5 // Martin Baulig <martin.baulig@xamarin.com>
7 // Copyright (c) 2015 Xamarin, Inc.
9 // Permission is hereby granted, free of charge, to any person obtaining a copy
10 // of this software and associated documentation files (the "Software"), to deal
11 // in the Software without restriction, including without limitation the rights
12 // to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
13 // copies of the Software, and to permit persons to whom the Software is
14 // furnished to do so, subject to the following conditions:
16 // The above copyright notice and this permission notice shall be included in
17 // all copies or substantial portions of the Software.
19 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
20 // IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
21 // FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
22 // AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
23 // LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
24 // OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
27 #if !MONO_FEATURE_NEW_TLS
30 #if MONO_SECURITY_ALIAS
31 extern alias MonoSecurity;
34 #if MONO_SECURITY_ALIAS
35 using MonoSecurity::Mono.Security.Interface;
37 using Mono.Security.Interface;
40 using CipherAlgorithmType = System.Security.Authentication.CipherAlgorithmType;
41 using HashAlgorithmType = System.Security.Authentication.HashAlgorithmType;
42 using ExchangeAlgorithmType = System.Security.Authentication.ExchangeAlgorithmType;
47 using System.Net.Security;
48 using System.Security.Authentication;
49 using System.Security.Cryptography.X509Certificates;
50 using System.Security.Permissions;
51 using System.Security.Principal;
52 using System.Security.Cryptography;
54 using System.Threading.Tasks;
56 using MNS = Mono.Net.Security;
58 namespace System.Net.Security
61 * These two are defined by the referencesource; add them heere to make
62 * it easy to switch between the two implementations.
65 internal delegate bool RemoteCertValidationCallback (
67 X509Certificate certificate,
69 SslPolicyErrors sslPolicyErrors);
71 internal delegate X509Certificate LocalCertSelectionCallback (
73 X509CertificateCollection localCertificates,
74 X509Certificate remoteCertificate,
75 string[] acceptableIssuers);
77 public class SslStream : AuthenticatedStream, MNS.IMonoSslStream
79 MonoTlsProvider provider;
82 internal IMonoSslStream Impl {
89 internal MonoTlsProvider Provider {
96 static MonoTlsProvider GetProvider ()
98 return MonoTlsProviderFactory.GetDefaultProvider ();
101 public SslStream (Stream innerStream)
102 : this (innerStream, false)
106 public SslStream (Stream innerStream, bool leaveInnerStreamOpen)
107 : base (innerStream, leaveInnerStreamOpen)
109 provider = GetProvider ();
110 impl = provider.CreateSslStream (innerStream, leaveInnerStreamOpen);
113 public SslStream (Stream innerStream, bool leaveInnerStreamOpen, RemoteCertificateValidationCallback userCertificateValidationCallback)
114 : this (innerStream, leaveInnerStreamOpen, userCertificateValidationCallback, null)
118 public SslStream (Stream innerStream, bool leaveInnerStreamOpen, RemoteCertificateValidationCallback userCertificateValidationCallback, LocalCertificateSelectionCallback userCertificateSelectionCallback)
119 : base (innerStream, leaveInnerStreamOpen)
121 provider = GetProvider ();
122 var settings = MonoTlsSettings.CopyDefaultSettings ();
123 settings.RemoteCertificateValidationCallback = MNS.Private.CallbackHelpers.PublicToMono (userCertificateValidationCallback);
124 settings.ClientCertificateSelectionCallback = MNS.Private.CallbackHelpers.PublicToMono (userCertificateSelectionCallback);
125 impl = provider.CreateSslStream (innerStream, leaveInnerStreamOpen, settings);
128 internal SslStream (Stream innerStream, bool leaveInnerStreamOpen, IMonoSslStream impl)
129 : base (innerStream, leaveInnerStreamOpen)
134 public virtual void AuthenticateAsClient (string targetHost)
136 Impl.AuthenticateAsClient (targetHost);
139 public virtual void AuthenticateAsClient (string targetHost, X509CertificateCollection clientCertificates, SslProtocols enabledSslProtocols, bool checkCertificateRevocation)
141 Impl.AuthenticateAsClient (targetHost, clientCertificates, enabledSslProtocols, checkCertificateRevocation);
144 // [HostProtection (ExternalThreading=true)]
145 public virtual IAsyncResult BeginAuthenticateAsClient (string targetHost, AsyncCallback asyncCallback, object asyncState)
147 return Impl.BeginAuthenticateAsClient (targetHost, asyncCallback, asyncState);
150 // [HostProtection (ExternalThreading=true)]
151 public virtual IAsyncResult BeginAuthenticateAsClient (string targetHost, X509CertificateCollection clientCertificates, SslProtocols enabledSslProtocols, bool checkCertificateRevocation, AsyncCallback asyncCallback, object asyncState)
153 return Impl.BeginAuthenticateAsClient (targetHost, clientCertificates, enabledSslProtocols, checkCertificateRevocation, asyncCallback, asyncState);
156 public virtual void EndAuthenticateAsClient (IAsyncResult asyncResult)
158 Impl.EndAuthenticateAsClient (asyncResult);
161 public virtual void AuthenticateAsServer (X509Certificate serverCertificate)
163 Impl.AuthenticateAsServer (serverCertificate);
166 public virtual void AuthenticateAsServer (X509Certificate serverCertificate, bool clientCertificateRequired, SslProtocols enabledSslProtocols, bool checkCertificateRevocation)
168 Impl.AuthenticateAsServer (serverCertificate, clientCertificateRequired, enabledSslProtocols, checkCertificateRevocation);
171 // [HostProtection (ExternalThreading=true)]
172 public virtual IAsyncResult BeginAuthenticateAsServer (X509Certificate serverCertificate, AsyncCallback asyncCallback, object asyncState)
174 return Impl.BeginAuthenticateAsServer (serverCertificate, asyncCallback, asyncState);
177 public virtual IAsyncResult BeginAuthenticateAsServer (X509Certificate serverCertificate, bool clientCertificateRequired, SslProtocols enabledSslProtocols, bool checkCertificateRevocation, AsyncCallback asyncCallback, object asyncState)
179 return Impl.BeginAuthenticateAsServer (serverCertificate, clientCertificateRequired, enabledSslProtocols, checkCertificateRevocation, asyncCallback, asyncState);
182 public virtual void EndAuthenticateAsServer (IAsyncResult asyncResult)
184 Impl.EndAuthenticateAsServer (asyncResult);
187 public TransportContext TransportContext {
189 throw new NotSupportedException();
193 // [HostProtection (ExternalThreading=true)]
194 public virtual Task AuthenticateAsClientAsync (string targetHost)
196 return Impl.AuthenticateAsClientAsync (targetHost);
199 public virtual Task AuthenticateAsClientAsync (string targetHost, X509CertificateCollection clientCertificates, SslProtocols enabledSslProtocols, bool checkCertificateRevocation)
201 return Impl.AuthenticateAsClientAsync (targetHost, clientCertificates, enabledSslProtocols, checkCertificateRevocation);
204 public virtual Task AuthenticateAsServerAsync (X509Certificate serverCertificate)
206 return Impl.AuthenticateAsServerAsync (serverCertificate);
209 public virtual Task AuthenticateAsServerAsync (X509Certificate serverCertificate, bool clientCertificateRequired, SslProtocols enabledSslProtocols, bool checkCertificateRevocation)
211 return Impl.AuthenticateAsServerAsync (serverCertificate, clientCertificateRequired, enabledSslProtocols, checkCertificateRevocation);
214 public override bool IsAuthenticated {
215 get { return Impl.IsAuthenticated; }
218 public override bool IsMutuallyAuthenticated {
219 get { return Impl.IsMutuallyAuthenticated; }
222 public override bool IsEncrypted {
223 get { return Impl.IsEncrypted; }
226 public override bool IsSigned {
227 get { return Impl.IsSigned; }
230 public override bool IsServer {
231 get { return Impl.IsServer; }
234 public virtual SslProtocols SslProtocol {
235 get { return (SslProtocols)Impl.SslProtocol; }
238 public virtual bool CheckCertRevocationStatus {
239 get { return Impl.CheckCertRevocationStatus; }
242 X509Certificate MNS.IMonoSslStream.InternalLocalCertificate {
243 get { return Impl.InternalLocalCertificate; }
246 public virtual X509Certificate LocalCertificate {
247 get { return Impl.LocalCertificate; }
250 public virtual X509Certificate RemoteCertificate {
251 get { return Impl.RemoteCertificate; }
254 public virtual CipherAlgorithmType CipherAlgorithm {
255 get { return (CipherAlgorithmType)Impl.CipherAlgorithm; }
258 public virtual int CipherStrength {
259 get { return Impl.CipherStrength; }
262 public virtual HashAlgorithmType HashAlgorithm {
263 get { return (HashAlgorithmType)Impl.HashAlgorithm; }
266 public virtual int HashStrength {
267 get { return Impl.HashStrength; }
270 public virtual ExchangeAlgorithmType KeyExchangeAlgorithm {
271 get { return (ExchangeAlgorithmType)Impl.KeyExchangeAlgorithm; }
274 public virtual int KeyExchangeStrength {
275 get { return Impl.KeyExchangeStrength; }
278 public override bool CanSeek {
279 get { return false; }
282 public override bool CanRead {
283 get { return Impl.CanRead; }
286 public override bool CanTimeout {
287 get { return Impl.CanTimeout; }
290 public override bool CanWrite {
291 get { return Impl.CanWrite; }
294 public override int ReadTimeout {
295 get { return Impl.ReadTimeout; }
296 set { Impl.ReadTimeout = value; }
299 public override int WriteTimeout {
300 get { return Impl.WriteTimeout; }
301 set { Impl.WriteTimeout = value; }
304 public override long Length {
305 get { return Impl.Length; }
308 public override long Position {
309 get { return Impl.Position; }
311 throw new NotSupportedException (SR.GetString (SR.net_noseek));
315 public override void SetLength (long value)
317 Impl.SetLength (value);
320 public override long Seek (long offset, SeekOrigin origin)
322 throw new NotSupportedException (SR.GetString (SR.net_noseek));
325 public override void Flush ()
330 void CheckDisposed ()
333 throw new ObjectDisposedException ("SslStream");
336 protected override void Dispose (bool disposing)
339 if (impl != null && disposing) {
344 base.Dispose (disposing);
348 public override int Read (byte[] buffer, int offset, int count)
350 return Impl.Read (buffer, offset, count);
353 public void Write (byte[] buffer)
358 public override void Write (byte[] buffer, int offset, int count)
360 Impl.Write (buffer, offset, count);
363 // [HostProtection (ExternalThreading=true)]
364 public override IAsyncResult BeginRead (byte[] buffer, int offset, int count, AsyncCallback asyncCallback, object asyncState)
366 return Impl.BeginRead (buffer, offset, count, asyncCallback, asyncState);
369 public override int EndRead (IAsyncResult asyncResult)
371 return Impl.EndRead (asyncResult);
374 // [HostProtection (ExternalThreading=true)]
375 public override IAsyncResult BeginWrite (byte[] buffer, int offset, int count, AsyncCallback asyncCallback, object asyncState)
377 return Impl.BeginWrite (buffer, offset, count, asyncCallback, asyncState);
380 public override void EndWrite (IAsyncResult asyncResult)
382 Impl.EndWrite (asyncResult);
385 AuthenticatedStream MNS.IMonoSslStream.AuthenticatedStream {
389 MonoTlsProvider MNS.IMonoSslStream.Provider {
390 get { return provider; }
393 MonoTlsConnectionInfo MNS.IMonoSslStream.GetConnectionInfo ()
395 return Impl.GetConnectionInfo ();
399 #else // !SECURITY_DEP
400 namespace System.Net.Security
402 public class SslStream