5 // Martin Baulig <martin.baulig@xamarin.com>
7 // Copyright (c) 2015 Xamarin, Inc.
9 // Permission is hereby granted, free of charge, to any person obtaining a copy
10 // of this software and associated documentation files (the "Software"), to deal
11 // in the Software without restriction, including without limitation the rights
12 // to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
13 // copies of the Software, and to permit persons to whom the Software is
14 // furnished to do so, subject to the following conditions:
16 // The above copyright notice and this permission notice shall be included in
17 // all copies or substantial portions of the Software.
19 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
20 // IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
21 // FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
22 // AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
23 // LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
24 // OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
27 #if SECURITY_DEP && !MONO_FEATURE_NEW_TLS
30 extern alias PrebuiltSystem;
32 #if MONO_SECURITY_ALIAS
33 extern alias MonoSecurity;
36 #if MONO_SECURITY_ALIAS
37 using MonoSecurity::Mono.Security.Interface;
39 using Mono.Security.Interface;
42 using XSslProtocols = PrebuiltSystem::System.Security.Authentication.SslProtocols;
43 using XX509CertificateCollection = PrebuiltSystem::System.Security.Cryptography.X509Certificates.X509CertificateCollection;
45 using XSslProtocols = System.Security.Authentication.SslProtocols;
46 using XX509CertificateCollection = System.Security.Cryptography.X509Certificates.X509CertificateCollection;
49 using CipherAlgorithmType = System.Security.Authentication.CipherAlgorithmType;
50 using HashAlgorithmType = System.Security.Authentication.HashAlgorithmType;
51 using ExchangeAlgorithmType = System.Security.Authentication.ExchangeAlgorithmType;
56 using System.Net.Security;
57 using System.Security.Authentication;
58 using System.Security.Cryptography.X509Certificates;
59 using System.Security.Permissions;
60 using System.Security.Principal;
61 using System.Security.Cryptography;
63 using System.Threading.Tasks;
65 using MNS = Mono.Net.Security;
67 namespace System.Net.Security
70 * These two are defined by the referencesource; add them heere to make
71 * it easy to switch between the two implementations.
74 internal delegate bool RemoteCertValidationCallback (
76 X509Certificate certificate,
78 SslPolicyErrors sslPolicyErrors);
80 internal delegate X509Certificate LocalCertSelectionCallback (
82 XX509CertificateCollection localCertificates,
83 X509Certificate remoteCertificate,
84 string[] acceptableIssuers);
86 public class SslStream : AuthenticatedStream, MNS.IMonoSslStream
90 internal MonoSslStream Impl {
97 static MonoTlsProvider GetProvider ()
99 return MonoTlsProviderFactory.GetDefaultProvider ();
102 public SslStream (Stream innerStream)
103 : this (innerStream, false)
107 public SslStream (Stream innerStream, bool leaveInnerStreamOpen)
108 : base (innerStream, leaveInnerStreamOpen)
110 var provider = GetProvider ();
111 impl = provider.CreateSslStream (innerStream, leaveInnerStreamOpen);
114 public SslStream (Stream innerStream, bool leaveInnerStreamOpen, RemoteCertificateValidationCallback userCertificateValidationCallback)
115 : this (innerStream, leaveInnerStreamOpen, userCertificateValidationCallback, null)
119 public SslStream (Stream innerStream, bool leaveInnerStreamOpen, RemoteCertificateValidationCallback userCertificateValidationCallback, LocalCertificateSelectionCallback userCertificateSelectionCallback)
120 : base (innerStream, leaveInnerStreamOpen)
122 var provider = GetProvider ();
123 var settings = new MonoTlsSettings ();
124 settings.RemoteCertificateValidationCallback = MNS.Private.CallbackHelpers.PublicToMono (userCertificateValidationCallback);
125 settings.ClientCertificateSelectionCallback = MNS.Private.CallbackHelpers.PublicToMono (userCertificateSelectionCallback);
126 impl = provider.CreateSslStream (innerStream, leaveInnerStreamOpen, settings);
129 internal SslStream (Stream innerStream, bool leaveInnerStreamOpen, MonoSslStream impl)
130 : base (innerStream, leaveInnerStreamOpen)
135 public virtual void AuthenticateAsClient (string targetHost)
137 Impl.AuthenticateAsClient (targetHost);
140 public virtual void AuthenticateAsClient (string targetHost, XX509CertificateCollection clientCertificates, SslProtocols enabledSslProtocols, bool checkCertificateRevocation)
142 Impl.AuthenticateAsClient (targetHost, (XX509CertificateCollection)(object)clientCertificates, (XSslProtocols)enabledSslProtocols, checkCertificateRevocation);
145 // [HostProtection (ExternalThreading=true)]
146 public virtual IAsyncResult BeginAuthenticateAsClient (string targetHost, AsyncCallback asyncCallback, object asyncState)
148 return Impl.BeginAuthenticateAsClient (targetHost, asyncCallback, asyncState);
151 // [HostProtection (ExternalThreading=true)]
152 public virtual IAsyncResult BeginAuthenticateAsClient (string targetHost, XX509CertificateCollection clientCertificates, SslProtocols enabledSslProtocols, bool checkCertificateRevocation, AsyncCallback asyncCallback, object asyncState)
154 return Impl.BeginAuthenticateAsClient (targetHost, (XX509CertificateCollection)(object)clientCertificates, (XSslProtocols)enabledSslProtocols, checkCertificateRevocation, asyncCallback, asyncState);
157 public virtual void EndAuthenticateAsClient (IAsyncResult asyncResult)
159 Impl.EndAuthenticateAsClient (asyncResult);
162 public virtual void AuthenticateAsServer (X509Certificate serverCertificate)
164 Impl.AuthenticateAsServer (serverCertificate);
167 public virtual void AuthenticateAsServer (X509Certificate serverCertificate, bool clientCertificateRequired, SslProtocols enabledSslProtocols, bool checkCertificateRevocation)
169 Impl.AuthenticateAsServer (serverCertificate, clientCertificateRequired, (XSslProtocols)enabledSslProtocols, checkCertificateRevocation);
172 // [HostProtection (ExternalThreading=true)]
173 public virtual IAsyncResult BeginAuthenticateAsServer (X509Certificate serverCertificate, AsyncCallback asyncCallback, object asyncState)
175 return Impl.BeginAuthenticateAsServer (serverCertificate, asyncCallback, asyncState);
178 public virtual IAsyncResult BeginAuthenticateAsServer (X509Certificate serverCertificate, bool clientCertificateRequired, SslProtocols enabledSslProtocols, bool checkCertificateRevocation, AsyncCallback asyncCallback, object asyncState)
180 return Impl.BeginAuthenticateAsServer (serverCertificate, clientCertificateRequired, (XSslProtocols)enabledSslProtocols, checkCertificateRevocation, asyncCallback, asyncState);
183 public virtual void EndAuthenticateAsServer (IAsyncResult asyncResult)
185 Impl.EndAuthenticateAsServer (asyncResult);
188 public TransportContext TransportContext {
190 throw new NotSupportedException();
194 // [HostProtection (ExternalThreading=true)]
195 public virtual Task AuthenticateAsClientAsync (string targetHost)
197 return Impl.AuthenticateAsClientAsync (targetHost);
200 public virtual Task AuthenticateAsClientAsync (string targetHost, XX509CertificateCollection clientCertificates, SslProtocols enabledSslProtocols, bool checkCertificateRevocation)
202 return Impl.AuthenticateAsClientAsync (targetHost, clientCertificates, (XSslProtocols)enabledSslProtocols, checkCertificateRevocation);
205 public virtual Task AuthenticateAsServerAsync (X509Certificate serverCertificate)
207 return Impl.AuthenticateAsServerAsync (serverCertificate);
210 public virtual Task AuthenticateAsServerAsync (X509Certificate serverCertificate, bool clientCertificateRequired, SslProtocols enabledSslProtocols, bool checkCertificateRevocation)
212 return Impl.AuthenticateAsServerAsync (serverCertificate, clientCertificateRequired, (XSslProtocols)enabledSslProtocols, checkCertificateRevocation);
215 public override bool IsAuthenticated {
216 get { return Impl.IsAuthenticated; }
219 public override bool IsMutuallyAuthenticated {
220 get { return Impl.IsMutuallyAuthenticated; }
223 public override bool IsEncrypted {
224 get { return Impl.IsEncrypted; }
227 public override bool IsSigned {
228 get { return Impl.IsSigned; }
231 public override bool IsServer {
232 get { return Impl.IsServer; }
235 public virtual SslProtocols SslProtocol {
236 get { return (SslProtocols)Impl.SslProtocol; }
239 public virtual bool CheckCertRevocationStatus {
240 get { return Impl.CheckCertRevocationStatus; }
243 X509Certificate MNS.IMonoSslStream.InternalLocalCertificate {
244 get { return Impl.InternalLocalCertificate; }
247 public virtual X509Certificate LocalCertificate {
248 get { return Impl.LocalCertificate; }
251 public virtual X509Certificate RemoteCertificate {
252 get { return Impl.RemoteCertificate; }
255 public virtual CipherAlgorithmType CipherAlgorithm {
256 get { return (CipherAlgorithmType)Impl.CipherAlgorithm; }
259 public virtual int CipherStrength {
260 get { return Impl.CipherStrength; }
263 public virtual HashAlgorithmType HashAlgorithm {
264 get { return (HashAlgorithmType)Impl.HashAlgorithm; }
267 public virtual int HashStrength {
268 get { return Impl.HashStrength; }
271 public virtual ExchangeAlgorithmType KeyExchangeAlgorithm {
272 get { return (ExchangeAlgorithmType)Impl.KeyExchangeAlgorithm; }
275 public virtual int KeyExchangeStrength {
276 get { return Impl.KeyExchangeStrength; }
279 public override bool CanSeek {
280 get { return false; }
283 public override bool CanRead {
284 get { return Impl.CanRead; }
287 public override bool CanTimeout {
288 get { return Impl.CanTimeout; }
291 public override bool CanWrite {
292 get { return Impl.CanWrite; }
295 public override int ReadTimeout {
296 get { return Impl.ReadTimeout; }
297 set { Impl.ReadTimeout = value; }
300 public override int WriteTimeout {
301 get { return Impl.WriteTimeout; }
302 set { Impl.WriteTimeout = value; }
305 public override long Length {
306 get { return Impl.Length; }
309 public override long Position {
310 get { return Impl.Position; }
312 throw new NotSupportedException (SR.GetString (SR.net_noseek));
316 public override void SetLength (long value)
318 Impl.SetLength (value);
321 public override long Seek (long offset, SeekOrigin origin)
323 throw new NotSupportedException (SR.GetString (SR.net_noseek));
326 public override void Flush ()
331 void CheckDisposed ()
334 throw new ObjectDisposedException ("MonoSslStream");
337 protected override void Dispose (bool disposing)
340 if (impl != null && disposing) {
345 base.Dispose (disposing);
349 public override int Read (byte[] buffer, int offset, int count)
351 return Impl.Read (buffer, offset, count);
354 public void Write (byte[] buffer)
359 public override void Write (byte[] buffer, int offset, int count)
361 Impl.Write (buffer, offset, count);
364 // [HostProtection (ExternalThreading=true)]
365 public override IAsyncResult BeginRead (byte[] buffer, int offset, int count, AsyncCallback asyncCallback, object asyncState)
367 return Impl.BeginRead (buffer, offset, count, asyncCallback, asyncState);
370 public override int EndRead (IAsyncResult asyncResult)
372 return Impl.EndRead (asyncResult);
375 // [HostProtection (ExternalThreading=true)]
376 public override IAsyncResult BeginWrite (byte[] buffer, int offset, int count, AsyncCallback asyncCallback, object asyncState)
378 return Impl.BeginWrite (buffer, offset, count, asyncCallback, asyncState);
381 public override void EndWrite (IAsyncResult asyncResult)
383 Impl.EndWrite (asyncResult);
386 AuthenticatedStream MNS.IMonoSslStream.AuthenticatedStream {