Exemple #1
0
        internal SecureChannel(string hostname, bool serverMode, SslProtocols sslProtocols, X509Certificate serverCertificate, X509CertificateCollection clientCertificates, bool remoteCertRequired, bool checkCertName,
                                                  bool checkCertRevocationStatus, EncryptionPolicy encryptionPolicy, LocalCertSelectionCallback certSelectionDelegate)
        {
            if (NetEventSource.IsEnabled)
            {
                NetEventSource.Enter(this, hostname, clientCertificates);
                NetEventSource.Log.SecureChannelCtor(this, hostname, clientCertificates, encryptionPolicy);
            }

            SslStreamPal.VerifyPackageInfo();

            _destination = hostname;

            if (hostname == null)
            {
                NetEventSource.Fail(this, "hostname == null");
            }
            _hostName = hostname;
            _serverMode = serverMode;

            _sslProtocols = sslProtocols;

            _serverCertificate = serverCertificate;
            _clientCertificates = clientCertificates;
            _remoteCertRequired = remoteCertRequired;
            _securityContext = null;
            _checkCertRevocation = checkCertRevocationStatus;
            _checkCertName = checkCertName;
            _certSelectionDelegate = certSelectionDelegate;
            _refreshCredentialNeeded = true;
            _encryptionPolicy = encryptionPolicy;
            
            if (NetEventSource.IsEnabled) NetEventSource.Exit(this);
        }
Exemple #2
0
        internal SecureChannel(string hostname, bool serverMode, SslProtocols sslProtocols, X509Certificate serverCertificate, X509CertificateCollection clientCertificates, bool remoteCertRequired, bool checkCertName,
                               bool checkCertRevocationStatus, EncryptionPolicy encryptionPolicy, LocalCertSelectionCallback certSelectionDelegate)
        {
            GlobalLog.Enter("SecureChannel#" + Logging.HashString(this) + "::.ctor", "hostname:" + hostname + " #clientCertificates=" + ((clientCertificates == null) ? "0" : clientCertificates.Count.ToString(NumberFormatInfo.InvariantInfo)));
            if (Logging.On)
            {
                Logging.PrintInfo(Logging.Web, this, ".ctor", "hostname=" + hostname + ", #clientCertificates=" + ((clientCertificates == null) ? "0" : clientCertificates.Count.ToString(NumberFormatInfo.InvariantInfo)) + ", encryptionPolicy=" + encryptionPolicy);
            }

            SslStreamPal.VerifyPackageInfo();

            _destination = hostname;

            GlobalLog.Assert(hostname != null, "SecureChannel#{0}::.ctor()|hostname == null", Logging.HashString(this));
            _hostName   = hostname;
            _serverMode = serverMode;

            _sslProtocols = sslProtocols;

            _serverCertificate       = serverCertificate;
            _clientCertificates      = clientCertificates;
            _remoteCertRequired      = remoteCertRequired;
            _securityContext         = null;
            _checkCertRevocation     = checkCertRevocationStatus;
            _checkCertName           = checkCertName;
            _certSelectionDelegate   = certSelectionDelegate;
            _refreshCredentialNeeded = true;
            _encryptionPolicy        = encryptionPolicy;
            GlobalLog.Leave("SecureChannel#" + Logging.HashString(this) + "::.ctor");
        }
Exemple #3
0
        internal SecureChannel(string hostname, bool serverMode, SslProtocols sslProtocols, X509Certificate serverCertificate, X509CertificateCollection clientCertificates, bool remoteCertRequired, bool checkCertName,
                                                  bool checkCertRevocationStatus, EncryptionPolicy encryptionPolicy, LocalCertSelectionCallback certSelectionDelegate)
        {
            GlobalLog.Enter("SecureChannel#" + Logging.HashString(this) + "::.ctor", "hostname:" + hostname + " #clientCertificates=" + ((clientCertificates == null) ? "0" : clientCertificates.Count.ToString(NumberFormatInfo.InvariantInfo)));
            if (Logging.On)
            { 
                Logging.PrintInfo(Logging.Web, this, ".ctor", "hostname=" + hostname + ", #clientCertificates=" + ((clientCertificates == null) ? "0" : clientCertificates.Count.ToString(NumberFormatInfo.InvariantInfo)) + ", encryptionPolicy=" + encryptionPolicy);
            }
          
            SSPIWrapper.VerifyPackageInfo(GlobalSSPI.SSPISecureChannel);

            _destination = hostname;

            GlobalLog.Assert(hostname != null, "SecureChannel#{0}::.ctor()|hostname == null", Logging.HashString(this));
            _hostName = hostname;
            _serverMode = serverMode;

            _sslProtocols = sslProtocols;

            _serverCertificate = serverCertificate;
            _clientCertificates = clientCertificates;
            _remoteCertRequired = remoteCertRequired;
            _securityContext = null;
            _checkCertRevocation = checkCertRevocationStatus;
            _checkCertName = checkCertName;
            _certSelectionDelegate = certSelectionDelegate;
            _refreshCredentialNeeded = true;
            _encryptionPolicy = encryptionPolicy;
            GlobalLog.Leave("SecureChannel#" + Logging.HashString(this) + "::.ctor");
        }
Exemple #4
0
 internal SecureChannel(string hostname, bool serverMode, SchProtocols protocolFlags, X509Certificate serverCertificate, X509CertificateCollection clientCertificates, bool remoteCertRequired, bool checkCertName, bool checkCertRevocationStatus, EncryptionPolicy encryptionPolicy, LocalCertSelectionCallback certSelectionDelegate)
 {
     if (Logging.On)
     {
         Logging.PrintInfo(Logging.Web, this, ".ctor", string.Concat(new object[] { "hostname=", hostname, ", #clientCertificates=", (clientCertificates == null) ? "0" : clientCertificates.Count.ToString(NumberFormatInfo.InvariantInfo), ", encryptionPolicy=", encryptionPolicy }));
     }
     SSPIWrapper.GetVerifyPackageInfo(GlobalSSPI.SSPISecureChannel, "Microsoft Unified Security Protocol Provider", true);
     if (ComNetOS.IsWin9x && (clientCertificates.Count > 0))
     {
         this.m_Destination = hostname + "+" + clientCertificates.GetHashCode();
     }
     else
     {
         this.m_Destination = hostname;
     }
     this.m_HostName = hostname;
     this.m_ServerMode = serverMode;
     if (serverMode)
     {
         this.m_ProtocolFlags = protocolFlags & SchProtocols.ServerMask;
     }
     else
     {
         this.m_ProtocolFlags = protocolFlags & SchProtocols.ClientMask;
     }
     this.m_ServerCertificate = serverCertificate;
     this.m_ClientCertificates = clientCertificates;
     this.m_RemoteCertRequired = remoteCertRequired;
     this.m_SecurityContext = null;
     this.m_CheckCertRevocation = checkCertRevocationStatus;
     this.m_CheckCertName = checkCertName;
     this.m_CertSelectionDelegate = certSelectionDelegate;
     this.m_RefreshCredentialNeeded = true;
     this.m_EncryptionPolicy = encryptionPolicy;
 }
Exemple #5
0
 internal SecureChannel(string hostname, bool serverMode, SchProtocols protocolFlags, X509Certificate serverCertificate, X509CertificateCollection clientCertificates, bool remoteCertRequired, bool checkCertName, bool checkCertRevocationStatus, EncryptionPolicy encryptionPolicy, LocalCertSelectionCallback certSelectionDelegate)
 {
     if (Logging.On)
     {
         Logging.PrintInfo(Logging.Web, this, ".ctor", string.Concat(new object[] { "hostname=", hostname, ", #clientCertificates=", (clientCertificates == null) ? "0" : clientCertificates.Count.ToString(NumberFormatInfo.InvariantInfo), ", encryptionPolicy=", encryptionPolicy }));
     }
     SSPIWrapper.GetVerifyPackageInfo(GlobalSSPI.SSPISecureChannel, "Microsoft Unified Security Protocol Provider", true);
     if (ComNetOS.IsWin9x && (clientCertificates.Count > 0))
     {
         this.m_Destination = hostname + "+" + clientCertificates.GetHashCode();
     }
     else
     {
         this.m_Destination = hostname;
     }
     this.m_HostName   = hostname;
     this.m_ServerMode = serverMode;
     if (serverMode)
     {
         this.m_ProtocolFlags = protocolFlags & SchProtocols.ServerMask;
     }
     else
     {
         this.m_ProtocolFlags = protocolFlags & SchProtocols.ClientMask;
     }
     this.m_ServerCertificate       = serverCertificate;
     this.m_ClientCertificates      = clientCertificates;
     this.m_RemoteCertRequired      = remoteCertRequired;
     this.m_SecurityContext         = null;
     this.m_CheckCertRevocation     = checkCertRevocationStatus;
     this.m_CheckCertName           = checkCertName;
     this.m_CertSelectionDelegate   = certSelectionDelegate;
     this.m_RefreshCredentialNeeded = true;
     this.m_EncryptionPolicy        = encryptionPolicy;
 }
Exemple #6
0
		internal static MSI.MonoLocalCertificateSelectionCallback InternalToMono (LocalCertSelectionCallback callback)
		{
			if (callback == null)
				return null;

			return (t, lc, rc, ai) => callback (t, lc, rc, ai);
		}
Exemple #7
0
 //
 //  The public Client and Server classes enforce the parameters rules before
 //  calling into this .ctor.
 //
 internal SslState(Stream innerStream, RemoteCertValidationCallback certValidationCallback, LocalCertSelectionCallback certSelectionCallback, EncryptionPolicy encryptionPolicy)
 {
     _innerStream = innerStream;
     _reader = new FixedSizeReader(innerStream);
     _certValidationDelegate = certValidationCallback;
     _certSelectionDelegate = certSelectionCallback;
     _encryptionPolicy = encryptionPolicy;
 }
Exemple #8
0
 internal SslState(Stream innerStream, RemoteCertValidationCallback certValidationCallback, LocalCertSelectionCallback certSelectionCallback, EncryptionPolicy encryptionPolicy)
 {
     this._InnerStream            = innerStream;
     this._Reader                 = new FixedSizeReader(innerStream);
     this._CertValidationDelegate = certValidationCallback;
     this._CertSelectionDelegate  = certSelectionCallback;
     this._EncryptionPolicy       = encryptionPolicy;
 }
Exemple #9
0
        ChainValidationHelper(MonoTlsProvider provider, MonoTlsSettings settings, bool cloneSettings, MonoTlsStream stream, ServerCertValidationCallbackWrapper callbackWrapper)
        {
            if (settings == null)
            {
                settings = MonoTlsSettings.CopyDefaultSettings();
            }
            if (cloneSettings)
            {
                settings = settings.CloneWithValidator(this);
            }
            if (provider == null)
            {
                provider = MonoTlsProviderFactory.GetProvider();
            }

            this.provider        = provider;
            this.settings        = settings;
            this.tlsStream       = stream;
            this.callbackWrapper = callbackWrapper;

            var fallbackToSPM = false;

            if (settings != null)
            {
                if (settings.RemoteCertificateValidationCallback != null)
                {
                    var callback = Private.CallbackHelpers.MonoToPublic(settings.RemoteCertificateValidationCallback);
                    certValidationCallback = new ServerCertValidationCallback(callback);
                }
                certSelectionCallback = Private.CallbackHelpers.MonoToInternal(settings.ClientCertificateSelectionCallback);
                fallbackToSPM         = settings.UseServicePointManagerCallback ?? stream != null;
            }

            if (stream != null)
            {
                this.request = stream.Request;
                this.sender  = request;

                if (certValidationCallback == null)
                {
                    certValidationCallback = request.ServerCertValidationCallback;
                }
                if (certSelectionCallback == null)
                {
                    certSelectionCallback = new LocalCertSelectionCallback(DefaultSelectionCallback);
                }

                if (settings == null)
                {
                    fallbackToSPM = true;
                }
            }

            if (fallbackToSPM && certValidationCallback == null)
            {
                certValidationCallback = ServicePointManager.ServerCertValidationCallback;
            }
        }
Exemple #10
0
        internal static MSI.MonoLocalCertificateSelectionCallback InternalToMono(LocalCertSelectionCallback callback)
        {
            if (callback == null)
            {
                return(null);
            }

            return((t, lc, rc, ai) => callback(t, lc, rc, ai));
        }
Exemple #11
0
        ChainValidationHelper(SslStream owner, MonoTlsProvider provider, MonoTlsSettings settings, bool cloneSettings, MonoTlsStream stream)
        {
            if (settings == null)
            {
                settings = MonoTlsSettings.CopyDefaultSettings();
            }
            if (cloneSettings)
            {
                settings = settings.CloneWithValidator(this);
            }
            if (provider == null)
            {
                provider = MonoTlsProviderFactory.GetProvider();
            }

            this.provider  = provider;
            this.settings  = settings;
            this.tlsStream = stream;

            if (owner != null)
            {
                this.owner = new WeakReference <SslStream> (owner);
            }

            var fallbackToSPM = false;

            if (settings != null)
            {
                certValidationCallback = GetValidationCallback(settings);
                certSelectionCallback  = Private.CallbackHelpers.MonoToInternal(settings.ClientCertificateSelectionCallback);
                fallbackToSPM          = settings.UseServicePointManagerCallback ?? stream != null;
            }

            if (stream != null)
            {
                this.request = stream.Request;

                if (certValidationCallback == null)
                {
                    certValidationCallback = request.ServerCertValidationCallback;
                }
                if (certSelectionCallback == null)
                {
                    certSelectionCallback = new LocalCertSelectionCallback(DefaultSelectionCallback);
                }

                if (settings == null)
                {
                    fallbackToSPM = true;
                }
            }

            if (fallbackToSPM && certValidationCallback == null)
            {
                certValidationCallback = ServicePointManager.ServerCertValidationCallback;
            }
        }
Exemple #12
0
        ChainValidationHelper(ChainValidationHelper other, MonoTlsSettings settings, ServerCertValidationCallbackWrapper callbackWrapper = null)
        {
            sender = other.sender;
            certValidationCallback = other.certValidationCallback;
            certSelectionCallback  = other.certSelectionCallback;
            tlsStream = other.tlsStream;
            request   = other.request;

            this.settings        = settings = settings.CloneWithValidator(this);
            this.callbackWrapper = callbackWrapper;
        }
Exemple #13
0
 private void SetAndVerifySelectionCallback(LocalCertificateSelectionCallback callback)
 {
     if (_userCertificateSelectionCallback == null)
     {
         _userCertificateSelectionCallback = callback;
         _certSelectionDelegate            = _userCertificateSelectionCallback == null ? null : new LocalCertSelectionCallback(UserCertSelectionCallbackWrapper);
     }
     else if (callback != null && _userCertificateSelectionCallback != callback)
     {
         throw new InvalidOperationException(SR.Format(SR.net_conflicting_options, nameof(LocalCertificateSelectionCallback)));
     }
 }
Exemple #14
0
		internal static SSPIInterface Create (string hostname, bool serverMode, SchProtocols protocolFlags, X509Certificate serverCertificate, X509CertificateCollection clientCertificates,
		                                           bool remoteCertRequired, bool checkCertName, bool checkCertRevocationStatus, EncryptionPolicy encryptionPolicy,
		                                           LocalCertSelectionCallback certSelectionDelegate, RemoteCertValidationCallback remoteValidationCallback, SSPIConfiguration userConfig)
		{
			if (userConfig.Settings != null && remoteValidationCallback != null)
				throw new InvalidOperationException ();
			var context = userConfig.Provider.CreateTlsContext (
				hostname, serverMode, (TlsProtocols)protocolFlags, serverCertificate, clientCertificates,
				remoteCertRequired, checkCertName, checkCertRevocationStatus,
				(MonoEncryptionPolicy)encryptionPolicy, userConfig.Settings);
			return new SSPIInterface (context, userConfig.EventSink);
		}
Exemple #15
0
        public SslStream(Stream innerStream, bool leaveInnerStreamOpen, RemoteCertificateValidationCallback userCertificateValidationCallback, LocalCertificateSelectionCallback userCertificateSelectionCallback, EncryptionPolicy encryptionPolicy) : base(innerStream, leaveInnerStreamOpen)
        {
            if (((encryptionPolicy != EncryptionPolicy.RequireEncryption) && (encryptionPolicy != EncryptionPolicy.AllowNoEncryption)) && (encryptionPolicy != EncryptionPolicy.NoEncryption))
            {
                throw new ArgumentException(SR.GetString("net_invalid_enum", new object[] { "EncryptionPolicy" }), "encryptionPolicy");
            }
            this._userCertificateValidationCallback = userCertificateValidationCallback;
            this._userCertificateSelectionCallback  = userCertificateSelectionCallback;
            RemoteCertValidationCallback certValidationCallback = new RemoteCertValidationCallback(this.userCertValidationCallbackWrapper);
            LocalCertSelectionCallback   certSelectionCallback  = (userCertificateSelectionCallback == null) ? null : new LocalCertSelectionCallback(this.userCertSelectionCallbackWrapper);

            this._SslState = new SslState(innerStream, certValidationCallback, certSelectionCallback, encryptionPolicy);
        }
Exemple #16
0
        internal static SSPIInterface Create(string hostname, bool serverMode, SchProtocols protocolFlags, X509Certificate serverCertificate, XX509CertificateCollection clientCertificates,
                                             bool remoteCertRequired, bool checkCertName, bool checkCertRevocationStatus, EncryptionPolicy encryptionPolicy,
                                             LocalCertSelectionCallback certSelectionDelegate, RemoteCertValidationCallback remoteValidationCallback, SSPIConfiguration userConfig)
        {
            if (userConfig.Settings != null && remoteValidationCallback != null)
            {
                throw new InvalidOperationException();
            }
            var context = userConfig.Provider.CreateTlsContext(
                hostname, serverMode, (TlsProtocols)protocolFlags, serverCertificate, clientCertificates,
                remoteCertRequired, checkCertName, checkCertRevocationStatus,
                (MonoEncryptionPolicy)encryptionPolicy, userConfig.Settings);

            return(new SSPIInterface(context, userConfig.EventSink));
        }
Exemple #17
0
            private LocalCertificateSelectionCallback setupLocalCertSelectionCallback(TraceSource log, int LogID, CommLogMessages msgs)
            {
                LocalCertSelectionCallback _SelectLocalCertificate = new LocalCertSelectionCallback(dSelectLocalCertificate);

                if (SelectLocalCertificate != null)
                {
                    _SelectLocalCertificate = SelectLocalCertificate;
                }

                LocalCertificateSelectionCallback lcsCallback =
                    (sender, targetHost, localCertificates, remoteCertificate, acceptableIssuers) =>
                    _SelectLocalCertificate(sender, targetHost, localCertificates, remoteCertificate, acceptableIssuers,
                                            log, LogID, msgs);

                return(lcsCallback);
            }
Exemple #18
0
        public SslStream(Stream innerStream, bool leaveInnerStreamOpen, RemoteCertificateValidationCallback userCertificateValidationCallback,
                         LocalCertificateSelectionCallback userCertificateSelectionCallback, EncryptionPolicy encryptionPolicy)
            : base(innerStream, leaveInnerStreamOpen)
        {
            if (encryptionPolicy != EncryptionPolicy.RequireEncryption && encryptionPolicy != EncryptionPolicy.AllowNoEncryption && encryptionPolicy != EncryptionPolicy.NoEncryption)
            {
                throw new ArgumentException(SR.GetString(SR.net_invalid_enum, "EncryptionPolicy"), "encryptionPolicy");
            }

            _userCertificateValidationCallback = userCertificateValidationCallback;
            _userCertificateSelectionCallback  = userCertificateSelectionCallback;
            RemoteCertValidationCallback _userCertValidationCallbackWrapper = new RemoteCertValidationCallback(userCertValidationCallbackWrapper);
            LocalCertSelectionCallback   _userCertSelectionCallbackWrapper  = userCertificateSelectionCallback == null  ? null : new LocalCertSelectionCallback(userCertSelectionCallbackWrapper);

            _SslState = new SslState(innerStream, _userCertValidationCallbackWrapper, _userCertSelectionCallbackWrapper, encryptionPolicy);
        }
Exemple #19
0
        public SslStream(Stream innerStream, bool leaveInnerStreamOpen, RemoteCertificateValidationCallback userCertificateValidationCallback,
                         LocalCertificateSelectionCallback userCertificateSelectionCallback, EncryptionPolicy encryptionPolicy)
            : base(innerStream, leaveInnerStreamOpen)
        {
            if (encryptionPolicy != EncryptionPolicy.RequireEncryption && encryptionPolicy != EncryptionPolicy.AllowNoEncryption && encryptionPolicy != EncryptionPolicy.NoEncryption)
            {
                throw new ArgumentException(SR.Format(SR.net_invalid_enum, "EncryptionPolicy"), nameof(encryptionPolicy));
            }

            _userCertificateValidationCallback = userCertificateValidationCallback;
            _userCertificateSelectionCallback  = userCertificateSelectionCallback;
            _encryptionPolicy       = encryptionPolicy;
            _certValidationDelegate = new RemoteCertValidationCallback(UserCertValidationCallbackWrapper);
            _certSelectionDelegate  = userCertificateSelectionCallback == null ? null : new LocalCertSelectionCallback(UserCertSelectionCallbackWrapper);
            _sslState = new SslState(innerStream);
        }
Exemple #20
0
        internal SecureChannel(string hostname, bool serverMode, SslProtocols sslProtocols, X509Certificate serverCertificate, X509CertificateCollection clientCertificates, bool remoteCertRequired, bool checkCertName,
                                                  bool checkCertRevocationStatus, EncryptionPolicy encryptionPolicy, LocalCertSelectionCallback certSelectionDelegate)
        {
            if (GlobalLog.IsEnabled)
            {
                GlobalLog.Enter("SecureChannel#" + LoggingHash.HashString(this) + "::.ctor", "hostname:" + hostname + " #clientCertificates=" + ((clientCertificates == null) ? "0" : clientCertificates.Count.ToString(NumberFormatInfo.InvariantInfo)));
            }
            if (SecurityEventSource.Log.IsEnabled())
            {
                SecurityEventSource.SecureChannelCtor(this, hostname, clientCertificates, encryptionPolicy);
            }

            SslStreamPal.VerifyPackageInfo();

            _destination = hostname;

            if (hostname == null)
            {
                if (GlobalLog.IsEnabled)
                {
                    GlobalLog.AssertFormat("SecureChannel#{0}::.ctor()|hostname == null", LoggingHash.HashString(this));
                }

                Debug.Fail("SecureChannel#" + LoggingHash.HashString(this) + "::.ctor()|hostname == null");
            }
            _hostName = hostname;
            _serverMode = serverMode;

            _sslProtocols = sslProtocols;

            _serverCertificate = serverCertificate;
            _clientCertificates = clientCertificates;
            _remoteCertRequired = remoteCertRequired;
            _securityContext = null;
            _checkCertRevocation = checkCertRevocationStatus;
            _checkCertName = checkCertName;
            _certSelectionDelegate = certSelectionDelegate;
            _refreshCredentialNeeded = true;
            _encryptionPolicy = encryptionPolicy;
            
            if (GlobalLog.IsEnabled)
            {
                GlobalLog.Leave("SecureChannel#" + LoggingHash.HashString(this) + "::.ctor");
            }
        }
Exemple #21
0
        internal SslAuthenticationOptions(SslClientAuthenticationOptions sslClientAuthenticationOptions, RemoteCertValidationCallback remoteCallback, LocalCertSelectionCallback localCallback)
        {
            // Common options.
            AllowRenegotiation     = sslClientAuthenticationOptions.AllowRenegotiation;
            ApplicationProtocols   = sslClientAuthenticationOptions.ApplicationProtocols;
            CertValidationDelegate = remoteCallback;
            CheckCertName          = true;
            EnabledSslProtocols    = sslClientAuthenticationOptions.EnabledSslProtocols;
            EncryptionPolicy       = sslClientAuthenticationOptions.EncryptionPolicy;
            IsServer           = false;
            RemoteCertRequired = true;
            TargetHost         = sslClientAuthenticationOptions.TargetHost;

            // Client specific options.
            CertSelectionDelegate          = localCallback;
            CertificateRevocationCheckMode = sslClientAuthenticationOptions.CertificateRevocationCheckMode;
            ClientCertificates             = sslClientAuthenticationOptions.ClientCertificates;
        }
Exemple #22
0
        internal SslStream(Stream innerStream, bool leaveInnerStreamOpen, EncryptionPolicy encryptionPolicy, MonoTlsSettings settings)
            : base(innerStream, leaveInnerStreamOpen)
        {
            if (encryptionPolicy != EncryptionPolicy.RequireEncryption && encryptionPolicy != EncryptionPolicy.AllowNoEncryption && encryptionPolicy != EncryptionPolicy.NoEncryption)
            {
                throw new ArgumentException(SR.GetString(SR.net_invalid_enum, "EncryptionPolicy"), "encryptionPolicy");
            }

            var validationHelper = ChainValidationHelper.CloneWithCallbackWrapper(ref settings, myUserCertValidationCallbackWrapper);

            LocalCertSelectionCallback selectionCallback = null;

            if (validationHelper.HasCertificateSelectionCallback)
            {
                selectionCallback = validationHelper.SelectClientCertificate;
            }

            _Configuration = new MyConfiguration(settings, this);
            _SslState      = new SslState(innerStream, null, selectionCallback, encryptionPolicy, _Configuration);
        }
Exemple #23
0
 //
 //  The public Client and Server classes enforce the parameters rules before
 //  calling into this .ctor.
 //
 internal SslState(Stream innerStream, RemoteCertValidationCallback certValidationCallback, LocalCertSelectionCallback certSelectionCallback, EncryptionPolicy encryptionPolicy)
 {
 }
Exemple #24
0
 internal SslState(Stream innerStream, RemoteCertValidationCallback certValidationCallback, LocalCertSelectionCallback  certSelectionCallback, EncryptionPolicy encryptionPolicy, SSPIConfiguration config)
     : this(innerStream, certValidationCallback, certSelectionCallback, encryptionPolicy)
 {
     _Configuration = config;
 }
Exemple #25
0
 internal void ValidateCreateContext(SslClientAuthenticationOptions sslClientAuthenticationOptions, RemoteCertValidationCallback remoteCallback, LocalCertSelectionCallback localCallback)
 {
 }
Exemple #26
0
		internal ChainValidationHelper (HttpWebRequest request)
		{
			this.callbackWrapper = callbackWrapper;

			this.request = request;
			this.sender = request;

			if (certValidationCallback == null)
				certValidationCallback = request.ServerCertValidationCallback;
			if (certSelectionCallback == null)
				certSelectionCallback = new LocalCertSelectionCallback (DefaultSelectionCallback);

			if (certValidationCallback == null)
				certValidationCallback = ServicePointManager.ServerCertValidationCallback;
		}
Exemple #27
0
        internal SecureChannel(string hostname, bool serverMode, SchProtocols protocolFlags, X509Certificate serverCertificate, X509CertificateCollection clientCertificates, bool remoteCertRequired, bool checkCertName,
            bool checkCertRevocationStatus, EncryptionPolicy encryptionPolicy, LocalCertSelectionCallback certSelectionDelegate, RemoteCertValidationCallback remoteValidationCallback, SSPIConfiguration config)
        {
            GlobalLog.Enter("SecureChannel#" + ValidationHelper.HashString(this) + "::.ctor", "hostname:" + hostname + " #clientCertificates=" + ((clientCertificates == null) ? "0" : clientCertificates.Count.ToString(NumberFormatInfo.InvariantInfo)));
            if (Logging.On) Logging.PrintInfo(Logging.Web, this, ".ctor", "hostname=" + hostname + ", #clientCertificates=" + ((clientCertificates == null) ? "0" : clientCertificates.Count.ToString(NumberFormatInfo.InvariantInfo)) + ", encryptionPolicy=" + encryptionPolicy);
            m_SecModule = GlobalSSPI.Create(hostname, serverMode, protocolFlags, serverCertificate, clientCertificates, remoteCertRequired, checkCertName, checkCertRevocationStatus, encryptionPolicy, certSelectionDelegate, remoteValidationCallback, config);

            m_Destination = hostname;

            GlobalLog.Assert(hostname != null, "SecureChannel#{0}::.ctor()|hostname == null", ValidationHelper.HashString(this));
            m_HostName = hostname;
            m_ServerMode = serverMode;

            if (serverMode)
                m_ProtocolFlags = (protocolFlags & SchProtocols.ServerMask);
            else
                m_ProtocolFlags = (protocolFlags & SchProtocols.ClientMask);

            m_ServerCertificate = serverCertificate;
            m_ClientCertificates = clientCertificates;
            m_RemoteCertRequired = remoteCertRequired;
            m_SecurityContext = null;
            m_CheckCertRevocation = checkCertRevocationStatus;
            m_CheckCertName = checkCertName;
            m_CertSelectionDelegate = certSelectionDelegate;
            m_RefreshCredentialNeeded = true;
            m_EncryptionPolicy = encryptionPolicy;
            GlobalLog.Leave("SecureChannel#" + ValidationHelper.HashString(this) + "::.ctor");
        }
Exemple #28
0
        private void ValidateCreateContext(SslClientAuthenticationOptions sslClientAuthenticationOptions, RemoteCertValidationCallback remoteCallback, LocalCertSelectionCallback localCallback)
        {
            ThrowIfExceptional();

            if (_context != null && _context.IsValidContext)
            {
                throw new InvalidOperationException(SR.net_auth_reauth);
            }

            if (_context != null && IsServer)
            {
                throw new InvalidOperationException(SR.net_auth_client_server);
            }

            if (sslClientAuthenticationOptions.TargetHost == null)
            {
                throw new ArgumentNullException(nameof(sslClientAuthenticationOptions.TargetHost));
            }

            _exception = null;
            try
            {
                _sslAuthenticationOptions = new SslAuthenticationOptions(sslClientAuthenticationOptions, remoteCallback, localCallback);
                if (_sslAuthenticationOptions.TargetHost.Length == 0)
                {
                    _sslAuthenticationOptions.TargetHost = "?" + Interlocked.Increment(ref s_uniqueNameInteger).ToString(NumberFormatInfo.InvariantInfo);
                }
                _context = new SecureChannel(_sslAuthenticationOptions);
            }
            catch (Win32Exception e)
            {
                throw new AuthenticationException(SR.net_auth_SSPI, e);
            }
        }
Exemple #29
0
 //
 //  The public Client and Server classes enforce the parameters rules before
 //  calling into this .ctor.
 //
 internal SslState(Stream innerStream, RemoteCertValidationCallback certValidationCallback, LocalCertSelectionCallback certSelectionCallback, EncryptionPolicy encryptionPolicy)
 {
 }
Exemple #30
0
		ChainValidationHelper (ChainValidationHelper other, MonoTlsProvider provider, MonoTlsSettings settings, ServerCertValidationCallbackWrapper callbackWrapper = null)
		{
			sender = other.sender;
			certValidationCallback = other.certValidationCallback;
			certSelectionCallback = other.certSelectionCallback;
			tlsStream = other.tlsStream;
			request = other.request;

			if (settings == null)
				settings = MonoTlsSettings.DefaultSettings;

			this.provider = provider;
			this.settings = settings.CloneWithValidator (this);
			this.callbackWrapper = callbackWrapper;
		}
Exemple #31
0
        private void ValidateCreateContext(SslClientAuthenticationOptions sslClientAuthenticationOptions, RemoteCertValidationCallback remoteCallback, LocalCertSelectionCallback localCallback)
        {
            // Without setting (or using) these members you will get a build exception in the unit test project.
            // The code that normally uses these in the main solution is in the implementation of SslStream.

            if (_nestedWrite == 0)
            {
            }
            _context             = null;
            _exception           = null;
            _internalBuffer      = null;
            _internalBufferCount = 0;
            _internalOffset      = 0;
            _nestedWrite         = 0;
            _handshakeCompleted  = false;
        }
Exemple #32
0
		ChainValidationHelper (MonoTlsProvider provider, MonoTlsSettings settings, bool cloneSettings, MonoTlsStream stream, ServerCertValidationCallbackWrapper callbackWrapper)
		{
			if (settings == null)
				settings = MonoTlsSettings.CopyDefaultSettings ();
			if (cloneSettings)
				settings = settings.CloneWithValidator (this);
			if (provider == null)
				provider = MonoTlsProviderFactory.GetProvider ();

			this.provider = provider;
			this.settings = settings;
			this.tlsStream = stream;
			this.callbackWrapper = callbackWrapper;

			var fallbackToSPM = false;

			if (settings != null) {
				if (settings.RemoteCertificateValidationCallback != null) {
					var callback = Private.CallbackHelpers.MonoToPublic (settings.RemoteCertificateValidationCallback);
					certValidationCallback = new ServerCertValidationCallback (callback);
				}
				certSelectionCallback = Private.CallbackHelpers.MonoToInternal (settings.ClientCertificateSelectionCallback);
				fallbackToSPM = settings.UseServicePointManagerCallback ?? stream != null;
			}

			if (stream != null) {
				this.request = stream.Request;
				this.sender = request;

				if (certValidationCallback == null)
					certValidationCallback = request.ServerCertValidationCallback;
				if (certSelectionCallback == null)
					certSelectionCallback = new LocalCertSelectionCallback (DefaultSelectionCallback);

				if (settings == null)
					fallbackToSPM = true;
			}

			if (fallbackToSPM && certValidationCallback == null)
				certValidationCallback = ServicePointManager.ServerCertValidationCallback;
		}