Terraria v1.4.4.9
Terraria source code documentation
Loading...
Searching...
No Matches

◆ AcquireClientCredentials()

bool System.Net.Security.SecureChannel.AcquireClientCredentials ( ref byte[] thumbPrint)
inlineprivate

Definition at line 224 of file SecureChannel.cs.

225 {
226 X509Certificate x509Certificate = null;
227 List<X509Certificate> list = null;
228 bool flag = false;
229 if (_sslAuthenticationOptions.CertSelectionDelegate != null)
230 {
231 string[] requestCertificateAuthorities = GetRequestCertificateAuthorities();
232 if (System.Net.NetEventSource.Log.IsEnabled())
233 {
234 System.Net.NetEventSource.Info(this, "Calling CertificateSelectionCallback", "AcquireClientCredentials");
235 }
236 X509Certificate2 x509Certificate2 = null;
237 try
238 {
239 x509Certificate2 = CertificateValidationPal.GetRemoteCertificate(_securityContext);
240 if (_sslAuthenticationOptions.ClientCertificates == null)
241 {
242 _sslAuthenticationOptions.ClientCertificates = new X509CertificateCollection();
243 }
244 x509Certificate = _sslAuthenticationOptions.CertSelectionDelegate(_sslAuthenticationOptions.TargetHost, _sslAuthenticationOptions.ClientCertificates, x509Certificate2, requestCertificateAuthorities);
245 }
246 finally
247 {
248 x509Certificate2?.Dispose();
249 }
250 if (x509Certificate != null)
251 {
252 if (_credentialsHandle == null)
253 {
254 flag = true;
255 }
256 EnsureInitialized(ref list).Add(x509Certificate);
257 if (System.Net.NetEventSource.Log.IsEnabled())
258 {
259 System.Net.NetEventSource.Log.CertificateFromDelegate(this);
260 }
261 }
262 else if (_sslAuthenticationOptions.ClientCertificates == null || _sslAuthenticationOptions.ClientCertificates.Count == 0)
263 {
264 if (System.Net.NetEventSource.Log.IsEnabled())
265 {
266 System.Net.NetEventSource.Log.NoDelegateNoClientCert(this);
267 }
268 flag = true;
269 }
270 else if (System.Net.NetEventSource.Log.IsEnabled())
271 {
272 System.Net.NetEventSource.Log.NoDelegateButClientCert(this);
273 }
274 }
275 else if (_credentialsHandle == null && _sslAuthenticationOptions.ClientCertificates != null && _sslAuthenticationOptions.ClientCertificates.Count > 0)
276 {
277 x509Certificate = _sslAuthenticationOptions.ClientCertificates[0];
278 flag = true;
279 if (x509Certificate != null)
280 {
281 EnsureInitialized(ref list).Add(x509Certificate);
282 }
283 if (System.Net.NetEventSource.Log.IsEnabled())
284 {
285 System.Net.NetEventSource.Log.AttemptingRestartUsingCert(x509Certificate, this);
286 }
287 }
288 else if (_sslAuthenticationOptions.ClientCertificates != null && _sslAuthenticationOptions.ClientCertificates.Count > 0)
289 {
290 string[] requestCertificateAuthorities = GetRequestCertificateAuthorities();
291 if (System.Net.NetEventSource.Log.IsEnabled())
292 {
293 if (requestCertificateAuthorities == null || requestCertificateAuthorities.Length == 0)
294 {
295 System.Net.NetEventSource.Log.NoIssuersTryAllCerts(this);
296 }
297 else
298 {
299 System.Net.NetEventSource.Log.LookForMatchingCerts(requestCertificateAuthorities.Length, this);
300 }
301 }
302 for (int i = 0; i < _sslAuthenticationOptions.ClientCertificates.Count; i++)
303 {
304 if (requestCertificateAuthorities != null && requestCertificateAuthorities.Length != 0)
305 {
306 X509Certificate2 x509Certificate3 = null;
307 X509Chain x509Chain = null;
308 try
309 {
310 x509Certificate3 = MakeEx(_sslAuthenticationOptions.ClientCertificates[i]);
311 if (x509Certificate3 == null)
312 {
313 continue;
314 }
315 if (System.Net.NetEventSource.Log.IsEnabled())
316 {
317 System.Net.NetEventSource.Info(this, $"Root cert: {x509Certificate3}", "AcquireClientCredentials");
318 }
319 x509Chain = new X509Chain();
320 x509Chain.ChainPolicy.RevocationMode = X509RevocationMode.NoCheck;
321 x509Chain.ChainPolicy.VerificationFlags = X509VerificationFlags.IgnoreInvalidName;
322 x509Chain.Build(x509Certificate3);
323 bool flag2 = false;
324 if (x509Chain.ChainElements.Count > 0)
325 {
326 int count = x509Chain.ChainElements.Count;
327 for (int j = 0; j < count; j++)
328 {
329 string issuer = x509Chain.ChainElements[j].Certificate.Issuer;
330 flag2 = Array.IndexOf(requestCertificateAuthorities, issuer) != -1;
331 if (flag2)
332 {
333 if (System.Net.NetEventSource.Log.IsEnabled())
334 {
335 System.Net.NetEventSource.Info(this, $"Matched {issuer}", "AcquireClientCredentials");
336 }
337 break;
338 }
339 if (System.Net.NetEventSource.Log.IsEnabled())
340 {
341 System.Net.NetEventSource.Info(this, $"No match: {issuer}", "AcquireClientCredentials");
342 }
343 }
344 }
345 if (!flag2)
346 {
347 continue;
348 }
349 goto IL_03c0;
350 }
351 finally
352 {
353 if (x509Chain != null)
354 {
355 x509Chain.Dispose();
356 int count2 = x509Chain.ChainElements.Count;
357 for (int k = 0; k < count2; k++)
358 {
359 x509Chain.ChainElements[k].Certificate.Dispose();
360 }
361 }
362 if (x509Certificate3 != null && x509Certificate3 != _sslAuthenticationOptions.ClientCertificates[i])
363 {
364 x509Certificate3.Dispose();
365 }
366 }
367 }
368 goto IL_03c0;
369 IL_03c0:
370 if (System.Net.NetEventSource.Log.IsEnabled())
371 {
372 System.Net.NetEventSource.Log.SelectedCert(_sslAuthenticationOptions.ClientCertificates[i], this);
373 }
374 EnsureInitialized(ref list).Add(_sslAuthenticationOptions.ClientCertificates[i]);
375 }
376 }
377 bool result = false;
378 X509Certificate2 x509Certificate4 = null;
379 x509Certificate = null;
380 if (System.Net.NetEventSource.Log.IsEnabled())
381 {
382 if (list != null && list.Count != 0)
383 {
384 System.Net.NetEventSource.Log.CertsAfterFiltering(list.Count, this);
385 System.Net.NetEventSource.Log.FindingMatchingCerts(this);
386 }
387 else
388 {
389 System.Net.NetEventSource.Log.CertsAfterFiltering(0, this);
390 System.Net.NetEventSource.Info(this, "No client certificate to choose from", "AcquireClientCredentials");
391 }
392 }
393 if (list != null)
394 {
395 for (int l = 0; l < list.Count; l++)
396 {
397 x509Certificate = list[l];
398 if ((x509Certificate4 = FindCertificateWithPrivateKey(this, _sslAuthenticationOptions.IsServer, x509Certificate)) != null)
399 {
400 break;
401 }
402 x509Certificate = null;
403 x509Certificate4 = null;
404 }
405 }
406 if (System.Net.NetEventSource.Log.IsEnabled())
407 {
408 System.Net.NetEventSource.Info(this, $"Selected cert = {x509Certificate4}", "AcquireClientCredentials");
409 }
410 try
411 {
412 byte[] array = x509Certificate4?.GetCertHash();
413 SafeFreeCredentials safeFreeCredentials = SslSessionsCache.TryCachedCredential(array, _sslAuthenticationOptions.EnabledSslProtocols, _sslAuthenticationOptions.IsServer, _sslAuthenticationOptions.EncryptionPolicy);
414 if (flag && safeFreeCredentials == null && x509Certificate4 != null)
415 {
416 if (System.Net.NetEventSource.Log.IsEnabled())
417 {
418 System.Net.NetEventSource.Info(this, "Reset to anonymous session.", "AcquireClientCredentials");
419 }
420 if (x509Certificate != x509Certificate4)
421 {
422 x509Certificate4.Dispose();
423 }
424 array = null;
425 x509Certificate4 = null;
426 x509Certificate = null;
427 }
428 if (safeFreeCredentials != null)
429 {
430 if (System.Net.NetEventSource.Log.IsEnabled())
431 {
432 System.Net.NetEventSource.Log.UsingCachedCredential(this);
433 }
434 _credentialsHandle = safeFreeCredentials;
435 _selectedClientCertificate = x509Certificate;
436 result = true;
437 if (x509Certificate4 != null)
438 {
439 _sslAuthenticationOptions.CertificateContext = SslStreamCertificateContext.Create(x509Certificate4);
440 }
441 }
442 else
443 {
444 if (x509Certificate4 != null)
445 {
446 _sslAuthenticationOptions.CertificateContext = SslStreamCertificateContext.Create(x509Certificate4);
447 }
448 _credentialsHandle = SslStreamPal.AcquireCredentialsHandle(_sslAuthenticationOptions.CertificateContext, _sslAuthenticationOptions.EnabledSslProtocols, _sslAuthenticationOptions.EncryptionPolicy, _sslAuthenticationOptions.IsServer);
449 thumbPrint = array;
450 _selectedClientCertificate = x509Certificate;
451 }
452 }
453 finally
454 {
455 if (x509Certificate4 != null && _sslAuthenticationOptions.CertificateContext != null)
456 {
457 _sslAuthenticationOptions.CertificateContext = SslStreamCertificateContext.Create(x509Certificate4);
458 }
459 }
460 return result;
461 }
System.Net.NetEventSource.Log
static readonly System.Net.NetEventSource Log
Definition NetEventSource.cs:20
System.Net.NetEventSource.Info
static void Info(object thisOrContextObject, FormattableString formattableString=null, [CallerMemberName] string memberName=null)
Definition NetEventSource.cs:192
System.Net.Security.SafeFreeCredentials.AcquireCredentialsHandle
static unsafe int AcquireCredentialsHandle(string package, global::Interop.SspiCli.CredentialUse intent, ref System.Net.Security.SafeSspiAuthDataHandle authdata, out System.Net.Security.SafeFreeCredentials outCredential)
Definition SafeFreeCredentials.cs:44
System.Net.Security.SecureChannel._securityContext
SafeDeleteSslContext _securityContext
Definition SecureChannel.cs:16
System.Net.Security.SecureChannel._selectedClientCertificate
X509Certificate _selectedClientCertificate
Definition SecureChannel.cs:20
System.Net.Security.SecureChannel.FindCertificateWithPrivateKey
static X509Certificate2 FindCertificateWithPrivateKey(object instance, bool isServer, X509Certificate certificate)
Definition SecureChannel.cs:125
System.Net.Security.SecureChannel._credentialsHandle
SafeFreeCredentials _credentialsHandle
Definition SecureChannel.cs:14
System.Net.Security.SecureChannel.MakeEx
static X509Certificate2 MakeEx(X509Certificate certificate)
Definition SecureChannel.cs:191
System.Net.Security.SecureChannel._sslAuthenticationOptions
readonly SslAuthenticationOptions _sslAuthenticationOptions
Definition SecureChannel.cs:34

References System.Net.Security.SecureChannel._credentialsHandle, System.Net.Security.SecureChannel._securityContext, System.Net.Security.SecureChannel._selectedClientCertificate, System.Net.Security.SecureChannel._sslAuthenticationOptions, System.Net.Security.SslStreamPal.AcquireCredentialsHandle(), System.array, System.Net.Security.SslAuthenticationOptions.CertificateContext, System.Net.Security.SslAuthenticationOptions.CertSelectionDelegate, System.Net.Security.SslAuthenticationOptions.ClientCertificates, System.Collections.CollectionBase.Count, System.count, System.Collections.Generic.Dictionary< TKey, TValue >.Count, System.Net.Security.SslStreamCertificateContext.Create(), System.Net.Security.SslAuthenticationOptions.EnabledSslProtocols, System.Net.Security.SslAuthenticationOptions.EncryptionPolicy, System.Net.Security.SecureChannel.FindCertificateWithPrivateKey(), System.Net.CertificateValidationPal.GetRemoteCertificate(), System.Net.Security.SecureChannel.GetRequestCertificateAuthorities(), System.Array.IndexOf(), System.Net.NetEventSource.Info(), System.Net.Security.SslAuthenticationOptions.IsServer, System.list, System.Net.NetEventSource.Log, System.Net.Security.SecureChannel.MakeEx(), System.Net.Security.SslAuthenticationOptions.TargetHost, and System.Net.Security.SslSessionsCache.TryCachedCredential().

Referenced by System.Net.Security.SecureChannel.GenerateToken().