internal static void CheckClientCertificate(TlsContext context, MX.X509CertificateCollection certificates) { if (context.SettingsProvider.HasClientCertificateParameters) { var certParams = context.SettingsProvider.ClientCertificateParameters; if (certParams.CertificateAuthorities.Count > 0) { if (!certParams.CertificateAuthorities.Contains(certificates [0].IssuerName)) { throw new TlsException(AlertDescription.BadCertificate); } } } var helper = CertificateValidationHelper.GetValidator(context.Configuration.TlsSettings); X509Certificate2Collection scerts = null; if (certificates != null) { scerts = new X509Certificate2Collection(); for (int i = 0; i < certificates.Count; i++) { scerts.Add(new X509Certificate2(certificates [i].RawData)); } } var result = helper.ValidateClientCertificate(scerts); if (result == null || !result.Trusted || result.UserDenied) { throw new TlsException(AlertDescription.CertificateUnknown); } }
internal static void CheckRemoteCertificate(TlsConfiguration config, MX.X509CertificateCollection certificates) { if (certificates == null || certificates.Count < 1) { throw new TlsException(AlertDescription.CertificateUnknown); } var helper = CertificateValidationHelper.GetValidator(config.TlsSettings); X509Certificate2Collection scerts = null; if (certificates != null) { scerts = new X509Certificate2Collection(); for (int i = 0; i < certificates.Count; i++) { scerts.Add(new X509Certificate2(certificates [i].RawData)); } } var result = helper.ValidateChain(config.TargetHost, scerts); if (result != null && result.Trusted && !result.UserDenied) { return; } // FIXME: check other values to report correct error type. throw new TlsException(AlertDescription.CertificateUnknown); }
ICertificateValidator GetValidator(TestContext ctx) { MonoTlsSettings settings = null; if (Parameters.UseTestRunnerCallback) { settings = MonoTlsSettings.CopyDefaultSettings(); settings.CallbackNeedsCertificateChain = true; settings.UseServicePointManagerCallback = false; settings.RemoteCertificateValidationCallback = (t, c, ch, e) => ValidationCallback(ctx, t, c, ch, e); } return(CertificateValidationHelper.GetValidator(settings)); }
public ICertificateValidator GetCertificateValidator(MonoTlsSettings settings) { #if !__MOBILE__ var type = typeof(CertificateValidationHelper); var getValidator = type.GetMethod("GetValidator", new Type[] { typeof(MonoTlsSettings) }); if (getValidator != null) { return((ICertificateValidator)getValidator.Invoke(null, new object[] { settings })); } getValidator = type.GetMethod("GetValidator", new Type[] { typeof(MonoTlsSettings), typeof(MonoTlsProvider) }); return((ICertificateValidator)getValidator.Invoke(null, new object[] { settings, null })); #else return(CertificateValidationHelper.GetValidator(settings)); #endif }