Allow the caller to inspect the host's certificate

A caller might want to inspect the certificate or simply ignore who the
server claims to be.

Author: carlosmn

LibGit2Sharp.Tests/CloneFixture.cs

@@ -237,6 +237,44 @@ public void CanCloneFromBBWithCredentials(string url, string user, string pass,
             }
         }
 
+        [SkippableTheory]
+        [InlineData("https://github.com/libgit2/TestGitRepository.git", "github.com", typeof(CertificateX509))]
+        [InlineData("git@github.com/libgit2/TestGitRepository.git", "github.com", typeof(CertificateSsh))]
+        public void CanInspectCertificateOnClone(string url, string hostname, Type certType)
+        {
+            var scd = BuildSelfCleaningDirectory();
+
+            if (certType == typeof(CertificateSsh) && !GlobalSettings.Version.Features.HasFlag(BuiltInFeatures.Ssh))
+            {
+                throw new SkipException("SSH not supported");
+            }
+
+            Assert.Throws<UserCancelledException>(() => {
+                Repository.Clone(url, scd.DirectoryPath, new CloneOptions()
+                {
+                    CertificateCheck = (cert, valid, host) =>
+                    {
+                        Assert.Equal(hostname, host);
+                        Assert.Equal(certType, cert.GetType());
+                        if (certType == typeof(CertificateX509))
+                        {
+                            Assert.True(valid);
+                            var x509 = ((CertificateX509)cert).Certificate;
+                            // we get a string with the different fields instead of a structure, so...
+                            Assert.True(x509.Subject.Contains("CN=github.com,"));
+                        }
+                        else
+                        {
+                            var hostkey = (CertificateSsh)cert;
+                            Assert.True(hostkey.HasMD5);
+                            Assert.Equal("1627aca576282d36631b564debdfa648", BitConverter.ToString(hostkey.HashMD5));
+                        }
+                        return false;
+                    },
+                });
+            });
+        }
+
         [Fact]
         public void CloningAnUrlWithoutPathThrows()
         {

LibGit2Sharp/Certificate.cs

@@ -0,0 +1,9 @@
+namespace LibGit2Sharp
+{
+    /// <summary>
+    /// Top-level certificate type. The usable certificates inherit from this class.
+    /// </summary>
+    public abstract class Certificate
+    {
+    }
+}

LibGit2Sharp/CertificateSsh.cs

@@ -0,0 +1,53 @@
+using LibGit2Sharp.Core;
+
+namespace LibGit2Sharp
+{
+    /// <summary>
+    /// This class represents the hostkey which is avaiable when connecting to a SSH host.
+    /// </summary>
+    public class CertificateSsh : Certificate
+    {
+        /// <summary>
+        /// For mocking purposes
+        /// </summary>
+        protected CertificateSsh()
+        { }
+
+        /// <summary>
+        /// The MD5 hash of the host. Meaningful if <see cref="HasMD5"/> is true
+        /// </summary>
+        public readonly byte[] HashMD5;
+
+        /// <summary>
+        /// The SHA1 hash of the host. Meaningful if <see cref="HasSHA1"/> is true
+        /// </summary>
+        public readonly byte[] HashSHA1;
+
+        /// <summary>
+        /// True if we have the MD5 hostkey hash from the server
+        /// </summary>
+        public readonly bool HasMD5;
+
+        /// <summary>
+        /// True if we have the SHA1 hostkey hash from the server
+        /// </summary>
+        public readonly bool HasSHA1;
+
+        /// <summary>
+        /// True if we have the SHA1 hostkey hash from the server
+        /// </summary>public readonly bool HasSHA1;
+
+        internal CertificateSsh(GitCertificateSsh cert)
+        {
+
+            HasMD5  = cert.type.HasFlag(GitCertificateSshType.MD5);
+            HasSHA1 = cert.type.HasFlag(GitCertificateSshType.SHA1);
+
+            HashMD5 = new byte[16];
+            cert.HashMD5.CopyTo(HashMD5, 0);
+
+            HashSHA1 = new byte[20];
+            cert.HashSHA1.CopyTo(HashSHA1, 0);
+        }
+    }
+}

LibGit2Sharp/CertificateX509.cs

@@ -0,0 +1,32 @@
+using System.Runtime.InteropServices;
+using System.Security.Cryptography.X509Certificates;
+using LibGit2Sharp.Core;
+
+namespace LibGit2Sharp
+{
+    /// <summary>
+    /// Conains a X509 certificate
+    /// </summary>
+    public class CertificateX509 : Certificate
+    {
+
+        /// <summary>
+        /// For mocking purposes
+        /// </summary>
+        protected CertificateX509()
+        { }
+
+        /// <summary>
+        /// The certificate.
+        /// </summary>
+        public virtual X509Certificate Certificate { get; private set; }
+
+        internal CertificateX509(GitCertificateX509 cert)
+        {
+            int len = checked((int) cert.len.ToUInt32());
+            byte[] data = new byte[len];
+            Marshal.Copy(cert.data, data, 0, len);
+            Certificate = new X509Certificate(data);
+        }
+    }
+}

LibGit2Sharp/Core/GitCertificate.cs

@@ -0,0 +1,10 @@
+using System.Runtime.InteropServices;
+
+namespace LibGit2Sharp.Core
+{
+    [StructLayout(LayoutKind.Sequential)]
+    internal struct GitCertificate
+    {
+        public GitCertificateType type;
+    }
+}

LibGit2Sharp/Core/GitCertificateSsh.cs

@@ -0,0 +1,23 @@
+using System.Runtime.InteropServices;
+
+namespace LibGit2Sharp.Core
+{
+    [StructLayout(LayoutKind.Sequential)]
+    internal struct GitCertificateSsh
+    {
+        public GitCertificateType cert_type;
+        public GitCertificateSshType type;
+
+        /// <summary>
+        /// The MD5 hash (if appropriate)
+        /// </summary>
+        [MarshalAs(UnmanagedType.ByValArray, SizeConst = 16)]
+        public byte[] HashMD5;
+
+        /// <summary>
+        /// The MD5 hash (if appropriate)
+        /// </summary>
+        [MarshalAs(UnmanagedType.ByValArray, SizeConst = 20)]
+        public byte[] HashSHA1;
+    }
+}

LibGit2Sharp/Core/GitCertificateSshType.cs

@@ -0,0 +1,11 @@
+using System;
+
+namespace LibGit2Sharp.Core
+{
+    [Flags]
+    internal enum GitCertificateSshType
+    {
+        MD5  = (1 << 0),
+        SHA1 = (1 << 1),
+    }
+}

LibGit2Sharp/Core/GitCertificateType.cs

@@ -0,0 +1,17 @@
+namespace LibGit2Sharp.Core
+{
+    /// <summary>
+    /// Git certificate types to present to the user
+    /// </summary>
+    internal enum GitCertificateType
+    {
+        /// <summary>
+        /// The certificate is a x509 certificate
+        /// </summary>
+        X509 = 0,
+        /// <summary>
+        /// The "certificate" is in fact a hostkey identification for ssh.
+        /// </summary>
+        Hostkey = 1,
+    }
+}

LibGit2Sharp/Core/GitCertificateX509.cs

@@ -0,0 +1,22 @@
+using System;
+using System.Runtime.InteropServices;
+
+namespace LibGit2Sharp.Core
+{
+    [StructLayout(LayoutKind.Sequential)]
+    internal struct GitCertificateX509
+    {
+        /// <summary>
+        /// Type of the certificate, in this case, GitCertificateType.X509
+        /// </summary>
+        public GitCertificateType cert_type;
+        /// <summary>
+        /// Pointer to the X509 certificate data
+        /// </summary>
+        public IntPtr data;
+        /// <summary>
+        ///  The size of the certificate data
+        /// </summary>
+        public UIntPtr len;
+    }
+}

LibGit2Sharp/Core/GitRemoteCallbacks.cs

@@ -17,7 +17,7 @@ internal struct GitRemoteCallbacks
 
         internal NativeMethods.git_cred_acquire_cb acquire_credentials;
 
-        internal IntPtr certificate_check;
+        internal NativeMethods.git_transport_certificate_check_cb certificate_check;
 
         internal NativeMethods.git_transfer_progress_callback download_progress;