diff --git a/nanoFramework.System.Net/Properties/AssemblyInfo.cs b/nanoFramework.System.Net/Properties/AssemblyInfo.cs
index a5c758d..fc22ed0 100644
--- a/nanoFramework.System.Net/Properties/AssemblyInfo.cs
+++ b/nanoFramework.System.Net/Properties/AssemblyInfo.cs
@@ -12,7 +12,7 @@
////////////////////////////////////////////////////////////////
// update this whenever the native assembly signature changes //
-[assembly: AssemblyNativeVersion("100.1.3.3")]
+[assembly: AssemblyNativeVersion("100.1.3.4")]
////////////////////////////////////////////////////////////////
// Setting ComVisible to false makes the types in this assembly not visible
diff --git a/nanoFramework.System.Net/Security/NetworkSecurity.cs b/nanoFramework.System.Net/Security/NetworkSecurity.cs
index 697aaec..28d84fc 100644
--- a/nanoFramework.System.Net/Security/NetworkSecurity.cs
+++ b/nanoFramework.System.Net/Security/NetworkSecurity.cs
@@ -70,10 +70,20 @@ public enum SslVerification
internal static class SslNative
{
[MethodImplAttribute(MethodImplOptions.InternalCall)]
- internal static extern int SecureServerInit(int sslProtocols, int sslCertVerify, X509Certificate certificate, X509Certificate ca);
+ internal static extern int SecureServerInit(
+ int sslProtocols,
+ int sslCertVerify,
+ X509Certificate certificate,
+ X509Certificate ca,
+ bool useDeviceCertificate);
[MethodImplAttribute(MethodImplOptions.InternalCall)]
- internal static extern int SecureClientInit(int sslProtocols, int sslCertVerify, X509Certificate certificate, X509Certificate ca);
+ internal static extern int SecureClientInit(
+ int sslProtocols,
+ int sslCertVerify,
+ X509Certificate certificate,
+ X509Certificate ca,
+ bool useDeviceCertificate);
[MethodImplAttribute(MethodImplOptions.InternalCall)]
internal static extern void SecureAccept(int contextHandle, object socket);
diff --git a/nanoFramework.System.Net/Security/SslStream.cs b/nanoFramework.System.Net/Security/SslStream.cs
index 3f151a8..b14b91d 100644
--- a/nanoFramework.System.Net/Security/SslStream.cs
+++ b/nanoFramework.System.Net/Security/SslStream.cs
@@ -18,6 +18,7 @@ namespace System.Net.Security
public class SslStream : NetworkStream
{
private SslVerification _sslVerification;
+ private bool _useStoredDeviceCertificate = false;
// Internal flags
private int _sslContext;
@@ -29,6 +30,16 @@ public class SslStream : NetworkStream
///
public SslVerification SslVerification { get => _sslVerification; set => _sslVerification = value; }
+ ///
+ /// Option to use the certificate stored in the device as client or server certificate.
+ /// The default option is .
+ ///
+ ///
+ /// This property is exclusive of .NET nanoFramework.
+ /// In case there is no device certificate stored, the authentication will use whatever is provided (or not) in the parameter of the method being called.
+ ///
+ public bool UseStoredDeviceCertificate { get => _useStoredDeviceCertificate; set => _useStoredDeviceCertificate = value; }
+
//--//
///
@@ -71,6 +82,9 @@ public void AuthenticateAsClient(string targetHost, SslProtocols enabledSslProto
/// The name of the server that will share this SslStream.
/// The client certificate.
/// The value that represents the protocol used for authentication.
+ ///
+ /// Instead of providing the client certificate in the parameter the property can be used to use the certificate stored in the device.
+ ///
public void AuthenticateAsClient(string targetHost, X509Certificate clientCertificate, SslProtocols enabledSslProtocols)
{
Authenticate(false, targetHost, clientCertificate, null, enabledSslProtocols);
@@ -84,6 +98,9 @@ public void AuthenticateAsClient(string targetHost, X509Certificate clientCertif
/// The client certificate.
/// Certificate Authority certificate to use for authentication with the server.
/// The value that represents the protocol used for authentication.
+ ///
+ /// Instead of providing the client certificate in the parameter the property can be used to use the certificate stored in the device.
+ ///
public void AuthenticateAsClient(string targetHost, X509Certificate clientCertificate, X509Certificate ca, SslProtocols enabledSslProtocols)
{
Authenticate(false, targetHost, clientCertificate, ca, enabledSslProtocols);
@@ -95,6 +112,9 @@ public void AuthenticateAsClient(string targetHost, X509Certificate clientCertif
///
/// The certificate used to authenticate the server.
/// The protocols that may be used for authentication.
+ ///
+ /// Instead of providing the server certificate in the parameter the property can be used to use the certificate stored in the device.
+ ///
public void AuthenticateAsServer(X509Certificate serverCertificate, SslProtocols enabledSslProtocols)
{
Authenticate(true, "", serverCertificate, null, enabledSslProtocols);
@@ -106,6 +126,9 @@ public void AuthenticateAsServer(X509Certificate serverCertificate, SslProtocols
/// The X509Certificate used to authenticate the server.
/// A value that specifies whether the client is asked for a certificate for authentication. Note that this is only a request, if no certificate is provided, the server still accepts the connection request.
/// The protocols that may be used for authentication.
+ ///
+ /// Instead of providing the server certificate in the parameter the property can be used to use the certificate stored in the device.
+ ///
public void AuthenticateAsServer(X509Certificate serverCertificate, bool clientCertificateRequired, SslProtocols enabledSslProtocols)
{
SslVerification = clientCertificateRequired ? SslVerification.VerifyClientOnce : SslVerification.NoVerification;
@@ -123,12 +146,24 @@ internal void Authenticate(bool isServer, string targetHost, X509Certificate cer
{
if (isServer)
{
- _sslContext = SslNative.SecureServerInit((int)enabledSslProtocols, (int)_sslVerification, certificate, ca);
+ _sslContext = SslNative.SecureServerInit(
+ (int)enabledSslProtocols,
+ (int)_sslVerification,
+ certificate,
+ ca,
+ _useStoredDeviceCertificate);
+
SslNative.SecureAccept(_sslContext, _socket);
}
else
{
- _sslContext = SslNative.SecureClientInit((int)enabledSslProtocols, (int)_sslVerification, certificate, ca);
+ _sslContext = SslNative.SecureClientInit(
+ (int)enabledSslProtocols,
+ (int)_sslVerification,
+ certificate,
+ ca,
+ _useStoredDeviceCertificate);
+
SslNative.SecureConnect(_sslContext, targetHost, _socket);
}
}
diff --git a/version.json b/version.json
index a51b395..9f3b0f3 100644
--- a/version.json
+++ b/version.json
@@ -1,6 +1,6 @@
{
"$schema": "https://raw.githubusercontent.com/dotnet/Nerdbank.GitVersioning/master/src/NerdBank.GitVersioning/version.schema.json",
- "version": "1.6.4-preview.{height}",
+ "version": "1.6.5-preview.{height}",
"assemblyVersion": {
"precision": "revision"
},