2 // Mono-specific additions to Microsoft's SslStream.cs
4 #if MONO_FEATURE_NEW_TLS && SECURITY_DEP
5 #if MONO_SECURITY_ALIAS
6 extern alias MonoSecurity;
7 using MonoSecurity::Mono.Security.Interface;
9 using Mono.Security.Interface;
11 using System.Threading;
12 using System.Security.Cryptography.X509Certificates;
13 using MNS = Mono.Net.Security;
15 namespace System.Net.Security
17 using System.Net.Sockets;
20 partial class SslStream : IMonoTlsEventSink
23 SSPIConfiguration _Configuration;
25 internal SslStream (Stream innerStream, bool leaveInnerStreamOpen, EncryptionPolicy encryptionPolicy, MonoTlsProvider provider, MonoTlsSettings settings)
26 : base (innerStream, leaveInnerStreamOpen)
28 if (encryptionPolicy != EncryptionPolicy.RequireEncryption && encryptionPolicy != EncryptionPolicy.AllowNoEncryption && encryptionPolicy != EncryptionPolicy.NoEncryption)
29 throw new ArgumentException (SR.GetString (SR.net_invalid_enum, "EncryptionPolicy"), "encryptionPolicy");
31 var validationHelper = MNS.ChainValidationHelper.CloneWithCallbackWrapper (provider, ref settings, myUserCertValidationCallbackWrapper);
33 LocalCertSelectionCallback selectionCallback = null;
34 if (validationHelper.HasCertificateSelectionCallback)
35 selectionCallback = validationHelper.SelectClientCertificate;
37 var internalProvider = new MNS.Private.MonoTlsProviderWrapper (provider);
38 _Configuration = new MyConfiguration (internalProvider, settings, this);
39 _SslState = new SslState (innerStream, null, selectionCallback, encryptionPolicy, _Configuration);
43 * Mono-specific version of 'userCertValidationCallbackWrapper'; we're called from ChainValidationHelper.ValidateChain() here.
45 * Since we're built without the PrebuiltSystem alias, we can't use 'SslPolicyErrors' here. This prevents us from creating a subclass of 'ChainValidationHelper'
46 * as well as providing a custom 'ServerCertValidationCallback'.
48 bool myUserCertValidationCallbackWrapper (ServerCertValidationCallback callback, X509Certificate certificate, X509Chain chain, MonoSslPolicyErrors sslPolicyErrors)
50 m_RemoteCertificateOrBytes = certificate == null ? null : certificate.GetRawCertData ();
51 if (callback == null) {
52 if (!_SslState.RemoteCertRequired)
53 sslPolicyErrors &= ~MonoSslPolicyErrors.RemoteCertificateNotAvailable;
55 return (sslPolicyErrors == MonoSslPolicyErrors.None);
58 return MNS.ChainValidationHelper.InvokeCallback (callback, this, certificate, chain, sslPolicyErrors);
61 class MyConfiguration : SSPIConfiguration
63 MNS.IMonoTlsProvider provider;
64 MonoTlsSettings settings;
65 IMonoTlsEventSink eventSink;
67 public MyConfiguration (MNS.IMonoTlsProvider provider, MonoTlsSettings settings, IMonoTlsEventSink eventSink)
69 this.provider = provider;
70 this.settings = settings;
71 this.eventSink = eventSink;
74 public MNS.IMonoTlsProvider Provider {
75 get { return provider; }
78 public MonoTlsSettings Settings {
79 get { return settings; }
82 public IMonoTlsEventSink EventSink {
83 get { return eventSink; }
88 internal bool IsClosed {
89 get { return _SslState.IsClosed; }
92 internal Exception LastError {
93 get { return lastError; }
96 #region IMonoTlsEventSink
100 void IMonoTlsEventSink.Error (Exception exception)
102 Interlocked.CompareExchange<Exception> (ref lastError, exception, null);
105 void IMonoTlsEventSink.ReceivedCloseNotify ()
111 internal IAsyncResult BeginShutdown (AsyncCallback asyncCallback, object asyncState)
113 return _SslState.BeginShutdown (asyncCallback, asyncState);
116 internal void EndShutdown (IAsyncResult asyncResult)
118 _SslState.EndShutdown (asyncResult);
121 internal IAsyncResult BeginRenegotiate (AsyncCallback asyncCallback, object asyncState)
123 return _SslState.BeginRenegotiate (asyncCallback, asyncState);
126 internal void EndRenegotiate (IAsyncResult asyncResult)
128 _SslState.EndRenegotiate (asyncResult);
131 internal X509Certificate InternalLocalCertificate {
132 get { return _SslState.InternalLocalCertificate; }
135 internal MonoTlsConnectionInfo GetMonoConnectionInfo ()
137 return _SslState.GetMonoConnectionInfo ();