From c662f360fd1e9e9cdbd19c4c1aadb020f1e39863 Mon Sep 17 00:00:00 2001
From: Sebastien Pouliot <sebastien@ximian.com>
Date: Wed, 8 Nov 2006 14:50:54 +0000
Subject: [PATCH 1/1] 2006-11-08  Sebastien Pouliot  <sebastien@ximian.com>

	* X509Certificate2UI.cs: Fix exceptions, add security attributes and
	notes.


svn path=/trunk/mcs/; revision=67533
---
 .../ChangeLog                                 |  5 +++
 .../X509Certificate2UI.cs                     | 38 +++++++++++--------
 2 files changed, 28 insertions(+), 15 deletions(-)

diff --git a/mcs/class/System.Security/System.Security.Cryptography.X509Certificates/ChangeLog b/mcs/class/System.Security/System.Security.Cryptography.X509Certificates/ChangeLog
index ab5baa04a99..83035c1a72d 100644
--- a/mcs/class/System.Security/System.Security.Cryptography.X509Certificates/ChangeLog
+++ b/mcs/class/System.Security/System.Security.Cryptography.X509Certificates/ChangeLog
@@ -1,3 +1,8 @@
+2006-11-08  Sebastien Pouliot  <sebastien@ximian.com>
+
+	* X509Certificate2UI.cs: Fix exceptions, add security attributes and
+	notes.
+
 2005-11-09  Sebastien Pouliot  <sebastien@ximian.com> 
 
 	* X509SelectionFlag.cs: Removed extra [Serializable].
diff --git a/mcs/class/System.Security/System.Security.Cryptography.X509Certificates/X509Certificate2UI.cs b/mcs/class/System.Security/System.Security.Cryptography.X509Certificates/X509Certificate2UI.cs
index c3c8d4f7d1f..f9f6f885f9f 100644
--- a/mcs/class/System.Security/System.Security.Cryptography.X509Certificates/X509Certificate2UI.cs
+++ b/mcs/class/System.Security/System.Security.Cryptography.X509Certificates/X509Certificate2UI.cs
@@ -4,7 +4,7 @@
 // Author:
 //	Sebastien Pouliot  <sebastien@ximian.com>
 //
-// Copyright (C) 2005 Novell Inc. (http://www.novell.com)
+// Copyright (C) 2005, 2006 Novell Inc. (http://www.novell.com)
 //
 // Permission is hereby granted, free of charge, to any person obtaining
 // a copy of this software and associated documentation files (the
@@ -28,8 +28,22 @@
 
 #if NET_2_0
 
+// Notes:
+//
+// We could P/Invoke both the display and selection under Windows. However 
+// this would show the wrong certificate chain and the install would be 
+// worthless (wrong certificate store).
+//
+// The alternative is to display our own UI - but without making the System.
+// Security.dll assembly depends on SWF or GTK# (e.g. reflection). We should
+// also use a factory to select the best UI. E.g. SWF on Windows, Gtk# 
+// elsewhere (except if Gtk# isn't available then we fallback on SWF)
+//
+
 using System.Security.Permissions;
 
+using Mono.Security.X509;
+
 namespace System.Security.Cryptography.X509Certificates {
 
 	public sealed class X509Certificate2UI {
@@ -42,22 +56,19 @@ namespace System.Security.Cryptography.X509Certificates {
 		[MonoTODO]
 		public static void DisplayCertificate (X509Certificate2 certificate)
 		{
-			if (certificate == null)
-				throw new ArgumentNullException ("certificate");
-
-			throw new NotImplementedException ();
-
-			// TODO : we could P/Invoke this Windows but it would get us 
-			// the wrong certificate chain (and the install would be worthless)
+			// note: the LinkDemand won't interfere (by design) as this caller is trusted (correct behaviour)
+			DisplayCertificate (certificate, IntPtr.Zero);
 		}
 
 		[MonoTODO]
+		[UIPermission (SecurityAction.Demand, Window = UIPermissionWindow.SafeTopLevelWindows)]
 		[SecurityPermission (SecurityAction.LinkDemand, UnmanagedCode = true)]
 		public static void DisplayCertificate (X509Certificate2 certificate, IntPtr hwndParent) 
 		{
 			if (certificate == null)
 				throw new ArgumentNullException ("certificate");
 
+			/*byte[] raw = */ certificate.GetRawCertData ();
 			throw new NotImplementedException ();
 		}
 
@@ -65,15 +76,12 @@ namespace System.Security.Cryptography.X509Certificates {
 		public static X509Certificate2Collection SelectFromCollection (X509Certificate2Collection certificates, 
 			string title, string message, X509SelectionFlag selectionFlag)
 		{
-			if (certificates == null)
-				throw new ArgumentNullException ("certificates");
-			if ((selectionFlag < X509SelectionFlag.SingleSelection) || (selectionFlag > X509SelectionFlag.MultiSelection))
-				throw new ArgumentNullException ("selectionFlag");
-
-			throw new NotImplementedException ();
+			// note: the LinkDemand won't interfere (by design) as this caller is trusted (correct behaviour)
+			return SelectFromCollection (certificates, title, message, selectionFlag, IntPtr.Zero);
 		}
 
 		[MonoTODO]
+		[UIPermission (SecurityAction.Demand, Window = UIPermissionWindow.SafeTopLevelWindows)]
 		[SecurityPermission (SecurityAction.LinkDemand, UnmanagedCode = true)]
 		public static X509Certificate2Collection SelectFromCollection (X509Certificate2Collection certificates, 
 			string title, string message, X509SelectionFlag selectionFlag, IntPtr hwndParent)
@@ -81,7 +89,7 @@ namespace System.Security.Cryptography.X509Certificates {
 			if (certificates == null)
 				throw new ArgumentNullException ("certificates");
 			if ((selectionFlag < X509SelectionFlag.SingleSelection) || (selectionFlag > X509SelectionFlag.MultiSelection))
-				throw new ArgumentNullException ("selectionFlag");
+				throw new ArgumentException ("selectionFlag");
 
 			throw new NotImplementedException ();
 		}
-- 
2.25.1