5 // Martin Baulig <martin.baulig@xamarin.com>
7 // Copyright (c) 2015 Xamarin, Inc.
9 // Permission is hereby granted, free of charge, to any person obtaining a copy
10 // of this software and associated documentation files (the "Software"), to deal
11 // in the Software without restriction, including without limitation the rights
12 // to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
13 // copies of the Software, and to permit persons to whom the Software is
14 // furnished to do so, subject to the following conditions:
16 // The above copyright notice and this permission notice shall be included in
17 // all copies or substantial portions of the Software.
19 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
20 // IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
21 // FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
22 // AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
23 // LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
24 // OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
27 #if SECURITY_DEP && !MONO_FEATURE_NEW_TLS
30 extern alias PrebuiltSystem;
32 #if MONO_SECURITY_ALIAS
33 extern alias MonoSecurity;
36 #if MONO_SECURITY_ALIAS
37 using MonoSecurity::Mono.Security.Interface;
39 using Mono.Security.Interface;
42 using XSslProtocols = PrebuiltSystem::System.Security.Authentication.SslProtocols;
43 using XX509CertificateCollection = PrebuiltSystem::System.Security.Cryptography.X509Certificates.X509CertificateCollection;
45 using XSslProtocols = System.Security.Authentication.SslProtocols;
46 using XX509CertificateCollection = System.Security.Cryptography.X509Certificates.X509CertificateCollection;
49 using CipherAlgorithmType = System.Security.Authentication.CipherAlgorithmType;
50 using HashAlgorithmType = System.Security.Authentication.HashAlgorithmType;
51 using ExchangeAlgorithmType = System.Security.Authentication.ExchangeAlgorithmType;
56 using System.Net.Security;
57 using System.Security.Authentication;
58 using System.Security.Cryptography.X509Certificates;
59 using System.Security.Permissions;
60 using System.Security.Principal;
61 using System.Security.Cryptography;
63 using System.Threading.Tasks;
65 using MNS = Mono.Net.Security;
67 namespace System.Net.Security
70 * These two are defined by the referencesource; add them heere to make
71 * it easy to switch between the two implementations.
74 internal delegate bool RemoteCertValidationCallback (
76 X509Certificate certificate,
78 SslPolicyErrors sslPolicyErrors);
80 internal delegate X509Certificate LocalCertSelectionCallback (
82 XX509CertificateCollection localCertificates,
83 X509Certificate remoteCertificate,
84 string[] acceptableIssuers);
86 public class SslStream : AuthenticatedStream, MNS.IMonoSslStream
88 MonoTlsProvider provider;
91 internal IMonoSslStream Impl {
98 internal MonoTlsProvider Provider {
105 static MonoTlsProvider GetProvider ()
107 return MonoTlsProviderFactory.GetDefaultProvider ();
110 public SslStream (Stream innerStream)
111 : this (innerStream, false)
115 public SslStream (Stream innerStream, bool leaveInnerStreamOpen)
116 : base (innerStream, leaveInnerStreamOpen)
118 provider = GetProvider ();
119 impl = provider.CreateSslStream (innerStream, leaveInnerStreamOpen);
122 public SslStream (Stream innerStream, bool leaveInnerStreamOpen, RemoteCertificateValidationCallback userCertificateValidationCallback)
123 : this (innerStream, leaveInnerStreamOpen, userCertificateValidationCallback, null)
127 public SslStream (Stream innerStream, bool leaveInnerStreamOpen, RemoteCertificateValidationCallback userCertificateValidationCallback, LocalCertificateSelectionCallback userCertificateSelectionCallback)
128 : base (innerStream, leaveInnerStreamOpen)
130 provider = GetProvider ();
131 var settings = MonoTlsSettings.CopyDefaultSettings ();
132 settings.RemoteCertificateValidationCallback = MNS.Private.CallbackHelpers.PublicToMono (userCertificateValidationCallback);
133 settings.ClientCertificateSelectionCallback = MNS.Private.CallbackHelpers.PublicToMono (userCertificateSelectionCallback);
134 impl = provider.CreateSslStream (innerStream, leaveInnerStreamOpen, settings);
137 internal SslStream (Stream innerStream, bool leaveInnerStreamOpen, IMonoSslStream impl)
138 : base (innerStream, leaveInnerStreamOpen)
143 public virtual void AuthenticateAsClient (string targetHost)
145 Impl.AuthenticateAsClient (targetHost);
148 public virtual void AuthenticateAsClient (string targetHost, XX509CertificateCollection clientCertificates, SslProtocols enabledSslProtocols, bool checkCertificateRevocation)
150 Impl.AuthenticateAsClient (targetHost, (XX509CertificateCollection)(object)clientCertificates, (XSslProtocols)enabledSslProtocols, checkCertificateRevocation);
153 // [HostProtection (ExternalThreading=true)]
154 public virtual IAsyncResult BeginAuthenticateAsClient (string targetHost, AsyncCallback asyncCallback, object asyncState)
156 return Impl.BeginAuthenticateAsClient (targetHost, asyncCallback, asyncState);
159 // [HostProtection (ExternalThreading=true)]
160 public virtual IAsyncResult BeginAuthenticateAsClient (string targetHost, XX509CertificateCollection clientCertificates, SslProtocols enabledSslProtocols, bool checkCertificateRevocation, AsyncCallback asyncCallback, object asyncState)
162 return Impl.BeginAuthenticateAsClient (targetHost, (XX509CertificateCollection)(object)clientCertificates, (XSslProtocols)enabledSslProtocols, checkCertificateRevocation, asyncCallback, asyncState);
165 public virtual void EndAuthenticateAsClient (IAsyncResult asyncResult)
167 Impl.EndAuthenticateAsClient (asyncResult);
170 public virtual void AuthenticateAsServer (X509Certificate serverCertificate)
172 Impl.AuthenticateAsServer (serverCertificate);
175 public virtual void AuthenticateAsServer (X509Certificate serverCertificate, bool clientCertificateRequired, SslProtocols enabledSslProtocols, bool checkCertificateRevocation)
177 Impl.AuthenticateAsServer (serverCertificate, clientCertificateRequired, (XSslProtocols)enabledSslProtocols, checkCertificateRevocation);
180 // [HostProtection (ExternalThreading=true)]
181 public virtual IAsyncResult BeginAuthenticateAsServer (X509Certificate serverCertificate, AsyncCallback asyncCallback, object asyncState)
183 return Impl.BeginAuthenticateAsServer (serverCertificate, asyncCallback, asyncState);
186 public virtual IAsyncResult BeginAuthenticateAsServer (X509Certificate serverCertificate, bool clientCertificateRequired, SslProtocols enabledSslProtocols, bool checkCertificateRevocation, AsyncCallback asyncCallback, object asyncState)
188 return Impl.BeginAuthenticateAsServer (serverCertificate, clientCertificateRequired, (XSslProtocols)enabledSslProtocols, checkCertificateRevocation, asyncCallback, asyncState);
191 public virtual void EndAuthenticateAsServer (IAsyncResult asyncResult)
193 Impl.EndAuthenticateAsServer (asyncResult);
196 public TransportContext TransportContext {
198 throw new NotSupportedException();
202 // [HostProtection (ExternalThreading=true)]
203 public virtual Task AuthenticateAsClientAsync (string targetHost)
205 return Impl.AuthenticateAsClientAsync (targetHost);
208 public virtual Task AuthenticateAsClientAsync (string targetHost, XX509CertificateCollection clientCertificates, SslProtocols enabledSslProtocols, bool checkCertificateRevocation)
210 return Impl.AuthenticateAsClientAsync (targetHost, clientCertificates, (XSslProtocols)enabledSslProtocols, checkCertificateRevocation);
213 public virtual Task AuthenticateAsServerAsync (X509Certificate serverCertificate)
215 return Impl.AuthenticateAsServerAsync (serverCertificate);
218 public virtual Task AuthenticateAsServerAsync (X509Certificate serverCertificate, bool clientCertificateRequired, SslProtocols enabledSslProtocols, bool checkCertificateRevocation)
220 return Impl.AuthenticateAsServerAsync (serverCertificate, clientCertificateRequired, (XSslProtocols)enabledSslProtocols, checkCertificateRevocation);
223 public override bool IsAuthenticated {
224 get { return Impl.IsAuthenticated; }
227 public override bool IsMutuallyAuthenticated {
228 get { return Impl.IsMutuallyAuthenticated; }
231 public override bool IsEncrypted {
232 get { return Impl.IsEncrypted; }
235 public override bool IsSigned {
236 get { return Impl.IsSigned; }
239 public override bool IsServer {
240 get { return Impl.IsServer; }
243 public virtual SslProtocols SslProtocol {
244 get { return (SslProtocols)Impl.SslProtocol; }
247 public virtual bool CheckCertRevocationStatus {
248 get { return Impl.CheckCertRevocationStatus; }
251 X509Certificate MNS.IMonoSslStream.InternalLocalCertificate {
252 get { return Impl.InternalLocalCertificate; }
255 public virtual X509Certificate LocalCertificate {
256 get { return Impl.LocalCertificate; }
259 public virtual X509Certificate RemoteCertificate {
260 get { return Impl.RemoteCertificate; }
263 public virtual CipherAlgorithmType CipherAlgorithm {
264 get { return (CipherAlgorithmType)Impl.CipherAlgorithm; }
267 public virtual int CipherStrength {
268 get { return Impl.CipherStrength; }
271 public virtual HashAlgorithmType HashAlgorithm {
272 get { return (HashAlgorithmType)Impl.HashAlgorithm; }
275 public virtual int HashStrength {
276 get { return Impl.HashStrength; }
279 public virtual ExchangeAlgorithmType KeyExchangeAlgorithm {
280 get { return (ExchangeAlgorithmType)Impl.KeyExchangeAlgorithm; }
283 public virtual int KeyExchangeStrength {
284 get { return Impl.KeyExchangeStrength; }
287 public override bool CanSeek {
288 get { return false; }
291 public override bool CanRead {
292 get { return Impl.CanRead; }
295 public override bool CanTimeout {
296 get { return Impl.CanTimeout; }
299 public override bool CanWrite {
300 get { return Impl.CanWrite; }
303 public override int ReadTimeout {
304 get { return Impl.ReadTimeout; }
305 set { Impl.ReadTimeout = value; }
308 public override int WriteTimeout {
309 get { return Impl.WriteTimeout; }
310 set { Impl.WriteTimeout = value; }
313 public override long Length {
314 get { return Impl.Length; }
317 public override long Position {
318 get { return Impl.Position; }
320 throw new NotSupportedException (SR.GetString (SR.net_noseek));
324 public override void SetLength (long value)
326 Impl.SetLength (value);
329 public override long Seek (long offset, SeekOrigin origin)
331 throw new NotSupportedException (SR.GetString (SR.net_noseek));
334 public override void Flush ()
339 void CheckDisposed ()
342 throw new ObjectDisposedException ("SslStream");
345 protected override void Dispose (bool disposing)
348 if (impl != null && disposing) {
353 base.Dispose (disposing);
357 public override int Read (byte[] buffer, int offset, int count)
359 return Impl.Read (buffer, offset, count);
362 public void Write (byte[] buffer)
367 public override void Write (byte[] buffer, int offset, int count)
369 Impl.Write (buffer, offset, count);
372 // [HostProtection (ExternalThreading=true)]
373 public override IAsyncResult BeginRead (byte[] buffer, int offset, int count, AsyncCallback asyncCallback, object asyncState)
375 return Impl.BeginRead (buffer, offset, count, asyncCallback, asyncState);
378 public override int EndRead (IAsyncResult asyncResult)
380 return Impl.EndRead (asyncResult);
383 // [HostProtection (ExternalThreading=true)]
384 public override IAsyncResult BeginWrite (byte[] buffer, int offset, int count, AsyncCallback asyncCallback, object asyncState)
386 return Impl.BeginWrite (buffer, offset, count, asyncCallback, asyncState);
389 public override void EndWrite (IAsyncResult asyncResult)
391 Impl.EndWrite (asyncResult);
394 AuthenticatedStream MNS.IMonoSslStream.AuthenticatedStream {