Merge pull request #3769 from evincarofautumn/fix-verify-before-allocs

[mono.git] / mcs / class / System / System.Security.Cryptography.X509Certificates / X509Helper2.cs
diff --git a/mcs/class/System/System.Security.Cryptography.X509Certificates/X509Helper2.cs b/mcs/class/System/System.Security.Cryptography.X509Certificates/X509Helper2.cs

index ffd54a737b9a8e95eb15d6b52ee7fca891f5e2da..7d0b3d1487cda4b4b5a74edbc957997fa56556f1 100644 (file)
--- a/mcs/class/System/System.Security.Cryptography.X509Certificates/X509Helper2.cs
+++ b/mcs/class/System/System.Security.Cryptography.X509Certificates/X509Helper2.cs
@@ -30,20 +30,60 @@
  #if MONO_SECURITY_ALIAS
  extern alias MonoSecurity;
  #endif
-#if MONO_X509_ALIAS
-extern alias PrebuiltSystem;
-#endif
  
  #if MONO_SECURITY_ALIAS
  using MonoSecurity::Mono.Security.Interface;
+using MX = MonoSecurity::Mono.Security.X509;
  #else
+#if MONO_FEATURE_BTLS
  using Mono.Security.Interface;
  #endif
+using MX = Mono.Security.X509;
+#endif
+
+#if MONO_FEATURE_BTLS
+using Mono.Btls;
+#endif
+#endif
+
+using System.IO;
+using System.Text;
  
  namespace System.Security.Cryptography.X509Certificates
  {
         internal static class X509Helper2
         {
+               internal static long GetSubjectNameHash (X509Certificate certificate)
+               {
+                       return GetSubjectNameHash (certificate.Impl);
+               }
+
+               internal static long GetSubjectNameHash (X509CertificateImpl impl)
+               {
+#if SECURITY_DEP
+                       using (var x509 = GetNativeInstance (impl))
+                               return GetSubjectNameHash (x509);
+#else
+                       throw new NotSupportedException ();
+#endif
+               }
+
+               internal static void ExportAsPEM (X509Certificate certificate, Stream stream, bool includeHumanReadableForm)
+               {
+                       ExportAsPEM (certificate.Impl, stream, includeHumanReadableForm);
+               }
+
+               internal static void ExportAsPEM (X509CertificateImpl impl, Stream stream, bool includeHumanReadableForm)
+               {
+#if SECURITY_DEP
+                       using (var x509 = GetNativeInstance (impl))
+                               ExportAsPEM (x509, stream, includeHumanReadableForm);
+#else
+                       throw new NotSupportedException ();
+#endif
+               }
+
+#if SECURITY_DEP
                 internal static void Initialize ()
                 {
                         X509Helper.InstallNativeHelper (new MyNativeHelper ());
@@ -54,32 +94,90 @@ namespace System.Security.Cryptography.X509Certificates
                         X509Helper.ThrowIfContextInvalid (impl);
                 }
  
-               internal static X509Certificate2Impl Import (byte[] rawData, string password, X509KeyStorageFlags keyStorageFlags)
+#if !MONO_FEATURE_BTLS
+               static X509Certificate GetNativeInstance (X509CertificateImpl impl)
+               {
+                       throw new PlatformNotSupportedException ();
+               }
+#else
+               static MonoBtlsX509 GetNativeInstance (X509CertificateImpl impl)
                 {
-                       var provider = MonoTlsProviderFactory.GetProvider ();
-                       if (provider.HasNativeCertificates) {
-                               var impl = provider.GetNativeCertificate (rawData, password, keyStorageFlags);
-                               return (X509Certificate2Impl)(object)impl;
-                       } else {
-                               var impl = new X509Certificate2ImplMono ();
-                               impl.Import (rawData, password, keyStorageFlags);
-                               return impl;
+                       ThrowIfContextInvalid (impl);
+                       var btlsImpl = impl as X509CertificateImplBtls;
+                       if (btlsImpl != null)
+                               return btlsImpl.X509.Copy ();
+                       else
+                               return MonoBtlsX509.LoadFromData (impl.GetRawCertData (), MonoBtlsX509Format.DER);
+               }
+
+               internal static long GetSubjectNameHash (MonoBtlsX509 x509)
+               {
+                       using (var subject = x509.GetSubjectName ())
+                               return subject.GetHash ();
+               }
+
+               internal static void ExportAsPEM (MonoBtlsX509 x509, Stream stream, bool includeHumanReadableForm)
+               {
+                       using (var bio = MonoBtlsBio.CreateMonoStream (stream)) {
+                               x509.ExportAsPEM (bio, includeHumanReadableForm);
+                       }
+               }
+#endif // !MONO_FEATURE_BTLS
+
+               internal static X509Certificate2Impl Import (byte[] rawData, string password, X509KeyStorageFlags keyStorageFlags, bool disableProvider = false)
+               {
+#if MONO_FEATURE_BTLS
+                       if (!disableProvider) {
+                               var provider = MonoTlsProviderFactory.GetProvider ();
+                               if (provider.HasNativeCertificates) {
+                                       var impl = provider.GetNativeCertificate (rawData, password, keyStorageFlags);
+                                       return impl;
+                               }
                         }
+#endif // MONO_FEATURE_BTLS
+                       var impl2 = new X509Certificate2ImplMono ();
+                       impl2.Import (rawData, password, keyStorageFlags);
+                       return impl2;
                 }
  
-               internal static X509Certificate2Impl Import (X509Certificate cert)
+               internal static X509Certificate2Impl Import (X509Certificate cert, bool disableProvider = false)
                 {
-                       var provider = MonoTlsProviderFactory.GetProvider ();
-                       if (provider.HasNativeCertificates) {
-                               var impl = provider.GetNativeCertificate (cert);
-                               return (X509Certificate2Impl)(object)impl;
+#if MONO_FEATURE_BTLS
+                       if (!disableProvider) {
+                               var provider = MonoTlsProviderFactory.GetProvider ();
+                               if (provider.HasNativeCertificates) {
+                                       var impl = provider.GetNativeCertificate (cert);
+                                       return impl;
+                               }
                         }
+#endif // MONO_FEATURE_BTLS
                         var impl2 = cert.Impl as X509Certificate2Impl;
                         if (impl2 != null)
                                 return (X509Certificate2Impl)impl2.Clone ();
                         return Import (cert.GetRawCertData (), null, X509KeyStorageFlags.DefaultKeySet);
                 }
  
+               /*
+                * This is used by X509ChainImplMono
+                * 
+                * Some of the missing APIs such as X509v3 extensions can be added to the native
+                * BTLS implementation.
+                * 
+                * We should also consider replacing X509ChainImplMono with a new X509ChainImplBtls
+                * at some point.
+                */
+               [MonoTODO ("Investigate replacement; see comments in source.")]
+               internal static MX.X509Certificate GetMonoCertificate (X509Certificate2 certificate)
+               {
+                       var impl2 = certificate.Impl as X509Certificate2Impl;
+                       if (impl2 == null)
+                               impl2 = Import (certificate, true);
+                       var fallbackImpl = impl2.FallbackImpl as X509Certificate2ImplMono;
+                       if (fallbackImpl == null)
+                               throw new NotSupportedException ();
+                       return fallbackImpl.MonoCertificate;
+               }
+
                 internal static X509ChainImpl CreateChainImpl (bool useMachineContext)
                 {
                         return new X509ChainImplMono (useMachineContext);
@@ -114,6 +212,6 @@ namespace System.Security.Cryptography.X509Certificates
                                 return X509Helper2.Import (cert);
                         }
                 }
+#endif
         }
  }
-#endif