1 /* Transport Security Layer (TLS)
2 * Copyright (c) 2003-2004 Carlos Guzman Alvarez
4 * Permission is hereby granted, free of charge, to any person
5 * obtaining a copy of this software and associated documentation
6 * files (the "Software"), to deal in the Software without restriction,
7 * including without limitation the rights to use, copy, modify, merge,
8 * publish, distribute, sublicense, and/or sell copies of the Software,
9 * and to permit persons to whom the Software is furnished to do so,
10 * subject to the following conditions:
12 * The above copyright notice and this permission notice shall be included
13 * in all copies or substantial portions of the Software.
15 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
16 * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
17 * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
18 * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
19 * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
20 * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
21 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
22 * DEALINGS IN THE SOFTWARE.
26 using System.Security.Cryptography.X509Certificates;
28 using Mono.Security.Protocol.Tls;
30 namespace Mono.Security.Protocol.Tls.Handshake.Client
32 internal class TlsClientCertificate : HandshakeMessage
36 public TlsClientCertificate(Context context)
37 : base(context, HandshakeType.Certificate)
45 public override void Update()
53 #region Protected Methods
55 protected override void ProcessAsSsl3()
60 protected override void ProcessAsTls1()
62 #warning "Client certificate selection is unfinished"
63 ClientContext context = (ClientContext)this.Context;
65 if (context.ClientSettings.Certificates == null ||
66 context.ClientSettings.Certificates.Count == 0)
68 throw this.Context.CreateException("Client certificate requested by the server and no client certificate specified.");
71 // Select a valid certificate
72 X509Certificate clientCert = this.Context.ClientSettings.Certificates[0];
74 clientCert = context.SslStream.RaiseClientCertificateSelection(
75 this.Context.ClientSettings.Certificates,
76 new X509Certificate(this.Context.ServerSettings.Certificates[0].RawData),
77 this.Context.ClientSettings.TargetHost,
80 if (clientCert == null)
82 throw this.Context.CreateException("Client certificate requested by the server and no client certificate specified.");
85 // Update the selected client certificate
86 context.ClientSettings.ClientCertificate = clientCert;
88 // Write client certificates information to a stream
89 TlsStream stream = new TlsStream();
91 stream.WriteInt24(clientCert.GetRawCertData().Length);
92 stream.Write(clientCert.GetRawCertData());
94 // Compose the message
95 this.WriteInt24((int)stream.Length);
96 this.Write(stream.ToArray());