Public Member Functions
	SslConfiguration (string certificatePath, string certificatePassword)

	SslConfiguration (string certificatePath, string certificatePassword, List< TLSVersion > tlsVersions, bool checkCertificateRevocation=true, bool validateClientCertificate=false, bool clientCertificateRequired=false)

bool	IsEnabled ()

bool	IsDebugModeEnabled ()

X509Certificate2	GetCertificate ()
	Returns a X509Certificate2 object from the certificate path and password. If a certificate in form of bytes is provided, it will be used instead of the path.

void	SetCertificate (string path)
	Sets the certificate path.

void	SetCertificate (byte[] bytes)
	Sets the certificate data.

void	SetCertificatePassword (string password)
	Sets the certificate password.

Static Public Member Functions
static SslConfiguration	FromJSON (JsonElement json)

static bool	CreateDebugCertificate ()
	Creates a developer certificate valid only for 1 month and for localhost. OpenSSL is required to use this feature.

static ? X509Certificate2	TryLoadDebugCertificate (bool create=true, Configuration? c=null)

Public Attributes
ushort	SslPort = 8443

SSL_PORT_MODE	PortMode = SSL_PORT_MODE.DUAL_PORT

bool	UpgradeUnsecureRequests = true

string?	CertificatePath

bool	UseDebugCertificate = false
	When set, a developer certificate valid only for 1 month and for localhost will be created (if doesn't exist or is expired) and used. OpenSSL is required to use this feature.

byte?[]	CertificateBytes

string?	CertificatePassword

List< TLSVersion >	TLSVersions

bool	CheckCertificateRevocation = true

bool	ValidateClientCertificate = true

bool	ClientCertificateRequired = false

Detailed Description

Definition at line 15 of file SslConfiguration.cs.

Constructor & Destructor Documentation

◆ SslConfiguration() [1/3]

HSB.SslConfiguration.SslConfiguration ( )

Definition at line 48 of file SslConfiguration.cs.

    {
 
        TLSVersions = [];
 
    }

◆ SslConfiguration() [2/3]

HSB.SslConfiguration.SslConfiguration	(	string	certificatePath,
		string	certificatePassword
	)

Definition at line 55 of file SslConfiguration.cs.

    {
 
        TLSVersions = [];
        CertificatePassword = certificatePassword;
        CertificatePath = certificatePath;
    }

◆ SslConfiguration() [3/3]

HSB.SslConfiguration.SslConfiguration	(	string	certificatePath,
		string	certificatePassword,
		List< TLSVersion >	tlsVersions,
		bool	checkCertificateRevocation = `true`,
		bool	validateClientCertificate = `false`,
		bool	clientCertificateRequired = `false`
	)

Definition at line 63 of file SslConfiguration.cs.

    {
 
        TLSVersions = tlsVersions;
        CertificatePassword = certificatePassword;
        CertificatePath = certificatePath;
        CheckCertificateRevocation = checkCertificateRevocation;
        ValidateClientCertificate = validateClientCertificate;
        ClientCertificateRequired = clientCertificateRequired;
    }

Member Function Documentation

◆ CreateDebugCertificate()

static bool HSB.SslConfiguration.CreateDebugCertificate ( )

static

Creates a developer certificate valid only for 1 month and for localhost. OpenSSL is required to use this feature.

Definition at line 193 of file SslConfiguration.cs.

    {
        //check if openssl is installed
        var startInfo = new ProcessStartInfo
        {
            RedirectStandardOutput = true,
            RedirectStandardError = true,
            UseShellExecute = false,
            CreateNoWindow = true
        };
 
        if (RuntimeInformation.IsOSPlatform(OSPlatform.Windows))
        {
            startInfo.FileName = "cmd.exe";
            startInfo.Arguments = $"/C openssl version";
 
        }
        else
        {
            startInfo.FileName = "/bin/bash";
            startInfo.Arguments = $"-c openssl version";
        }
        var process = new Process
        {
            StartInfo = startInfo
        };
        process.Start();
        process.WaitForExit();
        if (process.ExitCode != 0)
        {
            Terminal.ERROR($"Openssl is not installed, cannot continue ({process.ExitCode})", true);
            return false;
        }
 
        //if old certificate exists, delete it
        if (Directory.Exists(DEBUG_CERT_FOLDER_PATH))
        {
            if (File.Exists(DEBUG_CERT_P12_PATH))
            {
                File.Delete(DEBUG_CERT_P12_PATH);
            }
            if (File.Exists(DEBUG_CERT_CRT_PATH))
            {
                File.Delete(DEBUG_CERT_CRT_PATH);
            }
            if (File.Exists(DEBUG_CERT_KEY_PATH))
            {
                File.Delete(DEBUG_CERT_KEY_PATH);
            }
        }
        else //create folder if not exists
        {
            Directory.CreateDirectory(DEBUG_CERT_FOLDER_PATH);
        }
 
 
        var command =
        $"openssl version && openssl " +
        $"req -x509 -newkey rsa:4096 -sha256 -days 30 -nodes -subj \"/CN=localhost/C=US\" " +
        $"-keyout \"{DEBUG_CERT_KEY_PATH}\" " +
        $"-out \"{DEBUG_CERT_CRT_PATH}\" && " +
        $"openssl pkcs12 -export " +
        $"-out \"{DEBUG_CERT_P12_PATH}\" " +
        $"-inkey \"{DEBUG_CERT_KEY_PATH}\" " +
        $"-in \"{DEBUG_CERT_CRT_PATH}\" " +
        $"-passout pass:\"{DEBUG_CERT_PASSWORD}\"";
 
 
        Terminal.DEBUG($"Creating debug certificate with command: {command}");
 
 
 
        //if windows
        if (RuntimeInformation.IsOSPlatform(OSPlatform.Windows))
        {
            startInfo.FileName = "cmd.exe";
            startInfo.Arguments = $"/C \"{command}\"";
 
        }
        else if (RuntimeInformation.IsOSPlatform(OSPlatform.OSX))
        {
            startInfo.FileName = "/bin/zsh";
            startInfo.Arguments = $"-c \"{command}\"";
        }
        else if (RuntimeInformation.IsOSPlatform(OSPlatform.Linux))
        {
            startInfo.FileName = "/bin/bash";
            startInfo.Arguments = $"-c \"{command}\"";
        }
        startInfo.RedirectStandardOutput = false;
        startInfo.RedirectStandardError = true;
        process = new()
        {
            StartInfo = startInfo
        };
 
        process.Start();
        process.WaitForExit();
 
        if (process.ExitCode != 0)
        {
            Terminal.WARNING($"Openssl error, certificate has not been created\nCommand used is : {command}", true);
            return false;
        }
        else
        {
            Terminal.DEBUG($"Debug certificate (valid only for localhost) created successfully");
        }
        return true;
    }

◆ FromJSON()

static SslConfiguration HSB.SslConfiguration.FromJSON ( JsonElement json )

static

Definition at line 147 of file SslConfiguration.cs.

    {
 
        //IsEnabled 
 
        var lastProp = "SslPort";
        try
        {
 
            var SslPort = Utils.Safe(json.GetProperty("SslPort").GetUInt16(), (ushort)8443);
            lastProp = "PortMode"; SSL_PORT_MODE PortMode = (SSL_PORT_MODE)Utils.Safe(json.GetProperty("PortMode").GetInt16(), (int)SSL_PORT_MODE.DUAL_PORT);
            lastProp = "upgradeUnsecureRequests"; bool upgradeUnsecureRequests = Utils.Safe(json.GetProperty("UpgradeUnsecureRequests").GetBoolean(), true);
            lastProp = "CertificatePath"; var CertificatePath = json.GetProperty("CertificatePath").GetString();
            lastProp = "CertificatePassword"; var CertificatePassword = json.GetProperty("CertificatePassword").GetString();
            lastProp = "CheckCertificateRevocation"; var CheckCertificateRevocation = Utils.Safe(json.GetProperty("CheckCertificateRevocation").GetBoolean(), true);
            lastProp = "ValidateClientCertificate"; var ValidateClientCertificate = Utils.Safe(json.GetProperty("ValidateClientCertificate").GetBoolean(), false);
            lastProp = "ClientCertificateRequired"; var ClientCertificateRequired = Utils.Safe(json.GetProperty("ClientCertificateRequired").GetBoolean(), false);
            lastProp = "tlsVersions"; var tlsVersions = json.GetProperty("TLSVersions").EnumerateArray().Select(x => (TLSVersion)x.GetInt16()).ToList();
 
            return new()
            {
 
                PortMode = PortMode,
                SslPort = SslPort,
                UpgradeUnsecureRequests = upgradeUnsecureRequests,
                CertificatePath = CertificatePath,
                CertificatePassword = CertificatePassword,
                TLSVersions = tlsVersions,
                CheckCertificateRevocation = CheckCertificateRevocation,
                ValidateClientCertificate = ValidateClientCertificate,
                ClientCertificateRequired = ClientCertificateRequired,
            };
        }
        catch (Exception e)
        {
            Terminal.ERROR("Error while parsing SslSettings property: " + lastProp + " " + e.Message);
            return new();
        }
 
 
    }

◆ GetCertificate()

X509Certificate2 HSB.SslConfiguration.GetCertificate ( )

Returns a X509Certificate2 object from the certificate path and password. If a certificate in form of bytes is provided, it will be used instead of the path.

Returns

Definition at line 89 of file SslConfiguration.cs.

    {
        if (CertificateBytes != null)
        {
            return new(CertificateBytes, CertificatePassword!);
        }
        return new(CertificatePath!, CertificatePassword!);
    }

◆ SetCertificate() [1/2]

void HSB.SslConfiguration.SetCertificate ( byte[] bytes )

Sets the certificate data.

Parameters

bytes

Definition at line 109 of file SslConfiguration.cs.

    {
        CertificateBytes = bytes;
    }

◆ SetCertificate() [2/2]

void HSB.SslConfiguration.SetCertificate ( string path )

Sets the certificate path.

Parameters

path

Definition at line 101 of file SslConfiguration.cs.

    {
        CertificatePath = path;
    }

◆ SetCertificatePassword()

void HSB.SslConfiguration.SetCertificatePassword ( string password )

Sets the certificate password.

Parameters

password

Definition at line 117 of file SslConfiguration.cs.

    {
        CertificatePassword = password;
    }

◆ TryLoadDebugCertificate()

static ? X509Certificate2 HSB.SslConfiguration.TryLoadDebugCertificate	(	bool	create = `true`,
		Configuration?	c = `null`
	)

static

Definition at line 304 of file SslConfiguration.cs.

    {
 
        X509Certificate2 cert;
 
        if (!File.Exists(DEBUG_CERT_P12_PATH))
        {
            if (create)
            {
                if (!CreateDebugCertificate())
                {
                    c?.Debug.WARNING("Cannot load debug certificate, file not found");
                    return null;
                }
 
            }
            else
            {
                c?.Debug.WARNING("Cannot load debug certificate, file not found");
                //Terminal.DEBUG("Cannot load debug certificate, file not found");
                return null;
            }
        }
        //workaround  to avoid error if path contains spaces
        var bytes = File.ReadAllBytes(DEBUG_CERT_P12_PATH);
        cert = new X509Certificate2(bytes, DEBUG_CERT_PASSWORD);
 
        //if expired, delete and create again
        if (cert.NotAfter < DateTime.Now)
        {
            File.Delete(DEBUG_CERT_P12_PATH);
            if (!CreateDebugCertificate())
            {
                c?.Debug.DEBUG("Cannot load debug certificate, file not found");
                return null;
            }
 
            cert = new X509Certificate2(DEBUG_CERT_P12_PATH, DEBUG_CERT_PASSWORD);
        }
 
        c?.Debug.DEBUG("Debug certificate loaded. Remember to trust it in your system!");
        return cert;
    }

Member Data Documentation

◆ CertificateBytes

byte? [] HSB.SslConfiguration.CertificateBytes

Definition at line 40 of file SslConfiguration.cs.

◆ CertificatePassword

string? HSB.SslConfiguration.CertificatePassword

Definition at line 41 of file SslConfiguration.cs.

◆ CertificatePath

string? HSB.SslConfiguration.CertificatePath

Definition at line 32 of file SslConfiguration.cs.

◆ CheckCertificateRevocation

bool HSB.SslConfiguration.CheckCertificateRevocation = true

Definition at line 43 of file SslConfiguration.cs.

◆ ClientCertificateRequired

bool HSB.SslConfiguration.ClientCertificateRequired = false

Definition at line 45 of file SslConfiguration.cs.

◆ PortMode

SSL_PORT_MODE HSB.SslConfiguration.PortMode = SSL_PORT_MODE.DUAL_PORT

Definition at line 30 of file SslConfiguration.cs.

◆ SslPort

ushort HSB.SslConfiguration.SslPort = 8443

Definition at line 29 of file SslConfiguration.cs.

◆ TLSVersions

List<TLSVersion> HSB.SslConfiguration.TLSVersions

Definition at line 42 of file SslConfiguration.cs.

◆ UpgradeUnsecureRequests

bool HSB.SslConfiguration.UpgradeUnsecureRequests = true

Definition at line 31 of file SslConfiguration.cs.

◆ UseDebugCertificate

bool HSB.SslConfiguration.UseDebugCertificate = false

When set, a developer certificate valid only for 1 month and for localhost will be created (if doesn't exist or is expired) and used. OpenSSL is required to use this feature.

Definition at line 38 of file SslConfiguration.cs.

◆ ValidateClientCertificate

bool HSB.SslConfiguration.ValidateClientCertificate = true

Definition at line 44 of file SslConfiguration.cs.

The documentation for this class was generated from the following file:

HSB/SslConfiguration.cs

Public Member Functions

Static Public Member Functions

Public Attributes

Detailed Description

Constructor & Destructor Documentation

◆ SslConfiguration() [1/3]

◆ SslConfiguration() [2/3]

◆ SslConfiguration() [3/3]

Member Function Documentation

◆ CreateDebugCertificate()

◆ FromJSON()

◆ GetCertificate()

◆ SetCertificate() [1/2]

◆ SetCertificate() [2/2]

◆ SetCertificatePassword()

◆ TryLoadDebugCertificate()

Member Data Documentation

◆ CertificateBytes

◆ CertificatePassword

◆ CertificatePath

◆ CheckCertificateRevocation

◆ ClientCertificateRequired

◆ PortMode

◆ SslPort

◆ TLSVersions

◆ UpgradeUnsecureRequests

◆ UseDebugCertificate

◆ ValidateClientCertificate