5 // Martin Baulig <martin.baulig@xamarin.com>
7 // Copyright (c) 2015 Xamarin, Inc.
9 // Permission is hereby granted, free of charge, to any person obtaining a copy
10 // of this software and associated documentation files (the "Software"), to deal
11 // in the Software without restriction, including without limitation the rights
12 // to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
13 // copies of the Software, and to permit persons to whom the Software is
14 // furnished to do so, subject to the following conditions:
16 // The above copyright notice and this permission notice shall be included in
17 // all copies or substantial portions of the Software.
19 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
20 // IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
21 // FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
22 // AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
23 // LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
24 // OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
29 #if MONO_SECURITY_ALIAS
30 extern alias MonoSecurity;
33 #if MONO_SECURITY_ALIAS
34 using MonoSecurity::Mono.Security.Interface;
36 using Mono.Security.Interface;
39 using CipherAlgorithmType = System.Security.Authentication.CipherAlgorithmType;
40 using HashAlgorithmType = System.Security.Authentication.HashAlgorithmType;
41 using ExchangeAlgorithmType = System.Security.Authentication.ExchangeAlgorithmType;
45 using System.Net.Security;
46 using System.Security.Authentication;
47 using System.Security.Cryptography.X509Certificates;
48 using System.Security.Permissions;
49 using System.Security.Principal;
50 using System.Security.Cryptography;
51 using System.Threading.Tasks;
53 using MNS = Mono.Net.Security;
55 namespace System.Net.Security
58 * These two are defined by the referencesource; add them heere to make
59 * it easy to switch between the two implementations.
62 internal delegate bool RemoteCertValidationCallback (
64 X509Certificate certificate,
66 SslPolicyErrors sslPolicyErrors);
68 internal delegate X509Certificate LocalCertSelectionCallback (
70 X509CertificateCollection localCertificates,
71 X509Certificate remoteCertificate,
72 string[] acceptableIssuers);
74 public class SslStream : AuthenticatedStream, MNS.IMonoSslStream
76 MonoTlsProvider provider;
79 internal IMonoSslStream Impl {
86 internal MonoTlsProvider Provider {
93 static MonoTlsProvider GetProvider ()
95 return MonoTlsProviderFactory.GetProvider ();
98 public SslStream (Stream innerStream)
99 : this (innerStream, false)
103 public SslStream (Stream innerStream, bool leaveInnerStreamOpen)
104 : base (innerStream, leaveInnerStreamOpen)
106 provider = GetProvider ();
107 impl = provider.CreateSslStream (innerStream, leaveInnerStreamOpen);
110 public SslStream (Stream innerStream, bool leaveInnerStreamOpen, RemoteCertificateValidationCallback userCertificateValidationCallback)
111 : this (innerStream, leaveInnerStreamOpen, userCertificateValidationCallback, null)
115 public SslStream (Stream innerStream, bool leaveInnerStreamOpen, RemoteCertificateValidationCallback userCertificateValidationCallback, LocalCertificateSelectionCallback userCertificateSelectionCallback)
116 : base (innerStream, leaveInnerStreamOpen)
118 provider = GetProvider ();
119 var settings = MonoTlsSettings.CopyDefaultSettings ();
120 settings.RemoteCertificateValidationCallback = MNS.Private.CallbackHelpers.PublicToMono (userCertificateValidationCallback);
121 settings.ClientCertificateSelectionCallback = MNS.Private.CallbackHelpers.PublicToMono (userCertificateSelectionCallback);
122 impl = provider.CreateSslStream (innerStream, leaveInnerStreamOpen, settings);
125 [MonoLimitation ("encryptionPolicy is ignored")]
126 public SslStream (Stream innerStream, bool leaveInnerStreamOpen, RemoteCertificateValidationCallback userCertificateValidationCallback, LocalCertificateSelectionCallback userCertificateSelectionCallback, EncryptionPolicy encryptionPolicy)
127 : this (innerStream, leaveInnerStreamOpen, userCertificateValidationCallback, userCertificateSelectionCallback)
131 internal SslStream (Stream innerStream, bool leaveInnerStreamOpen, IMonoSslStream impl)
132 : base (innerStream, leaveInnerStreamOpen)
137 public virtual void AuthenticateAsClient (string targetHost)
139 Impl.AuthenticateAsClient (targetHost);
142 public virtual void AuthenticateAsClient (string targetHost, X509CertificateCollection clientCertificates, SslProtocols enabledSslProtocols, bool checkCertificateRevocation)
144 Impl.AuthenticateAsClient (targetHost, clientCertificates, enabledSslProtocols, checkCertificateRevocation);
147 // [HostProtection (ExternalThreading=true)]
148 public virtual IAsyncResult BeginAuthenticateAsClient (string targetHost, AsyncCallback asyncCallback, object asyncState)
150 return Impl.BeginAuthenticateAsClient (targetHost, asyncCallback, asyncState);
153 // [HostProtection (ExternalThreading=true)]
154 public virtual IAsyncResult BeginAuthenticateAsClient (string targetHost, X509CertificateCollection clientCertificates, SslProtocols enabledSslProtocols, bool checkCertificateRevocation, AsyncCallback asyncCallback, object asyncState)
156 return Impl.BeginAuthenticateAsClient (targetHost, clientCertificates, enabledSslProtocols, checkCertificateRevocation, asyncCallback, asyncState);
159 public virtual void EndAuthenticateAsClient (IAsyncResult asyncResult)
161 Impl.EndAuthenticateAsClient (asyncResult);
164 public virtual void AuthenticateAsServer (X509Certificate serverCertificate)
166 Impl.AuthenticateAsServer (serverCertificate);
169 public virtual void AuthenticateAsServer (X509Certificate serverCertificate, bool clientCertificateRequired, SslProtocols enabledSslProtocols, bool checkCertificateRevocation)
171 Impl.AuthenticateAsServer (serverCertificate, clientCertificateRequired, enabledSslProtocols, checkCertificateRevocation);
174 // [HostProtection (ExternalThreading=true)]
175 public virtual IAsyncResult BeginAuthenticateAsServer (X509Certificate serverCertificate, AsyncCallback asyncCallback, object asyncState)
177 return Impl.BeginAuthenticateAsServer (serverCertificate, asyncCallback, asyncState);
180 public virtual IAsyncResult BeginAuthenticateAsServer (X509Certificate serverCertificate, bool clientCertificateRequired, SslProtocols enabledSslProtocols, bool checkCertificateRevocation, AsyncCallback asyncCallback, object asyncState)
182 return Impl.BeginAuthenticateAsServer (serverCertificate, clientCertificateRequired, enabledSslProtocols, checkCertificateRevocation, asyncCallback, asyncState);
185 public virtual void EndAuthenticateAsServer (IAsyncResult asyncResult)
187 Impl.EndAuthenticateAsServer (asyncResult);
190 public TransportContext TransportContext {
192 throw new NotSupportedException();
196 // [HostProtection (ExternalThreading=true)]
197 public virtual Task AuthenticateAsClientAsync (string targetHost)
199 return Impl.AuthenticateAsClientAsync (targetHost);
202 public virtual Task AuthenticateAsClientAsync (string targetHost, X509CertificateCollection clientCertificates, SslProtocols enabledSslProtocols, bool checkCertificateRevocation)
204 return Impl.AuthenticateAsClientAsync (targetHost, clientCertificates, enabledSslProtocols, checkCertificateRevocation);
207 public virtual Task AuthenticateAsServerAsync (X509Certificate serverCertificate)
209 return Impl.AuthenticateAsServerAsync (serverCertificate);
212 public virtual Task AuthenticateAsServerAsync (X509Certificate serverCertificate, bool clientCertificateRequired, SslProtocols enabledSslProtocols, bool checkCertificateRevocation)
214 return Impl.AuthenticateAsServerAsync (serverCertificate, clientCertificateRequired, enabledSslProtocols, checkCertificateRevocation);
217 public override bool IsAuthenticated {
218 get { return Impl.IsAuthenticated; }
221 public override bool IsMutuallyAuthenticated {
222 get { return Impl.IsMutuallyAuthenticated; }
225 public override bool IsEncrypted {
226 get { return Impl.IsEncrypted; }
229 public override bool IsSigned {
230 get { return Impl.IsSigned; }
233 public override bool IsServer {
234 get { return Impl.IsServer; }
237 public virtual SslProtocols SslProtocol {
238 get { return (SslProtocols)Impl.SslProtocol; }
241 public virtual bool CheckCertRevocationStatus {
242 get { return Impl.CheckCertRevocationStatus; }
245 X509Certificate MNS.IMonoSslStream.InternalLocalCertificate {
246 get { return Impl.InternalLocalCertificate; }
249 public virtual X509Certificate LocalCertificate {
250 get { return Impl.LocalCertificate; }
253 public virtual X509Certificate RemoteCertificate {
254 get { return Impl.RemoteCertificate; }
257 public virtual CipherAlgorithmType CipherAlgorithm {
258 get { return (CipherAlgorithmType)Impl.CipherAlgorithm; }
261 public virtual int CipherStrength {
262 get { return Impl.CipherStrength; }
265 public virtual HashAlgorithmType HashAlgorithm {
266 get { return (HashAlgorithmType)Impl.HashAlgorithm; }
269 public virtual int HashStrength {
270 get { return Impl.HashStrength; }
273 public virtual ExchangeAlgorithmType KeyExchangeAlgorithm {
274 get { return (ExchangeAlgorithmType)Impl.KeyExchangeAlgorithm; }
277 public virtual int KeyExchangeStrength {
278 get { return Impl.KeyExchangeStrength; }
281 public override bool CanSeek {
282 get { return false; }
285 public override bool CanRead {
286 get { return Impl.CanRead; }
289 public override bool CanTimeout {
290 get { return Impl.CanTimeout; }
293 public override bool CanWrite {
294 get { return Impl.CanWrite; }
297 public override int ReadTimeout {
298 get { return Impl.ReadTimeout; }
299 set { Impl.ReadTimeout = value; }
302 public override int WriteTimeout {
303 get { return Impl.WriteTimeout; }
304 set { Impl.WriteTimeout = value; }
307 public override long Length {
308 get { return Impl.Length; }
311 public override long Position {
312 get { return Impl.Position; }
314 throw new NotSupportedException (SR.GetString (SR.net_noseek));
318 public override void SetLength (long value)
320 Impl.SetLength (value);
323 public override long Seek (long offset, SeekOrigin origin)
325 throw new NotSupportedException (SR.GetString (SR.net_noseek));
328 public override void Flush ()
333 void CheckDisposed ()
336 throw new ObjectDisposedException ("SslStream");
339 protected override void Dispose (bool disposing)
342 if (impl != null && disposing) {
347 base.Dispose (disposing);
351 public override int Read (byte[] buffer, int offset, int count)
353 return Impl.Read (buffer, offset, count);
356 public void Write (byte[] buffer)
361 public override void Write (byte[] buffer, int offset, int count)
363 Impl.Write (buffer, offset, count);
366 // [HostProtection (ExternalThreading=true)]
367 public override IAsyncResult BeginRead (byte[] buffer, int offset, int count, AsyncCallback asyncCallback, object asyncState)
369 return Impl.BeginRead (buffer, offset, count, asyncCallback, asyncState);
372 public override int EndRead (IAsyncResult asyncResult)
374 return Impl.EndRead (asyncResult);
377 // [HostProtection (ExternalThreading=true)]
378 public override IAsyncResult BeginWrite (byte[] buffer, int offset, int count, AsyncCallback asyncCallback, object asyncState)
380 return Impl.BeginWrite (buffer, offset, count, asyncCallback, asyncState);
383 public override void EndWrite (IAsyncResult asyncResult)
385 Impl.EndWrite (asyncResult);
388 AuthenticatedStream MNS.IMonoSslStream.AuthenticatedStream {
392 MonoTlsProvider MNS.IMonoSslStream.Provider {
393 get { return provider; }
396 MonoTlsConnectionInfo MNS.IMonoSslStream.GetConnectionInfo ()
398 return Impl.GetConnectionInfo ();
402 #else // !SECURITY_DEP
405 using System.Threading.Tasks;
407 namespace System.Net.Security
409 public class SslStream : Stream
411 public SslStream (object innerStream)
415 public override bool CanRead {
417 throw new NotImplementedException ();
421 public override bool CanSeek {
423 throw new NotImplementedException ();
427 public override bool CanWrite {
429 throw new NotImplementedException ();
433 public override long Length {
435 throw new NotImplementedException ();
439 public override long Position {
441 throw new NotImplementedException ();
445 throw new NotImplementedException ();
449 public override void Flush ()
451 throw new NotImplementedException ();
454 public override int Read (System.Byte [] buffer, int offset, int count)
456 throw new NotImplementedException ();
459 public override long Seek (long offset, SeekOrigin origin)
461 throw new NotImplementedException ();
464 public override void SetLength (long value)
466 throw new NotImplementedException ();
469 public override void Write (System.Byte [] buffer, int offset, int count)
471 throw new NotImplementedException ();
474 public virtual Task AuthenticateAsClientAsync (string targetHost, object clientCertificates, object enabledSslProtocols, bool checkCertificateRevocation)
476 throw new NotImplementedException ();