5 // Martin Baulig <martin.baulig@xamarin.com>
7 // Copyright (c) 2015 Xamarin, Inc.
9 // Permission is hereby granted, free of charge, to any person obtaining a copy
10 // of this software and associated documentation files (the "Software"), to deal
11 // in the Software without restriction, including without limitation the rights
12 // to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
13 // copies of the Software, and to permit persons to whom the Software is
14 // furnished to do so, subject to the following conditions:
16 // The above copyright notice and this permission notice shall be included in
17 // all copies or substantial portions of the Software.
19 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
20 // IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
21 // FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
22 // AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
23 // LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
24 // OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
27 #if !MONO_FEATURE_NEW_TLS
31 extern alias PrebuiltSystem;
33 #if MONO_SECURITY_ALIAS
34 extern alias MonoSecurity;
37 #if MONO_SECURITY_ALIAS
38 using MonoSecurity::Mono.Security.Interface;
40 using Mono.Security.Interface;
43 using XSslProtocols = PrebuiltSystem::System.Security.Authentication.SslProtocols;
44 using XX509CertificateCollection = PrebuiltSystem::System.Security.Cryptography.X509Certificates.X509CertificateCollection;
46 using XSslProtocols = System.Security.Authentication.SslProtocols;
47 using XX509CertificateCollection = System.Security.Cryptography.X509Certificates.X509CertificateCollection;
50 using CipherAlgorithmType = System.Security.Authentication.CipherAlgorithmType;
51 using HashAlgorithmType = System.Security.Authentication.HashAlgorithmType;
52 using ExchangeAlgorithmType = System.Security.Authentication.ExchangeAlgorithmType;
57 using System.Net.Security;
58 using System.Security.Authentication;
59 using System.Security.Cryptography.X509Certificates;
60 using System.Security.Permissions;
61 using System.Security.Principal;
62 using System.Security.Cryptography;
64 using System.Threading.Tasks;
66 using MNS = Mono.Net.Security;
68 namespace System.Net.Security
71 * These two are defined by the referencesource; add them heere to make
72 * it easy to switch between the two implementations.
75 internal delegate bool RemoteCertValidationCallback (
77 X509Certificate certificate,
79 SslPolicyErrors sslPolicyErrors);
81 internal delegate X509Certificate LocalCertSelectionCallback (
83 XX509CertificateCollection localCertificates,
84 X509Certificate remoteCertificate,
85 string[] acceptableIssuers);
87 public class SslStream : AuthenticatedStream, MNS.IMonoSslStream
89 MonoTlsProvider provider;
92 internal IMonoSslStream Impl {
99 internal MonoTlsProvider Provider {
106 static MonoTlsProvider GetProvider ()
108 return MonoTlsProviderFactory.GetDefaultProvider ();
111 public SslStream (Stream innerStream)
112 : this (innerStream, false)
116 public SslStream (Stream innerStream, bool leaveInnerStreamOpen)
117 : base (innerStream, leaveInnerStreamOpen)
119 provider = GetProvider ();
120 impl = provider.CreateSslStream (innerStream, leaveInnerStreamOpen);
123 public SslStream (Stream innerStream, bool leaveInnerStreamOpen, RemoteCertificateValidationCallback userCertificateValidationCallback)
124 : this (innerStream, leaveInnerStreamOpen, userCertificateValidationCallback, null)
128 public SslStream (Stream innerStream, bool leaveInnerStreamOpen, RemoteCertificateValidationCallback userCertificateValidationCallback, LocalCertificateSelectionCallback userCertificateSelectionCallback)
129 : base (innerStream, leaveInnerStreamOpen)
131 provider = GetProvider ();
132 var settings = MonoTlsSettings.CopyDefaultSettings ();
133 settings.RemoteCertificateValidationCallback = MNS.Private.CallbackHelpers.PublicToMono (userCertificateValidationCallback);
134 settings.ClientCertificateSelectionCallback = MNS.Private.CallbackHelpers.PublicToMono (userCertificateSelectionCallback);
135 impl = provider.CreateSslStream (innerStream, leaveInnerStreamOpen, settings);
138 internal SslStream (Stream innerStream, bool leaveInnerStreamOpen, IMonoSslStream impl)
139 : base (innerStream, leaveInnerStreamOpen)
144 public virtual void AuthenticateAsClient (string targetHost)
146 Impl.AuthenticateAsClient (targetHost);
149 public virtual void AuthenticateAsClient (string targetHost, XX509CertificateCollection clientCertificates, SslProtocols enabledSslProtocols, bool checkCertificateRevocation)
151 Impl.AuthenticateAsClient (targetHost, (XX509CertificateCollection)(object)clientCertificates, (XSslProtocols)enabledSslProtocols, checkCertificateRevocation);
154 // [HostProtection (ExternalThreading=true)]
155 public virtual IAsyncResult BeginAuthenticateAsClient (string targetHost, AsyncCallback asyncCallback, object asyncState)
157 return Impl.BeginAuthenticateAsClient (targetHost, asyncCallback, asyncState);
160 // [HostProtection (ExternalThreading=true)]
161 public virtual IAsyncResult BeginAuthenticateAsClient (string targetHost, XX509CertificateCollection clientCertificates, SslProtocols enabledSslProtocols, bool checkCertificateRevocation, AsyncCallback asyncCallback, object asyncState)
163 return Impl.BeginAuthenticateAsClient (targetHost, (XX509CertificateCollection)(object)clientCertificates, (XSslProtocols)enabledSslProtocols, checkCertificateRevocation, asyncCallback, asyncState);
166 public virtual void EndAuthenticateAsClient (IAsyncResult asyncResult)
168 Impl.EndAuthenticateAsClient (asyncResult);
171 public virtual void AuthenticateAsServer (X509Certificate serverCertificate)
173 Impl.AuthenticateAsServer (serverCertificate);
176 public virtual void AuthenticateAsServer (X509Certificate serverCertificate, bool clientCertificateRequired, SslProtocols enabledSslProtocols, bool checkCertificateRevocation)
178 Impl.AuthenticateAsServer (serverCertificate, clientCertificateRequired, (XSslProtocols)enabledSslProtocols, checkCertificateRevocation);
181 // [HostProtection (ExternalThreading=true)]
182 public virtual IAsyncResult BeginAuthenticateAsServer (X509Certificate serverCertificate, AsyncCallback asyncCallback, object asyncState)
184 return Impl.BeginAuthenticateAsServer (serverCertificate, asyncCallback, asyncState);
187 public virtual IAsyncResult BeginAuthenticateAsServer (X509Certificate serverCertificate, bool clientCertificateRequired, SslProtocols enabledSslProtocols, bool checkCertificateRevocation, AsyncCallback asyncCallback, object asyncState)
189 return Impl.BeginAuthenticateAsServer (serverCertificate, clientCertificateRequired, (XSslProtocols)enabledSslProtocols, checkCertificateRevocation, asyncCallback, asyncState);
192 public virtual void EndAuthenticateAsServer (IAsyncResult asyncResult)
194 Impl.EndAuthenticateAsServer (asyncResult);
197 public TransportContext TransportContext {
199 throw new NotSupportedException();
203 // [HostProtection (ExternalThreading=true)]
204 public virtual Task AuthenticateAsClientAsync (string targetHost)
206 return Impl.AuthenticateAsClientAsync (targetHost);
209 public virtual Task AuthenticateAsClientAsync (string targetHost, XX509CertificateCollection clientCertificates, SslProtocols enabledSslProtocols, bool checkCertificateRevocation)
211 return Impl.AuthenticateAsClientAsync (targetHost, clientCertificates, (XSslProtocols)enabledSslProtocols, checkCertificateRevocation);
214 public virtual Task AuthenticateAsServerAsync (X509Certificate serverCertificate)
216 return Impl.AuthenticateAsServerAsync (serverCertificate);
219 public virtual Task AuthenticateAsServerAsync (X509Certificate serverCertificate, bool clientCertificateRequired, SslProtocols enabledSslProtocols, bool checkCertificateRevocation)
221 return Impl.AuthenticateAsServerAsync (serverCertificate, clientCertificateRequired, (XSslProtocols)enabledSslProtocols, checkCertificateRevocation);
224 public override bool IsAuthenticated {
225 get { return Impl.IsAuthenticated; }
228 public override bool IsMutuallyAuthenticated {
229 get { return Impl.IsMutuallyAuthenticated; }
232 public override bool IsEncrypted {
233 get { return Impl.IsEncrypted; }
236 public override bool IsSigned {
237 get { return Impl.IsSigned; }
240 public override bool IsServer {
241 get { return Impl.IsServer; }
244 public virtual SslProtocols SslProtocol {
245 get { return (SslProtocols)Impl.SslProtocol; }
248 public virtual bool CheckCertRevocationStatus {
249 get { return Impl.CheckCertRevocationStatus; }
252 X509Certificate MNS.IMonoSslStream.InternalLocalCertificate {
253 get { return Impl.InternalLocalCertificate; }
256 public virtual X509Certificate LocalCertificate {
257 get { return Impl.LocalCertificate; }
260 public virtual X509Certificate RemoteCertificate {
261 get { return Impl.RemoteCertificate; }
264 public virtual CipherAlgorithmType CipherAlgorithm {
265 get { return (CipherAlgorithmType)Impl.CipherAlgorithm; }
268 public virtual int CipherStrength {
269 get { return Impl.CipherStrength; }
272 public virtual HashAlgorithmType HashAlgorithm {
273 get { return (HashAlgorithmType)Impl.HashAlgorithm; }
276 public virtual int HashStrength {
277 get { return Impl.HashStrength; }
280 public virtual ExchangeAlgorithmType KeyExchangeAlgorithm {
281 get { return (ExchangeAlgorithmType)Impl.KeyExchangeAlgorithm; }
284 public virtual int KeyExchangeStrength {
285 get { return Impl.KeyExchangeStrength; }
288 public override bool CanSeek {
289 get { return false; }
292 public override bool CanRead {
293 get { return Impl.CanRead; }
296 public override bool CanTimeout {
297 get { return Impl.CanTimeout; }
300 public override bool CanWrite {
301 get { return Impl.CanWrite; }
304 public override int ReadTimeout {
305 get { return Impl.ReadTimeout; }
306 set { Impl.ReadTimeout = value; }
309 public override int WriteTimeout {
310 get { return Impl.WriteTimeout; }
311 set { Impl.WriteTimeout = value; }
314 public override long Length {
315 get { return Impl.Length; }
318 public override long Position {
319 get { return Impl.Position; }
321 throw new NotSupportedException (SR.GetString (SR.net_noseek));
325 public override void SetLength (long value)
327 Impl.SetLength (value);
330 public override long Seek (long offset, SeekOrigin origin)
332 throw new NotSupportedException (SR.GetString (SR.net_noseek));
335 public override void Flush ()
340 void CheckDisposed ()
343 throw new ObjectDisposedException ("SslStream");
346 protected override void Dispose (bool disposing)
349 if (impl != null && disposing) {
354 base.Dispose (disposing);
358 public override int Read (byte[] buffer, int offset, int count)
360 return Impl.Read (buffer, offset, count);
363 public void Write (byte[] buffer)
368 public override void Write (byte[] buffer, int offset, int count)
370 Impl.Write (buffer, offset, count);
373 // [HostProtection (ExternalThreading=true)]
374 public override IAsyncResult BeginRead (byte[] buffer, int offset, int count, AsyncCallback asyncCallback, object asyncState)
376 return Impl.BeginRead (buffer, offset, count, asyncCallback, asyncState);
379 public override int EndRead (IAsyncResult asyncResult)
381 return Impl.EndRead (asyncResult);
384 // [HostProtection (ExternalThreading=true)]
385 public override IAsyncResult BeginWrite (byte[] buffer, int offset, int count, AsyncCallback asyncCallback, object asyncState)
387 return Impl.BeginWrite (buffer, offset, count, asyncCallback, asyncState);
390 public override void EndWrite (IAsyncResult asyncResult)
392 Impl.EndWrite (asyncResult);
395 AuthenticatedStream MNS.IMonoSslStream.AuthenticatedStream {
399 MonoTlsProvider MNS.IMonoSslStream.Provider {
400 get { return provider; }
403 MonoTlsConnectionInfo MNS.IMonoSslStream.GetConnectionInfo ()
405 return Impl.GetConnectionInfo ();
409 #else // !SECURITY_DEP
410 namespace System.Net.Security
412 public class SslStream