public AppleTlsContext(MobileAuthenticatedStream parent, MonoSslAuthenticationOptions options)
: base(parent, options)
{
handle = GCHandle.Alloc(this, GCHandleType.Weak);
readFunc = NativeReadCallback;
writeFunc = NativeWriteCallback;
}
public AppleTlsContext(MobileAuthenticatedStream parent, MonoSslAuthenticationOptions options)
: base(parent, options)
{
handle = GCHandle.Alloc(this, GCHandleType.Weak);
readFunc = NativeReadCallback;
writeFunc = NativeWriteCallback;
if (IsServer)
{
if (LocalServerCertificate == null)
{
throw new ArgumentNullException(nameof(LocalServerCertificate));
}
}
}
public AppleTlsContext(
MobileAuthenticatedStream parent, bool serverMode, string targetHost,
SSA.SslProtocols enabledProtocols, X509Certificate serverCertificate,
X509CertificateCollection clientCertificates, bool askForClientCert)
: base(parent, serverMode, targetHost, enabledProtocols,
serverCertificate, clientCertificates, askForClientCert)
{
handle = GCHandle.Alloc(this, GCHandleType.Weak);
readFunc = NativeReadCallback;
writeFunc = NativeWriteCallback;
if (IsServer)
{
if (serverCertificate == null)
{
throw new ArgumentNullException("serverCertificate");
}
}
}
public UnityTlsContext(
MobileAuthenticatedStream parent,
MonoSslAuthenticationOptions opts)
: base(parent, opts)
{
// Need GCHandle to get a consistent pointer to this instance
handle = GCHandle.Alloc(this);
var errorState = UnityTls.NativeInterface.unitytls_errorstate_create();
// Map selected protocols as best as we can.
var protocolRange = new UnityTls.unitytls_tlsctx_protocolrange
{
min = UnityTlsConversions.GetMinProtocol(EnabledProtocols),
max = UnityTlsConversions.GetMaxProtocol(EnabledProtocols)
};
readCallback = ReadCallback;
writeCallback = WriteCallback;
var callbacks = new UnityTls.unitytls_tlsctx_callbacks
{
write = writeCallback,
read = readCallback,
data = (void *)(IntPtr)handle
};
if (opts.ServerMode)
{
ExtractNativeKeyAndChainFromManagedCertificate(opts.ServerCertificate, &errorState, out var serverCerts,
out var serverPrivateKey);
try
{
var serverCertsRef = UnityTls.NativeInterface.unitytls_x509list_get_ref(serverCerts, &errorState);
var serverKeyRef = UnityTls.NativeInterface.unitytls_key_get_ref(serverPrivateKey, &errorState);
Unity.Debug.CheckAndThrow(errorState, "Failed to parse server key/certificate");
tlsContext = UnityTls.NativeInterface.unitytls_tlsctx_create_server(protocolRange, callbacks,
serverCertsRef.handle, serverKeyRef.handle, &errorState);
if (opts.ClientCertificateRequired)
{
UnityTls.unitytls_x509list *clientAuthCAList = null;
try
{
clientAuthCAList = UnityTls.NativeInterface.unitytls_x509list_create(&errorState);
var clientAuthCAListRef =
UnityTls.NativeInterface.unitytls_x509list_get_ref(clientAuthCAList, &errorState);
UnityTls.NativeInterface.unitytls_tlsctx_server_require_client_authentication(tlsContext,
clientAuthCAListRef, &errorState);
}
finally
{
UnityTls.NativeInterface.unitytls_x509list_free(clientAuthCAList);
}
}
}
finally
{
UnityTls.NativeInterface.unitytls_x509list_free(serverCerts);
UnityTls.NativeInterface.unitytls_key_free(serverPrivateKey);
}
}
else
{
var targetHostUtf8 = Encoding.UTF8.GetBytes(opts.TargetHost);
fixed(byte *targetHostUtf8Ptr = targetHostUtf8)
{
tlsContext = UnityTls.NativeInterface.unitytls_tlsctx_create_client(protocolRange, callbacks,
targetHostUtf8Ptr, (size_t)targetHostUtf8.Length, &errorState);
}
certificateCallback = CertificateCallback;
UnityTls.NativeInterface.unitytls_tlsctx_set_certificate_callback(tlsContext, certificateCallback,
(void *)(IntPtr)handle, &errorState);
}
verifyCallback = VerifyCallback;
UnityTls.NativeInterface.unitytls_tlsctx_set_x509verify_callback(tlsContext, verifyCallback,
(void *)(IntPtr)handle, &errorState);
Unity.Debug.CheckAndThrow(errorState, "Failed to create UnityTls context");
#pragma warning disable CS0162 // Disable unreachable code warning
if (ActivateTracing)
{
traceCallback = TraceCallback;
UnityTls.NativeInterface.unitytls_tlsctx_set_trace_callback(tlsContext, traceCallback, null,
&errorState);
Unity.Debug.CheckAndThrow(errorState, "Failed to set trace callback");
}
#pragma warning restore CS0162 // Reenable unreachable code warning.
hasContext = true;
}
public LegacySslStreamContext(MobileAuthenticatedStream parent, MonoSslAuthenticationOptions options) : base(
parent, options)
{
}
