mono/linux-packaging-mono
0
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Imported Upstream version 4.3.2.467

Browse Source 
Former-commit-id: 9c2cb47f45fa221e661ab616387c9cda183f283d
This commit is contained in:
Xamarin Public Jenkins
2016-02-22 11:00:01 -05:00
parent f302175246
commit f3e3aab35a
4097 changed files with 122406 additions and 82300 deletions
Download Patch File Download Diff File Expand all files Collapse all files

277
mcs/class/Mono.Security/Mono.Security.Interface/Alert.cs Normal file
View File

@@ -0,0 +1,277 @@
//
// Alert.cs
//
// Author:
// Martin Baulig <martin.baulig@xamarin.com>
//
// Copyright (c) 2015 Xamarin, Inc.
//
// Permission is hereby granted, free of charge, to any person obtaining a copy
// of this software and associated documentation files (the "Software"), to deal
// in the Software without restriction, including without limitation the rights
// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
// copies of the Software, and to permit persons to whom the Software is
// furnished to do so, subject to the following conditions:
//
// The above copyright notice and this permission notice shall be included in
// all copies or substantial portions of the Software.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
// THE SOFTWARE.
using System;
namespace Mono.Security.Interface
{
#region Enumerations
public enum AlertLevel : byte
{
Warning = 1,
Fatal = 2
}
public enum AlertDescription : byte
{
CloseNotify = 0,
UnexpectedMessage = 10,
BadRecordMAC = 20,
DecryptionFailed_RESERVED = 21,
RecordOverflow = 22,
DecompressionFailure = 30,
HandshakeFailure = 40,
NoCertificate_RESERVED = 41, // should be used in SSL3
BadCertificate = 42,
UnsupportedCertificate = 43,
CertificateRevoked = 44,
CertificateExpired = 45,
CertificateUnknown = 46,
IlegalParameter = 47,
UnknownCA = 48,
AccessDenied = 49,
DecodeError = 50,
DecryptError = 51,
ExportRestriction = 60,
ProtocolVersion = 70,
InsuficientSecurity = 71,
InternalError = 80,
UserCancelled = 90,
NoRenegotiation = 100,
UnsupportedExtension = 110
}
#endregion
public class Alert
{
#region Fields
private AlertLevel level;
private AlertDescription description;
#endregion
#region Properties
public AlertLevel Level
{
get { return this.level; }
}
public AlertDescription Description
{
get { return this.description; }
}
public string Message
{
get { return Alert.GetAlertMessage(this.description); }
}
public bool IsWarning
{
get { return this.level == AlertLevel.Warning ? true : false; }
}
/*
public bool IsFatal
{
get { return this.level == AlertLevel.Fatal ? true : false; }
}
*/
public bool IsCloseNotify
{
get
{
if (this.IsWarning &&
this.description == AlertDescription.CloseNotify)
{
return true;
}
return false;
}
}
#endregion
#region Constructors
public Alert(AlertDescription description)
{
this.description = description;
this.inferAlertLevel();
}
public Alert(
AlertLevel level,
AlertDescription description)
{
this.level = level;
this.description = description;
}
#endregion
#region Private Methods
private void inferAlertLevel()
{
switch (description)
{
case AlertDescription.CloseNotify:
case AlertDescription.NoRenegotiation:
case AlertDescription.UserCancelled:
this.level = AlertLevel.Warning;
break;
case AlertDescription.AccessDenied:
case AlertDescription.BadCertificate:
case AlertDescription.BadRecordMAC:
case AlertDescription.CertificateExpired:
case AlertDescription.CertificateRevoked:
case AlertDescription.CertificateUnknown:
case AlertDescription.DecodeError:
case AlertDescription.DecompressionFailure:
case AlertDescription.DecryptError:
case AlertDescription.DecryptionFailed_RESERVED:
case AlertDescription.ExportRestriction:
case AlertDescription.HandshakeFailure:
case AlertDescription.IlegalParameter:
case AlertDescription.InsuficientSecurity:
case AlertDescription.InternalError:
case AlertDescription.ProtocolVersion:
case AlertDescription.RecordOverflow:
case AlertDescription.UnexpectedMessage:
case AlertDescription.UnknownCA:
case AlertDescription.UnsupportedCertificate:
case AlertDescription.UnsupportedExtension:
default:
this.level = AlertLevel.Fatal;
break;
}
}
#endregion
public override string ToString ()
{
return string.Format ("[Alert: {0}:{1}]", Level, Description);
}
#region Static Methods
public static string GetAlertMessage(AlertDescription description)
{
#if (DEBUG)
switch (description)
{
case AlertDescription.AccessDenied:
return "An inappropriate message was received.";
case AlertDescription.BadCertificate:
return "TLSCiphertext decrypted in an invalid way.";
case AlertDescription.BadRecordMAC:
return "Record with an incorrect MAC.";
case AlertDescription.CertificateExpired:
return "Certificate has expired or is not currently valid";
case AlertDescription.CertificateRevoked:
return "Certificate was revoked by its signer.";
case AlertDescription.CertificateUnknown:
return "Certificate Unknown.";
case AlertDescription.CloseNotify:
return "Connection closed";
case AlertDescription.DecodeError:
return "A message could not be decoded because some field was out of the specified range or the length of the message was incorrect.";
case AlertDescription.DecompressionFailure:
return "The decompression function received improper input (e.g. data that would expand to excessive length).";
case AlertDescription.DecryptError:
return "TLSCiphertext decrypted in an invalid way: either it wasn`t an even multiple of the block length or its padding values, when checked, weren`t correct.";
case AlertDescription.DecryptionFailed_RESERVED:
return "Handshake cryptographic operation failed, including being unable to correctly verify a signature, decrypt a key exchange, or validate finished message.";
case AlertDescription.ExportRestriction:
return "Negotiation not in compliance with export restrictions was detected.";
case AlertDescription.HandshakeFailure:
return "Unable to negotiate an acceptable set of security parameters given the options available.";
case AlertDescription.IlegalParameter:
return "A field in the handshake was out of range or inconsistent with other fields.";
case AlertDescription.InsuficientSecurity:
return "Negotiation has failed specifically because the server requires ciphers more secure than those supported by the client.";
case AlertDescription.InternalError:
return "Internal error unrelated to the peer or the correctness of the protocol makes it impossible to continue.";
case AlertDescription.NoRenegotiation:
return "Invalid renegotiation.";
case AlertDescription.ProtocolVersion:
return "Unsupported protocol version.";
case AlertDescription.RecordOverflow:
return "Invalid length on TLSCiphertext record or TLSCompressed record.";
case AlertDescription.UnexpectedMessage:
return "Invalid message received.";
case AlertDescription.UnknownCA:
return "CA can't be identified as a trusted CA.";
case AlertDescription.UnsupportedCertificate:
return "Certificate was of an unsupported type.";
case AlertDescription.UserCancelled:
return "Handshake cancelled by user.";
case AlertDescription.UnsupportedExtension:
return "Unsupported extension.";
default:
return "";
}
#else
return "The authentication or decryption has failed.";
#endif
}
#endregion
}
}

96
mcs/class/Mono.Security/Mono.Security.Interface/BufferOffsetSize.cs Normal file
View File

@@ -0,0 +1,96 @@
//
// BufferOffsetSize.cs
//
// Author:
// Martin Baulig <martin.baulig@xamarin.com>
//
// Copyright (c) 2014-2016 Xamarin Inc. (http://www.xamarin.com)
//
// Permission is hereby granted, free of charge, to any person obtaining a copy
// of this software and associated documentation files (the "Software"), to deal
// in the Software without restriction, including without limitation the rights
// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
// copies of the Software, and to permit persons to whom the Software is
// furnished to do so, subject to the following conditions:
//
// The above copyright notice and this permission notice shall be included in
// all copies or substantial portions of the Software.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
// THE SOFTWARE.
using System;
namespace Mono.Security.Interface
{
public class BufferOffsetSize : SecretParameters, IBufferOffsetSize
{
public byte[] Buffer {
get;
private set;
}
public int Offset {
get;
internal set;
}
public int Size {
get { return EndOffset - Offset; }
}
public int EndOffset {
get;
internal set;
}
public BufferOffsetSize (byte[] buffer, int offset, int size)
{
Buffer = buffer;
Offset = offset;
EndOffset = offset + size;
}
public BufferOffsetSize (byte[] buffer)
: this (buffer, 0, buffer.Length)
{
}
public BufferOffsetSize (int size)
: this (new byte [size])
{
}
public byte[] GetBuffer ()
{
var copy = new byte [Size];
Array.Copy (Buffer, Offset, copy, 0, Size);
return copy;
}
public void TruncateTo (int newSize)
{
if (newSize > Size)
throw new ArgumentException ("newSize");
EndOffset = Offset + newSize;
}
protected void SetBuffer (byte[] buffer, int offset, int size)
{
Buffer = buffer;
Offset = offset;
EndOffset = offset + size;
}
protected override void Clear ()
{
Buffer = null;
Offset = EndOffset = 0;
}
}
}

161
mcs/class/Mono.Security/Mono.Security.Interface/CertificateValidationHelper.cs Normal file
View File

@@ -0,0 +1,161 @@
//
// CertificateValidationHelper.cs
//
// Author:
// Martin Baulig <martin.baulig@xamarin.com>
//
// Copyright (c) 2015 Xamarin, Inc.
//
// Permission is hereby granted, free of charge, to any person obtaining a copy
// of this software and associated documentation files (the "Software"), to deal
// in the Software without restriction, including without limitation the rights
// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
// copies of the Software, and to permit persons to whom the Software is
// furnished to do so, subject to the following conditions:
//
// The above copyright notice and this permission notice shall be included in
// all copies or substantial portions of the Software.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
// THE SOFTWARE.
using System;
using System.IO;
using System.Net;
using System.Net.Security;
using System.Threading;
using System.Security.Cryptography.X509Certificates;
using Mono.Security.Protocol.Tls;
using MX = Mono.Security.X509;
using Mono.Net.Security;
namespace Mono.Security.Interface
{
public class ValidationResult
{
bool trusted;
bool user_denied;
int error_code;
MonoSslPolicyErrors? policy_errors;
public ValidationResult (bool trusted, bool user_denied, int error_code, MonoSslPolicyErrors? policy_errors)
{
this.trusted = trusted;
this.user_denied = user_denied;
this.error_code = error_code;
this.policy_errors = policy_errors;
}
internal ValidationResult (bool trusted, bool user_denied, int error_code)
{
this.trusted = trusted;
this.user_denied = user_denied;
this.error_code = error_code;
}
public bool Trusted {
get { return trusted; }
}
public bool UserDenied {
get { return user_denied; }
}
public int ErrorCode {
get { return error_code; }
}
public MonoSslPolicyErrors? PolicyErrors {
get { return policy_errors; }
}
}
/**
* Internal interface - do not implement
*/
public interface ICertificateValidator
{
MonoTlsSettings Settings {
get;
}
/*
* Returns `true` if a client certificate has been selected (which could be `null`).
*/
bool SelectClientCertificate (
string targetHost, X509CertificateCollection localCertificates, X509Certificate remoteCertificate,
string[] acceptableIssuers, out X509Certificate clientCertificate);
/*
* If @serverMode is true, then we're a server and want to validate a certificate that we received from a client.
*/
ValidationResult ValidateCertificate (string targetHost, bool serverMode, X509CertificateCollection certificates);
/*
* On OS X and Mobile, the @chain will be initialized with the @certificates, but not actually built.
*/
bool InvokeSystemValidator (
string targetHost, bool serverMode, X509CertificateCollection certificates,
X509Chain chain, ref MonoSslPolicyErrors errors, ref int status11);
}
public static class CertificateValidationHelper
{
const string SecurityLibrary = "/System/Library/Frameworks/Security.framework/Security";
static readonly bool noX509Chain;
static readonly bool supportsTrustAnchors;
static CertificateValidationHelper ()
{
#if MONOTOUCH || XAMMAC
noX509Chain = true;
supportsTrustAnchors = true;
#elif MONODROID
noX509Chain = true;
supportsTrustAnchors = false;
#else
if (File.Exists (SecurityLibrary)) {
noX509Chain = true;
supportsTrustAnchors = true;
} else {
noX509Chain = false;
supportsTrustAnchors = false;
}
#endif
}
public static bool SupportsX509Chain {
get { return !noX509Chain; }
}
public static bool SupportsTrustAnchors {
get { return supportsTrustAnchors; }
}
static ICertificateValidator GetDefaultValidator (MonoTlsProvider provider, MonoTlsSettings settings)
{
return (ICertificateValidator)NoReflectionHelper.GetDefaultCertificateValidator (provider, settings);
}
/*
* Internal API, intended to be used by MonoTlsProvider implementations.
*/
public static ICertificateValidator GetValidator (MonoTlsProvider provider, MonoTlsSettings settings)
{
return GetDefaultValidator (provider, settings);
}
/*
* Use this overloaded version in user code.
*/
public static ICertificateValidator GetValidator (MonoTlsSettings settings)
{
return GetDefaultValidator (null, settings);
}
}
}

39
mcs/class/Mono.Security/Mono.Security.Interface/CipherAlgorithmType.cs Normal file
View File

@@ -0,0 +1,39 @@
//
// CipherAlgorithmType.cs
//
// Author:
// Martin Baulig <martin.baulig@xamarin.com>
//
// Copyright (c) 2015 Xamarin Inc. (http://www.xamarin.com)
//
// Permission is hereby granted, free of charge, to any person obtaining a copy
// of this software and associated documentation files (the "Software"), to deal
// in the Software without restriction, including without limitation the rights
// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
// copies of the Software, and to permit persons to whom the Software is
// furnished to do so, subject to the following conditions:
//
// The above copyright notice and this permission notice shall be included in
// all copies or substantial portions of the Software.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
// THE SOFTWARE.
using System;
namespace Mono.Security.Interface
{
public enum CipherAlgorithmType
{
None,
Aes128,
Aes256,
AesGcm128,
AesGcm256
}
}

398
mcs/class/Mono.Security/Mono.Security.Interface/CipherSuiteCode.cs Normal file
View File

@@ -0,0 +1,398 @@
//
// CipherSuiteCode.cs
//
// Author:
// Martin Baulig <martin.baulig@xamarin.com>
//
// Copyright (c) 2015 Xamarin, Inc.
//
// Permission is hereby granted, free of charge, to any person obtaining a copy
// of this software and associated documentation files (the "Software"), to deal
// in the Software without restriction, including without limitation the rights
// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
// copies of the Software, and to permit persons to whom the Software is
// furnished to do so, subject to the following conditions:
//
// The above copyright notice and this permission notice shall be included in
// all copies or substantial portions of the Software.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
// THE SOFTWARE.
using System;
namespace Mono.Security.Interface
{
/// <summary>
/// RFC 2246 A.5
/// </summary>
public enum CipherSuiteCode : ushort
{
TLS_NULL_WITH_NULL_NULL = 0x0000,
TLS_RSA_WITH_NULL_MD5 = 0x0001,
TLS_RSA_WITH_NULL_SHA = 0x0002,
TLS_RSA_EXPORT_WITH_RC4_40_MD5 = 0x0003,
TLS_RSA_WITH_RC4_128_MD5 = 0x0004,
TLS_RSA_WITH_RC4_128_SHA = 0x0005,
TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 = 0x0006,
TLS_RSA_WITH_IDEA_CBC_SHA = 0x0007,
TLS_RSA_EXPORT_WITH_DES40_CBC_SHA = 0x0008,
TLS_RSA_WITH_DES_CBC_SHA = 0x0009,
TLS_RSA_WITH_3DES_EDE_CBC_SHA = 0x000A,
TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA = 0x000B,
TLS_DH_DSS_WITH_DES_CBC_SHA = 0x000C,
TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA = 0x000D,
TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA = 0x000E,
TLS_DH_RSA_WITH_DES_CBC_SHA = 0x000F,
TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA = 0x0010,
TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA = 0x0011,
TLS_DHE_DSS_WITH_DES_CBC_SHA = 0x0012,
TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA = 0x0013,
TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA = 0x0014,
TLS_DHE_RSA_WITH_DES_CBC_SHA = 0x0015,
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA = 0x0016,
TLS_DH_anon_EXPORT_WITH_RC4_40_MD5 = 0x0017,
TLS_DH_anon_WITH_RC4_128_MD5 = 0x0018,
TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA = 0x0019,
TLS_DH_anon_WITH_DES_CBC_SHA = 0x001A,
TLS_DH_anon_WITH_3DES_EDE_CBC_SHA = 0x001B,
/*
* Note: The cipher suite values { 0x00, 0x1C } and { 0x00, 0x1D } are reserved to avoid
* collision with Fortezza-based cipher suites in SSL 3.
*/
/*
* RFC 3268
*/
TLS_RSA_WITH_AES_128_CBC_SHA = 0x002F,
TLS_DH_DSS_WITH_AES_128_CBC_SHA = 0x0030,
TLS_DH_RSA_WITH_AES_128_CBC_SHA = 0x0031,
TLS_DHE_DSS_WITH_AES_128_CBC_SHA = 0x0032,
TLS_DHE_RSA_WITH_AES_128_CBC_SHA = 0x0033,
TLS_DH_anon_WITH_AES_128_CBC_SHA = 0x0034,
TLS_RSA_WITH_AES_256_CBC_SHA = 0x0035,
TLS_DH_DSS_WITH_AES_256_CBC_SHA = 0x0036,
TLS_DH_RSA_WITH_AES_256_CBC_SHA = 0x0037,
TLS_DHE_DSS_WITH_AES_256_CBC_SHA = 0x0038,
TLS_DHE_RSA_WITH_AES_256_CBC_SHA = 0x0039,
TLS_DH_anon_WITH_AES_256_CBC_SHA = 0x003A,
/*
* RFC 5932
*/
TLS_RSA_WITH_CAMELLIA_128_CBC_SHA = 0x0041,
TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA = 0x0042,
TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA = 0x0043,
TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA = 0x0044,
TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA = 0x0045,
TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA = 0x0046,
TLS_RSA_WITH_CAMELLIA_256_CBC_SHA = 0x0084,
TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA = 0x0085,
TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA = 0x0086,
TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA = 0x0087,
TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA = 0x0088,
TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA = 0x0089,
TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 0x00BA,
TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256 = 0x00BB,
TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 0x00BC,
TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 = 0x00BD,
TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 0x00BE,
TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256 = 0x00BF,
TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 = 0x00C0,
TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256 = 0x00C1,
TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256 = 0x00C2,
TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 = 0x00C3,
TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 = 0x00C4,
TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256 = 0x00C5,
/*
* RFC 4162
*/
TLS_RSA_WITH_SEED_CBC_SHA = 0x0096,
TLS_DH_DSS_WITH_SEED_CBC_SHA = 0x0097,
TLS_DH_RSA_WITH_SEED_CBC_SHA = 0x0098,
TLS_DHE_DSS_WITH_SEED_CBC_SHA = 0x0099,
TLS_DHE_RSA_WITH_SEED_CBC_SHA = 0x009A,
TLS_DH_anon_WITH_SEED_CBC_SHA = 0x009B,
/*
* RFC 4279
*/
TLS_PSK_WITH_RC4_128_SHA = 0x008A,
TLS_PSK_WITH_3DES_EDE_CBC_SHA = 0x008B,
TLS_PSK_WITH_AES_128_CBC_SHA = 0x008C,
TLS_PSK_WITH_AES_256_CBC_SHA = 0x008D,
TLS_DHE_PSK_WITH_RC4_128_SHA = 0x008E,
TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA = 0x008F,
TLS_DHE_PSK_WITH_AES_128_CBC_SHA = 0x0090,
TLS_DHE_PSK_WITH_AES_256_CBC_SHA = 0x0091,
TLS_RSA_PSK_WITH_RC4_128_SHA = 0x0092,
TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA = 0x0093,
TLS_RSA_PSK_WITH_AES_128_CBC_SHA = 0x0094,
TLS_RSA_PSK_WITH_AES_256_CBC_SHA = 0x0095,
/*
* RFC 4492
*/
TLS_ECDH_ECDSA_WITH_NULL_SHA = 0xC001,
TLS_ECDH_ECDSA_WITH_RC4_128_SHA = 0xC002,
TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA = 0xC003,
TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA = 0xC004,
TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA = 0xC005,
TLS_ECDHE_ECDSA_WITH_NULL_SHA = 0xC006,
TLS_ECDHE_ECDSA_WITH_RC4_128_SHA = 0xC007,
TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA = 0xC008,
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA = 0xC009,
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA = 0xC00A,
TLS_ECDH_RSA_WITH_NULL_SHA = 0xC00B,
TLS_ECDH_RSA_WITH_RC4_128_SHA = 0xC00C,
TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA = 0xC00D,
TLS_ECDH_RSA_WITH_AES_128_CBC_SHA = 0xC00E,
TLS_ECDH_RSA_WITH_AES_256_CBC_SHA = 0xC00F,
TLS_ECDHE_RSA_WITH_NULL_SHA = 0xC010,
TLS_ECDHE_RSA_WITH_RC4_128_SHA = 0xC011,
TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA = 0xC012,
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA = 0xC013,
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA = 0xC014,
TLS_ECDH_anon_WITH_NULL_SHA = 0xC015,
TLS_ECDH_anon_WITH_RC4_128_SHA = 0xC016,
TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA = 0xC017,
TLS_ECDH_anon_WITH_AES_128_CBC_SHA = 0xC018,
TLS_ECDH_anon_WITH_AES_256_CBC_SHA = 0xC019,
/*
* RFC 4785
*/
TLS_PSK_WITH_NULL_SHA = 0x002C,
TLS_DHE_PSK_WITH_NULL_SHA = 0x002D,
TLS_RSA_PSK_WITH_NULL_SHA = 0x002E,
/*
* RFC 5054
*/
TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA = 0xC01A,
TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA = 0xC01B,
TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA = 0xC01C,
TLS_SRP_SHA_WITH_AES_128_CBC_SHA = 0xC01D,
TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA = 0xC01E,
TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA = 0xC01F,
TLS_SRP_SHA_WITH_AES_256_CBC_SHA = 0xC020,
TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA = 0xC021,
TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA = 0xC022,
/*
* RFC 5246
*/
TLS_RSA_WITH_NULL_SHA256 = 0x003B,
TLS_RSA_WITH_AES_128_CBC_SHA256 = 0x003C,
TLS_RSA_WITH_AES_256_CBC_SHA256 = 0x003D,
TLS_DH_DSS_WITH_AES_128_CBC_SHA256 = 0x003E,
TLS_DH_RSA_WITH_AES_128_CBC_SHA256 = 0x003F,
TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 = 0x0040,
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 = 0x0067,
TLS_DH_DSS_WITH_AES_256_CBC_SHA256 = 0x0068,
TLS_DH_RSA_WITH_AES_256_CBC_SHA256 = 0x0069,
TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 = 0x006A,
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 = 0x006B,
TLS_DH_anon_WITH_AES_128_CBC_SHA256 = 0x006C,
TLS_DH_anon_WITH_AES_256_CBC_SHA256 = 0x006D,
/*
* RFC 5288
*/
TLS_RSA_WITH_AES_128_GCM_SHA256 = 0x009C,
TLS_RSA_WITH_AES_256_GCM_SHA384 = 0x009D,
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 = 0x009E,
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 = 0x009F,
TLS_DH_RSA_WITH_AES_128_GCM_SHA256 = 0x00A0,
TLS_DH_RSA_WITH_AES_256_GCM_SHA384 = 0x00A1,
TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 = 0x00A2,
TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 = 0x00A3,
TLS_DH_DSS_WITH_AES_128_GCM_SHA256 = 0x00A4,
TLS_DH_DSS_WITH_AES_256_GCM_SHA384 = 0x00A5,
TLS_DH_anon_WITH_AES_128_GCM_SHA256 = 0x00A6,
TLS_DH_anon_WITH_AES_256_GCM_SHA384 = 0x00A7,
/*
* RFC 5289
*/
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 = 0xC023,
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 = 0xC024,
TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 = 0xC025,
TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 = 0xC026,
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 = 0xC027,
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 = 0xC028,
TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 = 0xC029,
TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 = 0xC02A,
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 = 0xC02B,
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 = 0xC02C,
TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 = 0xC02D,
TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 = 0xC02E,
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 = 0xC02F,
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 = 0xC030,
TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 = 0xC031,
TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 = 0xC032,
/*
* RFC 5487
*/
TLS_PSK_WITH_AES_128_GCM_SHA256 = 0x00A8,
TLS_PSK_WITH_AES_256_GCM_SHA384 = 0x00A9,
TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 = 0x00AA,
TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 = 0x00AB,
TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 = 0x00AC,
TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 = 0x00AD,
TLS_PSK_WITH_AES_128_CBC_SHA256 = 0x00AE,
TLS_PSK_WITH_AES_256_CBC_SHA384 = 0x00AF,
TLS_PSK_WITH_NULL_SHA256 = 0x00B0,
TLS_PSK_WITH_NULL_SHA384 = 0x00B1,
TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 = 0x00B2,
TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 = 0x00B3,
TLS_DHE_PSK_WITH_NULL_SHA256 = 0x00B4,
TLS_DHE_PSK_WITH_NULL_SHA384 = 0x00B5,
TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 = 0x00B6,
TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 = 0x00B7,
TLS_RSA_PSK_WITH_NULL_SHA256 = 0x00B8,
TLS_RSA_PSK_WITH_NULL_SHA384 = 0x00B9,
/*
* RFC 5489
*/
TLS_ECDHE_PSK_WITH_RC4_128_SHA = 0xC033,
TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA = 0xC034,
TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA = 0xC035,
TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA = 0xC036,
TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 = 0xC037,
TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 = 0xC038,
TLS_ECDHE_PSK_WITH_NULL_SHA = 0xC039,
TLS_ECDHE_PSK_WITH_NULL_SHA256 = 0xC03A,
TLS_ECDHE_PSK_WITH_NULL_SHA384 = 0xC03B,
/*
* RFC 5746
*/
TLS_EMPTY_RENEGOTIATION_INFO_SCSV = 0x00FF,
/*
* RFC 6367
*/
TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 = 0xC072,
TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 = 0xC073,
TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 = 0xC074,
TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 = 0xC075,
TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 0xC076,
TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 = 0xC077,
TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 0xC078,
TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 = 0xC079,
TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 = 0xC07A,
TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 = 0xC07B,
TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 = 0xC07C,
TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 = 0xC07D,
TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256 = 0xC07E,
TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384 = 0xC07F,
TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256 = 0xC080,
TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384 = 0xC081,
TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256 = 0xC082,
TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384 = 0xC083,
TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256 = 0xC084,
TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384 = 0xC085,
TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 = 0xC086,
TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 = 0xC087,
TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 = 0xC088,
TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 = 0xC089,
TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 = 0xC08A,
TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 = 0xC08B,
TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 = 0xC08C,
TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 = 0xC08D,
TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 = 0xC08E,
TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 = 0xC08F,
TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 = 0xC090,
TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 = 0xC091,
TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 = 0xC092,
TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 = 0xC093,
TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 = 0xC094,
TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 = 0xC095,
TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 = 0xC096,
TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 = 0xC097,
TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 = 0xC098,
TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 = 0xC099,
TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 = 0xC09A,
TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 = 0xC09B,
/*
* RFC 6655
*/
TLS_RSA_WITH_AES_128_CCM = 0xC09C,
TLS_RSA_WITH_AES_256_CCM = 0xC09D,
TLS_DHE_RSA_WITH_AES_128_CCM = 0xC09E,
TLS_DHE_RSA_WITH_AES_256_CCM = 0xC09F,
TLS_RSA_WITH_AES_128_CCM_8 = 0xC0A0,
TLS_RSA_WITH_AES_256_CCM_8 = 0xC0A1,
TLS_DHE_RSA_WITH_AES_128_CCM_8 = 0xC0A2,
TLS_DHE_RSA_WITH_AES_256_CCM_8 = 0xC0A3,
TLS_PSK_WITH_AES_128_CCM = 0xC0A4,
TLS_PSK_WITH_AES_256_CCM = 0xC0A5,
TLS_DHE_PSK_WITH_AES_128_CCM = 0xC0A6,
TLS_DHE_PSK_WITH_AES_256_CCM = 0xC0A7,
TLS_PSK_WITH_AES_128_CCM_8 = 0xC0A8,
TLS_PSK_WITH_AES_256_CCM_8 = 0xC0A9,
TLS_PSK_DHE_WITH_AES_128_CCM_8 = 0xC0AA,
TLS_PSK_DHE_WITH_AES_256_CCM_8 = 0xC0AB,
/*
* draft-agl-tls-chacha20poly1305-04
*/
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 = 0xCC13,
TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 = 0xCC14,
TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 = 0xCC15,
/*
* draft-josefsson-salsa20-tls-04
*/
TLS_RSA_WITH_ESTREAM_SALSA20_SHA1 = 0xE410,
TLS_RSA_WITH_SALSA20_SHA1 = 0xE411,
TLS_ECDHE_RSA_WITH_ESTREAM_SALSA20_SHA1 = 0xE412,
TLS_ECDHE_RSA_WITH_SALSA20_SHA1 = 0xE413,
TLS_ECDHE_ECDSA_WITH_ESTREAM_SALSA20_SHA1 = 0xE414,
TLS_ECDHE_ECDSA_WITH_SALSA20_SHA1 = 0xE415,
TLS_PSK_WITH_ESTREAM_SALSA20_SHA1 = 0xE416,
TLS_PSK_WITH_SALSA20_SHA1 = 0xE417,
TLS_ECDHE_PSK_WITH_ESTREAM_SALSA20_SHA1 = 0xE418,
TLS_ECDHE_PSK_WITH_SALSA20_SHA1 = 0xE419,
TLS_RSA_PSK_WITH_ESTREAM_SALSA20_SHA1 = 0xE41A,
TLS_RSA_PSK_WITH_SALSA20_SHA1 = 0xE41B,
TLS_DHE_PSK_WITH_ESTREAM_SALSA20_SHA1 = 0xE41C,
TLS_DHE_PSK_WITH_SALSA20_SHA1 = 0xE41D,
TLS_DHE_RSA_WITH_ESTREAM_SALSA20_SHA1 = 0xE41E,
TLS_DHE_RSA_WITH_SALSA20_SHA1 = 0xE41F,
/*
* draft-ietf-tls-downgrade-scsv-00
*/
TLS_FALLBACK_SCSV = 0x5600,
/*
public static bool IsScsv (int cipherSuite)
{
switch (cipherSuite) {
case TLS_EMPTY_RENEGOTIATION_INFO_SCSV:
case TLS_FALLBACK_SCSV:
return true,
default:
return false,
}
}
*/
}
}

38
mcs/class/Mono.Security/Mono.Security.Interface/ExchangeAlgorithmType.cs Normal file
View File

@@ -0,0 +1,38 @@
//
// ExchangeAlgorithmType.cs
//
// Author:
// Martin Baulig <martin.baulig@xamarin.com>
//
// Copyright (c) 2015 Xamarin Inc. (http://www.xamarin.com)
//
// Permission is hereby granted, free of charge, to any person obtaining a copy
// of this software and associated documentation files (the "Software"), to deal
// in the Software without restriction, including without limitation the rights
// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
// copies of the Software, and to permit persons to whom the Software is
// furnished to do so, subject to the following conditions:
//
// The above copyright notice and this permission notice shall be included in
// all copies or substantial portions of the Software.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
// THE SOFTWARE.
using System;
namespace Mono.Security.Interface
{
public enum ExchangeAlgorithmType
{
None,
Dhe,
Rsa,
EcDhe
}
}

44
mcs/class/Mono.Security/Mono.Security.Interface/HashAlgorithmType.cs Normal file
View File

@@ -0,0 +1,44 @@
//
// HashAlgorithmType.cs
//
// Author:
// Martin Baulig <martin.baulig@xamarin.com>
//
// Copyright (c) 2015 Xamarin, Inc.
//
// Permission is hereby granted, free of charge, to any person obtaining a copy
// of this software and associated documentation files (the "Software"), to deal
// in the Software without restriction, including without limitation the rights
// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
// copies of the Software, and to permit persons to whom the Software is
// furnished to do so, subject to the following conditions:
//
// The above copyright notice and this permission notice shall be included in
// all copies or substantial portions of the Software.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
// THE SOFTWARE.
namespace Mono.Security.Interface
{
public enum HashAlgorithmType
{
// These values refer to the @HashAlgorithm enumeration in the TLS 1.2 spec.
None = 0,
Md5 = 1,
Sha1 = 2,
Sha224 = 3,
Sha256 = 4,
Sha384 = 5,
Sha512 = 6,
Unknown = 255,
// Mono-specific addition, allowing us to reuse it IHashAlgorithm API for TLS 1.0 / 1.1.
Md5Sha1 = 254
}
}

43
mcs/class/Mono.Security/Mono.Security.Interface/IBufferOffsetSize.cs Normal file
View File

@@ -0,0 +1,43 @@
//
// IBufferOffsetSize.cs
//
// Author:
// Martin Baulig <martin.baulig@xamarin.com>
//
// Copyright (c) 2015 Xamarin, Inc.
//
// Permission is hereby granted, free of charge, to any person obtaining a copy
// of this software and associated documentation files (the "Software"), to deal
// in the Software without restriction, including without limitation the rights
// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
// copies of the Software, and to permit persons to whom the Software is
// furnished to do so, subject to the following conditions:
//
// The above copyright notice and this permission notice shall be included in
// all copies or substantial portions of the Software.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
// THE SOFTWARE.
namespace Mono.Security.Interface
{
public interface IBufferOffsetSize
{
byte[] Buffer {
get;
}
int Offset {
get;
}
int Size {
get;
}
}
}

195
mcs/class/Mono.Security/Mono.Security.Interface/IMonoSslStream.cs Normal file
View File

@@ -0,0 +1,195 @@
//
// IMonoSslStream.cs
//
// Author:
// Martin Baulig <martin.baulig@xamarin.com>
//
// Copyright (c) 2015 Xamarin, Inc.
//
// Permission is hereby granted, free of charge, to any person obtaining a copy
// of this software and associated documentation files (the "Software"), to deal
// in the Software without restriction, including without limitation the rights
// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
// copies of the Software, and to permit persons to whom the Software is
// furnished to do so, subject to the following conditions:
//
// The above copyright notice and this permission notice shall be included in
// all copies or substantial portions of the Software.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
// THE SOFTWARE.
using System;
using System.IO;
using System.Net;
using System.Net.Security;
using System.Threading.Tasks;
using SSA = System.Security.Authentication;
using System.Security.Cryptography.X509Certificates;
using System.Security.Principal;
using System.Security.Cryptography;
using Mono.Net.Security;
namespace Mono.Security.Interface
{
public interface IMonoSslStream : IDisposable
{
void AuthenticateAsClient (string targetHost);
void AuthenticateAsClient (string targetHost, X509CertificateCollection clientCertificates, SSA.SslProtocols enabledSslProtocols, bool checkCertificateRevocation);
IAsyncResult BeginAuthenticateAsClient (string targetHost, AsyncCallback asyncCallback, object asyncState);
IAsyncResult BeginAuthenticateAsClient (string targetHost, X509CertificateCollection clientCertificates, SSA.SslProtocols enabledSslProtocols, bool checkCertificateRevocation, AsyncCallback asyncCallback, object asyncState);
void EndAuthenticateAsClient (IAsyncResult asyncResult);
void AuthenticateAsServer (X509Certificate serverCertificate);
void AuthenticateAsServer (X509Certificate serverCertificate, bool clientCertificateRequired, SSA.SslProtocols enabledSslProtocols, bool checkCertificateRevocation);
IAsyncResult BeginAuthenticateAsServer (X509Certificate serverCertificate, AsyncCallback asyncCallback, object asyncState);
IAsyncResult BeginAuthenticateAsServer (X509Certificate serverCertificate, bool clientCertificateRequired, SSA.SslProtocols enabledSslProtocols, bool checkCertificateRevocation, AsyncCallback asyncCallback, object asyncState);
void EndAuthenticateAsServer (IAsyncResult asyncResult);
Task AuthenticateAsClientAsync (string targetHost);
Task AuthenticateAsClientAsync (string targetHost, X509CertificateCollection clientCertificates, SSA.SslProtocols enabledSslProtocols, bool checkCertificateRevocation);
Task AuthenticateAsServerAsync (X509Certificate serverCertificate);
Task AuthenticateAsServerAsync (X509Certificate serverCertificate, bool clientCertificateRequired, SSA.SslProtocols enabledSslProtocols, bool checkCertificateRevocation);
void Flush ();
int Read (byte[] buffer, int offset, int count);
void Write (byte[] buffer);
void Write (byte[] buffer, int offset, int count);
IAsyncResult BeginRead (byte[] buffer, int offset, int count, AsyncCallback asyncCallback, object asyncState);
int EndRead (IAsyncResult asyncResult);
IAsyncResult BeginWrite (byte[] buffer, int offset, int count, AsyncCallback asyncCallback, object asyncState);
void EndWrite (IAsyncResult asyncResult);
TransportContext TransportContext {
get;
}
bool IsAuthenticated {
get;
}
bool IsMutuallyAuthenticated {
get;
}
bool IsEncrypted {
get;
}
bool IsSigned {
get;
}
bool IsServer {
get;
}
SSA.CipherAlgorithmType CipherAlgorithm {
get;
}
int CipherStrength {
get;
}
SSA.HashAlgorithmType HashAlgorithm {
get;
}
int HashStrength {
get;
}
SSA.ExchangeAlgorithmType KeyExchangeAlgorithm {
get;
}
int KeyExchangeStrength {
get;
}
bool CanRead {
get;
}
bool CanTimeout {
get;
}
bool CanWrite {
get;
}
long Length {
get;
}
long Position {
get;
}
void SetLength (long value);
AuthenticatedStream AuthenticatedStream {
get;
}
int ReadTimeout {
get; set;
}
int WriteTimeout {
get; set;
}
bool CheckCertRevocationStatus {
get;
}
X509Certificate InternalLocalCertificate {
get;
}
X509Certificate LocalCertificate {
get;
}
X509Certificate RemoteCertificate {
get;
}
SSA.SslProtocols SslProtocol {
get;
}
MonoTlsProvider Provider {
get;
}
MonoTlsConnectionInfo GetConnectionInfo ();
}
}

71
mcs/class/Mono.Security/Mono.Security.Interface/IMonoTlsContext.cs Normal file
View File

@@ -0,0 +1,71 @@
//
// IMonoTlsContext.cs
//
// Author:
// Martin Baulig <martin.baulig@xamarin.com>
//
// Copyright (c) 2015 Xamarin, Inc.
//
// Permission is hereby granted, free of charge, to any person obtaining a copy
// of this software and associated documentation files (the "Software"), to deal
// in the Software without restriction, including without limitation the rights
// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
// copies of the Software, and to permit persons to whom the Software is
// furnished to do so, subject to the following conditions:
//
// The above copyright notice and this permission notice shall be included in
// all copies or substantial portions of the Software.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
// THE SOFTWARE.
using System;
using System.Security.Cryptography;
using System.Security.Cryptography.X509Certificates;
namespace Mono.Security.Interface
{
interface IMonoTlsContext : IDisposable
{
bool IsServer {
get;
}
bool IsValid {
get;
}
void Initialize (IMonoTlsEventSink eventSink);
bool HasCredentials {
get;
}
void SetCertificate (X509Certificate certificate, AsymmetricAlgorithm privateKey);
int GenerateNextToken (IBufferOffsetSize incoming, out IBufferOffsetSize outgoing);
int EncryptMessage (ref IBufferOffsetSize incoming);
int DecryptMessage (ref IBufferOffsetSize incoming);
bool ReceivedCloseNotify {
get;
}
byte[] CreateCloseNotify ();
byte[] CreateHelloRequest ();
X509Certificate GetRemoteCertificate (out X509CertificateCollection remoteCertificateStore);
bool VerifyRemoteCertificate ();
MonoTlsConnectionInfo GetConnectionInfo ();
}
}

37
mcs/class/Mono.Security/Mono.Security.Interface/IMonoTlsEventSink.cs Normal file
View File

@@ -0,0 +1,37 @@
//
// IMonoTlsEventSink.cs
//
// Author:
// Martin Baulig <martin.baulig@xamarin.com>
//
// Copyright (c) 2015 Xamarin, Inc.
//
// Permission is hereby granted, free of charge, to any person obtaining a copy
// of this software and associated documentation files (the "Software"), to deal
// in the Software without restriction, including without limitation the rights
// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
// copies of the Software, and to permit persons to whom the Software is
// furnished to do so, subject to the following conditions:
//
// The above copyright notice and this permission notice shall be included in
// all copies or substantial portions of the Software.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
// THE SOFTWARE.
using System;
namespace Mono.Security.Interface
{
public interface IMonoTlsEventSink
{
void Error (Exception exception);
void ReceivedCloseNotify ();
}
}

58
mcs/class/Mono.Security/Mono.Security.Interface/MonoTlsConnectionInfo.cs Normal file
View File

@@ -0,0 +1,58 @@
//
// MonoTlsConnectionInfo.cs
//
// Author:
// Martin Baulig <martin.baulig@xamarin.com>
//
// Copyright (c) 2015 Xamarin, Inc.
//
// Permission is hereby granted, free of charge, to any person obtaining a copy
// of this software and associated documentation files (the "Software"), to deal
// in the Software without restriction, including without limitation the rights
// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
// copies of the Software, and to permit persons to whom the Software is
// furnished to do so, subject to the following conditions:
//
// The above copyright notice and this permission notice shall be included in
// all copies or substantial portions of the Software.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
// THE SOFTWARE.
using System;
namespace Mono.Security.Interface
{
public class MonoTlsConnectionInfo
{
public CipherSuiteCode CipherSuiteCode {
get; set;
}
public TlsProtocols ProtocolVersion {
get; set;
}
public CipherAlgorithmType CipherAlgorithmType {
get; set;
}
public HashAlgorithmType HashAlgorithmType {
get; set;
}
public ExchangeAlgorithmType ExchangeAlgorithmType {
get; set;
}
public override string ToString ()
{
return string.Format ("[MonoTlsConnectionInfo: {0}:{1}]", ProtocolVersion, CipherSuiteCode);
}
}
}

174
mcs/class/Mono.Security/Mono.Security.Interface/MonoTlsProvider.cs Normal file
View File

@@ -0,0 +1,174 @@
//
// MonoTlsProvider.cs
//
// Author:
// Martin Baulig <martin.baulig@xamarin.com>
//
// Copyright (c) 2015 Xamarin, Inc.
//
// Permission is hereby granted, free of charge, to any person obtaining a copy
// of this software and associated documentation files (the "Software"), to deal
// in the Software without restriction, including without limitation the rights
// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
// copies of the Software, and to permit persons to whom the Software is
// furnished to do so, subject to the following conditions:
//
// The above copyright notice and this permission notice shall be included in
// all copies or substantial portions of the Software.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
// THE SOFTWARE.
using System;
using System.IO;
using System.Net;
using System.Net.Security;
using System.Security.Authentication;
using System.Security.Cryptography.X509Certificates;
using Mono.Security.Protocol.Tls;
namespace Mono.Security.Interface
{
/*
* Unfortunately, we can't use the public definitions from System.dll here, so we need to
* copy these.
*
* The @MonoRemoteCertificateValidationCallback also has an additional 'targetHost' argument.
*
*/
[Flags]
public enum MonoSslPolicyErrors
{
None = 0,
RemoteCertificateNotAvailable = 1,
RemoteCertificateNameMismatch = 2,
RemoteCertificateChainErrors = 4,
}
public enum MonoEncryptionPolicy
{
// Prohibit null ciphers (current system defaults)
RequireEncryption = 0,
// Add null ciphers to current system defaults
AllowNoEncryption,
// Request null ciphers only
NoEncryption
}
public delegate bool MonoRemoteCertificateValidationCallback (
string targetHost, X509Certificate certificate, X509Chain chain, MonoSslPolicyErrors sslPolicyErrors);
public delegate X509Certificate MonoLocalCertificateSelectionCallback (
string targetHost, X509CertificateCollection localCertificates, X509Certificate remoteCertificate,
string[] acceptableIssuers);
public abstract class MonoTlsProvider
{
internal MonoTlsProvider ()
{
}
public abstract Guid ID {
get;
}
public abstract string Name {
get;
}
#region SslStream
/*
* This section abstracts the @SslStream class.
*
*/
public abstract bool SupportsSslStream {
get;
}
/*
* Does this provider support IMonoSslStream.GetConnectionInfo() ?
*/
public abstract bool SupportsConnectionInfo {
get;
}
/*
* Whether or not this TLS Provider supports Mono-specific extensions
* (via @MonoTlsSettings).
*/
public abstract bool SupportsMonoExtensions {
get;
}
public abstract SslProtocols SupportedProtocols {
get;
}
/*
* Obtain a @IMonoSslStream instance.
*
*/
public abstract IMonoSslStream CreateSslStream (
Stream innerStream, bool leaveInnerStreamOpen,
MonoTlsSettings settings = null);
#endregion
#region Certificate Validation
/*
* Allows a TLS provider to provide a custom system certificiate validator.
*/
public virtual bool HasCustomSystemCertificateValidator {
get { return false; }
}
/*
* If @serverMode is true, then we're a server and want to validate a certificate
* that we received from a client.
*
* On OS X and Mobile, the @chain will be initialized with the @certificates, but not actually built.
*
* Returns `true` if certificate validation has been performed and `false` to invoke the
* default system validator.
*/
public virtual bool InvokeSystemCertificateValidator (
ICertificateValidator validator, string targetHost, bool serverMode,
X509CertificateCollection certificates, X509Chain chain, out bool success,
ref MonoSslPolicyErrors errors, ref int status11)
{
success = false;
return false;
}
#endregion
#region Manged SSPI
/*
* The managed SSPI implementation from the new TLS code.
*/
internal abstract bool SupportsTlsContext {
get;
}
internal abstract IMonoTlsContext CreateTlsContext (
string hostname, bool serverMode, TlsProtocols protocolFlags,
X509Certificate serverCertificate, X509CertificateCollection clientCertificates,
bool remoteCertRequired, MonoEncryptionPolicy encryptionPolicy,
MonoTlsSettings settings);
#endregion
}
}

113
mcs/class/Mono.Security/Mono.Security.Interface/MonoTlsProviderFactory.cs Normal file
View File

@@ -0,0 +1,113 @@
//
// MonoTlsProviderFactory.cs
//
// Author:
// Martin Baulig <martin.baulig@xamarin.com>
//
// Copyright (c) 2015 Xamarin, Inc.
//
// Permission is hereby granted, free of charge, to any person obtaining a copy
// of this software and associated documentation files (the "Software"), to deal
// in the Software without restriction, including without limitation the rights
// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
// copies of the Software, and to permit persons to whom the Software is
// furnished to do so, subject to the following conditions:
//
// The above copyright notice and this permission notice shall be included in
// all copies or substantial portions of the Software.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
// THE SOFTWARE.
using System;
using System.Net;
using System.Net.Security;
using System.Security.Cryptography.X509Certificates;
using Mono.Net.Security;
namespace Mono.Security.Interface
{
/*
* Public API front-end to System.dll's version.
*
* Keep in sync with System/Mono.Net.Security/MonoTlsProviderFactory.cs.
*/
public static partial class MonoTlsProviderFactory
{
/*
* Returns the currently installed @MonoTlsProvider, falling back to the default one.
*
* This method throws @NotSupportedException if no TLS Provider can be found.
*/
public static MonoTlsProvider GetProvider ()
{
return (MonoTlsProvider)NoReflectionHelper.GetProvider ();
}
/*
* Returns the default @MonoTlsProvider.
*
* This method throws @NotSupportedException if no TLS Provider can be found.
*/
public static MonoTlsProvider GetDefaultProvider ()
{
return (MonoTlsProvider)NoReflectionHelper.GetDefaultProvider ();
}
/*
* GetProvider() attempts to load and install the default provider and throws on error.
*
* This property checks whether a provider has previously been installed by a call
* to either GetProvider() or InstallProvider().
*
*/
public static bool HasProvider {
get {
return NoReflectionHelper.HasProvider;
}
}
/*
* Selects the default TLS Provider.
*
* May only be called at application startup and will throw
* @InvalidOperationException if a provider has already been installed.
*/
public static void SetDefaultProvider (string name)
{
NoReflectionHelper.SetDefaultProvider (name);
}
public static MonoTlsProvider GetProvider (string name)
{
return (MonoTlsProvider)NoReflectionHelper.GetProvider (name);
}
/*
* Create @HttpWebRequest with the specified @provider (may be null to use the default one).
*
* NOTE: This needs to be written as "System.Uri" to avoid ambiguity with Mono.Security.Uri in the
* mobile build.
*
*/
public static HttpWebRequest CreateHttpsRequest (System.Uri requestUri, MonoTlsProvider provider, MonoTlsSettings settings = null)
{
return NoReflectionHelper.CreateHttpsRequest (requestUri, provider, settings);
}
public static HttpListener CreateHttpListener (X509Certificate certificate, MonoTlsProvider provider = null, MonoTlsSettings settings = null)
{
return (HttpListener)NoReflectionHelper.CreateHttpListener (certificate, provider, settings);
}
public static IMonoSslStream GetMonoSslStream (SslStream stream)
{
return (IMonoSslStream)NoReflectionHelper.GetMonoSslStream (stream);
}
}
}

170
mcs/class/Mono.Security/Mono.Security.Interface/MonoTlsSettings.cs Normal file
View File

@@ -0,0 +1,170 @@
//
// MonoTlsSettings.cs
//
// Author:
// Martin Baulig <martin.baulig@xamarin.com>
//
// Copyright (c) 2015 Xamarin, Inc.
//
// Permission is hereby granted, free of charge, to any person obtaining a copy
// of this software and associated documentation files (the "Software"), to deal
// in the Software without restriction, including without limitation the rights
// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
// copies of the Software, and to permit persons to whom the Software is
// furnished to do so, subject to the following conditions:
//
// The above copyright notice and this permission notice shall be included in
// all copies or substantial portions of the Software.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
// THE SOFTWARE.
using System;
using System.Threading;
using System.Security.Cryptography.X509Certificates;
namespace Mono.Security.Interface
{
public sealed class MonoTlsSettings
{
public MonoRemoteCertificateValidationCallback RemoteCertificateValidationCallback {
get; set;
}
public MonoLocalCertificateSelectionCallback ClientCertificateSelectionCallback {
get; set;
}
public bool CheckCertificateName {
get { return checkCertName; }
set { checkCertName = value; }
}
public bool CheckCertificateRevocationStatus {
get { return checkCertRevocationStatus; }
set { checkCertRevocationStatus = value; }
}
public bool UseServicePointManagerCallback {
get { return useServicePointManagerCallback; }
set { useServicePointManagerCallback = value; }
}
public bool SkipSystemValidators {
get { return skipSystemValidators; }
set { skipSystemValidators = value; }
}
public bool CallbackNeedsCertificateChain {
get { return callbackNeedsChain; }
set { callbackNeedsChain = value; }
}
/*
* This is only supported if CertificateValidationHelper.SupportsTrustAnchors is true.
*/
public X509CertificateCollection TrustAnchors {
get; set;
}
public object UserSettings {
get; set;
}
/*
* If you set this here, then it will override 'ServicePointManager.SecurityProtocol'.
*/
public TlsProtocols? EnabledProtocols {
get; set;
}
public CipherSuiteCode[] EnabledCiphers {
get; set;
}
bool cloned = false;
bool checkCertName = true;
bool checkCertRevocationStatus = false;
bool useServicePointManagerCallback = true;
bool skipSystemValidators = false;
bool callbackNeedsChain = true;
ICertificateValidator certificateValidator;
public MonoTlsSettings ()
{
}
static MonoTlsSettings defaultSettings;
public static MonoTlsSettings DefaultSettings {
get {
if (defaultSettings == null)
Interlocked.CompareExchange (ref defaultSettings, new MonoTlsSettings (), null);
return defaultSettings;
}
set {
defaultSettings = value ?? new MonoTlsSettings ();
}
}
public static MonoTlsSettings CopyDefaultSettings ()
{
return DefaultSettings.Clone ();
}
#region Private APIs
/*
* Private APIs - do not use!
*
* This is only public to avoid making our internals visible to System.dll.
*
*/
[Obsolete ("Do not use outside System.dll!")]
public ICertificateValidator CertificateValidator {
get { return certificateValidator; }
}
[Obsolete ("Do not use outside System.dll!")]
public MonoTlsSettings CloneWithValidator (ICertificateValidator validator)
{
if (cloned) {
this.certificateValidator = validator;
return this;
}
var copy = new MonoTlsSettings (this);
copy.certificateValidator = validator;
return copy;
}
public MonoTlsSettings Clone ()
{
return new MonoTlsSettings (this);
}
MonoTlsSettings (MonoTlsSettings other)
{
RemoteCertificateValidationCallback = other.RemoteCertificateValidationCallback;
ClientCertificateSelectionCallback = other.ClientCertificateSelectionCallback;
checkCertName = other.checkCertName;
checkCertRevocationStatus = other.checkCertRevocationStatus;
UseServicePointManagerCallback = other.useServicePointManagerCallback;
skipSystemValidators = other.skipSystemValidators;
callbackNeedsChain = other.callbackNeedsChain;
UserSettings = other.UserSettings;
EnabledProtocols = other.EnabledProtocols;
EnabledCiphers = other.EnabledCiphers;
TrustAnchors = other.TrustAnchors;
cloned = true;
}
#endregion
}
}

1
mcs/class/Mono.Security/Mono.Security.Interface/README.md Normal file
View File

@@ -0,0 +1 @@
See mcs/class/Mono.Security.Providers.NewSystemSource/README.md for a detailed README.

67
mcs/class/Mono.Security/Mono.Security.Interface/SecretParameters.cs Normal file
View File

@@ -0,0 +1,67 @@
//
// SecretParameters.cs
//
// Author:
// Martin Baulig <martin.baulig@xamarin.com>
//
// Copyright (c) 2014-2016 Xamarin Inc. (http://www.xamarin.com)
//
// Permission is hereby granted, free of charge, to any person obtaining a copy
// of this software and associated documentation files (the "Software"), to deal
// in the Software without restriction, including without limitation the rights
// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
// copies of the Software, and to permit persons to whom the Software is
// furnished to do so, subject to the following conditions:
//
// The above copyright notice and this permission notice shall be included in
// all copies or substantial portions of the Software.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
// THE SOFTWARE.
using System;
namespace Mono.Security.Interface
{
public abstract class SecretParameters : IDisposable
{
protected abstract void Clear ();
bool disposed;
protected void CheckDisposed ()
{
if (disposed)
throw new ObjectDisposedException (GetType ().Name);
}
protected static void Clear (byte[] array)
{
Array.Clear (array, 0, array.Length);
}
public void Dispose ()
{
Dispose (true);
GC.SuppressFinalize (this);
}
void Dispose (bool disposing)
{
if (!disposed) {
disposed = true;
Clear ();
}
}
~SecretParameters ()
{
Dispose (false);
}
}
}

86
mcs/class/Mono.Security/Mono.Security.Interface/SecureBuffer.cs Normal file
View File

@@ -0,0 +1,86 @@
//
// SecureBuffer.cs
//
// Author:
// Martin Baulig <martin.baulig@xamarin.com>
//
// Copyright (c) 2014-2016 Xamarin Inc. (http://www.xamarin.com)
//
// Permission is hereby granted, free of charge, to any person obtaining a copy
// of this software and associated documentation files (the "Software"), to deal
// in the Software without restriction, including without limitation the rights
// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
// copies of the Software, and to permit persons to whom the Software is
// furnished to do so, subject to the following conditions:
//
// The above copyright notice and this permission notice shall be included in
// all copies or substantial portions of the Software.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
// THE SOFTWARE.
using System;
namespace Mono.Security.Interface
{
public class SecureBuffer : SecretParameters, IBufferOffsetSize
{
byte[] buffer;
public byte[] Buffer {
get {
CheckDisposed ();
return buffer;
}
}
public int Size {
get {
CheckDisposed ();
return buffer != null ? buffer.Length : 0;
}
}
int IBufferOffsetSize.Offset {
get { return 0; }
}
public SecureBuffer (int size)
{
buffer = new byte [size];
}
public SecureBuffer (byte[] buffer)
{
this.buffer = buffer;
}
public byte[] StealBuffer ()
{
CheckDisposed ();
var retval = this.buffer;
this.buffer = null;
return retval;
}
public static SecureBuffer CreateCopy (byte[] buffer)
{
var copy = new byte [buffer.Length];
Array.Copy (buffer, copy, buffer.Length);
return new SecureBuffer (copy);
}
protected override void Clear ()
{
if (buffer != null) {
Array.Clear (buffer, 0, buffer.Length);
buffer = null;
}
}
}
}

334
mcs/class/Mono.Security/Mono.Security.Interface/TlsBuffer.cs Normal file
View File

@@ -0,0 +1,334 @@
//
// TlsBuffer.cs
//
// Author:
// Martin Baulig <martin.baulig@xamarin.com>
//
// Copyright (c) 2014-2016 Xamarin Inc. (http://www.xamarin.com)
//
// Permission is hereby granted, free of charge, to any person obtaining a copy
// of this software and associated documentation files (the "Software"), to deal
// in the Software without restriction, including without limitation the rights
// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
// copies of the Software, and to permit persons to whom the Software is
// furnished to do so, subject to the following conditions:
//
// The above copyright notice and this permission notice shall be included in
// all copies or substantial portions of the Software.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
// THE SOFTWARE.
using System;
namespace Mono.Security.Interface
{
public class TlsBuffer : SecretParameters
{
public int Position {
get; set;
}
public int Remaining {
get { return Size - (Position - Offset); }
}
public byte[] Buffer {
get { return innerBuffer.Buffer; }
}
public int Offset {
get { return innerBuffer.Offset; }
}
public int Size {
get { return innerBuffer.Size; }
}
public int EndOffset {
get { return Offset + Size; }
}
IBufferOffsetSize innerBuffer;
protected TlsBuffer ()
: this (null, 0, 0)
{
}
public TlsBuffer (IBufferOffsetSize bos)
{
innerBuffer = bos;
Position = bos.Offset;
}
public TlsBuffer (byte[] buffer, int offset, int size)
: this (new BufferOffsetSize (buffer, offset, size))
{
}
public TlsBuffer (byte[] buffer)
: this (buffer, 0, buffer.Length)
{
}
public TlsBuffer (int size)
: this (new byte [size], 0, size)
{
}
public byte ReadByte ()
{
if (Position >= EndOffset)
throw new TlsException (AlertDescription.DecodeError, "Buffer overflow");
return Buffer [Position++];
}
public short ReadInt16 ()
{
if (Position + 1 >= EndOffset)
throw new TlsException (AlertDescription.DecodeError, "Buffer overflow");
var retval = (short)(Buffer [Position] << 8 | Buffer [Position + 1]);
Position += 2;
return retval;
}
public int ReadInt24 ()
{
if (Position + 2 >= EndOffset)
throw new TlsException (AlertDescription.DecodeError, "Buffer overflow");
var retval = ((Buffer [Position] << 16) | (Buffer [Position+1] << 8) | Buffer [Position+2]);
Position += 3;
return retval;
}
public int ReadInt32 ()
{
if (Position + 3 >= EndOffset)
throw new TlsException (AlertDescription.DecodeError, "Buffer overflow");
var retval = ((Buffer [Position] << 24) | (Buffer [Position+1] << 16) | (Buffer [Position+2] << 8) | Buffer [Position+3]);
Position += 4;
return retval;
}
public TlsBuffer ReadBuffer (int length)
{
if (Position + length > EndOffset)
throw new TlsException (AlertDescription.DecodeError, "Buffer overflow");
var retval = new TlsBuffer (Buffer, Position, length);
Position += length;
return retval;
}
public IBufferOffsetSize GetRemaining ()
{
return new BufferOffsetSize (Buffer, Position, Remaining);
}
protected virtual void MakeRoomInternal (int size)
{
if (Position + size > EndOffset)
throw new TlsException (AlertDescription.DecodeError, "Buffer overflow");
}
public void Write (byte value)
{
MakeRoomInternal (1);
Buffer [Position++] = value;
}
public void Write (short value)
{
MakeRoomInternal (2);
WriteInt16 (Buffer, Position, value);
Position += 2;
}
public static void WriteInt16 (byte[] buffer, int offset, short value)
{
buffer[offset] = ((byte)(value >> 8));
buffer[offset+1] = ((byte)value);
}
public void Write (int value)
{
MakeRoomInternal (4);
WriteInt32 (Buffer, Position, value);
Position += 4;
}
public void WriteInt24 (int value)
{
MakeRoomInternal (3);
WriteInt24 (Buffer, Position, value);
Position += 3;
}
#pragma warning disable 3001
public void Write (ulong value)
#pragma warning restore 3001
{
MakeRoomInternal (8);
WriteInt64 (Buffer, Position, value);
Position += 8;
}
public static void WriteInt24 (byte[] buffer, int offset, int value)
{
buffer[offset] = ((byte)(value >> 16));
buffer[offset+1] = ((byte)(value >> 8));
buffer[offset+2] = ((byte)value);
}
public static void WriteInt32 (byte[] buffer, int offset, int value)
{
buffer[offset] = ((byte)(value >> 24));
buffer[offset+1] = ((byte)(value >> 16));
buffer[offset+2] = ((byte)(value >> 8));
buffer[offset+3] = ((byte)value);
}
#pragma warning disable 3001
public static void WriteInt64 (byte[] buffer, int offset, ulong value)
#pragma warning restore 3001
{
buffer[offset] = (byte) (value >> 56);
buffer[offset+1] = (byte) (value >> 48);
buffer[offset+2] = (byte) (value >> 40);
buffer[offset+3] = (byte) (value >> 32);
buffer[offset+4] = (byte) (value >> 24);
buffer[offset+5] = (byte) (value >> 16);
buffer[offset+6] = (byte) (value >> 8);
buffer[offset+7] = (byte) value;
}
public void Write (byte[] buffer)
{
Write (buffer, 0, buffer.Length);
}
public void Write (byte[] buffer, int offset, int size)
{
MakeRoomInternal (size);
Array.Copy (buffer, offset, Buffer, Position, size);
Position += size;
}
public void Write (IBufferOffsetSize buffer)
{
Write (buffer.Buffer, buffer.Offset, buffer.Size);
}
public SecureBuffer ReadSecureBuffer (int count)
{
return new SecureBuffer (ReadBytes (count));
}
public byte[] ReadBytes (int count)
{
if (Position + count > EndOffset)
throw new TlsException (AlertDescription.DecodeError, "Buffer overflow");
var retval = new byte [count];
Array.Copy (Buffer, Position, retval, 0, count);
Position += count;
return retval;
}
internal static bool Compare (SecureBuffer buffer1, SecureBuffer buffer2)
{
if (buffer1 == null || buffer2 == null)
return false;
if (buffer1.Size != buffer2.Size)
return false;
for (int i = 0; i < buffer1.Size; i++) {
if (buffer1.Buffer [i] != buffer2.Buffer [i])
return false;
}
return true;
}
public static bool Compare (IBufferOffsetSize buffer1, IBufferOffsetSize buffer2)
{
if (buffer1 == null || buffer2 == null)
return false;
if (buffer1.Size != buffer2.Size)
return false;
for (int i = 0; i < buffer1.Size; i++) {
if (buffer1.Buffer [buffer1.Offset + i] != buffer2.Buffer [buffer2.Offset + i])
return false;
}
return true;
}
public static bool Compare (byte[] buffer1, byte[] buffer2)
{
if (buffer1 == null || buffer2 == null)
return false;
return Compare (buffer1, 0, buffer1.Length, buffer2, 0, buffer2.Length);
}
public static bool Compare (byte[] buffer1, int offset1, int size1, byte[] buffer2, int offset2, int size2)
{
if (buffer1 == null || buffer2 == null)
return false;
if (size1 != size2)
return false;
for (int i = 0; i < size1; i++) {
if (buffer1 [offset1 + i] != buffer2 [offset2 + i])
return false;
}
return true;
}
public static int ConstantTimeCompare (byte[] buffer1, int offset1, int size1, byte[] buffer2, int offset2, int size2)
{
int status = 0;
int effectiveSize;
if (size1 < size2) {
status--;
effectiveSize = size1;
} else if (size2 < size1) {
status--;
effectiveSize = size2;
} else {
effectiveSize = size1;
}
for (int i = 0; i < effectiveSize; i++) {
if (buffer1 [offset1 + i] != buffer2 [offset2 + i])
status--;
}
return status;
}
protected void SetBuffer (byte[] buffer, int offset, int size)
{
innerBuffer = new BufferOffsetSize (buffer, offset, size);
}
protected override void Clear ()
{
var disposable = innerBuffer as IDisposable;
if (disposable != null)
disposable.Dispose ();
innerBuffer = null;
Position = 0;
}
public static readonly byte[] EmptyArray = new byte [0];
}
}

84
mcs/class/Mono.Security/Mono.Security.Interface/TlsException.cs Normal file
View File

@@ -0,0 +1,84 @@
//
// TlsException.cs
//
// Author:
// Martin Baulig <martin.baulig@xamarin.com>
//
// Copyright (c) 2015 Xamarin, Inc.
//
// Permission is hereby granted, free of charge, to any person obtaining a copy
// of this software and associated documentation files (the "Software"), to deal
// in the Software without restriction, including without limitation the rights
// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
// copies of the Software, and to permit persons to whom the Software is
// furnished to do so, subject to the following conditions:
//
// The above copyright notice and this permission notice shall be included in
// all copies or substantial portions of the Software.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
// THE SOFTWARE.
using System;
using System.Text;
using System.Runtime.Serialization;
namespace Mono.Security.Interface
{
public sealed class TlsException : Exception
{
#region Fields
private Alert alert;
#endregion
#region Properties
public Alert Alert {
get { return this.alert; }
}
#endregion
#region Constructors
public TlsException (Alert alert)
: this (alert, alert.Description.ToString())
{
}
public TlsException (Alert alert, string message)
: base (message)
{
this.alert = alert;
}
public TlsException (AlertLevel level, AlertDescription description)
: this (new Alert (level, description))
{
}
public TlsException (AlertDescription description)
: this (new Alert (description))
{
}
public TlsException (AlertDescription description, string message)
: this (new Alert (description), message)
{
}
public TlsException (AlertDescription description, string format, params object[] args)
: this (new Alert (description), string.Format (format, args))
{
}
#endregion
}
}

Some files were not shown because too many files have changed in this diff Show More