mcs/class/System/Mono.AppleTls/Trust.cs

   1 #if SECURITY_DEP && MONO_FEATURE_APPLETLS
   2 //
   3 // Trust.cs: Implements the managed SecTrust wrapper.
   4 //
   5 // Authors:
   6 //      Miguel de Icaza
   7 //  Sebastien Pouliot  <sebastien@xamarin.com>
   8 //
   9 // Copyright 2010 Novell, Inc
  10 // Copyright 2012-2014 Xamarin Inc.
  11 //
  12 // Permission is hereby granted, free of charge, to any person obtaining
  13 // a copy of this software and associated documentation files (the
  14 // "Software"), to deal in the Software without restriction, including
  15 // without limitation the rights to use, copy, modify, merge, publish,
  16 // distribute, sublicense, and/or sell copies of the Software, and to
  17 // permit persons to whom the Software is furnished to do so, subject to
  18 // the following conditions:
  19 //
  20 // The above copyright notice and this permission notice shall be
  21 // included in all copies or substantial portions of the Software.
  22 //
  23 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
  24 // EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
  25 // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
  26 // NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
  27 // LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
  28 // OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
  29 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
  30 //
  31 using System;
  32 using System.Runtime.InteropServices;
  33 using System.Security;
  34 using System.Security.Cryptography.X509Certificates;
  35 using ObjCRuntime;
  36 using Mono.Net;
  37
  38 namespace Mono.AppleTls {
  39         partial class SecTrust : INativeObject, IDisposable {
  40                 IntPtr handle;
  41
  42                 internal SecTrust (IntPtr handle, bool owns = false)
  43                 {
  44                         if (handle == IntPtr.Zero)
  45                                 throw new Exception ("Invalid handle");
  46
  47                         this.handle = handle;
  48                         if (!owns)
  49                                 CFObject.CFRetain (handle);
  50                 }
  51
  52                 [DllImport (AppleTlsContext.SecurityLibrary)]
  53                 extern static SecStatusCode SecTrustCreateWithCertificates (
  54                         /* CFTypeRef */            IntPtr certOrCertArray,
  55                         /* CFTypeRef __nullable */ IntPtr policies,
  56                         /* SecTrustRef *__nonull */ out IntPtr sectrustref);
  57
  58
  59                 public SecTrust (X509CertificateCollection certificates, SecPolicy policy)
  60                 {
  61                         if (certificates == null)
  62                                 throw new ArgumentNullException ("certificates");
  63
  64                         SecCertificate[] array = new SecCertificate [certificates.Count];
  65                         int i = 0;
  66                         foreach (var certificate in certificates)
  67                                 array [i++] = new SecCertificate (certificate);
  68                         Initialize (array, policy);
  69                 }
  70
  71                 void Initialize (SecCertificate[] array, SecPolicy policy)
  72                 {
  73                         using (var certs = CFArray.CreateArray (array)) {
  74                                 Initialize (certs.Handle, policy);
  75                         }
  76                 }
  77
  78                 void Initialize (IntPtr certHandle, SecPolicy policy)
  79                 {
  80                         SecStatusCode result = SecTrustCreateWithCertificates (certHandle, policy == null ? IntPtr.Zero : policy.Handle, out handle);
  81                         if (result != SecStatusCode.Success)
  82                                 throw new ArgumentException (result.ToString ());
  83                 }
  84
  85                 [DllImport (AppleTlsContext.SecurityLibrary)]
  86                 extern static SecStatusCode /* OSStatus */ SecTrustEvaluate (IntPtr /* SecTrustRef */ trust, out /* SecTrustResultType */ SecTrustResult result);
  87
  88                 public SecTrustResult Evaluate ()
  89                 {
  90                         if (handle == IntPtr.Zero)
  91                                 throw new ObjectDisposedException ("SecTrust");
  92
  93                         SecTrustResult trust;
  94                         SecStatusCode result = SecTrustEvaluate (handle, out trust);
  95                         if (result != SecStatusCode.Success)
  96                                 throw new InvalidOperationException (result.ToString ());
  97                         return trust;
  98                 }
  99
 100                 [DllImport (AppleTlsContext.SecurityLibrary)]
 101                 extern static IntPtr /* CFIndex */ SecTrustGetCertificateCount (IntPtr /* SecTrustRef */ trust);
 102
 103                 public int Count {
 104                         get {
 105                                 if (handle == IntPtr.Zero)
 106                                         return 0;
 107                                 return (int) SecTrustGetCertificateCount (handle);
 108                         }
 109                 }
 110
 111                 [DllImport (AppleTlsContext.SecurityLibrary)]
 112                 extern static IntPtr /* SecCertificateRef */ SecTrustGetCertificateAtIndex (IntPtr /* SecTrustRef */ trust, IntPtr /* CFIndex */ ix);
 113
 114                 public SecCertificate this [IntPtr index] {
 115                         get {
 116                                 if (handle == IntPtr.Zero)
 117                                         throw new ObjectDisposedException ("SecTrust");
 118                                 if (((long)index < 0) || ((long)index >= Count))
 119                                         throw new ArgumentOutOfRangeException ("index");
 120
 121                                 return new SecCertificate (SecTrustGetCertificateAtIndex (handle, index));
 122                         }
 123                 }
 124
 125                 [DllImport (AppleTlsContext.SecurityLibrary)]
 126                 extern static SecStatusCode /* OSStatus */ SecTrustSetAnchorCertificates (IntPtr /* SecTrustRef */ trust, IntPtr /* CFArrayRef */ anchorCertificates);
 127
 128                 public SecStatusCode SetAnchorCertificates (X509CertificateCollection certificates)
 129                 {
 130                         if (handle == IntPtr.Zero)
 131                                 throw new ObjectDisposedException ("SecTrust");
 132                         if (certificates == null)
 133                                 return SecTrustSetAnchorCertificates (handle, IntPtr.Zero);
 134
 135                         SecCertificate[] array = new SecCertificate [certificates.Count];
 136                         int i = 0;
 137                         foreach (var certificate in certificates)
 138                                 array [i++] = new SecCertificate (certificate);
 139                         return SetAnchorCertificates (array);
 140                 }
 141
 142                 public SecStatusCode SetAnchorCertificates (SecCertificate[] array)
 143                 {
 144                         if (array == null)
 145                                 return SecTrustSetAnchorCertificates (handle, IntPtr.Zero);
 146                         using (var certs = CFArray.FromNativeObjects (array)) {
 147                                 return SecTrustSetAnchorCertificates (handle, certs.Handle);
 148                         }
 149                 }
 150
 151                 [DllImport (AppleTlsContext.SecurityLibrary)]
 152                 extern static SecStatusCode /* OSStatus */ SecTrustSetAnchorCertificatesOnly (IntPtr /* SecTrustRef */ trust, bool anchorCertificatesOnly);
 153
 154                 public SecStatusCode SetAnchorCertificatesOnly (bool anchorCertificatesOnly)
 155                 {
 156                         if (handle == IntPtr.Zero)
 157                                 throw new ObjectDisposedException ("SecTrust");
 158
 159                         return SecTrustSetAnchorCertificatesOnly (handle, anchorCertificatesOnly);
 160                 }
 161
 162                 [DllImport (AppleTlsContext.SecurityLibrary)]
 163                 extern static SecStatusCode /* OSStatus */ SecTrustSetVerifyDate (IntPtr /* SecTrustRef */ trust, IntPtr /* CFDateRef */ date);
 164
 165                 public SecStatusCode SetVerifyDate (DateTime date)
 166                 {
 167                         using (var nativeDate = CFDate.Create (date))
 168                                 return SecTrustSetVerifyDate (handle, nativeDate.Handle);
 169                 }
 170
 171                 ~SecTrust ()
 172                 {
 173                         Dispose (false);
 174                 }
 175
 176                 protected virtual void Dispose (bool disposing)
 177                 {
 178                         if (handle != IntPtr.Zero) {
 179                                 CFObject.CFRelease (handle);
 180                                 handle = IntPtr.Zero;
 181                         }
 182                 }
 183
 184                 public void Dispose ()
 185                 {
 186                         Dispose (true);
 187                         GC.SuppressFinalize (this);
 188                 }
 189
 190                 public IntPtr Handle {
 191                         get { return handle; }
 192                 }
 193         }
 194 }
 195 #endif