public override MSI.IMonoTlsContext CreateTlsContext(
string hostname, bool serverMode, MSI.TlsProtocols protocolFlags,
SSCX.X509Certificate serverCertificate, PSSCX.X509CertificateCollection clientCertificates,
bool remoteCertRequired, MSI.MonoEncryptionPolicy encryptionPolicy,
MSI.MonoTlsSettings settings)
{
TlsConfiguration config;
if (serverMode)
{
var cert = (PSSCX.X509Certificate2)serverCertificate;
var monoCert = new MX.X509Certificate(cert.RawData);
config = new TlsConfiguration((TlsProtocols)protocolFlags, (MSI.MonoTlsSettings)settings, monoCert, cert.PrivateKey);
if (remoteCertRequired)
{
config.AskForClientCertificate = true;
}
}
else
{
config = new TlsConfiguration((TlsProtocols)protocolFlags, (MSI.MonoTlsSettings)settings, hostname);
}
return(new TlsContextWrapper(config, serverMode));
}
public SSCX.X509Certificate GetRemoteCertificate(out PSSCX.X509CertificateCollection remoteCertificateStore)
{
MX.X509CertificateCollection monoCollection;
var remoteCert = Context.GetRemoteCertificate(out monoCollection);
if (remoteCert == null)
{
remoteCertificateStore = null;
return(null);
}
remoteCertificateStore = new PSSCX.X509CertificateCollection();
foreach (var cert in monoCollection)
{
remoteCertificateStore.Add(new PSSCX.X509Certificate2(cert.RawData));
}
return(new PSSCX.X509Certificate2(remoteCert.RawData));
}
public static MonoNewTlsStream CreateClient(
Stream innerStream, bool leaveOpen, MonoTlsProvider provider, MonoTlsSettings settings,
string targetHost, PSSCX.X509CertificateCollection clientCertificates, SslProtocols enabledSslProtocols, bool checkCertificateRevocation)
{
var stream = new MonoNewTlsStream(innerStream, leaveOpen, provider, settings);
try {
stream.AuthenticateAsClient(targetHost, clientCertificates, enabledSslProtocols, checkCertificateRevocation);
} catch (Exception ex) {
var tlsEx = stream.LastError;
if (tlsEx != null)
{
throw new AggregateException(ex, tlsEx);
}
throw;
}
return(stream);
}
public override IMonoTlsContext CreateTlsContext(
string hostname, bool serverMode, TlsProtocols protocolFlags,
SSCX.X509Certificate serverCertificate, PSSCX.X509CertificateCollection clientCertificates,
bool remoteCertRequired, bool checkCertName, bool checkCertRevocationStatus,
MonoEncryptionPolicy encryptionPolicy,
MonoRemoteCertificateValidationCallback userCertificateValidationCallback,
MonoLocalCertificateSelectionCallback userCertificateSelectionCallback,
MonoTlsSettings settings)
{
TlsConfiguration config;
if (serverMode)
{
var cert = (PSSCX.X509Certificate2)serverCertificate;
var monoCert = new MX.X509Certificate(cert.RawData);
config = new TlsConfiguration((TlsProtocols)protocolFlags, (TlsSettings)settings, monoCert, cert.PrivateKey);
}
else
{
config = new TlsConfiguration((TlsProtocols)protocolFlags, (TlsSettings)settings, hostname);
#if FIXME
if (certSelectionDelegate != null)
{
config.Client.LocalCertSelectionCallback = (t, l, r, a) => certSelectionDelegate(t, l, r, a);
}
#endif
if (userCertificateValidationCallback != null)
{
config.RemoteCertValidationCallback = (h, c, ch, p) => {
var ssc = new SSCX.X509Certificate(c.RawData);
return(userCertificateValidationCallback(h, ssc, null, (MonoSslPolicyErrors)p));
};
}
}
return(new TlsContextWrapper(config));
}
public static MonoNewTlsStream CreateClient(
Stream innerStream, bool leaveOpen, RemoteCertificateValidationCallback certValidationCallback,
LocalCertificateSelectionCallback certSelectionCallback, XEncryptionPolicy encryptionPolicy, TlsSettings settings,
string targetHost, PSSCX.X509CertificateCollection clientCertificates, SslProtocols enabledSslProtocols, bool checkCertificateRevocation)
{
var stream = new MonoNewTlsStream(
innerStream, leaveOpen,
ConvertCallback(certValidationCallback),
ConvertCallback(certSelectionCallback),
(XEncryptionPolicy)encryptionPolicy,
settings);
try {
stream.AuthenticateAsClient(targetHost, clientCertificates, enabledSslProtocols, checkCertificateRevocation);
} catch (Exception ex) {
var tlsEx = stream.LastError;
if (tlsEx != null)
{
throw new AggregateException(ex, tlsEx);
}
throw;
}
return(stream);
}
public SSCX.X509Certificate GetRemoteCertificate (out PSSCX.X509CertificateCollection remoteCertificateStore)
{
MX.X509CertificateCollection monoCollection;
var remoteCert = Context.GetRemoteCertificate (out monoCollection);
if (remoteCert == null) {
remoteCertificateStore = null;
return null;
}
remoteCertificateStore = new PSSCX.X509CertificateCollection ();
foreach (var cert in monoCollection) {
remoteCertificateStore.Add (new PSSCX.X509Certificate2 (cert.RawData));
}
return new PSSCX.X509Certificate2 (remoteCert.RawData);
}
