in native/src/tls_ctx_options.c [11:49]
bool s_tls_args_to_options(
struct aws_tls_ctx_options *options,
enum aws_tls_versions min_tls_version,
const char *ca_file,
const char *ca_path,
const char *alpn_list,
const char *cert_path,
const char *key_path,
const char *pkcs12_path,
const char *pkcs12_password,
uint32_t max_fragment_size,
uint8_t verify_peer) {
struct aws_allocator *allocator = aws_dotnet_get_allocator();
AWS_ZERO_STRUCT(*options);
aws_tls_ctx_options_init_default_client(options, allocator);
if (ca_path || ca_file) {
aws_tls_ctx_options_override_default_trust_store_from_path(options, ca_path, ca_file);
}
if (cert_path && key_path) {
aws_tls_ctx_options_init_client_mtls_from_path(options, allocator, cert_path, key_path);
}
if (pkcs12_path && pkcs12_password) {
#if defined(__APPLE__)
struct aws_byte_cursor password = aws_byte_cursor_from_c_str(pkcs12_password);
aws_tls_ctx_options_init_client_mtls_pkcs12_from_path(options, allocator, pkcs12_path, &password);
#else
aws_dotnet_throw_exception(AWS_ERROR_UNSUPPORTED_OPERATION, "PKCS12 is not supported on non-Apple platforms");
return false;
#endif
}
if (alpn_list) {
aws_tls_ctx_options_set_alpn_list(options, alpn_list);
}
options->minimum_tls_version = min_tls_version;
options->max_fragment_size = max_fragment_size;
options->verify_peer = verify_peer != 0;
return true;
}