AcquireCredentialsHandleSchCredentials()

static unsafe SafeFreeCredentials System.Net.Security.SslStreamPal.AcquireCredentialsHandleSchCredentials ( X509Certificate2 certificate, SslProtocols protocols, EncryptionPolicy policy, bool isServer )

inlinestatic

Definition at line 134 of file SslStreamPal.cs.

    {
        int protocolFlagsFromSslProtocols = GetProtocolFlagsFromSslProtocols(protocols, isServer);
        global::Interop.SspiCli.CredentialUse credUsage;
        global::Interop.SspiCli.SCH_CREDENTIALS.Flags flags;
        if (isServer)
        {
            credUsage = global::Interop.SspiCli.CredentialUse.SECPKG_CRED_INBOUND;
            flags = global::Interop.SspiCli.SCH_CREDENTIALS.Flags.SCH_SEND_AUX_RECORD;
        }
        else
        {
            credUsage = global::Interop.SspiCli.CredentialUse.SECPKG_CRED_OUTBOUND;
            flags = global::Interop.SspiCli.SCH_CREDENTIALS.Flags.SCH_CRED_MANUAL_CRED_VALIDATION | global::Interop.SspiCli.SCH_CREDENTIALS.Flags.SCH_CRED_NO_DEFAULT_CREDS | global::Interop.SspiCli.SCH_CREDENTIALS.Flags.SCH_SEND_AUX_RECORD;
        }
        switch (policy)
        {
        case EncryptionPolicy.RequireEncryption:
            if (!isServer && (protocolFlagsFromSslProtocols & 0x30) == 0)
            {
                flags |= global::Interop.SspiCli.SCH_CREDENTIALS.Flags.SCH_USE_STRONG_CRYPTO;
            }
            break;
        case EncryptionPolicy.AllowNoEncryption:
            flags |= global::Interop.SspiCli.SCH_CREDENTIALS.Flags.SCH_ALLOW_NULL_ENCRYPTION;
            break;
        default:
            throw new ArgumentException(System.SR.Format(System.SR.net_invalid_enum, "EncryptionPolicy"), "policy");
        }
        global::Interop.SspiCli.SCH_CREDENTIALS sCH_CREDENTIALS = default(global::Interop.SspiCli.SCH_CREDENTIALS);
        sCH_CREDENTIALS.dwVersion = 5;
        sCH_CREDENTIALS.dwFlags = flags;
        global::Interop.Crypt32.CERT_CONTEXT* ptr = null;
        if (certificate != null)
        {
            sCH_CREDENTIALS.cCreds = 1;
            ptr = (global::Interop.Crypt32.CERT_CONTEXT*)(void*)certificate.Handle;
            sCH_CREDENTIALS.paCred = &ptr;
        }
        if (System.Net.NetEventSource.Log.IsEnabled())
        {
            System.Net.NetEventSource.Info($"flags=({flags}), ProtocolFlags=({protocolFlagsFromSslProtocols}), EncryptionPolicy={policy}", null, "AcquireCredentialsHandleSchCredentials");
        }
        if (protocolFlagsFromSslProtocols != 0)
        {
            global::Interop.SspiCli.TLS_PARAMETERS tLS_PARAMETERS = default(global::Interop.SspiCli.TLS_PARAMETERS);
            tLS_PARAMETERS.grbitDisabledProtocols = (uint)protocolFlagsFromSslProtocols ^ 0xFFFFFFFFu;
            sCH_CREDENTIALS.cTlsParameters = 1;
            sCH_CREDENTIALS.pTlsParameters = &tLS_PARAMETERS;
        }
        return AcquireCredentialsHandle(credUsage, &sCH_CREDENTIALS);
    }

References System.Net.Security.SslStreamPal.AcquireCredentialsHandle(), System.SR.Format(), System.Net.Security.SslStreamPal.GetProtocolFlagsFromSslProtocols(), System.Net.NetEventSource.Info(), System.Net.NetEventSource.Log, and System.SR.net_invalid_enum.

Referenced by System.Net.Security.SslStreamPal.AcquireCredentialsHandle().