public SslStream CreateSslStream(TestContext ctx, Stream stream, ConnectionParameters parameters, bool server)
{
var settings = new MSI.MonoTlsSettings();
if (parameters is MonoConnectionParameters monoParams)
{
if (monoParams.ClientCiphers != null)
{
settings.EnabledCiphers = monoParams.ClientCiphers.ToArray();
}
if (!server && monoParams.ClientCertificateIssuers != null)
{
if (clientCertIssuersProp == null)
{
ctx.AssertFail("MonoTlsSettings.ClientCertificateIssuers is not supported!");
}
clientCertIssuersProp.SetValue(settings, monoParams.ClientCertificateIssuers);
}
}
if (server)
{
CallbackHelpers.AddCertificateValidator(settings, parameters.ServerCertificateValidator);
}
else
{
CallbackHelpers.AddCertificateValidator(settings, parameters.ClientCertificateValidator);
CallbackHelpers.AddCertificateSelector(settings, parameters.ClientCertificateSelector);
}
return(tlsProvider.CreateSslStream(stream, false, settings).SslStream);
}
public async Task <MonoSslStream> CreateClientStreamAsync(Stream stream, string targetHost, ConnectionParameters parameters, MSI.MonoTlsSettings settings, CancellationToken cancellationToken)
{
var protocol = GetProtocol(parameters, false);
CallbackHelpers.AddCertificateValidator(settings, parameters.ClientCertificateValidator);
CallbackHelpers.AddCertificateSelector(settings, parameters.ClientCertificateSelector);
var clientCertificates = CallbackHelpers.GetClientCertificates(parameters);
var sslStream = tlsProvider.CreateSslStream(stream, false, settings);
var monoSslStream = new MonoSslStream(sslStream);
await sslStream.AuthenticateAsClientAsync(targetHost, clientCertificates, protocol, false).ConfigureAwait(false);
return(monoSslStream);
}
public async Task <MonoSslStream> CreateServerStreamAsync(Stream stream, ConnectionParameters parameters, MSI.MonoTlsSettings settings, CancellationToken cancellationToken)
{
var certificate = parameters.ServerCertificate;
var protocol = GetProtocol(parameters, true);
CallbackHelpers.AddCertificateValidator(settings, parameters.ServerCertificateValidator);
var askForCert = parameters.AskForClientCertificate || parameters.RequireClientCertificate;
var sslStream = tlsProvider.CreateSslStream(stream, false, settings);
var monoSslStream = new MonoSslStream(sslStream);
await sslStream.AuthenticateAsServerAsync(certificate, askForCert, protocol, false).ConfigureAwait(false);
return(monoSslStream);
}
public MonoSslStream CreateServerStream(Stream stream, ConnectionParameters parameters)
{
var settings = new MSI.MonoTlsSettings();
var certificate = parameters.ServerCertificate;
var protocol = GetProtocol(parameters, true);
CallbackHelpers.AddCertificateValidator(settings, parameters.ServerCertificateValidator);
var askForCert = parameters.AskForClientCertificate || parameters.RequireClientCertificate;
var sslStream = tlsProvider.CreateSslStream(stream, false, settings);
sslStream.AuthenticateAsServer(certificate, askForCert, protocol, false);
return(new MonoSslStream(sslStream));
}
public SslStream CreateSslStream(TestContext ctx, Stream stream, ConnectionParameters parameters, bool server)
{
var settings = GetSettings(parameters, true);
if (parameters is MonoConnectionParameters monoParams)
{
if (monoParams.ClientCiphers != null)
{
settings.EnabledCiphers = monoParams.ClientCiphers.ToArray();
}
if (!server && monoParams.ClientCertificateIssuers != null)
{
var setup = DependencyInjector.Get <IMonoConnectionFrameworkSetup> ();
if (!setup.SupportsClientCertificateIssuers)
{
ctx.AssertFail("MonoTlsSettings.ClientCertificateIssuers is not supported!");
}
setup.SetClientCertificateIssuers(settings, monoParams.ClientCertificateIssuers);
}
}
if (server)
{
CallbackHelpers.AddCertificateValidator(settings, parameters.ServerCertificateValidator);
}
else
{
CallbackHelpers.AddCertificateValidator(settings, parameters.ClientCertificateValidator);
CallbackHelpers.AddCertificateSelector(settings, parameters.ClientCertificateSelector);
}
var monoSslStream = tlsProvider.CreateSslStream(stream, false, settings);
return(monoSslStream.SslStream);
}
public X509CertificateCollection GetClientCertificates(ConnectionParameters parameters)
{
return(CallbackHelpers.GetClientCertificates(parameters));
}
