internal override bool RaiseServerCertificateValidation(X509CertificateMono certificate, int[] certificateErrors)
        {
            bool failed = (certificateErrors.Length > 0);

            // only one problem can be reported by this interface
            _status = ((failed) ? certificateErrors [0] : 0);

#pragma warning disable 618
            if (ServicePointManager.CertificatePolicy != null)
            {
                ServicePoint sp  = _request.ServicePoint;
                bool         res = true;// ServicePointManager.CertificatePolicy.CheckValidationResult (sp, certificate, _request, _status);
                if (!res)
                {
                    return(false);
                }
                failed = true;
            }
#pragma warning restore 618
            if (HaveRemoteValidation2Callback)
            {
                return(failed);                // The validation already tried the 2.0 callback
            }
            SNS.RemoteCertificateValidationCallback cb = ServicePointManager.ServerCertificateValidationCallback;
            if (cb != null)
            {
                SNS.SslPolicyErrors ssl_errors = 0;
                foreach (int i in certificateErrors)
                {
                    if (i == (int)-2146762490)                     // TODO: is this what happens when the purpose is wrong?
                    {
                        ssl_errors |= SNS.SslPolicyErrors.RemoteCertificateNotAvailable;
                    }
                    else if (i == (int)-2146762481)
                    {
                        ssl_errors |= SNS.SslPolicyErrors.RemoteCertificateNameMismatch;
                    }
                    else
                    {
                        ssl_errors |= SNS.SslPolicyErrors.RemoteCertificateChainErrors;
                    }
                }
                SNCX.X509Certificate2 cert2 = new SNCX.X509Certificate2(certificate.GetRawCertData());
                SNCX.X509Chain        chain = new SNCX.X509Chain();
                if (!chain.Build(cert2))
                {
                    ssl_errors |= SNS.SslPolicyErrors.RemoteCertificateChainErrors;
                }
                return(cb(_request, cert2, chain, ssl_errors));
            }
            return(failed);
        }
Beispiel #2
0
        private void SendCertificates()
        {
            TlsStream chain = new TlsStream();

            X509CertificateMono currentCert = this.ClientCertificate;

            while (currentCert != null)
            {
                byte[] rawCert = currentCert.GetRawCertData();
                chain.WriteInt24(rawCert.Length);
                chain.Write(rawCert);
                currentCert = FindParentCertificate(currentCert);
            }
            this.WriteInt24((int)chain.Length);
            this.Write(chain.ToArray());
        }