本文整理汇总了C#中EncryptionPolicy类的典型用法代码示例。如果您正苦于以下问题:C# EncryptionPolicy类的具体用法?C# EncryptionPolicy怎么用?C# EncryptionPolicy使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
EncryptionPolicy类属于命名空间,在下文中一共展示了EncryptionPolicy类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C#代码示例。
示例1: SecureChannel
internal SecureChannel(string hostname, bool serverMode, SslProtocols sslProtocols, X509Certificate serverCertificate, X509CertificateCollection clientCertificates, bool remoteCertRequired, bool checkCertName,
bool checkCertRevocationStatus, EncryptionPolicy encryptionPolicy, LocalCertSelectionCallback certSelectionDelegate)
{
GlobalLog.Enter("SecureChannel#" + Logging.HashString(this) + "::.ctor", "hostname:" + hostname + " #clientCertificates=" + ((clientCertificates == null) ? "0" : clientCertificates.Count.ToString(NumberFormatInfo.InvariantInfo)));
if (Logging.On)
{
Logging.PrintInfo(Logging.Web, this, ".ctor", "hostname=" + hostname + ", #clientCertificates=" + ((clientCertificates == null) ? "0" : clientCertificates.Count.ToString(NumberFormatInfo.InvariantInfo)) + ", encryptionPolicy=" + encryptionPolicy);
}
SSPIWrapper.VerifyPackageInfo(GlobalSSPI.SSPISecureChannel);
_destination = hostname;
GlobalLog.Assert(hostname != null, "SecureChannel#{0}::.ctor()|hostname == null", Logging.HashString(this));
_hostName = hostname;
_serverMode = serverMode;
_sslProtocols = sslProtocols;
_serverCertificate = serverCertificate;
_clientCertificates = clientCertificates;
_remoteCertRequired = remoteCertRequired;
_securityContext = null;
_checkCertRevocation = checkCertRevocationStatus;
_checkCertName = checkCertName;
_certSelectionDelegate = certSelectionDelegate;
_refreshCredentialNeeded = true;
_encryptionPolicy = encryptionPolicy;
GlobalLog.Leave("SecureChannel#" + Logging.HashString(this) + "::.ctor");
}示例2: SslCredKey
//
// SECURITY: X509Certificate.GetCertHash() is virtual hence before going here,
// the caller of this ctor has to ensure that a user cert object was inspected and
// optionally cloned.
//
internal SslCredKey(byte[] thumbPrint, int allowedProtocols, bool serverMode, EncryptionPolicy encryptionPolicy)
{
_CertThumbPrint = thumbPrint == null ? Array.Empty<byte>() : thumbPrint;
_HashCode = 0;
if (thumbPrint != null)
{
_HashCode ^= _CertThumbPrint[0];
if (1 < _CertThumbPrint.Length)
{
_HashCode ^= (_CertThumbPrint[1] << 8);
}
if (2 < _CertThumbPrint.Length)
{
_HashCode ^= (_CertThumbPrint[2] << 16);
}
if (3 < _CertThumbPrint.Length)
{
_HashCode ^= (_CertThumbPrint[3] << 24);
}
}
_HashCode ^= allowedProtocols;
_HashCode ^= (int)encryptionPolicy;
_HashCode ^= serverMode ? 0x10000 : 0x20000;
_AllowedProtocols = allowedProtocols;
_EncryptionPolicy = encryptionPolicy;
_isServerMode = serverMode;
}示例3: SslCredKey
//
// SECURITY: X509Certificate.GetCertHash() is virtual hence before going here,
// the caller of this ctor has to ensure that a user cert object was inspected and
// optionally cloned.
//
internal SslCredKey(byte[] thumbPrint, int allowedProtocols, bool serverMode, EncryptionPolicy encryptionPolicy)
{
_CertThumbPrint = thumbPrint == null ? Array.Empty<byte>() : thumbPrint;
_HashCode = 0;
if (thumbPrint != null)
{
_HashCode ^= _CertThumbPrint[0];
if (1 < _CertThumbPrint.Length)
{
_HashCode ^= (_CertThumbPrint[1] << 8);
}
if (2 < _CertThumbPrint.Length)
{
_HashCode ^= (_CertThumbPrint[2] << 16);
}
if (3 < _CertThumbPrint.Length)
{
_HashCode ^= (_CertThumbPrint[3] << 24);
}
}
_HashCode ^= allowedProtocols;
_HashCode ^= (int)encryptionPolicy;
_HashCode ^= serverMode ? 5 : 7; //TODO (Issue #3362) used a prime number here as it's a XOR. Figure out appropriate value.
_AllowedProtocols = allowedProtocols;
_EncryptionPolicy = encryptionPolicy;
isServerMode = serverMode;
}示例4: SecureCredential
public SecureCredential(int version, X509Certificate certificate, Flags flags, SchProtocols protocols, EncryptionPolicy policy)
{
this.rootStore = this.phMappers = this.palgSupportedAlgs = this.certContextArray = IntPtr.Zero;
this.cCreds = this.cMappers = this.cSupportedAlgs = 0;
if (policy == EncryptionPolicy.RequireEncryption)
{
this.dwMinimumCipherStrength = 0;
this.dwMaximumCipherStrength = 0;
}
else if (policy == EncryptionPolicy.AllowNoEncryption)
{
this.dwMinimumCipherStrength = -1;
this.dwMaximumCipherStrength = 0;
}
else
{
if (policy != EncryptionPolicy.NoEncryption)
{
throw new ArgumentException(SR.GetString("net_invalid_enum", new object[] { "EncryptionPolicy" }), "policy");
}
this.dwMinimumCipherStrength = -1;
this.dwMaximumCipherStrength = -1;
}
this.dwSessionLifespan = this.reserved = 0;
this.version = version;
this.dwFlags = flags;
this.grbitEnabledProtocols = protocols;
if (certificate != null)
{
this.certContextArray = certificate.Handle;
this.cCreds = 1;
}
}示例5: SafeFreeCredentials
public SafeFreeCredentials(X509Certificate certificate, SslProtocols protocols, EncryptionPolicy policy)
: base(IntPtr.Zero, true)
{
Debug.Assert(
certificate == null || certificate is X509Certificate2,
"Only X509Certificate2 certificates are supported at this time");
X509Certificate2 cert = (X509Certificate2)certificate;
if (cert != null)
{
Debug.Assert(cert.HasPrivateKey, "cert.HasPrivateKey");
using (RSAOpenSsl rsa = (RSAOpenSsl)cert.GetRSAPrivateKey())
{
if (rsa != null)
{
_certKeyHandle = rsa.DuplicateKeyHandle();
Interop.libcrypto.CheckValidOpenSslHandle(_certKeyHandle);
}
}
// TODO (3390): Add support for ECDSA.
Debug.Assert(_certKeyHandle != null, "Failed to extract a private key handle");
_certHandle = Interop.libcrypto.X509_dup(cert.Handle);
Interop.libcrypto.CheckValidOpenSslHandle(_certHandle);
}
_protocols = protocols;
_policy = policy;
}示例6: SecureChannel
internal SecureChannel(string hostname, bool serverMode, SslProtocols sslProtocols, X509Certificate serverCertificate, X509CertificateCollection clientCertificates, bool remoteCertRequired, bool checkCertName,
bool checkCertRevocationStatus, EncryptionPolicy encryptionPolicy, LocalCertSelectionCallback certSelectionDelegate)
{
if (NetEventSource.IsEnabled)
{
NetEventSource.Enter(this, hostname, clientCertificates);
NetEventSource.Log.SecureChannelCtor(this, hostname, clientCertificates, encryptionPolicy);
}
SslStreamPal.VerifyPackageInfo();
_destination = hostname;
if (hostname == null)
{
NetEventSource.Fail(this, "hostname == null");
}
_hostName = hostname;
_serverMode = serverMode;
_sslProtocols = sslProtocols;
_serverCertificate = serverCertificate;
_clientCertificates = clientCertificates;
_remoteCertRequired = remoteCertRequired;
_securityContext = null;
_checkCertRevocation = checkCertRevocationStatus;
_checkCertName = checkCertName;
_certSelectionDelegate = certSelectionDelegate;
_refreshCredentialNeeded = true;
_encryptionPolicy = encryptionPolicy;
if (NetEventSource.IsEnabled) NetEventSource.Exit(this);
}示例7: SecureChannel
internal SecureChannel(string hostname, bool serverMode, SchProtocols protocolFlags, X509Certificate serverCertificate, X509CertificateCollection clientCertificates, bool remoteCertRequired, bool checkCertName, bool checkCertRevocationStatus, EncryptionPolicy encryptionPolicy, LocalCertSelectionCallback certSelectionDelegate)
{
if (Logging.On)
{
Logging.PrintInfo(Logging.Web, this, ".ctor", string.Concat(new object[] { "hostname=", hostname, ", #clientCertificates=", (clientCertificates == null) ? "0" : clientCertificates.Count.ToString(NumberFormatInfo.InvariantInfo), ", encryptionPolicy=", encryptionPolicy }));
}
SSPIWrapper.GetVerifyPackageInfo(GlobalSSPI.SSPISecureChannel, "Microsoft Unified Security Protocol Provider", true);
if (ComNetOS.IsWin9x && (clientCertificates.Count > 0))
{
this.m_Destination = hostname + "+" + clientCertificates.GetHashCode();
}
else
{
this.m_Destination = hostname;
}
this.m_HostName = hostname;
this.m_ServerMode = serverMode;
if (serverMode)
{
this.m_ProtocolFlags = protocolFlags & SchProtocols.ServerMask;
}
else
{
this.m_ProtocolFlags = protocolFlags & SchProtocols.ClientMask;
}
this.m_ServerCertificate = serverCertificate;
this.m_ClientCertificates = clientCertificates;
this.m_RemoteCertRequired = remoteCertRequired;
this.m_SecurityContext = null;
this.m_CheckCertRevocation = checkCertRevocationStatus;
this.m_CheckCertName = checkCertName;
this.m_CertSelectionDelegate = certSelectionDelegate;
this.m_RefreshCredentialNeeded = true;
this.m_EncryptionPolicy = encryptionPolicy;
}示例8: SslCredKey
internal SslCredKey(byte[] thumbPrint, SchProtocols allowedProtocols, EncryptionPolicy encryptionPolicy)
{
this._CertThumbPrint = (thumbPrint == null) ? s_EmptyArray : thumbPrint;
this._HashCode = 0;
if (thumbPrint != null)
{
this._HashCode ^= this._CertThumbPrint[0];
if (1 < this._CertThumbPrint.Length)
{
this._HashCode ^= this._CertThumbPrint[1] << 8;
}
if (2 < this._CertThumbPrint.Length)
{
this._HashCode ^= this._CertThumbPrint[2] << 0x10;
}
if (3 < this._CertThumbPrint.Length)
{
this._HashCode ^= this._CertThumbPrint[3] << 0x18;
}
}
this._HashCode ^= allowedProtocols;
this._HashCode ^= encryptionPolicy;
this._AllowedProtocols = allowedProtocols;
this._EncryptionPolicy = encryptionPolicy;
}示例9: SslState
//
// The public Client and Server classes enforce the parameters rules before
// calling into this .ctor.
//
internal SslState(Stream innerStream, RemoteCertValidationCallback certValidationCallback, LocalCertSelectionCallback certSelectionCallback, EncryptionPolicy encryptionPolicy)
{
_innerStream = innerStream;
_reader = new FixedSizeReader(innerStream);
_certValidationDelegate = certValidationCallback;
_certSelectionDelegate = certSelectionCallback;
_encryptionPolicy = encryptionPolicy;
}示例10: AllocateSslContext
internal static SafeSslHandle AllocateSslContext(SslProtocols protocols, SafeX509Handle certHandle, SafeEvpPKeyHandle certKeyHandle, EncryptionPolicy policy, bool isServer, bool remoteCertRequired)
{
SafeSslHandle context = null;
IntPtr method = GetSslMethod(protocols);
using (SafeSslContextHandle innerContext = Ssl.SslCtxCreate(method))
{
if (innerContext.IsInvalid)
{
throw CreateSslException(SR.net_allocate_ssl_context_failed);
}
// Configure allowed protocols. It's ok to use DangerousGetHandle here without AddRef/Release as we just
// create the handle, it's rooted by the using, no one else has a reference to it, etc.
Ssl.SetProtocolOptions(innerContext.DangerousGetHandle(), protocols);
// The logic in SafeSslHandle.Disconnect is simple because we are doing a quiet
// shutdown (we aren't negotiating for session close to enable later session
// restoration).
//
// If you find yourself wanting to remove this line to enable bidirectional
// close-notify, you'll probably need to rewrite SafeSslHandle.Disconnect().
// https://www.openssl.org/docs/manmaster/ssl/SSL_shutdown.html
Ssl.SslCtxSetQuietShutdown(innerContext);
if (!Ssl.SetEncryptionPolicy(innerContext, policy))
{
throw new PlatformNotSupportedException(SR.Format(SR.net_ssl_encryptionpolicy_notsupported, policy));
}
if (certHandle != null && certKeyHandle != null)
{
SetSslCertificate(innerContext, certHandle, certKeyHandle);
}
if (remoteCertRequired)
{
Debug.Assert(isServer, "isServer flag should be true");
Ssl.SslCtxSetVerify(innerContext,
s_verifyClientCertificate);
//update the client CA list
UpdateCAListFromRootStore(innerContext);
}
context = SafeSslHandle.Create(innerContext, isServer);
Debug.Assert(context != null, "Expected non-null return value from SafeSslHandle.Create");
if (context.IsInvalid)
{
context.Dispose();
throw CreateSslException(SR.net_allocate_ssl_context_failed);
}
}
return context;
}示例11: Create
internal static SSPIInterface Create (string hostname, bool serverMode, SchProtocols protocolFlags, X509Certificate serverCertificate, X509CertificateCollection clientCertificates,
bool remoteCertRequired, bool checkCertName, bool checkCertRevocationStatus, EncryptionPolicy encryptionPolicy,
LocalCertSelectionCallback certSelectionDelegate, RemoteCertValidationCallback remoteValidationCallback, SSPIConfiguration userConfig)
{
if (userConfig.Settings != null && remoteValidationCallback != null)
throw new InvalidOperationException ();
var context = userConfig.Provider.CreateTlsContext (
hostname, serverMode, (TlsProtocols)protocolFlags, serverCertificate, clientCertificates,
remoteCertRequired, checkCertName, checkCertRevocationStatus,
(MonoEncryptionPolicy)encryptionPolicy, userConfig.Settings);
return new SSPIInterface (context, userConfig.EventSink);
}示例12: SslStream
public SslStream(Stream innerStream, bool leaveInnerStreamOpen, RemoteCertificateValidationCallback userCertificateValidationCallback, LocalCertificateSelectionCallback userCertificateSelectionCallback, EncryptionPolicy encryptionPolicy) : base(innerStream, leaveInnerStreamOpen)
{
if (((encryptionPolicy != EncryptionPolicy.RequireEncryption) && (encryptionPolicy != EncryptionPolicy.AllowNoEncryption)) && (encryptionPolicy != EncryptionPolicy.NoEncryption))
{
throw new ArgumentException(SR.GetString("net_invalid_enum", new object[] { "EncryptionPolicy" }), "encryptionPolicy");
}
this._userCertificateValidationCallback = userCertificateValidationCallback;
this._userCertificateSelectionCallback = userCertificateSelectionCallback;
RemoteCertValidationCallback certValidationCallback = new RemoteCertValidationCallback(this.userCertValidationCallbackWrapper);
LocalCertSelectionCallback certSelectionCallback = (userCertificateSelectionCallback == null) ? null : new LocalCertSelectionCallback(this.userCertSelectionCallbackWrapper);
this._SslState = new SslState(innerStream, certValidationCallback, certSelectionCallback, encryptionPolicy);
}示例13: AcquireCredentialsHandle
internal static SafeFreeCredentials AcquireCredentialsHandle(SSPIInterface SecModule, X509Certificate certificate, SslProtocols protocols, EncryptionPolicy policy, bool isServer)
{
if (Logging.On)
{
Logging.PrintInfo(Logging.Web,
"AcquireCredentialsHandle(" +
"protocols = " + protocols + ", " +
"policy = " + policy + ", " +
"isServer = " + isServer + ")");
}
return SecModule.AcquireCredentialsHandle(certificate, protocols, policy, isServer);
}示例14: AcquireCredentialsHandle
public SafeFreeCredentials AcquireCredentialsHandle(X509Certificate certificate,
SslProtocols protocols, EncryptionPolicy policy, bool isServer)
{
SafeFreeCredentials retVal = new SafeFreeCredentials(certificate, protocols, policy);
if (null != retVal)
{
// Caller does a ref count decrement
bool ignore = false;
retVal.DangerousAddRef(ref ignore);
// TODO (Issue #3362) retVal is not getting released now, need to be fixed.
}
return retVal;
}示例15: TryCachedCredential
internal static SafeFreeCredentials TryCachedCredential(byte[] thumbPrint, SchProtocols allowedProtocols, EncryptionPolicy encryptionPolicy)
{
if (s_CachedCreds.Count != 0)
{
object obj2 = new SslCredKey(thumbPrint, allowedProtocols, encryptionPolicy);
SafeCredentialReference reference = s_CachedCreds[obj2] as SafeCredentialReference;
if (((reference != null) && !reference.IsClosed) && !reference._Target.IsInvalid)
{
return reference._Target;
}
}
return null;
}