:
return false,
}
}
*/
}
}

View File

@@ -0,0 +1,38 @@
//
// ExchangeAlgorithmType.cs
//
// Author:
// Martin Baulig <martin.baulig@xamarin.com>
//
// Copyright (c) 2015 Xamarin Inc. (http://www.xamarin.com)
//
// Permission is hereby granted, free of charge, to any person obtaining a copy
// of this software and associated documentation files (the "Software"), to deal
// in the Software without restriction, including without limitation the rights
// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
// copies of the Software, and to permit persons to whom the Software is
// furnished to do so, subject to the following conditions:
//
// The above copyright notice and this permission notice shall be included in
// all copies or substantial portions of the Software.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
// THE SOFTWARE.
using System;
namespace Mono.Security.Interface
{
public enum ExchangeAlgorithmType
{
None,
Dhe,
Rsa,
EcDhe
}
}

View File

@@ -0,0 +1,44 @@
//
// HashAlgorithmType.cs
//
// Author:
// Martin Baulig <martin.baulig@xamarin.com>
//
// Copyright (c) 2015 Xamarin, Inc.
//
// Permission is hereby granted, free of charge, to any person obtaining a copy
// of this software and associated documentation files (the "Software"), to deal
// in the Software without restriction, including without limitation the rights
// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
// copies of the Software, and to permit persons to whom the Software is
// furnished to do so, subject to the following conditions:
//
// The above copyright notice and this permission notice shall be included in
// all copies or substantial portions of the Software.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
// THE SOFTWARE.
namespace Mono.Security.Interface
{
public enum HashAlgorithmType
{
// These values refer to the @HashAlgorithm enumeration in the TLS 1.2 spec.
None = 0,
Md5 = 1,
Sha1 = 2,
Sha224 = 3,
Sha256 = 4,
Sha384 = 5,
Sha512 = 6,
Unknown = 255,
// Mono-specific addition, allowing us to reuse it IHashAlgorithm API for TLS 1.0 / 1.1.
Md5Sha1 = 254
}
}

View File

@@ -0,0 +1,43 @@
//
// IBufferOffsetSize.cs
//
// Author:
// Martin Baulig <martin.baulig@xamarin.com>
//
// Copyright (c) 2015 Xamarin, Inc.
//
// Permission is hereby granted, free of charge, to any person obtaining a copy
// of this software and associated documentation files (the "Software"), to deal
// in the Software without restriction, including without limitation the rights
// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
// copies of the Software, and to permit persons to whom the Software is
// furnished to do so, subject to the following conditions:
//
// The above copyright notice and this permission notice shall be included in
// all copies or substantial portions of the Software.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
// THE SOFTWARE.
namespace Mono.Security.Interface
{
public interface IBufferOffsetSize
{
byte[] Buffer {
get;
}
int Offset {
get;
}
int Size {
get;
}
}
}

View File

@@ -0,0 +1,195 @@
//
// IMonoSslStream.cs
//
// Author:
// Martin Baulig <martin.baulig@xamarin.com>
//
// Copyright (c) 2015 Xamarin, Inc.
//
// Permission is hereby granted, free of charge, to any person obtaining a copy
// of this software and associated documentation files (the "Software"), to deal
// in the Software without restriction, including without limitation the rights
// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
// copies of the Software, and to permit persons to whom the Software is
// furnished to do so, subject to the following conditions:
//
// The above copyright notice and this permission notice shall be included in
// all copies or substantial portions of the Software.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
// THE SOFTWARE.
using System;
using System.IO;
using System.Net;
using System.Net.Security;
using System.Threading.Tasks;
using SSA = System.Security.Authentication;
using System.Security.Cryptography.X509Certificates;
using System.Security.Principal;
using System.Security.Cryptography;
using Mono.Net.Security;
namespace Mono.Security.Interface
{
public interface IMonoSslStream : IDisposable
{
void AuthenticateAsClient (string targetHost);
void AuthenticateAsClient (string targetHost, X509CertificateCollection clientCertificates, SSA.SslProtocols enabledSslProtocols, bool checkCertificateRevocation);
IAsyncResult BeginAuthenticateAsClient (string targetHost, AsyncCallback asyncCallback, object asyncState);
IAsyncResult BeginAuthenticateAsClient (string targetHost, X509CertificateCollection clientCertificates, SSA.SslProtocols enabledSslProtocols, bool checkCertificateRevocation, AsyncCallback asyncCallback, object asyncState);
void EndAuthenticateAsClient (IAsyncResult asyncResult);
void AuthenticateAsServer (X509Certificate serverCertificate);
void AuthenticateAsServer (X509Certificate serverCertificate, bool clientCertificateRequired, SSA.SslProtocols enabledSslProtocols, bool checkCertificateRevocation);
IAsyncResult BeginAuthenticateAsServer (X509Certificate serverCertificate, AsyncCallback asyncCallback, object asyncState);
IAsyncResult BeginAuthenticateAsServer (X509Certificate serverCertificate, bool clientCertificateRequired, SSA.SslProtocols enabledSslProtocols, bool checkCertificateRevocation, AsyncCallback asyncCallback, object asyncState);
void EndAuthenticateAsServer (IAsyncResult asyncResult);
Task AuthenticateAsClientAsync (string targetHost);
Task AuthenticateAsClientAsync (string targetHost, X509CertificateCollection clientCertificates, SSA.SslProtocols enabledSslProtocols, bool checkCertificateRevocation);
Task AuthenticateAsServerAsync (X509Certificate serverCertificate);
Task AuthenticateAsServerAsync (X509Certificate serverCertificate, bool clientCertificateRequired, SSA.SslProtocols enabledSslProtocols, bool checkCertificateRevocation);
void Flush ();
int Read (byte[] buffer, int offset, int count);
void Write (byte[] buffer);
void Write (byte[] buffer, int offset, int count);
IAsyncResult BeginRead (byte[] buffer, int offset, int count, AsyncCallback asyncCallback, object asyncState);
int EndRead (IAsyncResult asyncResult);
IAsyncResult BeginWrite (byte[] buffer, int offset, int count, AsyncCallback asyncCallback, object asyncState);
void EndWrite (IAsyncResult asyncResult);
TransportContext TransportContext {
get;
}
bool IsAuthenticated {
get;
}
bool IsMutuallyAuthenticated {
get;
}
bool IsEncrypted {
get;
}
bool IsSigned {
get;
}
bool IsServer {
get;
}
SSA.CipherAlgorithmType CipherAlgorithm {
get;
}
int CipherStrength {
get;
}
SSA.HashAlgorithmType HashAlgorithm {
get;
}
int HashStrength {
get;
}
SSA.ExchangeAlgorithmType KeyExchangeAlgorithm {
get;
}
int KeyExchangeStrength {
get;
}
bool CanRead {
get;
}
bool CanTimeout {
get;
}
bool CanWrite {
get;
}
long Length {
get;
}
long Position {
get;
}
void SetLength (long value);
AuthenticatedStream AuthenticatedStream {
get;
}
int ReadTimeout {
get; set;
}
int WriteTimeout {
get; set;
}
bool CheckCertRevocationStatus {
get;
}
X509Certificate InternalLocalCertificate {
get;
}
X509Certificate LocalCertificate {
get;
}
X509Certificate RemoteCertificate {
get;
}
SSA.SslProtocols SslProtocol {
get;
}
MonoTlsProvider Provider {
get;
}
MonoTlsConnectionInfo GetConnectionInfo ();
}
}

View File

@@ -0,0 +1,71 @@
//
// IMonoTlsContext.cs
//
// Author:
// Martin Baulig <martin.baulig@xamarin.com>
//
// Copyright (c) 2015 Xamarin, Inc.
//
// Permission is hereby granted, free of charge, to any person obtaining a copy
// of this software and associated documentation files (the "Software"), to deal
// in the Software without restriction, including without limitation the rights
// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
// copies of the Software, and to permit persons to whom the Software is
// furnished to do so, subject to the following conditions:
//
// The above copyright notice and this permission notice shall be included in
// all copies or substantial portions of the Software.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
// THE SOFTWARE.
using System;
using System.Security.Cryptography;
using System.Security.Cryptography.X509Certificates;
namespace Mono.Security.Interface
{
interface IMonoTlsContext : IDisposable
{
bool IsServer {
get;
}
bool IsValid {
get;
}
void Initialize (IMonoTlsEventSink eventSink);
bool HasCredentials {
get;
}
void SetCertificate (X509Certificate certificate, AsymmetricAlgorithm privateKey);
int GenerateNextToken (IBufferOffsetSize incoming, out IBufferOffsetSize outgoing);
int EncryptMessage (ref IBufferOffsetSize incoming);
int DecryptMessage (ref IBufferOffsetSize incoming);
bool ReceivedCloseNotify {
get;
}
byte[] CreateCloseNotify ();
byte[] CreateHelloRequest ();
X509Certificate GetRemoteCertificate (out X509CertificateCollection remoteCertificateStore);
bool VerifyRemoteCertificate ();
MonoTlsConnectionInfo GetConnectionInfo ();
}
}

View File

@@ -0,0 +1,37 @@
//
// IMonoTlsEventSink.cs
//
// Author:
// Martin Baulig <martin.baulig@xamarin.com>
//
// Copyright (c) 2015 Xamarin, Inc.
//
// Permission is hereby granted, free of charge, to any person obtaining a copy
// of this software and associated documentation files (the "Software"), to deal
// in the Software without restriction, including without limitation the rights
// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
// copies of the Software, and to permit persons to whom the Software is
// furnished to do so, subject to the following conditions:
//
// The above copyright notice and this permission notice shall be included in
// all copies or substantial portions of the Software.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
// THE SOFTWARE.
using System;
namespace Mono.Security.Interface
{
public interface IMonoTlsEventSink
{
void Error (Exception exception);
void ReceivedCloseNotify ();
}
}

View File

@@ -0,0 +1,58 @@
//
// MonoTlsConnectionInfo.cs
//
// Author:
// Martin Baulig <martin.baulig@xamarin.com>
//
// Copyright (c) 2015 Xamarin, Inc.
//
// Permission is hereby granted, free of charge, to any person obtaining a copy
// of this software and associated documentation files (the "Software"), to deal
// in the Software without restriction, including without limitation the rights
// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
// copies of the Software, and to permit persons to whom the Software is
// furnished to do so, subject to the following conditions:
//
// The above copyright notice and this permission notice shall be included in
// all copies or substantial portions of the Software.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
// THE SOFTWARE.
using System;
namespace Mono.Security.Interface
{
public class MonoTlsConnectionInfo
{
public CipherSuiteCode CipherSuiteCode {
get; set;
}
public TlsProtocols ProtocolVersion {
get; set;
}
public CipherAlgorithmType CipherAlgorithmType {
get; set;
}
public HashAlgorithmType HashAlgorithmType {
get; set;
}
public ExchangeAlgorithmType ExchangeAlgorithmType {
get; set;
}
public override string ToString ()
{
return string.Format ("[MonoTlsConnectionInfo: {0}:{1}]", ProtocolVersion, CipherSuiteCode);
}
}
}

View File

@@ -0,0 +1,174 @@
//
// MonoTlsProvider.cs
//
// Author:
// Martin Baulig <martin.baulig@xamarin.com>
//
// Copyright (c) 2015 Xamarin, Inc.
//
// Permission is hereby granted, free of charge, to any person obtaining a copy
// of this software and associated documentation files (the "Software"), to deal
// in the Software without restriction, including without limitation the rights
// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
// copies of the Software, and to permit persons to whom the Software is
// furnished to do so, subject to the following conditions:
//
// The above copyright notice and this permission notice shall be included in
// all copies or substantial portions of the Software.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
// THE SOFTWARE.
using System;
using System.IO;
using System.Net;
using System.Net.Security;
using System.Security.Authentication;
using System.Security.Cryptography.X509Certificates;
using Mono.Security.Protocol.Tls;
namespace Mono.Security.Interface
{
/*
* Unfortunately, we can't use the public definitions from System.dll here, so we need to
* copy these.
*
* The @MonoRemoteCertificateValidationCallback also has an additional 'targetHost' argument.
*
*/
[Flags]
public enum MonoSslPolicyErrors
{
None = 0,
RemoteCertificateNotAvailable = 1,
RemoteCertificateNameMismatch = 2,
RemoteCertificateChainErrors = 4,
}
public enum MonoEncryptionPolicy
{
// Prohibit null ciphers (current system defaults)
RequireEncryption = 0,
// Add null ciphers to current system defaults
AllowNoEncryption,
// Request null ciphers only
NoEncryption
}
public delegate bool MonoRemoteCertificateValidationCallback (
string targetHost, X509Certificate certificate, X509Chain chain, MonoSslPolicyErrors sslPolicyErrors);
public delegate X509Certificate MonoLocalCertificateSelectionCallback (
string targetHost, X509CertificateCollection localCertificates, X509Certificate remoteCertificate,
string[] acceptableIssuers);
public abstract class MonoTlsProvider
{
internal MonoTlsProvider ()
{
}
public abstract Guid ID {
get;
}
public abstract string Name {
get;
}
#region SslStream
/*
* This section abstracts the @SslStream class.
*
*/
public abstract bool SupportsSslStream {
get;
}
/*
* Does this provider support IMonoSslStream.GetConnectionInfo() ?
*/
public abstract bool SupportsConnectionInfo {
get;
}
/*
* Whether or not this TLS Provider supports Mono-specific extensions
* (via @MonoTlsSettings).
*/
public abstract bool SupportsMonoExtensions {
get;
}
public abstract SslProtocols SupportedProtocols {
get;
}
/*
* Obtain a @IMonoSslStream instance.
*
*/
public abstract IMonoSslStream CreateSslStream (
Stream innerStream, bool leaveInnerStreamOpen,
MonoTlsSettings settings = null);
#endregion
#region Certificate Validation
/*
* Allows a TLS provider to provide a custom system certificiate validator.
*/
public virtual bool HasCustomSystemCertificateValidator {
get { return false; }
}
/*
* If @serverMode is true, then we're a server and want to validate a certificate
* that we received from a client.
*
* On OS X and Mobile, the @chain will be initialized with the @certificates, but not actually built.
*
* Returns `true` if certificate validation has been performed and `false` to invoke the
* default system validator.
*/
public virtual bool InvokeSystemCertificateValidator (
ICertificateValidator validator, string targetHost, bool serverMode,
X509CertificateCollection certificates, X509Chain chain, out bool success,
ref MonoSslPolicyErrors errors, ref int status11)
{
success = false;
return false;
}
#endregion
#region Manged SSPI
/*
* The managed SSPI implementation from the new TLS code.
*/
internal abstract bool SupportsTlsContext {
get;
}
internal abstract IMonoTlsContext CreateTlsContext (
string hostname, bool serverMode, TlsProtocols protocolFlags,
X509Certificate serverCertificate, X509CertificateCollection clientCertificates,
bool remoteCertRequired, MonoEncryptionPolicy encryptionPolicy,
MonoTlsSettings settings);
#endregion
}
}

View File

@@ -0,0 +1,113 @@
//
// MonoTlsProviderFactory.cs
//
// Author:
// Martin Baulig <martin.baulig@xamarin.com>
//
// Copyright (c) 2015 Xamarin, Inc.
//
// Permission is hereby granted, free of charge, to any person obtaining a copy
// of this software and associated documentation files (the "Software"), to deal
// in the Software without restriction, including without limitation the rights
// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
// copies of the Software, and to permit persons to whom the Software is
// furnished to do so, subject to the following conditions:
//
// The above copyright notice and this permission notice shall be included in
// all copies or substantial portions of the Software.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
// THE SOFTWARE.
using System;
using System.Net;
using System.Net.Security;
using System.Security.Cryptography.X509Certificates;
using Mono.Net.Security;
namespace Mono.Security.Interface
{
/*
* Public API front-end to System.dll's version.
*
* Keep in sync with System/Mono.Net.Security/MonoTlsProviderFactory.cs.
*/
public static partial class MonoTlsProviderFactory
{
/*
* Returns the currently installed @MonoTlsProvider, falling back to the default one.
*
* This method throws @NotSupportedException if no TLS Provider can be found.
*/
public static MonoTlsProvider GetProvider ()
{
return (MonoTlsProvider)NoReflectionHelper.GetProvider ();
}
/*
* Returns the default @MonoTlsProvider.
*
* This method throws @NotSupportedException if no TLS Provider can be found.
*/
public static MonoTlsProvider GetDefaultProvider ()
{
return (MonoTlsProvider)NoReflectionHelper.GetDefaultProvider ();
}
/*
* GetProvider() attempts to load and install the default provider and throws on error.
*
* This property checks whether a provider has previously been installed by a call
* to either GetProvider() or InstallProvider().
*
*/
public static bool HasProvider {
get {
return NoReflectionHelper.HasProvider;
}
}
/*
* Selects the default TLS Provider.
*
* May only be called at application startup and will throw
* @InvalidOperationException if a provider has already been installed.
*/
public static void SetDefaultProvider (string name)
{
NoReflectionHelper.SetDefaultProvider (name);
}
public static MonoTlsProvider GetProvider (string name)
{
return (MonoTlsProvider)NoReflectionHelper.GetProvider (name);
}
/*
* Create @HttpWebRequest with the specified @provider (may be null to use the default one).
*
* NOTE: This needs to be written as "System.Uri" to avoid ambiguity with Mono.Security.Uri in the
* mobile build.
*
*/
public static HttpWebRequest CreateHttpsRequest (System.Uri requestUri, MonoTlsProvider provider, MonoTlsSettings settings = null)
{
return NoReflectionHelper.CreateHttpsRequest (requestUri, provider, settings);
}
public static HttpListener CreateHttpListener (X509Certificate certificate, MonoTlsProvider provider = null, MonoTlsSettings settings = null)
{
return (HttpListener)NoReflectionHelper.CreateHttpListener (certificate, provider, settings);
}
public static IMonoSslStream GetMonoSslStream (SslStream stream)
{
return (IMonoSslStream)NoReflectionHelper.GetMonoSslStream (stream);
}
}
}

View File

@@ -0,0 +1,170 @@
//
// MonoTlsSettings.cs
//
// Author:
// Martin Baulig <martin.baulig@xamarin.com>
//
// Copyright (c) 2015 Xamarin, Inc.
//
// Permission is hereby granted, free of charge, to any person obtaining a copy
// of this software and associated documentation files (the "Software"), to deal
// in the Software without restriction, including without limitation the rights
// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
// copies of the Software, and to permit persons to whom the Software is
// furnished to do so, subject to the following conditions:
//
// The above copyright notice and this permission notice shall be included in
// all copies or substantial portions of the Software.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
// THE SOFTWARE.
using System;
using System.Threading;
using System.Security.Cryptography.X509Certificates;
namespace Mono.Security.Interface
{
public sealed class MonoTlsSettings
{
public MonoRemoteCertificateValidationCallback RemoteCertificateValidationCallback {
get; set;
}
public MonoLocalCertificateSelectionCallback ClientCertificateSelectionCallback {
get; set;
}
public bool CheckCertificateName {
get { return checkCertName; }
set { checkCertName = value; }
}
public bool CheckCertificateRevocationStatus {
get { return checkCertRevocationStatus; }
set { checkCertRevocationStatus = value; }
}
public bool UseServicePointManagerCallback {
get { return useServicePointManagerCallback; }
set { useServicePointManagerCallback = value; }
}
public bool SkipSystemValidators {
get { return skipSystemValidators; }
set { skipSystemValidators = value; }
}
public bool CallbackNeedsCertificateChain {
get { return callbackNeedsChain; }
set { callbackNeedsChain = value; }
}
/*
* This is only supported if CertificateValidationHelper.SupportsTrustAnchors is true.
*/
public X509CertificateCollection TrustAnchors {
get; set;
}
public object UserSettings {
get; set;
}
/*
* If you set this here, then it will override 'ServicePointManager.SecurityProtocol'.
*/
public TlsProtocols? EnabledProtocols {
get; set;
}
public CipherSuiteCode[] EnabledCiphers {
get; set;
}
bool cloned = false;
bool checkCertName = true;
bool checkCertRevocationStatus = false;
bool useServicePointManagerCallback = true;
bool skipSystemValidators = false;
bool callbackNeedsChain = true;
ICertificateValidator certificateValidator;
public MonoTlsSettings ()
{
}
static MonoTlsSettings defaultSettings;
public static MonoTlsSettings DefaultSettings {
get {
if (defaultSettings == null)
Interlocked.CompareExchange (ref defaultSettings, new MonoTlsSettings (), null);
return defaultSettings;
}
set {
defaultSettings = value ?? new MonoTlsSettings ();
}
}
public static MonoTlsSettings CopyDefaultSettings ()
{
return DefaultSettings.Clone ();
}
#region Private APIs
/*
* Private APIs - do not use!
*
* This is only public to avoid making our internals visible to System.dll.
*
*/
[Obsolete ("Do not use outside System.dll!")]
public ICertificateValidator CertificateValidator {
get { return certificateValidator; }
}
[Obsolete ("Do not use outside System.dll!")]
public MonoTlsSettings CloneWithValidator (ICertificateValidator validator)
{
if (cloned) {
this.certificateValidator = validator;
return this;
}
var copy = new MonoTlsSettings (this);
copy.certificateValidator = validator;
return copy;
}
public MonoTlsSettings Clone ()
{
return new MonoTlsSettings (this);
}
MonoTlsSettings (MonoTlsSettings other)
{
RemoteCertificateValidationCallback = other.RemoteCertificateValidationCallback;
ClientCertificateSelectionCallback = other.ClientCertificateSelectionCallback;
checkCertName = other.checkCertName;
checkCertRevocationStatus = other.checkCertRevocationStatus;
UseServicePointManagerCallback = other.useServicePointManagerCallback;
skipSystemValidators = other.skipSystemValidators;
callbackNeedsChain = other.callbackNeedsChain;
UserSettings = other.UserSettings;
EnabledProtocols = other.EnabledProtocols;
EnabledCiphers = other.EnabledCiphers;
TrustAnchors = other.TrustAnchors;
cloned = true;
}
#endregion
}
}

View File

@@ -0,0 +1 @@
See mcs/class/Mono.Security.Providers.NewSystemSource/README.md for a detailed README.

Some files were not shown because too many files have changed in this diff Show More