public SecTrust(SecCertificate certificate, SecPolicy policy)
{
if (certificate == null)
throw new ArgumentNullException ("certificate");
Initialize (certificate.Handle, policy);
}
void Initialize(IntPtr certHandle, SecPolicy policy)
{
SecStatusCode result = SecTrustCreateWithCertificates(certHandle, policy == null ? IntPtr.Zero : policy.Handle, out handle);
if (result != SecStatusCode.Success)
{
throw new ArgumentException(result.ToString());
}
}
public void SetPolicy(SecPolicy policy)
{
if (policy == null)
{
throw new ArgumentNullException("policy");
}
SetPolicies(policy.Handle);
}
public SecTrust(SecCertificate certificate, SecPolicy policy)
{
if (certificate == null)
{
throw new ArgumentNullException("certificate");
}
Initialize(certificate.Handle, policy);
}
public SecTrust(X509Certificate2 certificate, SecPolicy policy)
{
if (certificate == null)
{
throw new ArgumentNullException("certificate");
}
using (SecCertificate cert = new SecCertificate(certificate)) {
Initialize(cert.Handle, policy);
}
}
static public SecPolicy CreateSslPolicy(bool server, string hostName)
{
NSString host = hostName == null ? null : new NSString(hostName);
IntPtr handle = host == null ? IntPtr.Zero : host.Handle;
SecPolicy policy = new SecPolicy(SecPolicyCreateSSL(server, handle), true);
if (host != null)
{
host.Dispose();
}
return(policy);
}
public SecTrust(X509CertificateCollection certificates, SecPolicy policy)
{
if (certificates == null)
{
throw new ArgumentNullException("certificates");
}
SecCertificate[] array = new SecCertificate [certificates.Count];
int i = 0;
foreach (var certificate in certificates)
{
array [i++] = new SecCertificate(certificate);
}
Initialize(array, policy);
}
//
// EXPERIMENTAL
// Needs some more testing before we can make this public.
// AppleTls does not actually use this API, so it may be removed again.
//
internal NSData GetPublicKey()
{
if (handle == IntPtr.Zero)
{
throw new ObjectDisposedException("SecCertificate");
}
var policy = SecPolicy.CreateBasicX509Policy();
var trust = new SecTrust(this, policy);
trust.Evaluate();
SecStatusCode status;
using (var key = trust.GetPublicKey())
using (var query = new SecRecord(SecKind.Key)) {
query.SetValueRef(key);
status = SecKeyChain.Add(query);
if (status != SecStatusCode.Success && status != SecStatusCode.DuplicateItem)
{
throw new InvalidOperationException(status.ToString());
}
bool added = status == SecStatusCode.Success;
try {
var data = SecKeyChain.QueryAsData(query, false, out status);
if (status != SecStatusCode.Success)
{
throw new InvalidOperationException(status.ToString());
}
return(data);
} finally {
if (added)
{
status = SecKeyChain.Remove(query);
if (status != SecStatusCode.Success)
{
throw new InvalidOperationException(status.ToString());
}
}
}
}
}
void Initialize(SecCertificate[] array, SecPolicy policy)
{
using (var certs = CFArray.FromNativeObjects(array)) {
Initialize(certs.Handle, policy);
}
}
public static SecPolicy CreateSslPolicy(bool server, string hostName)
{
NSString host = hostName == null ? null : new NSString (hostName);
IntPtr handle = host == null ? IntPtr.Zero : host.Handle;
SecPolicy policy = new SecPolicy (SecPolicyCreateSSL (server, handle), true);
if (host != null)
host.Dispose ();
return policy;
}
public SecTrust(X509Certificate2Collection certificates, SecPolicy policy)
{
if (certificates == null)
throw new ArgumentNullException ("certificates");
SecCertificate[] array = new SecCertificate [certificates.Count];
int i = 0;
foreach (var certificate in certificates)
array [i++] = new SecCertificate (certificate);
Initialize (array, policy);
}
public SecTrust(X509Certificate2 certificate, SecPolicy policy)
{
if (certificate == null)
throw new ArgumentNullException ("certificate");
using (SecCertificate cert = new SecCertificate (certificate)) {
Initialize (cert.Handle, policy);
}
}
void Initialize(IntPtr certHandle, SecPolicy policy)
{
SecStatusCode result = SecTrustCreateWithCertificates (certHandle, policy == null ? IntPtr.Zero : policy.Handle, out handle);
if (result != SecStatusCode.Success)
throw new ArgumentException (result.ToString ());
}
void Initialize(SecCertificate[] array, SecPolicy policy)
{
using (var certs = CFArray.FromNativeObjects (array)) {
Initialize (certs.Handle, policy);
}
}
public void SetPolicy(SecPolicy policy)
{
if (policy == null)
throw new ArgumentNullException ("policy");
SetPolicies (policy.Handle);
}