1 // Licensed to the .NET Foundation under one or more agreements.
2 // The .NET Foundation licenses this file to you under the MIT license.
3 // See the LICENSE file in the project root for more information.
4 
5 using System.Collections.Generic;
6 using System.Security.Authentication;
7 using System.Security.Cryptography.X509Certificates;
8 
9 namespace System.Net.Security
10 {
11     public class SslServerAuthenticationOptions
12     {
13         private X509RevocationMode _checkCertificateRevocation = X509RevocationMode.NoCheck;
14         private SslProtocols _enabledSslProtocols = SecurityProtocol.SystemDefaultSecurityProtocols;
15         private EncryptionPolicy _encryptionPolicy = EncryptionPolicy.RequireEncryption;
16         private bool _allowRenegotiation = true;
17 
18         internal RemoteCertValidationCallback _certValidationDelegate;
19 
20         public bool AllowRenegotiation
21         {
22             get => _allowRenegotiation;
23             set => _allowRenegotiation = value;
24         }
25 
26         public bool ClientCertificateRequired { get; set; }
27 
28         public List<SslApplicationProtocol> ApplicationProtocols { get; set; }
29 
30         public RemoteCertificateValidationCallback RemoteCertificateValidationCallback { get; set; }
31 
32         public X509Certificate ServerCertificate { get; set; }
33 
34         public SslProtocols EnabledSslProtocols
35         {
36             get => _enabledSslProtocols;
37             set => _enabledSslProtocols = value;
38         }
39 
40         public X509RevocationMode CertificateRevocationCheckMode
41         {
42             get => _checkCertificateRevocation;
43             set
44             {
45                 if (value != X509RevocationMode.NoCheck && value != X509RevocationMode.Offline && value != X509RevocationMode.Online)
46                 {
47                     throw new ArgumentException(SR.Format(SR.net_invalid_enum, nameof(X509RevocationMode)), nameof(value));
48                 }
49 
50                 _checkCertificateRevocation = value;
51             }
52         }
53 
54         public EncryptionPolicy EncryptionPolicy
55         {
56             get => _encryptionPolicy;
57             set
58             {
59                 if (value != EncryptionPolicy.RequireEncryption && value != EncryptionPolicy.AllowNoEncryption && value != EncryptionPolicy.NoEncryption)
60                 {
61                     throw new ArgumentException(SR.Format(SR.net_invalid_enum, nameof(EncryptionPolicy)), nameof(value));
62                 }
63 
64                 _encryptionPolicy = value;
65             }
66         }
67     }
68 }
69 
70