+2010-02-28 Miguel de Icaza <miguel@novell.com>
+
+ *Mono.Security.Protocol.Tls/HttpsClientStream.cs,
+ Mono.Security.Protocol.Tls/SslStreamBase.cs,
+ Mono.Security.X509/PKCS12.cs,
+ Mono.Security.X509/X509Certificate.cs,
+ Mono.Security.Cryptography/RSAManaged.cs,
+ Mono.Security.Cryptography/SymmetricTransform.cs,
+ Mono.Security/ASN1Convert.cs: Drop the pre-NET 2.0 support.
+
2008-06-26 Sebastien Pouliot <sebastien@ximian.com>
* Mono.Security_test.dll.sources: Added SubjectAltNameExtension unit
// internal for Mono 1.0.x in order to preserve public contract
// they are public for Mono 1.1.x (for 1.2) as the API isn't froze ATM
-#if NET_2_0
- public
-#else
- internal
-#endif
- bool UseKeyBlinding {
+ public bool UseKeyBlinding {
get { return keyBlinding; }
// you REALLY shoudn't touch this (true is fine ;-)
set { keyBlinding = value; }
}
-#if NET_2_0
- public
-#else
- internal
-#endif
- bool IsCrtPossible {
+ public bool IsCrtPossible {
// either the key pair isn't generated (and will be
// generated with CRT parameters) or CRT is (or isn't)
// possible (in case the key was imported)
} else {
rgbIV = (byte[]) rgbIV.Clone ();
}
-#if NET_2_0
// compare the IV length with the "currently selected" block size and *ignore* IV that are too big
if (rgbIV.Length < BlockSizeByte) {
string msg = Locale.GetText ("IV is too small ({0} bytes), it should be {1} bytes long.",
rgbIV.Length, BlockSizeByte);
throw new CryptographicException (msg);
}
-#endif
+
// mode buffers
temp = new byte [BlockSizeByte];
Buffer.BlockCopy (rgbIV, 0, temp, 0, System.Math.Min (BlockSizeByte, rgbIV.Length));
} else if (KeepLastBlock) {
#endif
if (0 > len + BlockSizeByte) {
-#if NET_2_0
throw new CryptographicException ("outputBuffer", Locale.GetText ("Overflow"));
-#else
- throw new IndexOutOfRangeException (Locale.GetText ("Overflow"));
-#endif
}
} else {
if (0 > len) {
return total;
}
-#if NET_2_0 && (!NET_2_1 || MONOTOUCH)
+#if (!NET_2_1 || MONOTOUCH)
RandomNumberGenerator _rng;
private void Random (byte[] buffer, int start, int length)
total += BlockSizeByte;
#else
switch (algo.Padding) {
-#if NET_2_0
case PaddingMode.ANSIX923:
case PaddingMode.ISO10126:
-#endif
case PaddingMode.PKCS7:
// we need to add an extra block for padding
total += BlockSizeByte;
InternalTransformBlock (res, full, BlockSizeByte, res, full);
#else
switch (algo.Padding) {
-#if NET_2_0
case PaddingMode.ANSIX923:
// XX 00 00 00 00 00 00 07 (zero + padding length)
res [res.Length - 1] = padding;
// the last padded block will be transformed in-place
InternalTransformBlock (res, full, BlockSizeByte, res, full);
break;
-#endif // NET_2_0
case PaddingMode.PKCS7:
// XX 07 07 07 07 07 07 07 (padding length)
for (int i = res.Length; --i >= (res.Length - padding);)
total -= padding;
#else
switch (algo.Padding) {
-#if NET_2_0
case PaddingMode.ANSIX923:
if ((padding == 0) || (padding > BlockSizeByte))
ThrowBadPaddingException (algo.Padding, padding, -1);
case PaddingMode.PKCS7:
total -= padding;
break;
-#endif // NET_2_0
+
case PaddingMode.None: // nothing to do - it's a multiple of block size
case PaddingMode.Zeros: // nothing to do - user must unpad himself
break;
using System.Net;
using System.Security.Cryptography;
using System.Security.Cryptography.X509Certificates;
-#if NET_2_0
using SNS = System.Net.Security;
using SNCX = System.Security.Cryptography.X509Certificates;
-#endif
namespace Mono.Security.Protocol.Tls {
// also saved from reflection
base.CheckCertRevocationStatus = ServicePointManager.CheckCertificateRevocationList;
#endif
-#if NET_2_0
ClientCertSelection += delegate (X509CertificateCollection clientCerts, X509Certificate serverCertificate,
string targetHost, X509CertificateCollection serverRequestedCertificates) {
return ((clientCerts == null) || (clientCerts.Count == 0)) ? null : clientCerts [0];
X509Certificate2 cert = (certificate as X509Certificate2);
return (cert == null) ? null : cert.PrivateKey;
};
-#endif
}
public bool TrustFailure {
// only one problem can be reported by this interface
_status = ((failed) ? certificateErrors [0] : 0);
-#if NET_2_0
#pragma warning disable 618
-#endif
if (ServicePointManager.CertificatePolicy != null) {
ServicePoint sp = _request.ServicePoint;
bool res = ServicePointManager.CertificatePolicy.CheckValidationResult (sp, certificate, _request, _status);
return false;
failed = true;
}
-#if NET_2_0
#pragma warning restore 618
-#endif
-#if NET_2_0
+
SNS.RemoteCertificateValidationCallback cb = ServicePointManager.ServerCertificateValidationCallback;
if (cb != null) {
SNS.SslPolicyErrors ssl_errors = 0;
ssl_errors |= SNS.SslPolicyErrors.RemoteCertificateChainErrors;
return cb (_request, cert2, chain, ssl_errors);
}
-#endif
return failed;
}
}
public override void Close()
{
-#if NET_2_0
base.Close ();
-#else
- ((IDisposable)this).Dispose();
-#endif
}
public override void Flush()
this.Dispose(false);
}
-#if !NET_2_0
- public void Dispose()
- {
- this.Dispose(true);
- GC.SuppressFinalize(this);
- }
-
- protected virtual void Dispose (bool disposing)
-#else
protected override void Dispose (bool disposing)
-#endif
{
if (!this.disposed)
{
}
this.disposed = true;
-#if NET_2_0
base.Dispose (disposing);
-#endif
}
}
Password = password;
Decode (data);
}
-#if NET_2_0
+
public PKCS12 (byte[] data, byte[] password)
: this ()
{
_password = password;
Decode (data);
}
-#endif
+
private void Decode (byte[] data)
{
ASN1 pfx = new ASN1 (data);
#if INSIDE_CORLIB
internal class X509Certificate : ISerializable {
-#elif NET_2_0
- public class X509Certificate : ISerializable {
#else
- public class X509Certificate {
+ public class X509Certificate : ISerializable {
#endif
private ASN1 decoder;
}
return _dsa;
}
-#if NET_2_0
+
set {
_dsa = value;
if (value != null)
_rsa = null;
}
-#endif
}
public X509ExtensionCollection Extensions {
}
return _rsa;
}
-#if NET_2_0
+
set {
if (value != null)
_dsa = null;
_rsa = value;
}
-#endif
}
public virtual byte[] RawData {
}
}
-#if INSIDE_CORLIB || NET_2_0
+#if INSIDE_CORLIB
public ASN1 GetIssuerName ()
{
return issuer;
#else
public
#endif
-#if NET_2_0
static class ASN1Convert {
-#else
- sealed class ASN1Convert {
-
- private ASN1Convert ()
- {
- }
-#endif
// RFC3280, section 4.2.1.5
// CAs conforming to this profile MUST always encode certificate
// validity dates through the year 2049 as UTCTime; certificate validity
// to support both UTCTime and GeneralizedTime (and not so common format)
string mask = null;
int year;
-#if !NET_2_0
- bool utc = true;
-#endif
switch (t.Length) {
case 11:
// illegal format, still it's supported for compatibility
t = String.Format ("{0}{1}{2}{3}{4}:{5}{6}", century, t.Substring (0, 12), sign,
t[13], t[14], t[15], t[16]);
mask = "yyyyMMddHHmmsszzz";
-#if !NET_2_0
- utc = false;
-#endif
break;
}
-#if NET_2_0
return DateTime.ParseExact (t, mask, null, DateTimeStyles.AdjustToUniversal);
-#else
- DateTime result = DateTime.ParseExact (t, mask, null);
- if (utc)
- return result;
- return result.ToUniversalTime ();
-#endif
}
}
}