private static void InitializeSslContext(
SafeSslHandle handle,
Interop.AndroidCrypto.SSLReadCallback readCallback,
Interop.AndroidCrypto.SSLWriteCallback writeCallback,
SafeFreeSslCredentials credential,
SslAuthenticationOptions authOptions)
{
bool isServer = authOptions.IsServer;
if (authOptions.ApplicationProtocols != null ||
authOptions.CipherSuitesPolicy != null ||
credential.Protocols != SslProtocols.None ||
(isServer && authOptions.RemoteCertRequired))
{
// TODO: [AndroidCrypto] Handle non-system-default options
throw new NotImplementedException(nameof(SafeDeleteSslContext));
}
Interop.AndroidCrypto.SSLStreamInitialize(handle, isServer, readCallback, writeCallback, InitialBufferSize);
if (!isServer && !string.IsNullOrEmpty(authOptions.TargetHost))
{
Interop.AndroidCrypto.SSLStreamConfigureParameters(handle, authOptions.TargetHost);
}
}
private static void InitializeSslContext(
SafeSslHandle handle,
Interop.AndroidCrypto.SSLReadCallback readCallback,
Interop.AndroidCrypto.SSLWriteCallback writeCallback,
SafeFreeSslCredentials credential,
SslAuthenticationOptions authOptions)
{
switch (credential.Policy)
{
case EncryptionPolicy.RequireEncryption:
#pragma warning disable SYSLIB0040 // NoEncryption and AllowNoEncryption are obsolete
case EncryptionPolicy.AllowNoEncryption:
break;
#pragma warning restore SYSLIB0040
default:
throw new PlatformNotSupportedException(SR.Format(SR.net_encryptionpolicy_notsupported, credential.Policy));
}
bool isServer = authOptions.IsServer;
if (authOptions.CipherSuitesPolicy != null)
{
// TODO: [AndroidCrypto] Handle non-system-default options
throw new NotImplementedException(nameof(SafeDeleteSslContext));
}
Interop.AndroidCrypto.SSLStreamInitialize(handle, isServer, readCallback, writeCallback, InitialBufferSize);
if (credential.Protocols != SslProtocols.None)
{
SslProtocols protocolsToEnable = credential.Protocols & s_supportedSslProtocols.Value;
if (protocolsToEnable == 0)
{
throw new PlatformNotSupportedException(SR.Format(SR.net_security_sslprotocol_notsupported, credential.Protocols));
}
(int minIndex, int maxIndex) = protocolsToEnable.ValidateContiguous(s_orderedSslProtocols);
Interop.AndroidCrypto.SSLStreamSetEnabledProtocols(handle, s_orderedSslProtocols.AsSpan(minIndex, maxIndex - minIndex + 1));
}
if (authOptions.ApplicationProtocols != null && authOptions.ApplicationProtocols.Count != 0 &&
Interop.AndroidCrypto.SSLSupportsApplicationProtocolsConfiguration())
{
// Set application protocols if the platform supports it. Otherwise, we will silently ignore the option.
Interop.AndroidCrypto.SSLStreamSetApplicationProtocols(handle, authOptions.ApplicationProtocols);
}
if (isServer && authOptions.RemoteCertRequired)
{
Interop.AndroidCrypto.SSLStreamRequestClientAuthentication(handle);
}
if (!isServer && !string.IsNullOrEmpty(authOptions.TargetHost))
{
Interop.AndroidCrypto.SSLStreamSetTargetHost(handle, authOptions.TargetHost);
}
}
private static void InitializeSslContext(
SafeSslHandle handle,
Interop.AndroidCrypto.SSLReadCallback readCallback,
Interop.AndroidCrypto.SSLWriteCallback writeCallback,
SafeFreeSslCredentials credential,
SslAuthenticationOptions authOptions)
{
switch (credential.Policy)
{
case EncryptionPolicy.RequireEncryption:
case EncryptionPolicy.AllowNoEncryption:
break;
default:
throw new PlatformNotSupportedException(SR.Format(SR.net_encryptionpolicy_notsupported, credential.Policy));
}
bool isServer = authOptions.IsServer;
if (authOptions.ApplicationProtocols != null ||
authOptions.CipherSuitesPolicy != null ||
(isServer && authOptions.RemoteCertRequired))
{
// TODO: [AndroidCrypto] Handle non-system-default options
throw new NotImplementedException(nameof(SafeDeleteSslContext));
}
Interop.AndroidCrypto.SSLStreamInitialize(handle, isServer, readCallback, writeCallback, InitialBufferSize);
if (credential.Protocols != SslProtocols.None)
{
;
SslProtocols protocolsToEnable = credential.Protocols & s_supportedSslProtocols.Value;
if (protocolsToEnable == 0)
{
throw new PlatformNotSupportedException(SR.Format(SR.net_security_sslprotocol_notsupported, credential.Protocols));
}
(int minIndex, int maxIndex) = protocolsToEnable.ValidateContiguous(s_orderedSslProtocols);
Interop.AndroidCrypto.SSLStreamSetEnabledProtocols(handle, s_orderedSslProtocols.AsSpan(minIndex, maxIndex - minIndex + 1));
}
if (!isServer && !string.IsNullOrEmpty(authOptions.TargetHost))
{
Interop.AndroidCrypto.SSLStreamConfigureParameters(handle, authOptions.TargetHost);
}
}
public SafeDeleteSslContext(SafeFreeSslCredentials credential, SslAuthenticationOptions authOptions)
: base(credential)
{
Debug.Assert((credential != null) && !credential.IsInvalid, "Invalid credential used in SafeDeleteSslContext");
try
{
unsafe
{
_readCallback = ReadFromConnection;
_writeCallback = WriteToConnection;
}
_sslContext = CreateSslContext(credential);
InitializeSslContext(_sslContext, _readCallback, _writeCallback, credential, authOptions);
}
catch (Exception ex)
{
Debug.Write("Exception Caught. - " + ex);
Dispose();
throw;
}
}
