Terraria v1.4.4.9
Terraria source code documentation
Loading...
Searching...
No Matches

◆ VerifyRemoteCertificate()

bool System.Net.Security.SecureChannel.VerifyRemoteCertificate ( RemoteCertificateValidationCallback remoteCertValidationCallback,
SslCertificateTrust trust,
ref ProtocolToken alertToken,
out SslPolicyErrors sslPolicyErrors,
out X509ChainStatusFlags chainStatus )
inlinepackage

Definition at line 650 of file SecureChannel.cs.

651 {
652 sslPolicyErrors = SslPolicyErrors.None;
653 chainStatus = X509ChainStatusFlags.NoError;
654 bool flag = false;
655 X509Chain x509Chain = null;
656 X509Certificate2Collection remoteCertificateCollection = null;
657 try
658 {
659 X509Certificate2 remoteCertificate = CertificateValidationPal.GetRemoteCertificate(_securityContext, out remoteCertificateCollection);
660 if (_remoteCertificate != null && remoteCertificate != null && remoteCertificate.RawData.AsSpan().SequenceEqual(_remoteCertificate.RawData))
661 {
662 return true;
663 }
664 _remoteCertificate = remoteCertificate;
665 if (_remoteCertificate == null)
666 {
667 if (System.Net.NetEventSource.Log.IsEnabled() && RemoteCertRequired)
668 {
669 System.Net.NetEventSource.Error(this, $"Remote certificate required, but no remote certificate received", "VerifyRemoteCertificate");
670 }
671 sslPolicyErrors |= SslPolicyErrors.RemoteCertificateNotAvailable;
672 }
673 else
674 {
675 x509Chain = new X509Chain();
676 x509Chain.ChainPolicy.RevocationMode = _sslAuthenticationOptions.CertificateRevocationCheckMode;
677 x509Chain.ChainPolicy.RevocationFlag = X509RevocationFlag.ExcludeRoot;
678 x509Chain.ChainPolicy.ApplicationPolicy.Add(_sslAuthenticationOptions.IsServer ? s_clientAuthOid : s_serverAuthOid);
679 if (remoteCertificateCollection != null)
680 {
681 x509Chain.ChainPolicy.ExtraStore.AddRange(remoteCertificateCollection);
682 }
683 if (trust != null)
684 {
685 x509Chain.ChainPolicy.TrustMode = X509ChainTrustMode.CustomRootTrust;
686 if (trust._store != null)
687 {
688 x509Chain.ChainPolicy.CustomTrustStore.AddRange(trust._store.Certificates);
689 }
690 if (trust._trustList != null)
691 {
692 x509Chain.ChainPolicy.CustomTrustStore.AddRange(trust._trustList);
693 }
694 }
695 sslPolicyErrors |= CertificateValidationPal.VerifyCertificateProperties(_securityContext, x509Chain, _remoteCertificate, _sslAuthenticationOptions.CheckCertName, _sslAuthenticationOptions.IsServer, _sslAuthenticationOptions.TargetHost);
696 }
697 if (remoteCertValidationCallback != null)
698 {
699 object ssl = _ssl;
700 if (ssl == null)
701 {
702 throw new ObjectDisposedException("SslStream");
703 }
704 flag = remoteCertValidationCallback(ssl, _remoteCertificate, x509Chain, sslPolicyErrors);
705 }
706 else
707 {
708 if (!RemoteCertRequired)
709 {
710 sslPolicyErrors &= ~SslPolicyErrors.RemoteCertificateNotAvailable;
711 }
712 flag = sslPolicyErrors == SslPolicyErrors.None;
713 }
714 if (System.Net.NetEventSource.Log.IsEnabled())
715 {
716 LogCertificateValidation(remoteCertValidationCallback, sslPolicyErrors, flag, x509Chain);
717 System.Net.NetEventSource.Info(this, $"Cert validation, remote cert = {_remoteCertificate}", "VerifyRemoteCertificate");
718 }
719 if (!flag)
720 {
721 alertToken = CreateFatalHandshakeAlertToken(sslPolicyErrors, x509Chain);
722 if (x509Chain != null)
723 {
724 X509ChainStatus[] chainStatus2 = x509Chain.ChainStatus;
725 foreach (X509ChainStatus x509ChainStatus in chainStatus2)
726 {
727 chainStatus |= x509ChainStatus.Status;
728 }
729 }
730 }
731 }
732 finally
733 {
734 if (x509Chain != null)
735 {
736 int count = x509Chain.ChainElements.Count;
737 for (int j = 0; j < count; j++)
738 {
739 x509Chain.ChainElements[j].Certificate.Dispose();
740 }
741 x509Chain.Dispose();
742 }
743 if (remoteCertificateCollection != null)
744 {
745 int count2 = remoteCertificateCollection.Count;
746 for (int k = 0; k < count2; k++)
747 {
748 remoteCertificateCollection[k].Dispose();
749 }
750 }
751 }
752 return flag;
753 }
System.Collections.Generic.Dictionary.AddRange
void AddRange(IEnumerable< KeyValuePair< TKey, TValue > > collection)
Definition Dictionary.cs:837
System.Collections.Generic.Dictionary.Add
void Add(TKey key, TValue value)
Definition Dictionary.cs:873
System.Net.NetEventSource.Log
static readonly System.Net.NetEventSource Log
Definition NetEventSource.cs:20
System.Net.NetEventSource.Info
static void Info(object thisOrContextObject, FormattableString formattableString=null, [CallerMemberName] string memberName=null)
Definition NetEventSource.cs:192
System.Net.NetEventSource.Error
static void Error(object thisOrContextObject, FormattableString formattableString, [CallerMemberName] string memberName=null)
Definition NetEventSource.cs:216
System.Net.Security.SecureChannel.LogCertificateValidation
void LogCertificateValidation(RemoteCertificateValidationCallback remoteCertValidationCallback, SslPolicyErrors sslPolicyErrors, bool success, X509Chain chain)
Definition SecureChannel.cs:842
System.Net.Security.SecureChannel.s_clientAuthOid
static readonly Oid s_clientAuthOid
Definition SecureChannel.cs:40
System.Net.Security.SecureChannel._securityContext
SafeDeleteSslContext _securityContext
Definition SecureChannel.cs:16
System.Net.Security.SecureChannel.CreateFatalHandshakeAlertToken
ProtocolToken CreateFatalHandshakeAlertToken(SslPolicyErrors sslPolicyErrors, X509Chain chain)
Definition SecureChannel.cs:755
System.Net.Security.SecureChannel._sslAuthenticationOptions
readonly SslAuthenticationOptions _sslAuthenticationOptions
Definition SecureChannel.cs:34
System.Net.Security.SecureChannel.s_serverAuthOid
static readonly Oid s_serverAuthOid
Definition SecureChannel.cs:38

References System.Net.Security.SecureChannel._remoteCertificate, System.Net.Security.SecureChannel._securityContext, System.Net.Security.SecureChannel._ssl, System.Net.Security.SecureChannel._sslAuthenticationOptions, System.Collections.Generic.Dictionary< TKey, TValue >.Add(), System.Collections.Generic.Dictionary< TKey, TValue >.AddRange(), System.Net.Security.SslAuthenticationOptions.CertificateRevocationCheckMode, System.Net.Security.SslAuthenticationOptions.CheckCertName, System.count, System.Collections.Generic.Dictionary< TKey, TValue >.Count, System.Net.Security.SecureChannel.CreateFatalHandshakeAlertToken(), System.Net.NetEventSource.Error(), System.Net.CertificateValidationPal.GetRemoteCertificate(), System.Net.NetEventSource.Info(), System.Net.Security.SslAuthenticationOptions.IsServer, System.Net.NetEventSource.Log, System.Net.Security.SecureChannel.LogCertificateValidation(), System.Security.Cryptography.X509Certificates.X509Certificate2.RawData, System.Net.Security.SecureChannel.RemoteCertRequired, System.Net.Security.SecureChannel.s_clientAuthOid, System.Net.Security.SecureChannel.s_serverAuthOid, System.Net.Security.SslAuthenticationOptions.TargetHost, and System.Net.CertificateValidationPal.VerifyCertificateProperties().

Referenced by System.Net.Security.SslStream.CompleteHandshake().