internal override bool RaiseServerCertificateValidation(X509CertificateMono certificate, int[] certificateErrors) { bool failed = (certificateErrors.Length > 0); // only one problem can be reported by this interface _status = ((failed) ? certificateErrors [0] : 0); #pragma warning disable 618 if (ServicePointManager.CertificatePolicy != null) { ServicePoint sp = _request.ServicePoint; bool res = true;// ServicePointManager.CertificatePolicy.CheckValidationResult (sp, certificate, _request, _status); if (!res) { return(false); } failed = true; } #pragma warning restore 618 if (HaveRemoteValidation2Callback) { return(failed); // The validation already tried the 2.0 callback } SNS.RemoteCertificateValidationCallback cb = ServicePointManager.ServerCertificateValidationCallback; if (cb != null) { SNS.SslPolicyErrors ssl_errors = 0; foreach (int i in certificateErrors) { if (i == (int)-2146762490) // TODO: is this what happens when the purpose is wrong? { ssl_errors |= SNS.SslPolicyErrors.RemoteCertificateNotAvailable; } else if (i == (int)-2146762481) { ssl_errors |= SNS.SslPolicyErrors.RemoteCertificateNameMismatch; } else { ssl_errors |= SNS.SslPolicyErrors.RemoteCertificateChainErrors; } } SNCX.X509Certificate2 cert2 = new SNCX.X509Certificate2(certificate.GetRawCertData()); SNCX.X509Chain chain = new SNCX.X509Chain(); if (!chain.Build(cert2)) { ssl_errors |= SNS.SslPolicyErrors.RemoteCertificateChainErrors; } return(cb(_request, cert2, chain, ssl_errors)); } return(failed); }
private void SendCertificates() { TlsStream chain = new TlsStream(); X509CertificateMono currentCert = this.ClientCertificate; while (currentCert != null) { byte[] rawCert = currentCert.GetRawCertData(); chain.WriteInt24(rawCert.Length); chain.Write(rawCert); currentCert = FindParentCertificate(currentCert); } this.WriteInt24((int)chain.Length); this.Write(chain.ToArray()); }