NSArray Bundle(SecIdentity identity, IEnumerable <SecCertificate> certificates)
{
int i = identity == null ? 0 : 1;
int n = certificates == null ? 0 : certificates.Count();
var ptrs = new IntPtr [n + i];
if (i == 1)
ptrs [0] = identity.Handle; }
public MCSession(MCPeerID myPeerID, SecIdentity identity, MCEncryptionPreference encryptionPreference)
: base(NSObjectFlag.Empty)
{
if (identity == null) {
Handle = Init (myPeerID, null, encryptionPreference);
} else {
using (var a = NSArray.FromNSObjects (identity))
Handle = Init (myPeerID, a, encryptionPreference);
}
}
public static NSUrlCredential FromIdentityCertificatesPersistance(SecIdentity identity, SecCertificate [] certificates, NSUrlCredentialPersistence persistence)
{
if (identity == null)
throw new ArgumentNullException ("identity");
if (certificates == null)
throw new ArgumentNullException ("certificates");
using (var certs = NSArray.FromNativeObjects (certificates))
return FromIdentityCertificatesPersistanceInternal (identity.Handle, certs.Handle, persistence);
}
public MCSession(MCPeerID myPeerID, SecIdentity identity, SecCertificate[] certificates, MCEncryptionPreference encryptionPreference)
: base(NSObjectFlag.Empty)
{
if (identity == null) {
if (certificates == null)
Handle = Init (myPeerID, null, encryptionPreference);
else
throw new ArgumentNullException ("identity");
} else {
using (var certs = NSArray.FromNativeObjects (certificates))
Handle = Init (myPeerID, certs, encryptionPreference);
}
}
NSArray Bundle(SecIdentity identity, IEnumerable <SecCertificate> certificates)
{
int i = identity == null ? 0 : 1;
int n = certificates == null ? 0 : certificates.Count();
var ptrs = new IntPtr [n + i];
if (i == 1)
{
ptrs [0] = identity.Handle;
}
foreach (var certificate in certificates)
{
ptrs [i++] = certificate.Handle;
}
return(NSArray.FromIntPtrs(ptrs));
}
public NSUrlCredential(SecIdentity identity, SecCertificate [] certificates, NSUrlCredentialPersistence persistence)
: this(identity.Handle, NSArray.FromNativeObjects (certificates).Handle, persistence)
{
}
NSArray Bundle(SecIdentity identity, IEnumerable<SecCertificate> certificates)
{
if (identity == null)
throw new ArgumentNullException ("identity");
int i = 0;
int n = certificates == null ? 0 : certificates.Count ();
var ptrs = new IntPtr [n + 1];
ptrs [0] = identity.Handle;
foreach (var certificate in certificates)
ptrs [++i] = certificate.Handle;
return NSArray.FromIntPtrs (ptrs);
}
protected void Dispose(bool disposing)
{
if (disposed)
return;
try {
if (disposing) {
disposed = true;
if (serverIdentity != null) {
serverIdentity.Dispose ();
serverIdentity = null;
}
if (clientIdentity != null) {
clientIdentity.Dispose ();
clientIdentity = null;
}
if (remoteCertificate != null) {
remoteCertificate.Dispose ();
remoteCertificate = null;
}
}
} finally {
disposed = true;
if (context != IntPtr.Zero) {
CFObject.CFRelease (context);
context = IntPtr.Zero;
}
}
}
public void StartHandshake()
{
Debug ("StartHandshake: {0}", IsServer);
if (Interlocked.CompareExchange (ref handshakeStarted, 1, 1) != 0)
throw new InvalidOperationException ();
InitializeConnection ();
SetSessionOption (SslSessionOption.BreakOnCertRequested, true);
SetSessionOption (SslSessionOption.BreakOnClientAuth, true);
SetSessionOption (SslSessionOption.BreakOnServerAuth, true);
if (IsServer) {
serverIdentity = MobileCertificateHelper.GetIdentity (serverCertificate);
if (serverIdentity == null)
throw new SSA.AuthenticationException ("Unable to get server certificate from keychain.");
SetCertificate (serverIdentity, new SecCertificate [0]);
}
}
public void SetCertificate(SecIdentity identify, IEnumerable<SecCertificate> certificates)
{
using (var array = Bundle (identify, certificates)) {
var result = SSLSetCertificate (Handle, array.Handle);
CheckStatusAndThrow (result);
}
}
public bool ProcessHandshake()
{
SslStatus status;
do {
lastException = null;
status = SSLHandshake (Handle);
Debug ("Handshake: {0} - {0:x}", status);
CheckStatusAndThrow (status, SslStatus.WouldBlock, SslStatus.PeerAuthCompleted, SslStatus.PeerClientCertRequested);
if (status == SslStatus.PeerAuthCompleted) {
RequirePeerTrust ();
} else if (status == SslStatus.PeerClientCertRequested) {
RequirePeerTrust ();
if (remoteCertificate == null)
throw new TlsException (AlertDescription.InternalError, "Cannot request client certificate before receiving one from the server.");
localClientCertificate = MobileCertificateHelper.SelectClientCertificate (targetHost, certificateValidator, clientCertificates, remoteCertificate);
if (localClientCertificate == null)
continue;
clientIdentity = MobileCertificateHelper.GetIdentity (localClientCertificate);
if (clientIdentity == null)
throw new TlsException (AlertDescription.CertificateUnknown);
SetCertificate (clientIdentity, new SecCertificate [0]);
} else if (status == SslStatus.WouldBlock) {
return false;
}
} while (status != SslStatus.Success);
return true;
}
