Skip to content

Adding documentation for new CipherSuitesPolicy, SslStream.NegotiatedCipherSuite and TlsCipherSuites #2822

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 3 commits into from
Aug 7, 2019
Merged

Adding documentation for new CipherSuitesPolicy, SslStream.NegotiatedCipherSuite and TlsCipherSuites #2822

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
1efb3db
Adding documentation for new CipherSuitesPolicy, SslStream.Negotiated…
jozkee Jul 24, 2019
5f283d5
Apply suggestions from code review
jozkee Jul 25, 2019
4b4276c
Apply suggestions from code review
jozkee Aug 6, 2019
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
37 changes: 30 additions & 7 deletions xml/System.Net.Security/CipherSuitesPolicy.xml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -39,9 +39,21 @@
<Parameter Name="allowedCipherSuites" Type="System.Collections.Generic.IEnumerable&lt;System.Net.Security.TlsCipherSuite&gt;" />
</Parameters>
<Docs>
<param name="allowedCipherSuites">To be added.</param>
<summary>To be added.</summary>
<remarks>To be added.</remarks>
<param name="allowedCipherSuites">The collection of cipher suites allowed in this policy for negotiation.</param>
<summary>Initializes a new instance of the <see cref="T:System.Net.Security.CipherSuitesPolicy" /> class that can be used for client or server authentication.</summary>
<remarks>
<format type="text/markdown"><![CDATA[
> [!NOTE]
> Defining a cipher suite policy on <xref:System.Net.Security.SslStream> authentication will prevent the OS from deciding which are the best cipher suites to negotiate with and requires that you manually check and update this code. We strongly recommend that you avoid using this feature and rely on your constantly updated OS policy.

## Remarks

Unlike the operating system's underlying SSL/TLS implementation, the order of the <xref:System.Net.Security.TlsCipherSuite> elements in `allowedCipherSuites` doesn't guarantee their priority in client-server negotiation. You can only initialize an instance of this class if you're using Linux systems with OpenSSL 1.1.1 or higher or macOS.


]]></format>
</remarks>
<exception cref="T:System.PlatformNotSupportedException">Platform is not a Linux system with OpenSSL 1.1.1 or higher or a macOS.</exception>
</Docs>
</Member>
<Member MemberName="AllowedCipherSuites">
Expand All @@ -65,10 +77,21 @@
<ReturnType>System.Collections.Generic.IEnumerable&lt;System.Net.Security.TlsCipherSuite&gt;</ReturnType>
</ReturnValue>
<Docs>
<summary>To be added.</summary>
<value>To be added.</value>
<remarks>To be added.</remarks>
<summary>Gets a subset of valid cipher suites passed into <see cref="M:System.Net.Security.CipherSuitesPolicy.#ctor(System.Collections.Generic.IEnumerable{System.Net.Security.TlsCipherSuite})" /> constructor as a collection of cipher suites allowed in this policy for negotiation.</summary>
<value>The collection of cipher suites allowed in this policy for negotiation.</value>
<remarks>
<format type="text/markdown"><![CDATA[


> [!NOTE]
> Defining a cipher suite policy on <xref:System.Net.Security.SslStream> authentication will prevent the OS from deciding which are the best cipher suites to negotiate with and requires that you manually check and update this code. We strongly recommend that you avoid using this feature and rely on your constantly updated OS policy.

## Remarks
Unlike the operating system's underlying SSL/TLS implementation, the order of the <xref:System.Net.Security.TlsCipherSuite> elements in `allowedCipherSuites` doesn't guarantee their priority in client-server negotiation. You can only initialize an instance of this class if you're using Linux systems with OpenSSL 1.1.1 or higher or macOS.

]]></format>
</remarks>
</Docs>
</Member>
</Members>
</Type>
</Type>
15 changes: 12 additions & 3 deletions xml/System.Net.Security/SslStream.xml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3453,9 +3453,18 @@ Authentication has not occurred.</exception>
<ReturnType>System.Net.Security.TlsCipherSuite</ReturnType>
</ReturnValue>
<Docs>
<summary>To be added.</summary>
<value>To be added.</value>
<remarks>To be added.</remarks>
<summary>Gets the cipher suite which was negotiated for this connection.</summary>
<value>One of the enumeration values that identifies the cipher suite which was negotiated for this connection.</value>
<remarks>
<format type="text/markdown"><![CDATA[

## Remarks

This property gets the cipher suite that is going to be used in the communication between a client and server by the underlying SSL/TLS implementation. It is only available after a successful call to <xref:System.Net.Security.SslStream.AuthenticateAsServer%2A> or <xref:System.Net.Security.SslStream.AuthenticateAsClient%2A>.

]]></format>
</remarks>
<exception cref="T:System.InvalidOperationException">The property was accessed before the completion of the authentication process or the authentication process failed.</exception>
</Docs>
</Member>
<Member MemberName="Position">
Expand Down
Loading