public static SafeFreeContextBufferChannelBinding QueryContextChannelBinding(SafeDeleteContext securityContext, ChannelBindingKind attribute) { SafeChannelBindingHandle bindingHandle = Interop.OpenSsl.QueryChannelBinding(((SafeDeleteSslContext)securityContext).SslContext, attribute); var refHandle = bindingHandle == null ? null : new SafeFreeContextBufferChannelBinding(bindingHandle); return(refHandle); }
private static void QueryEndPointChannelBinding(SafeSslHandle context, SafeChannelBindingHandle bindingHandle) { using (SafeX509Handle certSafeHandle = GetPeerCertificate(context)) { if (certSafeHandle == null || certSafeHandle.IsInvalid) { throw CreateSslException(SR.net_ssl_invalid_certificate); } bool gotReference = false; try { certSafeHandle.DangerousAddRef(ref gotReference); using (X509Certificate2 cert = new X509Certificate2(certSafeHandle.DangerousGetHandle())) using (HashAlgorithm hashAlgo = GetHashForChannelBinding(cert)) { byte[] bindingHash = hashAlgo.ComputeHash(cert.RawData); bindingHandle.SetCertHash(bindingHash); } } finally { if (gotReference) { certSafeHandle.DangerousRelease(); } } } }
protected override bool ReleaseHandle() { if (_bindingHandle != null) { SetHandle(IntPtr.Zero); _bindingHandle.Dispose(); _bindingHandle = null; } return(true); }
internal void SetToken(X509Certificate2 cert) { // Parity with WinHTTP: only support retrieval of CBT for ChannelBindingKind.Endpoint. _bindingHandle = new SafeChannelBindingHandle(ChannelBindingKind.Endpoint); using (HashAlgorithm hashAlgo = Interop.OpenSsl.GetHashForChannelBinding(cert)) { _bindingHash = hashAlgo.ComputeHash(cert.RawData); _bindingHandle.SetCertHash(_bindingHash); SetHandle(_bindingHandle.DangerousGetHandle()); } }
internal void SetToken(X509Certificate2 cert) { // Parity with WinHTTP : CurHandler only supports retrieval of ChannelBindingKind.Endpoint for CBT. _bindingHandle = new SafeChannelBindingHandle(ChannelBindingKind.Endpoint); using (HashAlgorithm hashAlgo = Interop.OpenSsl.GetHashForChannelBinding(cert)) { byte[] bindingHash = hashAlgo.ComputeHash(cert.RawData); _bindingHandle.SetCertHash(bindingHash); _description = BitConverter.ToString(bindingHash).Replace('-', ' '); SetHandle(_bindingHandle.DangerousGetHandle()); } }
private static void QueryUniqueChannelBinding(SafeSslHandle context, SafeChannelBindingHandle bindingHandle) { bool sessionReused = Ssl.SslSessionReused(context); int certHashLength = context.IsServer ^ sessionReused? Ssl.SslGetPeerFinished(context, bindingHandle.CertHashPtr, bindingHandle.Length) : Ssl.SslGetFinished(context, bindingHandle.CertHashPtr, bindingHandle.Length); if (0 == certHashLength) { throw CreateSslException(SR.net_ssl_get_channel_binding_token_failed); } bindingHandle.SetCertHashLength(certHashLength); }
internal static SafeChannelBindingHandle? QueryChannelBinding(SafeSslHandle context, ChannelBindingKind bindingType) { Debug.Assert( bindingType != ChannelBindingKind.Endpoint, "Endpoint binding should be handled by EndpointChannelBindingToken"); SafeChannelBindingHandle? bindingHandle; switch (bindingType) { case ChannelBindingKind.Unique: bindingHandle = new SafeChannelBindingHandle(bindingType); QueryUniqueChannelBinding(context, bindingHandle); break; default: // Keeping parity with windows, we should return null in this case. bindingHandle = null; break; } return bindingHandle; }
internal static SafeChannelBindingHandle QueryChannelBinding(SafeSslHandle context, ChannelBindingKind bindingType) { SafeChannelBindingHandle bindingHandle; switch (bindingType) { case ChannelBindingKind.Endpoint: bindingHandle = new SafeChannelBindingHandle(bindingType); QueryEndPointChannelBinding(context, bindingHandle); break; case ChannelBindingKind.Unique: bindingHandle = new SafeChannelBindingHandle(bindingType); QueryUniqueChannelBinding(context, bindingHandle); break; default: // Keeping parity with windows, we should return null in this case. bindingHandle = null; break; } return(bindingHandle); }