public ProtocolToken CreateFatalHandshakeAlertToken(SslPolicyErrors sslPolicyErrors, X509Chain chain)
{
if (NetEventSource.IsEnabled) NetEventSource.Enter(this);
TlsAlertMessage alertMessage;
switch (sslPolicyErrors)
{
case SslPolicyErrors.RemoteCertificateChainErrors:
alertMessage = GetAlertMessageFromChain(chain);
break;
case SslPolicyErrors.RemoteCertificateNameMismatch:
alertMessage = TlsAlertMessage.BadCertificate;
break;
case SslPolicyErrors.RemoteCertificateNotAvailable:
default:
alertMessage = TlsAlertMessage.CertificateUnknown;
break;
}
if (NetEventSource.IsEnabled) NetEventSource.Info(this, $"alertMessage:{alertMessage}");
SecurityStatusPal status;
status = SslStreamPal.ApplyAlertToken(ref _credentialsHandle, _securityContext, TlsAlertType.Fatal, alertMessage);
if (status.ErrorCode != SecurityStatusPalErrorCode.OK)
{
if (NetEventSource.IsEnabled) NetEventSource.Info(this, $"ApplyAlertToken() returned {status.ErrorCode}");
if (status.Exception != null)
{
throw status.Exception;
}
return null;
}
ProtocolToken token = GenerateAlertToken();
if (NetEventSource.IsEnabled) NetEventSource.Exit(this, token);
return token;
}