5 // Martin Baulig <martin.baulig@xamarin.com>
7 // Copyright (c) 2015 Xamarin, Inc.
9 // Permission is hereby granted, free of charge, to any person obtaining a copy
10 // of this software and associated documentation files (the "Software"), to deal
11 // in the Software without restriction, including without limitation the rights
12 // to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
13 // copies of the Software, and to permit persons to whom the Software is
14 // furnished to do so, subject to the following conditions:
16 // The above copyright notice and this permission notice shall be included in
17 // all copies or substantial portions of the Software.
19 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
20 // IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
21 // FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
22 // AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
23 // LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
24 // OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
29 #if MONO_SECURITY_ALIAS
30 extern alias MonoSecurity;
33 #if MONO_SECURITY_ALIAS
34 using MonoSecurity::Mono.Security.Interface;
36 using Mono.Security.Interface;
39 using CipherAlgorithmType = System.Security.Authentication.CipherAlgorithmType;
40 using HashAlgorithmType = System.Security.Authentication.HashAlgorithmType;
41 using ExchangeAlgorithmType = System.Security.Authentication.ExchangeAlgorithmType;
46 using System.Net.Security;
47 using System.Security.Authentication;
48 using System.Security.Cryptography.X509Certificates;
49 using System.Security.Permissions;
50 using System.Security.Principal;
51 using System.Security.Cryptography;
53 using System.Threading.Tasks;
55 using MNS = Mono.Net.Security;
57 namespace System.Net.Security
60 * These two are defined by the referencesource; add them heere to make
61 * it easy to switch between the two implementations.
64 internal delegate bool RemoteCertValidationCallback (
66 X509Certificate certificate,
68 SslPolicyErrors sslPolicyErrors);
70 internal delegate X509Certificate LocalCertSelectionCallback (
72 X509CertificateCollection localCertificates,
73 X509Certificate remoteCertificate,
74 string[] acceptableIssuers);
76 public class SslStream : AuthenticatedStream, MNS.IMonoSslStream
78 MonoTlsProvider provider;
81 internal IMonoSslStream Impl {
88 internal MonoTlsProvider Provider {
95 static MonoTlsProvider GetProvider ()
97 return MonoTlsProviderFactory.GetDefaultProvider ();
100 public SslStream (Stream innerStream)
101 : this (innerStream, false)
105 public SslStream (Stream innerStream, bool leaveInnerStreamOpen)
106 : base (innerStream, leaveInnerStreamOpen)
108 provider = GetProvider ();
109 impl = provider.CreateSslStream (innerStream, leaveInnerStreamOpen);
112 public SslStream (Stream innerStream, bool leaveInnerStreamOpen, RemoteCertificateValidationCallback userCertificateValidationCallback)
113 : this (innerStream, leaveInnerStreamOpen, userCertificateValidationCallback, null)
117 public SslStream (Stream innerStream, bool leaveInnerStreamOpen, RemoteCertificateValidationCallback userCertificateValidationCallback, LocalCertificateSelectionCallback userCertificateSelectionCallback)
118 : base (innerStream, leaveInnerStreamOpen)
120 provider = GetProvider ();
121 var settings = MonoTlsSettings.CopyDefaultSettings ();
122 settings.RemoteCertificateValidationCallback = MNS.Private.CallbackHelpers.PublicToMono (userCertificateValidationCallback);
123 settings.ClientCertificateSelectionCallback = MNS.Private.CallbackHelpers.PublicToMono (userCertificateSelectionCallback);
124 impl = provider.CreateSslStream (innerStream, leaveInnerStreamOpen, settings);
127 [MonoLimitation ("encryptionPolicy is ignored")]
128 public SslStream (Stream innerStream, bool leaveInnerStreamOpen, RemoteCertificateValidationCallback userCertificateValidationCallback, LocalCertificateSelectionCallback userCertificateSelectionCallback, EncryptionPolicy encryptionPolicy)
129 : this (innerStream, leaveInnerStreamOpen, userCertificateValidationCallback, userCertificateSelectionCallback)
133 internal SslStream (Stream innerStream, bool leaveInnerStreamOpen, IMonoSslStream impl)
134 : base (innerStream, leaveInnerStreamOpen)
139 public virtual void AuthenticateAsClient (string targetHost)
141 Impl.AuthenticateAsClient (targetHost);
144 public virtual void AuthenticateAsClient (string targetHost, X509CertificateCollection clientCertificates, SslProtocols enabledSslProtocols, bool checkCertificateRevocation)
146 Impl.AuthenticateAsClient (targetHost, clientCertificates, enabledSslProtocols, checkCertificateRevocation);
149 // [HostProtection (ExternalThreading=true)]
150 public virtual IAsyncResult BeginAuthenticateAsClient (string targetHost, AsyncCallback asyncCallback, object asyncState)
152 return Impl.BeginAuthenticateAsClient (targetHost, asyncCallback, asyncState);
155 // [HostProtection (ExternalThreading=true)]
156 public virtual IAsyncResult BeginAuthenticateAsClient (string targetHost, X509CertificateCollection clientCertificates, SslProtocols enabledSslProtocols, bool checkCertificateRevocation, AsyncCallback asyncCallback, object asyncState)
158 return Impl.BeginAuthenticateAsClient (targetHost, clientCertificates, enabledSslProtocols, checkCertificateRevocation, asyncCallback, asyncState);
161 public virtual void EndAuthenticateAsClient (IAsyncResult asyncResult)
163 Impl.EndAuthenticateAsClient (asyncResult);
166 public virtual void AuthenticateAsServer (X509Certificate serverCertificate)
168 Impl.AuthenticateAsServer (serverCertificate);
171 public virtual void AuthenticateAsServer (X509Certificate serverCertificate, bool clientCertificateRequired, SslProtocols enabledSslProtocols, bool checkCertificateRevocation)
173 Impl.AuthenticateAsServer (serverCertificate, clientCertificateRequired, enabledSslProtocols, checkCertificateRevocation);
176 // [HostProtection (ExternalThreading=true)]
177 public virtual IAsyncResult BeginAuthenticateAsServer (X509Certificate serverCertificate, AsyncCallback asyncCallback, object asyncState)
179 return Impl.BeginAuthenticateAsServer (serverCertificate, asyncCallback, asyncState);
182 public virtual IAsyncResult BeginAuthenticateAsServer (X509Certificate serverCertificate, bool clientCertificateRequired, SslProtocols enabledSslProtocols, bool checkCertificateRevocation, AsyncCallback asyncCallback, object asyncState)
184 return Impl.BeginAuthenticateAsServer (serverCertificate, clientCertificateRequired, enabledSslProtocols, checkCertificateRevocation, asyncCallback, asyncState);
187 public virtual void EndAuthenticateAsServer (IAsyncResult asyncResult)
189 Impl.EndAuthenticateAsServer (asyncResult);
192 public TransportContext TransportContext {
194 throw new NotSupportedException();
198 // [HostProtection (ExternalThreading=true)]
199 public virtual Task AuthenticateAsClientAsync (string targetHost)
201 return Impl.AuthenticateAsClientAsync (targetHost);
204 public virtual Task AuthenticateAsClientAsync (string targetHost, X509CertificateCollection clientCertificates, SslProtocols enabledSslProtocols, bool checkCertificateRevocation)
206 return Impl.AuthenticateAsClientAsync (targetHost, clientCertificates, enabledSslProtocols, checkCertificateRevocation);
209 public virtual Task AuthenticateAsServerAsync (X509Certificate serverCertificate)
211 return Impl.AuthenticateAsServerAsync (serverCertificate);
214 public virtual Task AuthenticateAsServerAsync (X509Certificate serverCertificate, bool clientCertificateRequired, SslProtocols enabledSslProtocols, bool checkCertificateRevocation)
216 return Impl.AuthenticateAsServerAsync (serverCertificate, clientCertificateRequired, enabledSslProtocols, checkCertificateRevocation);
219 public override bool IsAuthenticated {
220 get { return Impl.IsAuthenticated; }
223 public override bool IsMutuallyAuthenticated {
224 get { return Impl.IsMutuallyAuthenticated; }
227 public override bool IsEncrypted {
228 get { return Impl.IsEncrypted; }
231 public override bool IsSigned {
232 get { return Impl.IsSigned; }
235 public override bool IsServer {
236 get { return Impl.IsServer; }
239 public virtual SslProtocols SslProtocol {
240 get { return (SslProtocols)Impl.SslProtocol; }
243 public virtual bool CheckCertRevocationStatus {
244 get { return Impl.CheckCertRevocationStatus; }
247 X509Certificate MNS.IMonoSslStream.InternalLocalCertificate {
248 get { return Impl.InternalLocalCertificate; }
251 public virtual X509Certificate LocalCertificate {
252 get { return Impl.LocalCertificate; }
255 public virtual X509Certificate RemoteCertificate {
256 get { return Impl.RemoteCertificate; }
259 public virtual CipherAlgorithmType CipherAlgorithm {
260 get { return (CipherAlgorithmType)Impl.CipherAlgorithm; }
263 public virtual int CipherStrength {
264 get { return Impl.CipherStrength; }
267 public virtual HashAlgorithmType HashAlgorithm {
268 get { return (HashAlgorithmType)Impl.HashAlgorithm; }
271 public virtual int HashStrength {
272 get { return Impl.HashStrength; }
275 public virtual ExchangeAlgorithmType KeyExchangeAlgorithm {
276 get { return (ExchangeAlgorithmType)Impl.KeyExchangeAlgorithm; }
279 public virtual int KeyExchangeStrength {
280 get { return Impl.KeyExchangeStrength; }
283 public override bool CanSeek {
284 get { return false; }
287 public override bool CanRead {
288 get { return Impl.CanRead; }
291 public override bool CanTimeout {
292 get { return Impl.CanTimeout; }
295 public override bool CanWrite {
296 get { return Impl.CanWrite; }
299 public override int ReadTimeout {
300 get { return Impl.ReadTimeout; }
301 set { Impl.ReadTimeout = value; }
304 public override int WriteTimeout {
305 get { return Impl.WriteTimeout; }
306 set { Impl.WriteTimeout = value; }
309 public override long Length {
310 get { return Impl.Length; }
313 public override long Position {
314 get { return Impl.Position; }
316 throw new NotSupportedException (SR.GetString (SR.net_noseek));
320 public override void SetLength (long value)
322 Impl.SetLength (value);
325 public override long Seek (long offset, SeekOrigin origin)
327 throw new NotSupportedException (SR.GetString (SR.net_noseek));
330 public override void Flush ()
335 void CheckDisposed ()
338 throw new ObjectDisposedException ("SslStream");
341 protected override void Dispose (bool disposing)
344 if (impl != null && disposing) {
349 base.Dispose (disposing);
353 public override int Read (byte[] buffer, int offset, int count)
355 return Impl.Read (buffer, offset, count);
358 public void Write (byte[] buffer)
363 public override void Write (byte[] buffer, int offset, int count)
365 Impl.Write (buffer, offset, count);
368 // [HostProtection (ExternalThreading=true)]
369 public override IAsyncResult BeginRead (byte[] buffer, int offset, int count, AsyncCallback asyncCallback, object asyncState)
371 return Impl.BeginRead (buffer, offset, count, asyncCallback, asyncState);
374 public override int EndRead (IAsyncResult asyncResult)
376 return Impl.EndRead (asyncResult);
379 // [HostProtection (ExternalThreading=true)]
380 public override IAsyncResult BeginWrite (byte[] buffer, int offset, int count, AsyncCallback asyncCallback, object asyncState)
382 return Impl.BeginWrite (buffer, offset, count, asyncCallback, asyncState);
385 public override void EndWrite (IAsyncResult asyncResult)
387 Impl.EndWrite (asyncResult);
390 AuthenticatedStream MNS.IMonoSslStream.AuthenticatedStream {
394 MonoTlsProvider MNS.IMonoSslStream.Provider {
395 get { return provider; }
398 MonoTlsConnectionInfo MNS.IMonoSslStream.GetConnectionInfo ()
400 return Impl.GetConnectionInfo ();
404 #else // !SECURITY_DEP
405 namespace System.Net.Security
407 public class SslStream