//
// Used only by client SSL code, never returns null.
//
internal static string[] GetRequestCertificateAuthorities(SafeDeleteContext securityContext)
{
using (SafeSharedX509NameStackHandle names = Interop.Ssl.SslGetClientCAList(securityContext.SslContext))
{
if (names.IsInvalid)
{
return(Array.Empty <string>());
}
int nameCount = Interop.Crypto.GetX509NameStackFieldCount(names);
if (nameCount == 0)
{
return(Array.Empty <string>());
}
string[] clientAuthorityNames = new string[nameCount];
for (int i = 0; i < nameCount; i++)
{
using (SafeSharedX509NameHandle nameHandle = Interop.Crypto.GetX509NameStackField(names, i))
{
X500DistinguishedName dn = Interop.Crypto.LoadX500Name(nameHandle);
clientAuthorityNames[i] = dn.Name;
}
}
return(clientAuthorityNames);
}
}
private static ISet <string> GetRequestCertificateAuthorities(SafeSslHandle sslHandle)
{
HashSet <string> clientAuthorityNames = new HashSet <string>();
using (SafeSharedX509NameStackHandle names = Interop.Ssl.SslGetClientCAList(sslHandle))
{
if (names.IsInvalid)
{
return(clientAuthorityNames);
}
int nameCount = Interop.Crypto.GetX509NameStackFieldCount(names);
if (nameCount == 0)
{
return(clientAuthorityNames);
}
for (int i = 0; i < nameCount; i++)
{
using (SafeSharedX509NameHandle nameHandle = Interop.Crypto.GetX509NameStackField(names, i))
{
X500DistinguishedName dn = Interop.Crypto.LoadX500Name(nameHandle);
clientAuthorityNames.Add(dn.Name);
}
}
return(clientAuthorityNames);
}
}
internal static SafeSharedX509NameHandle GetX509NameStackField(SafeSharedX509NameStackHandle sk, int loc)
{
CheckValidOpenSslHandle(sk);
return(SafeInteriorHandle.OpenInteriorHandle(
(handle, i) => GetX509NameStackField_private(handle, i),
sk,
loc));
}
internal static SafeSharedX509NameHandle GetX509NameStackField(SafeSharedX509NameStackHandle sk, int loc)
{
CheckValidOpenSslHandle(sk);
SafeSharedX509NameHandle handle = GetX509NameStackField_private(sk, loc);
if (!handle.IsInvalid)
{
handle.SetParent(sk);
}
return(handle);
}
internal static SafeSharedX509NameStackHandle SslGetClientCAList(SafeSslHandle ssl)
{
Crypto.CheckValidOpenSslHandle(ssl);
SafeSharedX509NameStackHandle handle = SslGetClientCAList_private(ssl);
if (!handle.IsInvalid)
{
handle.SetParent(ssl);
}
return(handle);
}
internal static SafeSharedX509NameStackHandle SSL_get_client_CA_list(SafeSslHandle ssl)
{
Interop.Crypto.CheckValidOpenSslHandle(ssl);
SafeSharedX509NameStackHandle handle = SSL_get_client_CA_list_private(ssl);
if (!handle.IsInvalid)
{
handle.SetParent(ssl);
}
return(handle);
}
private static ISet <string> GetRequestCertificateAuthorities(SafeSslHandle sslHandle)
{
using (SafeSharedX509NameStackHandle names = Interop.Ssl.SslGetClientCAList(sslHandle))
{
// TODO: When https://github.com/dotnet/corefx/pull/2862 is available for use,
// size this appropriately based on nameCount.
var clientAuthorityNames = new HashSet <string>();
if (!names.IsInvalid)
{
int nameCount = Interop.Crypto.GetX509NameStackFieldCount(names);
for (int i = 0; i < nameCount; i++)
{
using (SafeSharedX509NameHandle nameHandle = Interop.Crypto.GetX509NameStackField(names, i))
{
X500DistinguishedName dn = Interop.Crypto.LoadX500Name(nameHandle);
clientAuthorityNames.Add(dn.Name);
}
}
}
return(clientAuthorityNames);
}
}
private static extern SafeSharedX509NameHandle GetX509NameStackField_private(SafeSharedX509NameStackHandle sk,
int loc);
internal static extern int GetX509NameStackFieldCount(SafeSharedX509NameStackHandle sk);
private static partial SafeSharedX509NameHandle GetX509NameStackField_private(SafeSharedX509NameStackHandle sk,
int loc);
