5 // Martin Baulig <martin.baulig@xamarin.com>
7 // Copyright (c) 2015 Xamarin, Inc.
9 // Permission is hereby granted, free of charge, to any person obtaining a copy
10 // of this software and associated documentation files (the "Software"), to deal
11 // in the Software without restriction, including without limitation the rights
12 // to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
13 // copies of the Software, and to permit persons to whom the Software is
14 // furnished to do so, subject to the following conditions:
16 // The above copyright notice and this permission notice shall be included in
17 // all copies or substantial portions of the Software.
19 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
20 // IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
21 // FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
22 // AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
23 // LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
24 // OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
27 using System.Threading;
28 using System.Security.Cryptography.X509Certificates;
30 namespace Mono.Security.Interface
32 public sealed class MonoTlsSettings
34 public MonoRemoteCertificateValidationCallback RemoteCertificateValidationCallback {
38 public MonoLocalCertificateSelectionCallback ClientCertificateSelectionCallback {
42 public bool CheckCertificateName {
43 get { return checkCertName; }
44 set { checkCertName = value; }
47 public bool CheckCertificateRevocationStatus {
48 get { return checkCertRevocationStatus; }
49 set { checkCertRevocationStatus = value; }
52 public bool? UseServicePointManagerCallback {
53 get { return useServicePointManagerCallback; }
54 set { useServicePointManagerCallback = value; }
57 public bool SkipSystemValidators {
58 get { return skipSystemValidators; }
59 set { skipSystemValidators = value; }
62 public bool CallbackNeedsCertificateChain {
63 get { return callbackNeedsChain; }
64 set { callbackNeedsChain = value; }
68 * This is only supported if CertificateValidationHelper.SupportsTrustAnchors is true.
70 public X509CertificateCollection TrustAnchors {
74 public object UserSettings {
79 * If you set this here, then it will override 'ServicePointManager.SecurityProtocol'.
81 public TlsProtocols? EnabledProtocols {
85 [CLSCompliant (false)]
86 public CipherSuiteCode[] EnabledCiphers {
91 bool checkCertName = true;
92 bool checkCertRevocationStatus = false;
93 bool? useServicePointManagerCallback = null;
94 bool skipSystemValidators = false;
95 bool callbackNeedsChain = true;
96 ICertificateValidator certificateValidator;
98 public MonoTlsSettings ()
102 static MonoTlsSettings defaultSettings;
104 public static MonoTlsSettings DefaultSettings {
106 if (defaultSettings == null)
107 Interlocked.CompareExchange (ref defaultSettings, new MonoTlsSettings (), null);
108 return defaultSettings;
111 defaultSettings = value ?? new MonoTlsSettings ();
115 public static MonoTlsSettings CopyDefaultSettings ()
117 return DefaultSettings.Clone ();
123 * Private APIs - do not use!
125 * This is only public to avoid making our internals visible to System.dll.
129 [Obsolete ("Do not use outside System.dll!")]
130 public ICertificateValidator CertificateValidator {
131 get { return certificateValidator; }
134 [Obsolete ("Do not use outside System.dll!")]
135 public MonoTlsSettings CloneWithValidator (ICertificateValidator validator)
138 this.certificateValidator = validator;
142 var copy = new MonoTlsSettings (this);
143 copy.certificateValidator = validator;
147 public MonoTlsSettings Clone ()
149 return new MonoTlsSettings (this);
152 MonoTlsSettings (MonoTlsSettings other)
154 RemoteCertificateValidationCallback = other.RemoteCertificateValidationCallback;
155 ClientCertificateSelectionCallback = other.ClientCertificateSelectionCallback;
156 checkCertName = other.checkCertName;
157 checkCertRevocationStatus = other.checkCertRevocationStatus;
158 UseServicePointManagerCallback = other.useServicePointManagerCallback;
159 skipSystemValidators = other.skipSystemValidators;
160 callbackNeedsChain = other.callbackNeedsChain;
161 UserSettings = other.UserSettings;
162 EnabledProtocols = other.EnabledProtocols;
163 EnabledCiphers = other.EnabledCiphers;
164 TrustAnchors = other.TrustAnchors;