Thanks to visit codestin.com
Credit goes to github.com

Skip to content

"Code Ultramarine": sync X509Certificate2 with CoreFX and introduce X509Certificate2ImplUnix #9705

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
marek-safar merged 5 commits into from
Nov 29, 2018
Merged

"Code Ultramarine": sync X509Certificate2 with CoreFX and introduce X509Certificate2ImplUnix #9705

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
6beb2c1
"Code Ultramarine"
Nov 19, 2018
7775a22
Remove tests for broken / invalid certificates.
Jul 27, 2018
5ab7c93
[csproj] Update project files
monojenkins Nov 19, 2018
411ac18
Merge remote-tracking branch 'upstream/master' into work-ultramarine
monojenkins Nov 29, 2018
29e1475
Bump API snapshot submodule
monojenkins Nov 29, 2018
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion external/api-snapshot
Open in desktop
Submodule api-snapshot updated 3 files
+4 −6 profiles/monodroid/System.cs
+4 −6 profiles/monotouch/System.cs
+4 −6 profiles/net_4_x/System.cs
6 changes: 3 additions & 3 deletions mcs/class/Mono.Btls.Interface/Mono.Btls.Interface/BtlsProvider.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -50,17 +50,17 @@ public static BtlsX509 CreateNative (byte[] data, BtlsX509Format format)

public static X509Certificate CreateCertificate (byte[] data, BtlsX509Format format, bool disallowFallback = false)
{
return MonoBtlsProvider.CreateCertificate (data, (MonoBtlsX509Format)format, disallowFallback);
return MonoBtlsProvider.CreateCertificate (data, (MonoBtlsX509Format)format);
}

public static X509Certificate2 CreateCertificate2 (byte[] data, BtlsX509Format format, bool disallowFallback = false)
{
return MonoBtlsProvider.CreateCertificate2 (data, (MonoBtlsX509Format)format, disallowFallback);
return MonoBtlsProvider.CreateCertificate2 (data, (MonoBtlsX509Format)format);
}

public static X509Certificate2 CreateCertificate2 (byte[] data, string password, bool disallowFallback = false)
{
return MonoBtlsProvider.CreateCertificate2 (data, password, disallowFallback);
return MonoBtlsProvider.CreateCertificate2 (data, password);
}

public static BtlsX509Chain CreateNativeChain ()
Expand Down
3 changes: 2 additions & 1 deletion mcs/class/Mono.Btls.Interface/Mono.Btls.Interface/BtlsX509.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -100,7 +100,8 @@ public int GetVersion ()

public Oid GetSignatureAlgorithm ()
{
return Instance.GetSignatureAlgorithm ();
var algorithm = Instance.GetSignatureAlgorithm ();
return Oid.FromOidValue (algorithm, OidGroup.SignatureAlgorithm);
}

public AsnEncodedData GetPublicKeyAsn1 ()
Expand Down
8 changes: 6 additions & 2 deletions ...ass/System.Core/System.Security.Cryptography.X509Certificates/RSACertificateExtensions.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -33,8 +33,12 @@ public static class RSACertificateExtensions
public static RSA GetRSAPrivateKey(this X509Certificate2 certificate)
{
if (certificate == null)
throw new ArgumentNullException("certificate");
return certificate.PrivateKey as RSA;
throw new ArgumentNullException (nameof (certificate));

if (!certificate.HasPrivateKey)
return null;

return certificate.Impl.GetRSAPrivateKey ();
}

public static RSA GetRSAPublicKey(this X509Certificate2 certificate)
Expand Down
2 changes: 1 addition & 1 deletion mcs/class/System/Makefile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -116,7 +116,7 @@ endif
TXT_RESOURCE_STRINGS = ../referencesource/System/System.txt


API_BIN_REFS := System.Net.Http System.Xml System.Core
API_BIN_REFS := System.Net.Http System.Xml System.Core System.Numerics

ifndef MOBILE_PROFILE
API_BIN_REFS += System.Configuration
Expand Down
95 changes: 37 additions & 58 deletions mcs/class/System/Mono.AppleTls/X509CertificateImplApple.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,3 @@
#if MONO_FEATURE_APPLETLS || MONO_FEATURE_APPLE_X509
#if MONO_SECURITY_ALIAS
extern alias MonoSecurity;
#endif
Expand All @@ -19,7 +18,7 @@

namespace Mono.AppleTls
{
class X509CertificateImplApple : X509CertificateImpl
class X509CertificateImplApple : X509Certificate2ImplUnix
{
IntPtr handle;
X509CertificateImpl fallback;
Expand Down Expand Up @@ -57,18 +56,17 @@ public override X509CertificateImpl Clone ()
[DllImport (CFHelpers.SecurityLibrary)]
extern static IntPtr SecCertificateCopyData (IntPtr cert);

public override byte[] RawData {
get {
ThrowIfContextInvalid ();
var data = SecCertificateCopyData (handle);
if (data == IntPtr.Zero)
throw new ArgumentException ("Not a valid certificate");

try {
return CFHelpers.FetchDataBuffer (data);
} finally {
CFHelpers.CFRelease (data);
}
protected override byte[] GetRawCertData ()
{
ThrowIfContextInvalid ();
var data = SecCertificateCopyData (handle);
if (data == IntPtr.Zero)
throw new ArgumentException ("Not a valid certificate");

try {
return CFHelpers.FetchDataBuffer (data);
} finally {
CFHelpers.CFRelease (data);
}
}

Expand All @@ -81,15 +79,6 @@ public string GetSubjectSummary ()
return ret;
}

public override byte[] Thumbprint {
get {
// FIXME: might just return 'null' when 'lazy' is true.
ThrowIfContextInvalid ();
SHA1 sha = SHA1.Create ();
return sha.ComputeHash (RawData);
}
}

public override bool Equals (X509CertificateImpl other, out bool result)
{
var otherAppleImpl = other as X509CertificateImplApple;
Expand All @@ -111,52 +100,43 @@ void MustFallback ()
fallback = new X509Certificate2ImplMono (mxCert);
}

public X509CertificateImpl FallbackImpl {
get {
MustFallback ();
return fallback;
}
}

public override string Subject => FallbackImpl.Subject;
#region X509Certificate2Impl implementation

public override string Issuer => FallbackImpl.Issuer;
/*
* The AppleTls backend does not support X509Certificate2 yet, so we can safely throw
* PlatformNotSupportedException here.
*/

public override string LegacySubject => FallbackImpl.LegacySubject;
public override bool HasPrivateKey => throw new PlatformNotSupportedException ();

public override string LegacyIssuer => FallbackImpl.LegacyIssuer;

public override DateTime NotAfter => FallbackImpl.NotAfter;
public override AsymmetricAlgorithm PrivateKey {
get => throw new PlatformNotSupportedException ();
set => throw new PlatformNotSupportedException ();
}

public override DateTime NotBefore => FallbackImpl.NotBefore;
public override RSA GetRSAPrivateKey ()
{
throw new PlatformNotSupportedException ();
}

public override string KeyAlgorithm => FallbackImpl.KeyAlgorithm;
public override DSA GetDSAPrivateKey ()
{
throw new PlatformNotSupportedException ();
}

public override byte[] KeyAlgorithmParameters => FallbackImpl.KeyAlgorithmParameters;
public override PublicKey PublicKey => throw new PlatformNotSupportedException ();

public override byte[] PublicKeyValue => FallbackImpl.PublicKeyValue;
internal override X509CertificateImplCollection IntermediateCertificates => throw new PlatformNotSupportedException ();

public override byte[] SerialNumber => FallbackImpl.SerialNumber;
internal override X509Certificate2Impl FallbackImpl => throw new PlatformNotSupportedException ();

public override byte[] Export (X509ContentType contentType, SafePasswordHandle password)
public override bool Verify (X509Certificate2 thisCertificate)
{
ThrowIfContextInvalid ();

switch (contentType) {
case X509ContentType.Cert:
return RawData;
case X509ContentType.Pfx: // this includes Pkcs12
// TODO
throw new NotSupportedException ();
case X509ContentType.SerializedCert:
// TODO
throw new NotSupportedException ();
default:
string msg = Locale.GetText ("This certificate format '{0}' cannot be exported.", contentType);
throw new CryptographicException (msg);
}
throw new PlatformNotSupportedException ();
}

#endregion

protected override void Dispose (bool disposing)
{
if (handle != IntPtr.Zero){
Expand All @@ -170,4 +150,3 @@ protected override void Dispose (bool disposing)
}
}
}
#endif
5 changes: 1 addition & 4 deletions mcs/class/System/Mono.Btls/MonoBtlsContext.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -79,10 +79,7 @@ static X509CertificateImplBtls GetPrivateCertificate (X509Certificate certificat
var password = Guid.NewGuid ().ToString ();
using (var handle = new SafePasswordHandle (password)) {
var buffer = certificate.Export (X509ContentType.Pfx, password);

impl = new X509CertificateImplBtls ();
impl.Import (buffer, handle, X509KeyStorageFlags.DefaultKeySet);
return impl;
return new X509CertificateImplBtls (buffer, handle, X509KeyStorageFlags.DefaultKeySet);
}
}

Expand Down
22 changes: 9 additions & 13 deletions mcs/class/System/Mono.Btls/MonoBtlsProvider.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -119,15 +119,13 @@ internal override X509Certificate2Impl GetNativeCertificate (
return (X509Certificate2Impl)impl.Clone ();

var data = certificate.GetRawCertData ();
return new X509CertificateImplBtls (data, MonoBtlsX509Format.DER, false);
return new X509CertificateImplBtls (data, MonoBtlsX509Format.DER);
}

internal X509Certificate2Impl GetNativeCertificate (
byte[] data, SafePasswordHandle password, X509KeyStorageFlags flags)
{
var impl = new X509CertificateImplBtls (false);
impl.Import (data, password, flags);
return impl;
return new X509CertificateImplBtls (data, password, flags);
}

internal static MonoBtlsX509VerifyParam GetVerifyParam (MonoTlsSettings settings, string targetHost, bool serverMode)
Expand Down Expand Up @@ -420,32 +418,30 @@ public static string GetSystemStoreLocation ()
#endif
}

public static X509Certificate CreateCertificate (byte[] data, MonoBtlsX509Format format, bool disallowFallback = false)
public static X509Certificate CreateCertificate (byte[] data, MonoBtlsX509Format format)
{
using (var impl = new X509CertificateImplBtls (data, format, disallowFallback)) {
using (var impl = new X509CertificateImplBtls (data, format)) {
return new X509Certificate (impl);
}
}

public static X509Certificate2 CreateCertificate2 (byte[] data, MonoBtlsX509Format format, bool disallowFallback = false)
public static X509Certificate2 CreateCertificate2 (byte[] data, MonoBtlsX509Format format)
{
using (var impl = new X509CertificateImplBtls (data, format, disallowFallback)) {
using (var impl = new X509CertificateImplBtls (data, format)) {
return new X509Certificate2 (impl);
}
}

public static X509Certificate2 CreateCertificate2 (byte[] data, string password, bool disallowFallback = false)
{
using (var impl = new X509CertificateImplBtls (disallowFallback))
using (var handle = new SafePasswordHandle (password)) {
impl.Import (data, handle, X509KeyStorageFlags.DefaultKeySet);
using (var handle = new SafePasswordHandle (password))
using (var impl = new X509CertificateImplBtls (data, handle, X509KeyStorageFlags.DefaultKeySet))
return new X509Certificate2 (impl);
}
}

public static X509Certificate CreateCertificate (MonoBtlsX509 x509)
{
using (var impl = new X509CertificateImplBtls (x509, true))
using (var impl = new X509CertificateImplBtls (x509))
return new X509Certificate (impl);
}

Expand Down
4 changes: 2 additions & 2 deletions mcs/class/System/Mono.Btls/MonoBtlsX509.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -310,15 +310,15 @@ public int GetVersion ()
return mono_btls_x509_get_version (Handle.DangerousGetHandle ());
}

public Oid GetSignatureAlgorithm ()
public string GetSignatureAlgorithm ()
{
int size = 256;
IntPtr data = Marshal.AllocHGlobal (size);
try {
var ret = mono_btls_x509_get_signature_algorithm (
Handle.DangerousGetHandle (), data, size);
CheckError (ret > 0);
return new Oid (Marshal.PtrToStringAnsi (data));
return Marshal.PtrToStringAnsi (data);
} finally {
Marshal.FreeHGlobal (data);
}
Expand Down
Loading