static void AddMachineStore(MonoBtlsX509Store store) { var machinePath = MonoBtlsX509StoreManager.GetStorePath(MonoBtlsX509StoreType.MachineTrustedRoots); if (Directory.Exists(machinePath)) { store.AddDirectoryLookup(machinePath, MonoBtlsX509FileType.PEM); } }
static void AddUserStore(MonoBtlsX509Store store) { var userPath = MonoBtlsX509StoreManager.GetStorePath(MonoBtlsX509StoreType.UserTrustedRoots); if (Directory.Exists(userPath)) { store.AddDirectoryLookup(userPath, MonoBtlsX509FileType.PEM); } }
public void Initialize(MonoBtlsX509Store store, MonoBtlsX509Chain chain) { var ret = mono_btls_x509_store_ctx_init( Handle.DangerousGetHandle(), store.Handle.DangerousGetHandle(), chain.Handle.DangerousGetHandle()); CheckError(ret); }
static void AddTrustedRoots(MonoBtlsX509Store store, MonoTlsSettings settings, bool server) { if (settings?.TrustAnchors == null) { return; } var trust = server ? MonoBtlsX509TrustKind.TRUST_CLIENT : MonoBtlsX509TrustKind.TRUST_SERVER; store.AddCollection(settings.TrustAnchors, trust); }
protected override void Close () { if (store != null) { store.Dispose (); store = null; } if (instance.IsAllocated) instance.Free (); base.Close (); }
static void SetupDefaultCertificateStore(MonoBtlsX509Store store) { #if MONODROID store.SetDefaultPaths(); store.AddAndroidLookup(); #else AddUserStore(store); AddMachineStore(store); #endif }
static BoringX509LookupHandle Create_internal(MonoBtlsX509Store store, MonoBtlsX509LookupType type) { var handle = mono_btls_x509_lookup_new( store.Handle.DangerousGetHandle(), type); if (handle == IntPtr.Zero) { throw new MonoBtlsException(); } return(new BoringX509LookupHandle(handle)); }
internal MonoBtlsSslCtx(BoringSslCtxHandle handle) : base(handle) { instance = GCHandle.Alloc(this); instancePtr = GCHandle.ToIntPtr(instance); mono_btls_ssl_ctx_initialize( handle.DangerousGetHandle(), instancePtr); verifyFunc = NativeVerifyCallback; selectFunc = NativeSelectCallback; verifyFuncPtr = Marshal.GetFunctionPointerForDelegate(verifyFunc); selectFuncPtr = Marshal.GetFunctionPointerForDelegate(selectFunc); store = new MonoBtlsX509Store(Handle); }
internal static bool ValidateCertificate(MonoBtlsX509Chain chain, MonoBtlsX509VerifyParam param) { using (var store = new MonoBtlsX509Store()) using (var storeCtx = new MonoBtlsX509StoreCtx()) { SetupCertificateStore(store); storeCtx.Initialize(store, chain); if (param != null) { storeCtx.SetVerifyParam(param); } var ret = storeCtx.Verify(); return(ret == 1); } }
internal static void SetupCertificateStore(MonoBtlsX509Store store) { #if MONODROID store.SetDefaultPaths(); store.AddAndroidLookup(); #else var userPath = MonoBtlsX509StoreManager.GetStorePath(MonoBtlsX509StoreType.UserTrustedRoots); if (Directory.Exists(userPath)) { store.AddDirectoryLookup(userPath, MonoBtlsX509FileType.PEM); } var machinePath = MonoBtlsX509StoreManager.GetStorePath(MonoBtlsX509StoreType.MachineTrustedRoots); if (Directory.Exists(machinePath)) { store.AddDirectoryLookup(machinePath, MonoBtlsX509FileType.PEM); } #endif }
internal override bool ValidateCertificate( ICertificateValidator2 validator, string targetHost, bool serverMode, X509CertificateCollection certificates, bool wantsChain, ref X509Chain chain, ref MonoSslPolicyErrors errors, ref int status11) { if (chain != null) { var chainImpl = (X509ChainImplBtls)chain.Impl; var success = chainImpl.StoreCtx.VerifyResult == 1; CheckValidationResult( validator, targetHost, serverMode, certificates, wantsChain, chain, chainImpl.StoreCtx, success, ref errors, ref status11); return(success); } using (var store = new MonoBtlsX509Store()) using (var nativeChain = MonoBtlsProvider.GetNativeChain(certificates)) using (var param = GetVerifyParam(validator.Settings, targetHost, serverMode)) using (var storeCtx = new MonoBtlsX509StoreCtx()) { SetupCertificateStore(store, validator.Settings, serverMode); storeCtx.Initialize(store, nativeChain); storeCtx.SetVerifyParam(param); var ret = storeCtx.Verify(); var success = ret == 1; if (wantsChain && chain == null) { chain = GetManagedChain(nativeChain); } CheckValidationResult( validator, targetHost, serverMode, certificates, wantsChain, null, storeCtx, success, ref errors, ref status11); return(success); } }
internal static bool ValidateCertificate(MonoBtlsX509Chain chain, MonoBtlsX509VerifyParam param) { using (var store = new MonoBtlsX509Store()) using (var storeCtx = new MonoBtlsX509StoreCtx()) { /* * We're called from X509Certificate2.Verify() via X509CertificateImplBtls.Verify(). * * Use the default settings and assume client-mode. */ SetupCertificateStore(store, MonoTlsSettings.DefaultSettings, false); storeCtx.Initialize(store, chain); if (param != null) { storeCtx.SetVerifyParam(param); } var ret = storeCtx.Verify(); return(ret == 1); } }
internal override bool ValidateCertificate ( ICertificateValidator2 validator, string targetHost, bool serverMode, X509CertificateCollection certificates, bool wantsChain, ref X509Chain chain, ref MonoSslPolicyErrors errors, ref int status11) { if (chain != null) { var chainImpl = (X509ChainImplBtls)chain.Impl; var success = chainImpl.StoreCtx.VerifyResult == 1; CheckValidationResult ( validator, targetHost, serverMode, certificates, wantsChain, chain, chainImpl.StoreCtx, success, ref errors, ref status11); return success; } using (var store = new MonoBtlsX509Store ()) using (var nativeChain = MonoBtlsProvider.GetNativeChain (certificates)) using (var param = GetVerifyParam (targetHost, serverMode)) using (var storeCtx = new MonoBtlsX509StoreCtx ()) { SetupCertificateStore (store); storeCtx.Initialize (store, nativeChain); storeCtx.SetVerifyParam (param); var ret = storeCtx.Verify (); var success = ret == 1; if (wantsChain && chain == null) { chain = GetManagedChain (nativeChain); } CheckValidationResult ( validator, targetHost, serverMode, certificates, wantsChain, null, storeCtx, success, ref errors, ref status11); return success; } }
static void AddUserStore(MonoBtlsX509Store store) { store.AddWinCryptoLookup(StoreLocation.CurrentUser); }
static void AddMachineStore(MonoBtlsX509Store store) { store.AddWinCryptoLookup(StoreLocation.LocalMachine); }
internal MonoBtlsX509Lookup (MonoBtlsX509Store store, MonoBtlsX509LookupType type) : base (Create_internal (store, type)) { this.type = type; }
static BoringX509LookupHandle Create_internal (MonoBtlsX509Store store, MonoBtlsX509LookupType type) { var handle = mono_btls_x509_lookup_new ( store.Handle.DangerousGetHandle (), type); if (handle == IntPtr.Zero) throw new MonoBtlsException (); return new BoringX509LookupHandle (handle); }
internal static void SetupCertificateStore(MonoBtlsX509Store store, MonoTlsSettings settings, bool server) { /* * In server-mode, we only add certificates which are explicitly trusted via * MonoTlsSettings.TrustAnchors. * * MonoTlsSettings.CertificateSearchPaths is ignored on Android. * */ #if MONODROID AddTrustedRoots(store, settings, server); if (!server) { SetupDefaultCertificateStore(store); } return; #else if (server || settings?.CertificateSearchPaths == null) { AddTrustedRoots(store, settings, server); if (!server) { SetupDefaultCertificateStore(store); } return; } foreach (var path in settings.CertificateSearchPaths) { switch (path) { case "@default": AddTrustedRoots(store, settings, server); AddUserStore(store); AddMachineStore(store); break; case "@trusted": AddTrustedRoots(store, settings, server); break; case "@user": AddUserStore(store); break; case "@machine": AddMachineStore(store); break; default: if (path.StartsWith("@pem:")) { var realPath = path.Substring(5); if (Directory.Exists(realPath)) { store.AddDirectoryLookup(realPath, MonoBtlsX509FileType.PEM); } break; } else if (path.StartsWith("@der:")) { var realPath = path.Substring(5); if (Directory.Exists(realPath)) { store.AddDirectoryLookup(realPath, MonoBtlsX509FileType.ASN1); } break; } throw new NotSupportedException(string.Format("Invalid item `{0}' in MonoTlsSettings.CertificateSearchPaths.", path)); } } #endif }
internal static void SetupCertificateStore (MonoBtlsX509Store store) { #if MONODROID store.SetDefaultPaths (); store.AddAndroidLookup (); #else var userPath = MonoBtlsX509StoreManager.GetStorePath (MonoBtlsX509StoreType.UserTrustedRoots); if (Directory.Exists (userPath)) store.AddDirectoryLookup (userPath, MonoBtlsX509FileType.PEM); var machinePath = MonoBtlsX509StoreManager.GetStorePath (MonoBtlsX509StoreType.MachineTrustedRoots); if (Directory.Exists (machinePath)) store.AddDirectoryLookup (machinePath, MonoBtlsX509FileType.PEM); #endif }
internal static bool ValidateCertificate (MonoBtlsX509Chain chain, MonoBtlsX509VerifyParam param) { using (var store = new MonoBtlsX509Store ()) using (var storeCtx = new MonoBtlsX509StoreCtx ()) { SetupCertificateStore (store); storeCtx.Initialize (store, chain); if (param != null) storeCtx.SetVerifyParam (param); var ret = storeCtx.Verify (); return ret == 1; } }
public void Initialize (MonoBtlsX509Store store, MonoBtlsX509Chain chain) { var ret = mono_btls_x509_store_ctx_init ( Handle.DangerousGetHandle (), store.Handle.DangerousGetHandle (), chain.Handle.DangerousGetHandle ()); CheckError (ret); }
internal MonoBtlsSslCtx (BoringSslCtxHandle handle) : base (handle) { instance = GCHandle.Alloc (this); instancePtr = GCHandle.ToIntPtr (instance); mono_btls_ssl_ctx_initialize ( handle.DangerousGetHandle (), instancePtr); verifyFunc = NativeVerifyCallback; selectFunc = NativeSelectCallback; verifyFuncPtr = Marshal.GetFunctionPointerForDelegate (verifyFunc); selectFuncPtr = Marshal.GetFunctionPointerForDelegate (selectFunc); store = new MonoBtlsX509Store (Handle); }
internal MonoBtlsX509Lookup(MonoBtlsX509Store store, MonoBtlsX509LookupType type) : base(Create_internal(store, type)) { this.store = store; this.type = type; }
internal static void SetupCertificateStore(MonoBtlsX509Store store, MonoTlsSettings settings, bool server) { AddTrustedRoots(store, settings, server); SetupCertificateStore(store); }
internal static void SetupCertificateStore(MonoBtlsX509Store store, MonoTlsSettings settings, bool server) { if (settings?.CertificateSearchPaths == null) { AddTrustedRoots(store, settings, server); } #if MONODROID SetupCertificateStore(store); return; #else if (settings?.CertificateSearchPaths == null) { SetupCertificateStore(store); return; } foreach (var path in settings.CertificateSearchPaths) { if (string.Equals(path, "@default", StringComparison.Ordinal)) { AddTrustedRoots(store, settings, server); AddUserStore(store); AddMachineStore(store); } else if (string.Equals(path, "@user", StringComparison.Ordinal)) { AddUserStore(store); } else if (string.Equals(path, "@machine", StringComparison.Ordinal)) { AddMachineStore(store); } else if (string.Equals(path, "@trusted", StringComparison.Ordinal)) { AddTrustedRoots(store, settings, server); } else if (path.StartsWith("@pem:", StringComparison.Ordinal)) { var realPath = path.Substring(5); if (Directory.Exists(realPath)) { store.AddDirectoryLookup(realPath, MonoBtlsX509FileType.PEM); } } else if (path.StartsWith("@der:", StringComparison.Ordinal)) { var realPath = path.Substring(5); if (Directory.Exists(realPath)) { store.AddDirectoryLookup(realPath, MonoBtlsX509FileType.ASN1); } } else { if (Directory.Exists(path)) { store.AddDirectoryLookup(path, MonoBtlsX509FileType.PEM); } } } #endif }