GetClientCertificateType() static private method

static private GetClientCertificateType ( Certificate clientCertificate, Certificate serverCertificate ) : short
clientCertificate Certificate
serverCertificate Certificate
return short
        protected virtual void NotifyClientCertificate(ServerHandshakeState state, Certificate clientCertificate)
        {
            if (state.certificateRequest == null)
            {
                throw new InvalidOperationException();
            }

            if (state.clientCertificate != null)
            {
                throw new TlsFatalAlert(AlertDescription.unexpected_message);
            }

            state.clientCertificate = clientCertificate;

            if (clientCertificate.IsEmpty)
            {
                state.keyExchange.SkipClientCredentials();
            }
            else
            {
                /*
                 * TODO RFC 5246 7.4.6. If the certificate_authorities list in the certificate request
                 * message was non-empty, one of the certificates in the certificate chain SHOULD be
                 * issued by one of the listed CAs.
                 */

                state.clientCertificateType = TlsUtilities.GetClientCertificateType(clientCertificate,
                                                                                    state.serverCredentials.Certificate);

                state.keyExchange.ProcessClientCertificate(clientCertificate);
            }

            /*
             * RFC 5246 7.4.6. If the client does not send any certificates, the server MAY at its
             * discretion either continue the handshake without client authentication, or respond with a
             * fatal handshake_failure alert. Also, if some aspect of the certificate chain was
             * unacceptable (e.g., it was not signed by a known, trusted CA), the server MAY at its
             * discretion either continue the handshake (considering the client unauthenticated) or send
             * a fatal alert.
             */
            state.server.NotifyClientCertificate(clientCertificate);
        }
示例#2
0
 protected virtual void NotifyClientCertificate(DtlsServerProtocol.ServerHandshakeState state, Certificate clientCertificate)
 {
     if (state.certificateRequest == null)
     {
         throw new InvalidOperationException();
     }
     if (state.clientCertificate != null)
     {
         throw new TlsFatalAlert(10);
     }
     state.clientCertificate = clientCertificate;
     if (clientCertificate.IsEmpty)
     {
         state.keyExchange.SkipClientCredentials();
     }
     else
     {
         state.clientCertificateType = TlsUtilities.GetClientCertificateType(clientCertificate, state.serverCredentials.Certificate);
         state.keyExchange.ProcessClientCertificate(clientCertificate);
     }
     state.server.NotifyClientCertificate(clientCertificate);
 }
示例#3
0
 protected virtual void NotifyClientCertificate(Certificate clientCertificate)
 {
     if (this.mCertificateRequest == null)
     {
         throw new InvalidOperationException();
     }
     if (this.mPeerCertificate != null)
     {
         throw new TlsFatalAlert(10);
     }
     this.mPeerCertificate = clientCertificate;
     if (clientCertificate.IsEmpty)
     {
         this.mKeyExchange.SkipClientCredentials();
     }
     else
     {
         this.mClientCertificateType = TlsUtilities.GetClientCertificateType(clientCertificate, this.mServerCredentials.Certificate);
         this.mKeyExchange.ProcessClientCertificate(clientCertificate);
     }
     this.mTlsServer.NotifyClientCertificate(clientCertificate);
 }
 protected virtual void NotifyClientCertificate(ServerHandshakeState state, Certificate clientCertificate)
 {
     //IL_0008: Unknown result type (might be due to invalid IL or missing references)
     if (state.certificateRequest == null)
     {
         throw new InvalidOperationException();
     }
     if (state.clientCertificate != null)
     {
         throw new TlsFatalAlert(10);
     }
     state.clientCertificate = clientCertificate;
     if (clientCertificate.IsEmpty)
     {
         state.keyExchange.SkipClientCredentials();
     }
     else
     {
         state.clientCertificateType = TlsUtilities.GetClientCertificateType(clientCertificate, state.serverCredentials.Certificate);
         state.keyExchange.ProcessClientCertificate(clientCertificate);
     }
     state.server.NotifyClientCertificate(clientCertificate);
 }