System.Net.Security.SecureChannel.AcquireServerCredentials C# (CSharp) Method

SecureChannel Class Documentation Datei anzeigen Open project: dotnet/corefx

AcquireServerCredentials() private method

private AcquireServerCredentials ( byte &thumbPrint ) : bool
thumbPrint byte
return bool 
        private bool AcquireServerCredentials(ref byte[] thumbPrint)
        {
            if (NetEventSource.IsEnabled) NetEventSource.Enter(this);

            X509Certificate localCertificate = null;
            bool cachedCred = false;

            if (_certSelectionDelegate != null)
            {
                X509CertificateCollection tempCollection = new X509CertificateCollection();
                tempCollection.Add(_serverCertificate);
                localCertificate = _certSelectionDelegate(string.Empty, tempCollection, null, Array.Empty<string>());
                if (NetEventSource.IsEnabled) NetEventSource.Info(this, "Use delegate selected Cert");
            }
            else
            {
                localCertificate = _serverCertificate;
            }

            if (localCertificate == null)
            {
                throw new NotSupportedException(SR.net_ssl_io_no_server_cert);
            }

            // SECURITY: Accessing X509 cert Credential is disabled for semitrust.
            // We no longer need to demand for unmanaged code permissions.
            // EnsurePrivateKey should do the right demand for us.
            X509Certificate2 selectedCert = EnsurePrivateKey(localCertificate);

            if (selectedCert == null)
            {
                throw new NotSupportedException(SR.net_ssl_io_no_server_cert);
            }

            if (!localCertificate.Equals(selectedCert))
            {
                NetEventSource.Fail(this, "'selectedCert' does not match 'localCertificate'.");
            }

            //
            // Note selectedCert is a safe ref possibly cloned from the user passed Cert object
            //
            byte[] guessedThumbPrint = selectedCert.GetCertHash();
            try
            {
                SafeFreeCredentials cachedCredentialHandle = SslSessionsCache.TryCachedCredential(guessedThumbPrint, _sslProtocols, _serverMode, _encryptionPolicy);

                if (cachedCredentialHandle != null)
                {
                    _credentialsHandle = cachedCredentialHandle;
                    _serverCertificate = localCertificate;
                    cachedCred = true;
                }
                else
                {
                    _credentialsHandle = SslStreamPal.AcquireCredentialsHandle(selectedCert, _sslProtocols, _encryptionPolicy, _serverMode);
                    thumbPrint = guessedThumbPrint;
                    _serverCertificate = localCertificate;
                }
            }
            finally
            {
                // An extra cert could have been created, dispose it now.
                if ((object)localCertificate != (object)selectedCert)
                {
                    selectedCert.Dispose();
                }
            }

            if (NetEventSource.IsEnabled) NetEventSource.Exit(this, cachedCred, _credentialsHandle);
            return cachedCred;
        }
SecureChannel
AcquireClientCredentials
AcquireServerCredentials
Close
CreateFatalHandshakeAlertToken
CreateShutdownToken
Decrypt
Encrypt
EnsurePrivateKey
GenerateAlertToken
GenerateToken
GetAlertMessageFromChain
GetChannelBinding
GetRequestCertificateAuthorities
LogCertificateValidation
MakeEx
NextMessage
ProcessHandshakeSuccess
SecureChannel
SetRefreshCredentialNeeded
VerifyRemoteCertificate