diff --git a/src/Common/src/Interop/Unix/libssl/Interop.OpenSsl.cs b/src/Common/src/Interop/Unix/System.Security.Cryptography.Native/Interop.OpenSsl.cs
similarity index 100%
rename from src/Common/src/Interop/Unix/libssl/Interop.OpenSsl.cs
rename to src/Common/src/Interop/Unix/System.Security.Cryptography.Native/Interop.OpenSsl.cs
diff --git a/src/Common/src/Interop/Unix/libssl/Interop.X509ChannelBindingHash.cs b/src/Common/src/Interop/Unix/System.Security.Cryptography.Native/Interop.X509ChannelBindingHash.cs
similarity index 100%
rename from src/Common/src/Interop/Unix/libssl/Interop.X509ChannelBindingHash.cs
rename to src/Common/src/Interop/Unix/System.Security.Cryptography.Native/Interop.X509ChannelBindingHash.cs
diff --git a/src/Common/src/Interop/Unix/libssl/SslConnectionInfo.cs b/src/Common/src/Interop/Unix/System.Security.Cryptography.Native/SslConnectionInfo.cs
similarity index 100%
rename from src/Common/src/Interop/Unix/libssl/SslConnectionInfo.cs
rename to src/Common/src/Interop/Unix/System.Security.Cryptography.Native/SslConnectionInfo.cs
diff --git a/src/Common/src/Interop/Unix/libssl/StreamSizes.cs b/src/Common/src/Interop/Unix/System.Security.Cryptography.Native/StreamSizes.cs
similarity index 100%
rename from src/Common/src/Interop/Unix/libssl/StreamSizes.cs
rename to src/Common/src/Interop/Unix/System.Security.Cryptography.Native/StreamSizes.cs
diff --git a/src/Common/src/Interop/Unix/libssl/SecuritySafeHandles.cs b/src/Common/src/Interop/Unix/libssl/SecuritySafeHandles.cs
deleted file mode 100644
index 52250772a09d..000000000000
--- a/src/Common/src/Interop/Unix/libssl/SecuritySafeHandles.cs
+++ /dev/null
@@ -1,341 +0,0 @@
-// Licensed to the .NET Foundation under one or more agreements.
-// The .NET Foundation licenses this file to you under the MIT license.
-// See the LICENSE file in the project root for more information.
-
-using Microsoft.Win32.SafeHandles;
-
-using System.Diagnostics;
-using System.Runtime.InteropServices;
-using System.Security.Authentication;
-using System.Security.Authentication.ExtendedProtection;
-using System.Security.Cryptography;
-using System.Security.Cryptography.X509Certificates;
-
-namespace System.Net.Security
-{
-#if DEBUG
- internal sealed class SafeFreeCertContext : DebugSafeHandle
- {
-#else
- internal sealed class SafeFreeCertContext : SafeHandle
- {
-#endif
- private readonly SafeX509Handle _certificate;
-
- public SafeFreeCertContext(SafeX509Handle certificate) : base(IntPtr.Zero, true)
- {
- // In certain scenarios (e.g. server querying for a client cert), the
- // input certificate may be invalid and this is OK
- if ((null != certificate) && !certificate.IsInvalid)
- {
- bool gotRef = false;
- certificate.DangerousAddRef(ref gotRef);
- Debug.Assert(gotRef, "Unexpected failure in AddRef of certificate");
- _certificate = certificate;
- handle = _certificate.DangerousGetHandle();
- }
- }
-
- public override bool IsInvalid
- {
- get
- {
- return handle == IntPtr.Zero;
- }
- }
-
- protected override bool ReleaseHandle()
- {
- _certificate.DangerousRelease();
- _certificate.Dispose();
- return true;
- }
- }
-
- //
- // Implementation of handles dependable on FreeCredentialsHandle
- //
-#if DEBUG
- internal abstract class SafeFreeCredentials : DebugSafeHandle
- {
-#else
- internal abstract class SafeFreeCredentials : SafeHandle
- {
-#endif
- protected SafeFreeCredentials(IntPtr handle, bool ownsHandle) : base(handle, ownsHandle)
- {
- }
- }
-
- internal sealed class SafeFreeSslCredentials : SafeFreeCredentials
- {
- private SafeX509Handle _certHandle;
- private SafeEvpPKeyHandle _certKeyHandle;
- private SslProtocols _protocols = SslProtocols.None;
- private EncryptionPolicy _policy;
-
- internal SafeX509Handle CertHandle
- {
- get { return _certHandle; }
- }
-
- internal SafeEvpPKeyHandle CertKeyHandle
- {
- get { return _certKeyHandle; }
- }
-
- internal SslProtocols Protocols
- {
- get { return _protocols; }
- }
-
- internal EncryptionPolicy Policy
- {
- get { return _policy; }
- }
-
- public SafeFreeSslCredentials(X509Certificate certificate, SslProtocols protocols, EncryptionPolicy policy)
- : base(IntPtr.Zero, true)
- {
- Debug.Assert(
- certificate == null || certificate is X509Certificate2,
- "Only X509Certificate2 certificates are supported at this time");
-
- X509Certificate2 cert = (X509Certificate2)certificate;
-
- if (cert != null)
- {
- Debug.Assert(cert.HasPrivateKey, "cert.HasPrivateKey");
-
- using (RSAOpenSsl rsa = (RSAOpenSsl)cert.GetRSAPrivateKey())
- {
- if (rsa != null)
- {
- _certKeyHandle = rsa.DuplicateKeyHandle();
- Interop.Crypto.CheckValidOpenSslHandle(_certKeyHandle);
- }
- }
-
- if (_certKeyHandle == null)
- {
- using (ECDsaOpenSsl ecdsa = (ECDsaOpenSsl)cert.GetECDsaPrivateKey())
- {
- if (ecdsa != null)
- {
- _certKeyHandle = ecdsa.DuplicateKeyHandle();
- Interop.Crypto.CheckValidOpenSslHandle(_certKeyHandle);
- }
- }
- }
-
- if (_certKeyHandle == null)
- {
- throw new NotSupportedException(SR.net_ssl_io_no_server_cert);
- }
-
- _certHandle = Interop.Crypto.X509Duplicate(cert.Handle);
- Interop.Crypto.CheckValidOpenSslHandle(_certHandle);
- }
-
- _protocols = protocols;
- _policy = policy;
- }
-
- public override bool IsInvalid
- {
- get { return SslProtocols.None == _protocols; }
- }
-
- protected override bool ReleaseHandle()
- {
- if (_certHandle != null)
- {
- _certHandle.Dispose();
- }
-
- if (_certKeyHandle != null)
- {
- _certKeyHandle.Dispose();
- }
-
- _protocols = SslProtocols.None;
- return true;
- }
-
- }
-
- //
- // This is a class holding a Credential handle reference, used for static handles cache
- //
-#if DEBUG
- internal sealed class SafeCredentialReference : DebugCriticalHandleMinusOneIsInvalid
- {
-#else
- internal sealed class SafeCredentialReference : CriticalHandleMinusOneIsInvalid
- {
-#endif
-
- //
- // Static cache will return the target handle if found the reference in the table.
- //
- internal SafeFreeCredentials Target;
-
- internal static SafeCredentialReference CreateReference(SafeFreeCredentials target)
- {
- SafeCredentialReference result = new SafeCredentialReference(target);
- if (result.IsInvalid)
- {
- return null;
- }
-
- return result;
- }
- private SafeCredentialReference(SafeFreeCredentials target) : base()
- {
- // Bumps up the refcount on Target to signify that target handle is statically cached so
- // its dispose should be postponed
- bool ignore = false;
- target.DangerousAddRef(ref ignore);
- Target = target;
- SetHandle(new IntPtr(0)); // make this handle valid
- }
-
- protected override bool ReleaseHandle()
- {
- SafeFreeCredentials target = Target;
- if (target != null)
- {
- target.DangerousRelease();
- }
-
- Target = null;
- return true;
- }
- }
-
-#if DEBUG
- internal abstract class SafeDeleteContext : DebugSafeHandle
- {
-#else
- internal abstract class SafeDeleteContext : SafeHandle
- {
-#endif
- private SafeFreeCredentials _credential;
-
- protected SafeDeleteContext(SafeFreeCredentials credential)
- : base(IntPtr.Zero, true)
- {
- Debug.Assert((null != credential), "Invalid credential passed to SafeDeleteContext");
-
- // When a credential handle is first associated with the context we keep credential
- // ref count bumped up to ensure ordered finalization. The credential properties
- // are used in the SSL/NEGO data structures and should survive the lifetime of
- // the SSL/NEGO context
- bool ignore = false;
- _credential = credential;
- _credential.DangerousAddRef(ref ignore);
- }
-
- public override bool IsInvalid
- {
- get { return (null == _credential); }
- }
-
- protected override bool ReleaseHandle()
- {
- Debug.Assert((null != _credential), "Null credential in SafeDeleteContext");
- _credential.DangerousRelease();
- _credential = null;
- return true;
- }
- }
-
- internal sealed class SafeDeleteSslContext : SafeDeleteContext
- {
- private SafeSslHandle _sslContext;
-
- public SafeSslHandle SslContext
- {
- get
- {
- return _sslContext;
- }
- }
-
- public SafeDeleteSslContext(SafeFreeSslCredentials credential, bool isServer, bool remoteCertRequired)
- : base(credential)
- {
- Debug.Assert((null != credential) && !credential.IsInvalid, "Invalid credential used in SafeDeleteSslContext");
-
- try
- {
- _sslContext = Interop.OpenSsl.AllocateSslContext(
- credential.Protocols,
- credential.CertHandle,
- credential.CertKeyHandle,
- credential.Policy,
- isServer,
- remoteCertRequired);
- }
- catch(Exception ex)
- {
- Debug.Write("Exception Caught. - " + ex);
- Dispose();
- throw;
- }
- }
-
- public override bool IsInvalid
- {
- get
- {
- return (null == _sslContext) || _sslContext.IsInvalid;
- }
- }
-
- protected override void Dispose(bool disposing)
- {
- if (disposing)
- {
- if (null != _sslContext)
- {
- _sslContext.Dispose();
- _sslContext = null;
- }
- }
-
- base.Dispose(disposing);
- }
- }
-
- internal sealed class SafeFreeContextBufferChannelBinding : ChannelBinding
- {
- private readonly SafeChannelBindingHandle _channelBinding = null;
-
- public override int Size
- {
- get { return _channelBinding.Length; }
- }
-
- public override bool IsInvalid
- {
- get { return _channelBinding.IsInvalid; }
- }
-
- public SafeFreeContextBufferChannelBinding(SafeChannelBindingHandle binding)
- {
- Debug.Assert(null != binding && !binding.IsInvalid, "input channelBinding is invalid");
- bool gotRef = false;
- binding.DangerousAddRef(ref gotRef);
- handle = binding.DangerousGetHandle();
- _channelBinding = binding;
- }
-
- protected override bool ReleaseHandle()
- {
- _channelBinding.DangerousRelease();
- _channelBinding.Dispose();
- return true;
- }
- }
-}
diff --git a/src/Common/src/System/Net/Security/Unix/SafeDeleteContext.cs b/src/Common/src/System/Net/Security/Unix/SafeDeleteContext.cs
new file mode 100644
index 000000000000..c3c75790b92d
--- /dev/null
+++ b/src/Common/src/System/Net/Security/Unix/SafeDeleteContext.cs
@@ -0,0 +1,46 @@
+// Licensed to the .NET Foundation under one or more agreements.
+// The .NET Foundation licenses this file to you under the MIT license.
+// See the LICENSE file in the project root for more information.
+
+using System.Diagnostics;
+using System.Runtime.InteropServices;
+
+namespace System.Net.Security
+{
+#if DEBUG
+ internal abstract class SafeDeleteContext : DebugSafeHandle
+ {
+#else
+ internal abstract class SafeDeleteContext : SafeHandle
+ {
+#endif
+ private SafeFreeCredentials _credential;
+
+ protected SafeDeleteContext(SafeFreeCredentials credential)
+ : base(IntPtr.Zero, true)
+ {
+ Debug.Assert((null != credential), "Invalid credential passed to SafeDeleteContext");
+
+ // When a credential handle is first associated with the context we keep credential
+ // ref count bumped up to ensure ordered finalization. The credential properties
+ // are used in the SSL/NEGO data structures and should survive the lifetime of
+ // the SSL/NEGO context
+ bool ignore = false;
+ _credential = credential;
+ _credential.DangerousAddRef(ref ignore);
+ }
+
+ public override bool IsInvalid
+ {
+ get { return (null == _credential); }
+ }
+
+ protected override bool ReleaseHandle()
+ {
+ Debug.Assert((null != _credential), "Null credential in SafeDeleteContext");
+ _credential.DangerousRelease();
+ _credential = null;
+ return true;
+ }
+ }
+}
diff --git a/src/Common/src/System/Net/Security/Unix/SafeDeleteNegoContext.cs b/src/Common/src/System/Net/Security/Unix/SafeDeleteNegoContext.cs
new file mode 100644
index 000000000000..9b07e53e5e05
--- /dev/null
+++ b/src/Common/src/System/Net/Security/Unix/SafeDeleteNegoContext.cs
@@ -0,0 +1,80 @@
+// Licensed to the .NET Foundation under one or more agreements.
+// The .NET Foundation licenses this file to you under the MIT license.
+// See the LICENSE file in the project root for more information.
+
+using System;
+using System.Diagnostics;
+using System.Runtime.InteropServices;
+using System.Text;
+using Microsoft.Win32.SafeHandles;
+
+namespace System.Net.Security
+{
+ internal sealed class SafeDeleteNegoContext : SafeDeleteContext
+ {
+ private SafeGssNameHandle _targetName;
+ private SafeGssContextHandle _context;
+ private bool _isNtlmUsed;
+
+ public SafeGssNameHandle TargetName
+ {
+ get { return _targetName; }
+ }
+
+ // Property represents if final protocol negotiated is Ntlm or not.
+ public bool IsNtlmUsed
+ {
+ get { return _isNtlmUsed; }
+ }
+
+ public SafeGssContextHandle GssContext
+ {
+ get { return _context; }
+ }
+
+ public SafeDeleteNegoContext(SafeFreeNegoCredentials credential, string targetName)
+ : base(credential)
+ {
+ Debug.Assert((null != credential), "Null credential in SafeDeleteNegoContext");
+ try
+ {
+ _targetName = SafeGssNameHandle.CreatePrincipal(targetName);
+ }
+ catch
+ {
+ Dispose();
+ throw;
+ }
+ }
+
+ public void SetGssContext(SafeGssContextHandle context)
+ {
+ Debug.Assert(context != null && !context.IsInvalid, "Invalid context passed to SafeDeleteNegoContext");
+ _context = context;
+ }
+
+ public void SetAuthenticationPackage(bool isNtlmUsed)
+ {
+ _isNtlmUsed = isNtlmUsed;
+ }
+
+ protected override void Dispose(bool disposing)
+ {
+ if (disposing)
+ {
+ if (null != _context)
+ {
+ _context.Dispose();
+ _context = null;
+ }
+
+ if (_targetName != null)
+ {
+ _targetName.Dispose();
+ _targetName = null;
+ }
+ }
+ base.Dispose(disposing);
+ }
+ }
+}
diff --git a/src/Common/src/System/Net/Security/Unix/SafeDeleteSslContext.cs b/src/Common/src/System/Net/Security/Unix/SafeDeleteSslContext.cs
new file mode 100644
index 000000000000..5941fa56854f
--- /dev/null
+++ b/src/Common/src/System/Net/Security/Unix/SafeDeleteSslContext.cs
@@ -0,0 +1,73 @@
+// Licensed to the .NET Foundation under one or more agreements.
+// The .NET Foundation licenses this file to you under the MIT license.
+// See the LICENSE file in the project root for more information.
+
+using Microsoft.Win32.SafeHandles;
+
+using System.Diagnostics;
+using System.Runtime.InteropServices;
+using System.Security.Authentication;
+using System.Security.Authentication.ExtendedProtection;
+using System.Security.Cryptography;
+using System.Security.Cryptography.X509Certificates;
+
+namespace System.Net.Security
+{
+ internal sealed class SafeDeleteSslContext : SafeDeleteContext
+ {
+ private SafeSslHandle _sslContext;
+
+ public SafeSslHandle SslContext
+ {
+ get
+ {
+ return _sslContext;
+ }
+ }
+
+ public SafeDeleteSslContext(SafeFreeSslCredentials credential, bool isServer, bool remoteCertRequired)
+ : base(credential)
+ {
+ Debug.Assert((null != credential) && !credential.IsInvalid, "Invalid credential used in SafeDeleteSslContext");
+
+ try
+ {
+ _sslContext = Interop.OpenSsl.AllocateSslContext(
+ credential.Protocols,
+ credential.CertHandle,
+ credential.CertKeyHandle,
+ credential.Policy,
+ isServer,
+ remoteCertRequired);
+ }
+ catch(Exception ex)
+ {
+ Debug.Write("Exception Caught. - " + ex);
+ Dispose();
+ throw;
+ }
+ }
+
+ public override bool IsInvalid
+ {
+ get
+ {
+ return (null == _sslContext) || _sslContext.IsInvalid;
+ }
+ }
+
+ protected override void Dispose(bool disposing)
+ {
+ if (disposing)
+ {
+ if (null != _sslContext)
+ {
+ _sslContext.Dispose();
+ _sslContext = null;
+ }
+ }
+
+ base.Dispose(disposing);
+ }
+ }
+}
diff --git a/src/Common/src/System/Net/Security/Unix/SafeFreeCertContext.cs b/src/Common/src/System/Net/Security/Unix/SafeFreeCertContext.cs
new file mode 100644
index 000000000000..ad9904d988c7
--- /dev/null
+++ b/src/Common/src/System/Net/Security/Unix/SafeFreeCertContext.cs
@@ -0,0 +1,53 @@
+// Licensed to the .NET Foundation under one or more agreements.
+// The .NET Foundation licenses this file to you under the MIT license.
+// See the LICENSE file in the project root for more information.
+
+using Microsoft.Win32.SafeHandles;
+
+using System.Diagnostics;
+using System.Runtime.InteropServices;
+using System.Security.Cryptography;
+using System.Security.Cryptography.X509Certificates;
+
+namespace System.Net.Security
+{
+#if DEBUG
+ internal sealed class SafeFreeCertContext : DebugSafeHandle
+ {
+#else
+ internal sealed class SafeFreeCertContext : SafeHandle
+ {
+#endif
+ private readonly SafeX509Handle _certificate;
+
+ public SafeFreeCertContext(SafeX509Handle certificate) : base(IntPtr.Zero, true)
+ {
+ // In certain scenarios (e.g. server querying for a client cert), the
+ // input certificate may be invalid and this is OK
+ if ((null != certificate) && !certificate.IsInvalid)
+ {
+ bool gotRef = false;
+ certificate.DangerousAddRef(ref gotRef);
+ Debug.Assert(gotRef, "Unexpected failure in AddRef of certificate");
+ _certificate = certificate;
+ handle = _certificate.DangerousGetHandle();
+ }
+ }
+
+ public override bool IsInvalid
+ {
+ get
+ {
+ return handle == IntPtr.Zero;
+ }
+ }
+
+ protected override bool ReleaseHandle()
+ {
+ _certificate.DangerousRelease();
+ _certificate.Dispose();
+ return true;
+ }
+ }
+
+}
diff --git a/src/Common/src/System/Net/Security/Unix/SafeFreeContextBufferChannelBinding.cs b/src/Common/src/System/Net/Security/Unix/SafeFreeContextBufferChannelBinding.cs
new file mode 100644
index 000000000000..07e46a34f75a
--- /dev/null
+++ b/src/Common/src/System/Net/Security/Unix/SafeFreeContextBufferChannelBinding.cs
@@ -0,0 +1,46 @@
+// Licensed to the .NET Foundation under one or more agreements.
+// The .NET Foundation licenses this file to you under the MIT license.
+// See the LICENSE file in the project root for more information.
+
+using Microsoft.Win32.SafeHandles;
+
+using System.Diagnostics;
+using System.Runtime.InteropServices;
+using System.Security.Authentication;
+using System.Security.Authentication.ExtendedProtection;
+using System.Security.Cryptography;
+using System.Security.Cryptography.X509Certificates;
+
+namespace System.Net.Security
+{
+ internal sealed class SafeFreeContextBufferChannelBinding : ChannelBinding
+ {
+ private readonly SafeChannelBindingHandle _channelBinding = null;
+
+ public override int Size
+ {
+ get { return _channelBinding.Length; }
+ }
+
+ public override bool IsInvalid
+ {
+ get { return _channelBinding.IsInvalid; }
+ }
+
+ public SafeFreeContextBufferChannelBinding(SafeChannelBindingHandle binding)
+ {
+ Debug.Assert(null != binding && !binding.IsInvalid, "input channelBinding is invalid");
+ bool gotRef = false;
+ binding.DangerousAddRef(ref gotRef);
+ handle = binding.DangerousGetHandle();
+ _channelBinding = binding;
+ }
+
+ protected override bool ReleaseHandle()
+ {
+ _channelBinding.DangerousRelease();
+ _channelBinding.Dispose();
+ return true;
+ }
+ }
+}
diff --git a/src/Common/src/System/Net/Security/Unix/SafeFreeCredentials.cs b/src/Common/src/System/Net/Security/Unix/SafeFreeCredentials.cs
new file mode 100644
index 000000000000..245f0f24cfce
--- /dev/null
+++ b/src/Common/src/System/Net/Security/Unix/SafeFreeCredentials.cs
@@ -0,0 +1,74 @@
+// Licensed to the .NET Foundation under one or more agreements.
+// The .NET Foundation licenses this file to you under the MIT license.
+// See the LICENSE file in the project root for more information.
+
+using System.Diagnostics;
+using System.Runtime.InteropServices;
+using Microsoft.Win32.SafeHandles;
+
+namespace System.Net.Security
+{
+ //
+ // Implementation of handles dependable on FreeCredentialsHandle
+ //
+#if DEBUG
+ internal abstract class SafeFreeCredentials : DebugSafeHandle
+ {
+#else
+ internal abstract class SafeFreeCredentials : SafeHandle
+ {
+#endif
+ protected SafeFreeCredentials(IntPtr handle, bool ownsHandle) : base(handle, ownsHandle)
+ {
+ }
+ }
+
+ //
+ // This is a class holding a Credential handle reference, used for static handles cache
+ //
+#if DEBUG
+ internal sealed class SafeCredentialReference : DebugCriticalHandleMinusOneIsInvalid
+ {
+#else
+ internal sealed class SafeCredentialReference : CriticalHandleMinusOneIsInvalid
+ {
+#endif
+
+ //
+ // Static cache will return the target handle if found the reference in the table.
+ //
+ internal SafeFreeCredentials Target;
+
+ internal static SafeCredentialReference CreateReference(SafeFreeCredentials target)
+ {
+ SafeCredentialReference result = new SafeCredentialReference(target);
+ if (result.IsInvalid)
+ {
+ return null;
+ }
+
+ return result;
+ }
+ private SafeCredentialReference(SafeFreeCredentials target) : base()
+ {
+ // Bumps up the refcount on Target to signify that target handle is statically cached so
+ // its dispose should be postponed
+ bool ignore = false;
+ target.DangerousAddRef(ref ignore);
+ Target = target;
+ SetHandle(new IntPtr(0)); // make this handle valid
+ }
+
+ protected override bool ReleaseHandle()
+ {
+ SafeFreeCredentials target = Target;
+ if (target != null)
+ {
+ target.DangerousRelease();
+ }
+
+ Target = null;
+ return true;
+ }
+ }
+}
diff --git a/src/Common/src/Interop/Unix/System.Net.Security.Native/SecuritySafeHandles.cs b/src/Common/src/System/Net/Security/Unix/SafeFreeNegoCredentials.cs
similarity index 60%
rename from src/Common/src/Interop/Unix/System.Net.Security.Native/SecuritySafeHandles.cs
rename to src/Common/src/System/Net/Security/Unix/SafeFreeNegoCredentials.cs
index 7d65f076871c..02bbe5e06af0 100644
--- a/src/Common/src/Interop/Unix/System.Net.Security.Native/SecuritySafeHandles.cs
+++ b/src/Common/src/System/Net/Security/Unix/SafeFreeNegoCredentials.cs
@@ -89,72 +89,4 @@ protected override bool ReleaseHandle()
return true;
}
}
-
- internal sealed class SafeDeleteNegoContext : SafeDeleteContext
- {
- private SafeGssNameHandle _targetName;
- private SafeGssContextHandle _context;
- private bool _isNtlmUsed;
-
- public SafeGssNameHandle TargetName
- {
- get { return _targetName; }
- }
-
- // Property represents if final protocol negotiated is Ntlm or not.
- public bool IsNtlmUsed
- {
- get { return _isNtlmUsed; }
- }
-
- public SafeGssContextHandle GssContext
- {
- get { return _context; }
- }
-
- public SafeDeleteNegoContext(SafeFreeNegoCredentials credential, string targetName)
- : base(credential)
- {
- Debug.Assert((null != credential), "Null credential in SafeDeleteNegoContext");
- try
- {
- _targetName = SafeGssNameHandle.CreatePrincipal(targetName);
- }
- catch
- {
- Dispose();
- throw;
- }
- }
-
- public void SetGssContext(SafeGssContextHandle context)
- {
- Debug.Assert(context != null && !context.IsInvalid, "Invalid context passed to SafeDeleteNegoContext");
- _context = context;
- }
-
- public void SetAuthenticationPackage(bool isNtlmUsed)
- {
- _isNtlmUsed = isNtlmUsed;
- }
-
- protected override void Dispose(bool disposing)
- {
- if (disposing)
- {
- if (null != _context)
- {
- _context.Dispose();
- _context = null;
- }
-
- if (_targetName != null)
- {
- _targetName.Dispose();
- _targetName = null;
- }
- }
- base.Dispose(disposing);
- }
- }
}
diff --git a/src/Common/src/System/Net/Security/Unix/SafeFreeSslCredentials.cs b/src/Common/src/System/Net/Security/Unix/SafeFreeSslCredentials.cs
new file mode 100644
index 000000000000..3039de4bc305
--- /dev/null
+++ b/src/Common/src/System/Net/Security/Unix/SafeFreeSslCredentials.cs
@@ -0,0 +1,112 @@
+// Licensed to the .NET Foundation under one or more agreements.
+// The .NET Foundation licenses this file to you under the MIT license.
+// See the LICENSE file in the project root for more information.
+
+using Microsoft.Win32.SafeHandles;
+
+using System.Diagnostics;
+using System.Runtime.InteropServices;
+using System.Security.Authentication;
+using System.Security.Authentication.ExtendedProtection;
+using System.Security.Cryptography;
+using System.Security.Cryptography.X509Certificates;
+
+namespace System.Net.Security
+{
+ internal sealed class SafeFreeSslCredentials : SafeFreeCredentials
+ {
+ private SafeX509Handle _certHandle;
+ private SafeEvpPKeyHandle _certKeyHandle;
+ private SslProtocols _protocols = SslProtocols.None;
+ private EncryptionPolicy _policy;
+
+ internal SafeX509Handle CertHandle
+ {
+ get { return _certHandle; }
+ }
+
+ internal SafeEvpPKeyHandle CertKeyHandle
+ {
+ get { return _certKeyHandle; }
+ }
+
+ internal SslProtocols Protocols
+ {
+ get { return _protocols; }
+ }
+
+ internal EncryptionPolicy Policy
+ {
+ get { return _policy; }
+ }
+
+ public SafeFreeSslCredentials(X509Certificate certificate, SslProtocols protocols, EncryptionPolicy policy)
+ : base(IntPtr.Zero, true)
+ {
+ Debug.Assert(
+ certificate == null || certificate is X509Certificate2,
+ "Only X509Certificate2 certificates are supported at this time");
+
+ X509Certificate2 cert = (X509Certificate2)certificate;
+
+ if (cert != null)
+ {
+ Debug.Assert(cert.HasPrivateKey, "cert.HasPrivateKey");
+
+ using (RSAOpenSsl rsa = (RSAOpenSsl)cert.GetRSAPrivateKey())
+ {
+ if (rsa != null)
+ {
+ _certKeyHandle = rsa.DuplicateKeyHandle();
+ Interop.Crypto.CheckValidOpenSslHandle(_certKeyHandle);
+ }
+ }
+
+ if (_certKeyHandle == null)
+ {
+ using (ECDsaOpenSsl ecdsa = (ECDsaOpenSsl)cert.GetECDsaPrivateKey())
+ {
+ if (ecdsa != null)
+ {
+ _certKeyHandle = ecdsa.DuplicateKeyHandle();
+ Interop.Crypto.CheckValidOpenSslHandle(_certKeyHandle);
+ }
+ }
+ }
+
+ if (_certKeyHandle == null)
+ {
+ throw new NotSupportedException(SR.net_ssl_io_no_server_cert);
+ }
+
+ _certHandle = Interop.Crypto.X509Duplicate(cert.Handle);
+ Interop.Crypto.CheckValidOpenSslHandle(_certHandle);
+ }
+
+ _protocols = protocols;
+ _policy = policy;
+ }
+
+ public override bool IsInvalid
+ {
+ get { return SslProtocols.None == _protocols; }
+ }
+
+ protected override bool ReleaseHandle()
+ {
+ if (_certHandle != null)
+ {
+ _certHandle.Dispose();
+ }
+
+ if (_certKeyHandle != null)
+ {
+ _certKeyHandle.Dispose();
+ }
+
+ _protocols = SslProtocols.None;
+ return true;
+ }
+
+ }
+}
diff --git a/src/System.Net.Http/src/System.Net.Http.csproj b/src/System.Net.Http/src/System.Net.Http.csproj
index c322cea43a04..8ee7cb88cfec 100644
--- a/src/System.Net.Http/src/System.Net.Http.csproj
+++ b/src/System.Net.Http/src/System.Net.Http.csproj
@@ -257,9 +257,6 @@
Common\System\Net\Http\TlsCertificateExtensions
-
- Common\Interop\Unix\libssl\Interop.X509ChannelBindingHash.cs
-
Common\Interop\Unix\System.Security.Cryptography.Native\Interop.ASN1.cs
@@ -299,6 +296,9 @@
Common\Interop\Unix\System.Security.Cryptography.Native\Interop.X509StoreCtx.cs
+
+ Common\Interop\Unix\System.Security.Cryptography.Native\Interop.X509ChannelBindingHash.cs
+
Common\Interop\Unix\System.Net.Security.Native\Interop.Initialization.cs
@@ -355,4 +355,4 @@
-
\ No newline at end of file
+
diff --git a/src/System.Net.Security/src/System.Net.Security.csproj b/src/System.Net.Security/src/System.Net.Security.csproj
index a100d28a70f6..d13376aef285 100644
--- a/src/System.Net.Security/src/System.Net.Security.csproj
+++ b/src/System.Net.Security/src/System.Net.Security.csproj
@@ -258,21 +258,6 @@
Common\Interop\Unix\Interop.Errors.cs
-
- Common\Interop\Unix\libssl\SecuritySafeHandles.cs
-
-
- Common\Interop\Unix\libssl\StreamSizes.cs
-
-
- Common\Interop\Unix\libssl\SslConnectionInfo.cs
-
-
- Common\Interop\Unix\libssl\Interop.OpenSsl.cs
-
-
- Common\Interop\Unix\libssl\Interop.X509ChannelBindingHash.cs
-
Common\Interop\Unix\System.Security.Cryptography.Native\Interop.ASN1.cs
@@ -288,6 +273,9 @@
Common\Interop\Unix\System.Security.Cryptography.Native\Interop.Crypto.cs
+
+ Common\Interop\Unix\System.Security.Cryptography.Native\Interop.OpenSsl.cs
+
Common\Interop\Unix\System.Security.Cryptography.Native\Interop.Ssl.cs
@@ -303,6 +291,9 @@
Common\Interop\Unix\System.Security.Cryptography.Native\Interop.X509.cs
+
+ Common\Interop\Unix\System.Security.Cryptography.Native\Interop.X509ChannelBindingHash.cs
+
Common\Interop\Unix\System.Security.Cryptography.Native\Interop.X509Name.cs
@@ -315,6 +306,12 @@
Common\Interop\Unix\System.Security.Cryptography.Native\Interop.X509StoreCtx.cs
+
+ Common\Interop\Unix\System.Security.Cryptography.Native\SslConnectionInfo.cs
+
+
+ Common\Interop\Unix\System.Security.Cryptography.Native\StreamSizes.cs
+
Common\Interop\Unix\System.Net.Security.Native\Interop.Initialization.cs
@@ -324,9 +321,6 @@
Common\Interop\Unix\System.Net.Security.Native\Interop.GssBuffer.cs
-
- Common\Interop\Unix\System.Net.Security.Native\SecuritySafeHandles.cs
-
Common\Microsoft\Win32\SafeHandles\GssSafeHandles.cs
@@ -354,6 +348,30 @@
Common\System\Net\ContextAwareResult.Unix.cs
+
+ Common\System\Net\Security\Unix\SafeDeleteContext.cs
+
+
+ Common\System\Net\Security\Unix\SafeDeleteSslContext.cs
+
+
+ Common\System\Net\Security\Unix\SafeDeleteNegoContext.cs
+
+
+ Common\System\Net\Security\Unix\SafeFreeCertContext.cs
+
+
+ Common\System\Net\Security\Unix\SafeFreeContextBufferChannelBinding.cs
+
+
+ Common\System\Net\Security\Unix\SafeFreeCredentials.cs
+
+
+ Common\System\Net\Security\Unix\SafeFreeNegoCredentials.cs
+
+
+ Common\System\Net\Security\Unix\SafeFreeSslCredentials.cs
+