private unsafe void InitializeSslContext( SafeSslHandle handle, SafeFreeSslCredentials credential, SslAuthenticationOptions authOptions) { switch (credential.Policy) { case EncryptionPolicy.RequireEncryption: #pragma warning disable SYSLIB0040 // NoEncryption and AllowNoEncryption are obsolete case EncryptionPolicy.AllowNoEncryption: break; #pragma warning restore SYSLIB0040 default: throw new PlatformNotSupportedException(SR.Format(SR.net_encryptionpolicy_notsupported, credential.Policy)); } bool isServer = authOptions.IsServer; if (authOptions.CipherSuitesPolicy != null) { // TODO: [AndroidCrypto] Handle non-system-default options throw new NotImplementedException(nameof(SafeDeleteSslContext)); } // Make sure the class instance is associated to the session and is provided // in the Read/Write callback connection parameter IntPtr managedContextHandle = GCHandle.ToIntPtr(GCHandle.Alloc(this, GCHandleType.Weak)); Interop.AndroidCrypto.SSLStreamInitialize(handle, isServer, managedContextHandle, &ReadFromConnection, &WriteToConnection, InitialBufferSize); if (credential.Protocols != SslProtocols.None) { SslProtocols protocolsToEnable = credential.Protocols & s_supportedSslProtocols.Value; if (protocolsToEnable == 0) { throw new PlatformNotSupportedException(SR.Format(SR.net_security_sslprotocol_notsupported, credential.Protocols)); } (int minIndex, int maxIndex) = protocolsToEnable.ValidateContiguous(s_orderedSslProtocols); Interop.AndroidCrypto.SSLStreamSetEnabledProtocols(handle, s_orderedSslProtocols.AsSpan(minIndex, maxIndex - minIndex + 1)); } if (authOptions.ApplicationProtocols != null && authOptions.ApplicationProtocols.Count != 0 && Interop.AndroidCrypto.SSLSupportsApplicationProtocolsConfiguration()) { // Set application protocols if the platform supports it. Otherwise, we will silently ignore the option. Interop.AndroidCrypto.SSLStreamSetApplicationProtocols(handle, authOptions.ApplicationProtocols); } if (isServer && authOptions.RemoteCertRequired) { Interop.AndroidCrypto.SSLStreamRequestClientAuthentication(handle); } if (!isServer && !string.IsNullOrEmpty(authOptions.TargetHost)) { Interop.AndroidCrypto.SSLStreamSetTargetHost(handle, authOptions.TargetHost); } }
private static void InitializeSslContext( SafeSslHandle handle, Interop.AndroidCrypto.SSLReadCallback readCallback, Interop.AndroidCrypto.SSLWriteCallback writeCallback, SafeFreeSslCredentials credential, SslAuthenticationOptions authOptions) { switch (credential.Policy) { case EncryptionPolicy.RequireEncryption: case EncryptionPolicy.AllowNoEncryption: break; default: throw new PlatformNotSupportedException(SR.Format(SR.net_encryptionpolicy_notsupported, credential.Policy)); } bool isServer = authOptions.IsServer; if (authOptions.CipherSuitesPolicy != null) { // TODO: [AndroidCrypto] Handle non-system-default options throw new NotImplementedException(nameof(SafeDeleteSslContext)); } Interop.AndroidCrypto.SSLStreamInitialize(handle, isServer, readCallback, writeCallback, InitialBufferSize); if (credential.Protocols != SslProtocols.None) { ; SslProtocols protocolsToEnable = credential.Protocols & s_supportedSslProtocols.Value; if (protocolsToEnable == 0) { throw new PlatformNotSupportedException(SR.Format(SR.net_security_sslprotocol_notsupported, credential.Protocols)); } (int minIndex, int maxIndex) = protocolsToEnable.ValidateContiguous(s_orderedSslProtocols); Interop.AndroidCrypto.SSLStreamSetEnabledProtocols(handle, s_orderedSslProtocols.AsSpan(minIndex, maxIndex - minIndex + 1)); } if (authOptions.ApplicationProtocols != null && authOptions.ApplicationProtocols.Count != 0 && Interop.AndroidCrypto.SSLSupportsApplicationProtocolsConfiguration()) { // Set application protocols if the platform supports it. Otherwise, we will silently ignore the option. Interop.AndroidCrypto.SSLStreamSetApplicationProtocols(handle, authOptions.ApplicationProtocols); } if (isServer && authOptions.RemoteCertRequired) { Interop.AndroidCrypto.SSLStreamRequestClientAuthentication(handle); } if (!isServer && !string.IsNullOrEmpty(authOptions.TargetHost)) { Interop.AndroidCrypto.SSLStreamSetTargetHost(handle, authOptions.TargetHost); } }
private static void SetProtocols(SafeSslHandle sslContext, SslProtocols protocols) { (int minIndex, int maxIndex) = protocols.ValidateContiguous(s_orderedSslProtocols); SslProtocols minProtocolId = s_orderedSslProtocols[minIndex]; SslProtocols maxProtocolId = s_orderedSslProtocols[maxIndex]; // Set the min and max. Interop.AppleCrypto.SslSetMinProtocolVersion(sslContext, minProtocolId); Interop.AppleCrypto.SslSetMaxProtocolVersion(sslContext, maxProtocolId); }