From 6af052faae87219a88625f483720f178666d429e Mon Sep 17 00:00:00 2001 From: JacobBarthelmeh Date: Thu, 11 Jun 2020 10:57:26 -0700 Subject: [PATCH] add peer certificate print to callback --- wrapper/CSharp/include.am | 83 +++---- .../wolfSSL-Example-IOCallbacks.cs | 87 +++++--- wrapper/CSharp/wolfSSL_CSharp/X509.cs | 202 ++++++++++++++++++ wrapper/CSharp/wolfSSL_CSharp/wolfSSL.cs | 161 +++++++++++--- .../wolfSSL_CSharp/wolfSSL_CSharp.csproj | 1 + 5 files changed, 441 insertions(+), 93 deletions(-) create mode 100644 wrapper/CSharp/wolfSSL_CSharp/X509.cs diff --git a/wrapper/CSharp/include.am b/wrapper/CSharp/include.am index b0ec4f83d..8e49779d4 100644 --- a/wrapper/CSharp/include.am +++ b/wrapper/CSharp/include.am @@ -1,41 +1,42 @@ -# wolfSSL CSharp wrapper files -EXTRA_DIST+= wrapper/CSharp/wolfSSL-DTLS-PSK-Server/App.config -EXTRA_DIST+= wrapper/CSharp/wolfSSL-DTLS-PSK-Server/Properties/AssemblyInfo.cs -EXTRA_DIST+= wrapper/CSharp/wolfSSL-DTLS-PSK-Server/wolfSSL-DTLS-PSK-Server.cs -EXTRA_DIST+= wrapper/CSharp/wolfSSL-DTLS-PSK-Server/wolfSSL-DTLS-PSK-Server.csproj -EXTRA_DIST+= wrapper/CSharp/wolfSSL-DTLS-Server/App.config -EXTRA_DIST+= wrapper/CSharp/wolfSSL-DTLS-Server/Properties/AssemblyInfo.cs -EXTRA_DIST+= wrapper/CSharp/wolfSSL-DTLS-Server/wolfSSL-DTLS-Server.cs -EXTRA_DIST+= wrapper/CSharp/wolfSSL-DTLS-Server/wolfSSL-DTLS-Server.csproj -EXTRA_DIST+= wrapper/CSharp/wolfSSL-TLS-PSK-Server/App.config -EXTRA_DIST+= wrapper/CSharp/wolfSSL-TLS-PSK-Server/Properties/AssemblyInfo.cs -EXTRA_DIST+= wrapper/CSharp/wolfSSL-TLS-PSK-Server/wolfSSL-TLS-PSK-Server.cs -EXTRA_DIST+= wrapper/CSharp/wolfSSL-TLS-PSK-Server/wolfSSL-TLS-PSK-Server.csproj -EXTRA_DIST+= wrapper/CSharp/wolfSSL-TLS-Server/App.config -EXTRA_DIST+= wrapper/CSharp/wolfSSL-TLS-Server/Properties/AssemblyInfo.cs -EXTRA_DIST+= wrapper/CSharp/wolfSSL-TLS-Server/Properties/Settings.Designer.cs -EXTRA_DIST+= wrapper/CSharp/wolfSSL-TLS-Server/Properties/Settings.settings -EXTRA_DIST+= wrapper/CSharp/wolfSSL-TLS-Server/wolfSSL-TLS-Server.cs -EXTRA_DIST+= wrapper/CSharp/wolfSSL-TLS-Server/wolfSSL-TLS-Server.csproj -EXTRA_DIST+= wrapper/CSharp/wolfSSL-TLS-ServerThreaded/App.config -EXTRA_DIST+= wrapper/CSharp/wolfSSL-TLS-ServerThreaded/Properties/AssemblyInfo.cs -EXTRA_DIST+= wrapper/CSharp/wolfSSL-TLS-ServerThreaded/Properties/Settings.Designer.cs -EXTRA_DIST+= wrapper/CSharp/wolfSSL-TLS-ServerThreaded/Properties/Settings.settings -EXTRA_DIST+= wrapper/CSharp/wolfSSL-TLS-ServerThreaded/wolfSSL-TLS-ServerThreaded.cs -EXTRA_DIST+= wrapper/CSharp/wolfSSL-TLS-ServerThreaded/wolfSSL-TLS-ServerThreaded.csproj -EXTRA_DIST+= wrapper/CSharp/wolfSSL-Example-IOCallbacks/App.config -EXTRA_DIST+= wrapper/CSharp/wolfSSL-Example-IOCallbacks/Properties/AssemblyInfo.cs -EXTRA_DIST+= wrapper/CSharp/wolfSSL-Example-IOCallbacks/wolfSSL-Example-IOCallbacks.cs -EXTRA_DIST+= wrapper/CSharp/wolfSSL-Example-IOCallbacks/wolfSSL-Example-IOCallbacks.csproj -EXTRA_DIST+= wrapper/CSharp/wolfSSL_CSharp.sln -EXTRA_DIST+= wrapper/CSharp/wolfSSL_CSharp/Properties/AssemblyInfo.cs -EXTRA_DIST+= wrapper/CSharp/wolfSSL_CSharp/Properties/Resources.Designer.cs -EXTRA_DIST+= wrapper/CSharp/wolfSSL_CSharp/Properties/Resources.resx -EXTRA_DIST+= wrapper/CSharp/wolfSSL_CSharp/wolfSSL.cs -EXTRA_DIST+= wrapper/CSharp/wolfSSL_CSharp/wolfSSL_CSharp.csproj -EXTRA_DIST+= wrapper/CSharp/wolfSSL-TLS-Client/App.config -EXTRA_DIST+= wrapper/CSharp/wolfSSL-TLS-Client/Properties/AssemblyInfo.cs -EXTRA_DIST+= wrapper/CSharp/wolfSSL-TLS-Client/Properties/Settings.Designer.cs -EXTRA_DIST+= wrapper/CSharp/wolfSSL-TLS-Client/Properties/Settings.settings -EXTRA_DIST+= wrapper/CSharp/wolfSSL-TLS-Client/wolfSSL-TLS-Client.cs -EXTRA_DIST+= wrapper/CSharp/wolfSSL-TLS-Client/wolfSSL-TLS-Client.csproj +# wolfSSL CSharp wrapper files +EXTRA_DIST+= wrapper/CSharp/wolfSSL-DTLS-PSK-Server/App.config +EXTRA_DIST+= wrapper/CSharp/wolfSSL-DTLS-PSK-Server/Properties/AssemblyInfo.cs +EXTRA_DIST+= wrapper/CSharp/wolfSSL-DTLS-PSK-Server/wolfSSL-DTLS-PSK-Server.cs +EXTRA_DIST+= wrapper/CSharp/wolfSSL-DTLS-PSK-Server/wolfSSL-DTLS-PSK-Server.csproj +EXTRA_DIST+= wrapper/CSharp/wolfSSL-DTLS-Server/App.config +EXTRA_DIST+= wrapper/CSharp/wolfSSL-DTLS-Server/Properties/AssemblyInfo.cs +EXTRA_DIST+= wrapper/CSharp/wolfSSL-DTLS-Server/wolfSSL-DTLS-Server.cs +EXTRA_DIST+= wrapper/CSharp/wolfSSL-DTLS-Server/wolfSSL-DTLS-Server.csproj +EXTRA_DIST+= wrapper/CSharp/wolfSSL-TLS-PSK-Server/App.config +EXTRA_DIST+= wrapper/CSharp/wolfSSL-TLS-PSK-Server/Properties/AssemblyInfo.cs +EXTRA_DIST+= wrapper/CSharp/wolfSSL-TLS-PSK-Server/wolfSSL-TLS-PSK-Server.cs +EXTRA_DIST+= wrapper/CSharp/wolfSSL-TLS-PSK-Server/wolfSSL-TLS-PSK-Server.csproj +EXTRA_DIST+= wrapper/CSharp/wolfSSL-TLS-Server/App.config +EXTRA_DIST+= wrapper/CSharp/wolfSSL-TLS-Server/Properties/AssemblyInfo.cs +EXTRA_DIST+= wrapper/CSharp/wolfSSL-TLS-Server/Properties/Settings.Designer.cs +EXTRA_DIST+= wrapper/CSharp/wolfSSL-TLS-Server/Properties/Settings.settings +EXTRA_DIST+= wrapper/CSharp/wolfSSL-TLS-Server/wolfSSL-TLS-Server.cs +EXTRA_DIST+= wrapper/CSharp/wolfSSL-TLS-Server/wolfSSL-TLS-Server.csproj +EXTRA_DIST+= wrapper/CSharp/wolfSSL-TLS-ServerThreaded/App.config +EXTRA_DIST+= wrapper/CSharp/wolfSSL-TLS-ServerThreaded/Properties/AssemblyInfo.cs +EXTRA_DIST+= wrapper/CSharp/wolfSSL-TLS-ServerThreaded/Properties/Settings.Designer.cs +EXTRA_DIST+= wrapper/CSharp/wolfSSL-TLS-ServerThreaded/Properties/Settings.settings +EXTRA_DIST+= wrapper/CSharp/wolfSSL-TLS-ServerThreaded/wolfSSL-TLS-ServerThreaded.cs +EXTRA_DIST+= wrapper/CSharp/wolfSSL-TLS-ServerThreaded/wolfSSL-TLS-ServerThreaded.csproj +EXTRA_DIST+= wrapper/CSharp/wolfSSL-Example-IOCallbacks/App.config +EXTRA_DIST+= wrapper/CSharp/wolfSSL-Example-IOCallbacks/Properties/AssemblyInfo.cs +EXTRA_DIST+= wrapper/CSharp/wolfSSL-Example-IOCallbacks/wolfSSL-Example-IOCallbacks.cs +EXTRA_DIST+= wrapper/CSharp/wolfSSL-Example-IOCallbacks/wolfSSL-Example-IOCallbacks.csproj +EXTRA_DIST+= wrapper/CSharp/wolfSSL_CSharp.sln +EXTRA_DIST+= wrapper/CSharp/wolfSSL_CSharp/Properties/AssemblyInfo.cs +EXTRA_DIST+= wrapper/CSharp/wolfSSL_CSharp/Properties/Resources.Designer.cs +EXTRA_DIST+= wrapper/CSharp/wolfSSL_CSharp/Properties/Resources.resx +EXTRA_DIST+= wrapper/CSharp/wolfSSL_CSharp/wolfSSL.cs +EXTRA_DIST+= wrapper/CSharp/wolfSSL_CSharp/X509.cs +EXTRA_DIST+= wrapper/CSharp/wolfSSL_CSharp/wolfSSL_CSharp.csproj +EXTRA_DIST+= wrapper/CSharp/wolfSSL-TLS-Client/App.config +EXTRA_DIST+= wrapper/CSharp/wolfSSL-TLS-Client/Properties/AssemblyInfo.cs +EXTRA_DIST+= wrapper/CSharp/wolfSSL-TLS-Client/Properties/Settings.Designer.cs +EXTRA_DIST+= wrapper/CSharp/wolfSSL-TLS-Client/Properties/Settings.settings +EXTRA_DIST+= wrapper/CSharp/wolfSSL-TLS-Client/wolfSSL-TLS-Client.cs +EXTRA_DIST+= wrapper/CSharp/wolfSSL-TLS-Client/wolfSSL-TLS-Client.csproj diff --git a/wrapper/CSharp/wolfSSL-Example-IOCallbacks/wolfSSL-Example-IOCallbacks.cs b/wrapper/CSharp/wolfSSL-Example-IOCallbacks/wolfSSL-Example-IOCallbacks.cs index f57a63224..239f9321f 100644 --- a/wrapper/CSharp/wolfSSL-Example-IOCallbacks/wolfSSL-Example-IOCallbacks.cs +++ b/wrapper/CSharp/wolfSSL-Example-IOCallbacks/wolfSSL-Example-IOCallbacks.cs @@ -135,6 +135,67 @@ class wolfSSL_Example_IOCallbacks return (uint)4; } + /// + /// Example of a certificate verify function + /// + /// + /// pointer to a WOLFSSL_X509_STORE_CTX + /// size of key set + public static int my_verify_cb(int preverify, IntPtr store) + { + if (store == IntPtr.Zero) + { + Console.WriteLine("store is null"); + } + + Console.WriteLine("Status of certificate verify = " + preverify); + + /* look at the current cert in store */ + try + { + + X509 x509 = wolfssl.X509_STORE_CTX_get_current_cert(store); + + + Console.WriteLine("Issuer : " + x509.Issuer); + Console.WriteLine("Subject : " + x509.Subject); + + Console.WriteLine("PEM of certificate:"); + Console.WriteLine(System.Text.Encoding.UTF8.GetString(x509.Export())); + + Console.WriteLine("DER of certificate:"); + Console.WriteLine(BitConverter.ToString(x509.Export(wolfssl.SSL_FILETYPE_ASN1))); + + Console.WriteLine("Public key:"); + Console.WriteLine(BitConverter.ToString(x509.GetPublicKey())); + } + catch (Exception e) + { + Console.WriteLine("Unable to get X509's"); + } + + /* list all certs in store */ + try + { + int i; + X509[] x509 = wolfssl.X509_STORE_CTX_get_certs(store); + + for (i = 0; i < x509.Length; i++) + { + Console.WriteLine("CERT[" + i + "]"); + Console.WriteLine("Issuer : " + x509[i].Issuer); + Console.WriteLine("Subject : " + x509[i].Subject); + Console.WriteLine(""); + } + } + catch (Exception e) + { + Console.WriteLine("Unable to get X509's"); + } + + /* by returning 1 here we override any failure and report success */ + return 1; + } private static void clean(IntPtr ssl, IntPtr ctx) { @@ -151,6 +212,7 @@ class wolfSSL_Example_IOCallbacks Socket fd; wolfssl.psk_delegate psk_cb = new wolfssl.psk_delegate(my_psk_server_cb); + wolfssl.CallbackVerify_delegate verify_cb = new wolfssl.CallbackVerify_delegate(my_verify_cb); /* These paths should be changed according to use */ string fileCert = @"server-cert.pem"; @@ -191,30 +253,7 @@ class wolfSSL_Example_IOCallbacks return; } - StringBuilder ciphers = new StringBuilder(new String(' ', 4096)); - wolfssl.get_ciphers(ciphers, 4096); - Console.WriteLine("Ciphers : " + ciphers.ToString()); - - Console.Write("Setting cipher suite to "); - /* To use static PSK build wolfSSL with WOLFSSL_STATIC_PSK preprocessor flag */ - StringBuilder set_cipher = new StringBuilder("PSK-AES128-CBC-SHA256"); - Console.WriteLine(set_cipher); - if (wolfssl.CTX_set_cipher_list(ctx, set_cipher) != wolfssl.SUCCESS) - { - Console.WriteLine("Failed to set cipher suite"); - Console.WriteLine("If using static PSK make sure wolfSSL was built with preprocessor flag WOLFSSL_STATIC_PSK"); - wolfssl.CTX_free(ctx); - return; - } - - /* Test psk use */ - StringBuilder hint = new StringBuilder("cyassl server"); - if (wolfssl.CTX_use_psk_identity_hint(ctx, hint) != wolfssl.SUCCESS) - { - Console.WriteLine("Error setting hint"); - return; - } - wolfssl.CTX_set_psk_server_callback(ctx, psk_cb); + wolfssl.CTX_set_verify(ctx, wolfssl.SSL_VERIFY_PEER, verify_cb); /* Set using custom IO callbacks delegate memory is allocated when calling SetIO**** function and freed with ctx free diff --git a/wrapper/CSharp/wolfSSL_CSharp/X509.cs b/wrapper/CSharp/wolfSSL_CSharp/X509.cs new file mode 100644 index 000000000..72981a755 --- /dev/null +++ b/wrapper/CSharp/wolfSSL_CSharp/X509.cs @@ -0,0 +1,202 @@ +using System; +using System.Runtime.InteropServices; +using System.Text; +using System.Threading; + +namespace wolfSSL.CSharp +{ + public class X509 + { + private const string wolfssl_dll = "wolfssl.dll"; + + [DllImport(wolfssl_dll, CallingConvention = CallingConvention.Cdecl)] + private extern static int wolfSSL_X509_get_pubkey_buffer(IntPtr x509, IntPtr buf, IntPtr bufSz); + [DllImport(wolfssl_dll, CallingConvention = CallingConvention.Cdecl)] + private extern static IntPtr wolfSSL_X509_get_der(IntPtr x509, IntPtr bufSz); + [DllImport(wolfssl_dll, CallingConvention = CallingConvention.Cdecl)] + private extern static void wolfSSL_X509_free(IntPtr x509); + [DllImport(wolfssl_dll, CallingConvention = CallingConvention.Cdecl)] + private extern static int wc_DerToPem(IntPtr der, int derSz, IntPtr pem, int pemSz, int type); + + + [DllImport(wolfssl_dll, CallingConvention = CallingConvention.Cdecl)] + private extern static IntPtr wolfSSL_X509_get_name_oneline(IntPtr x509Name, IntPtr buf, int bufSz); + [DllImport(wolfssl_dll, CallingConvention = CallingConvention.Cdecl)] + private extern static IntPtr wolfSSL_X509_get_subject_name(IntPtr x509); + [DllImport(wolfssl_dll, CallingConvention = CallingConvention.Cdecl)] + private extern static IntPtr wolfSSL_X509_get_issuer_name(IntPtr x509); + + private IntPtr x509; + private int type; + private bool isDynamic; + + /* public properties */ + public string Issuer; + public string Subject; + + + /* enum from wolfssl */ + private readonly int CERT_TYPE = 0; + + /// + /// Creates a new X509 class + /// + /// Pointer to wolfSSL structure + /// Should the lower level x509 be free'd? + public X509(IntPtr x509, bool isDynamic) + { + IntPtr ret; + + this.type = wolfssl.SSL_FILETYPE_PEM; + this.x509 = x509; + ret = wolfSSL_X509_get_name_oneline( + wolfSSL_X509_get_issuer_name(this.x509), IntPtr.Zero, 0); + this.Issuer = Marshal.PtrToStringAnsi(ret); + + ret = wolfSSL_X509_get_name_oneline( + wolfSSL_X509_get_subject_name(this.x509), IntPtr.Zero, 0); + this.Subject = Marshal.PtrToStringAnsi(ret); + } + + /// + /// Free up the C level WOLFSSL_X509 struct if needed + /// + ~X509() + { + if (this.isDynamic) + { + wolfSSL_X509_free(this.x509); + } + } + + + /// + /// Used for getting the public key buffer + /// + /// DER public key on success + public byte[] GetPublicKey() + { + if (this.x509 == IntPtr.Zero) + { + return null; + } + + try + { + IntPtr bufSz; + IntPtr buf; + + int keySz = 0; + int ret; + byte[] key = null; + + bufSz = Marshal.AllocHGlobal(4); /* pointer to 4 bytes */ + ret = wolfSSL_X509_get_pubkey_buffer(this.x509, IntPtr.Zero, bufSz); + if (ret == wolfssl.SUCCESS) + { + keySz = Marshal.ReadInt32(bufSz, 0); + buf = Marshal.AllocHGlobal(keySz); + ret = wolfSSL_X509_get_pubkey_buffer(this.x509, buf, bufSz); + if (ret == wolfssl.SUCCESS) + { + key = new byte[keySz]; + Marshal.Copy(buf, key, 0, keySz); + } + Marshal.FreeHGlobal(buf); + } + Marshal.FreeHGlobal(bufSz); + return key; + } + catch (Exception e) + { + wolfssl.log(wolfssl.ERROR_LOG, "error getting public key" + e.ToString()); + return null; + } + } + + /// + /// Gets the X509 buffer + /// + /// X509 buffer on success + public byte[] Export(int type) + { + if (this.x509 == IntPtr.Zero) + return null; + try + { + IntPtr bufSz; + IntPtr buf; + byte[] ret = null; + + bufSz = Marshal.AllocHGlobal(4); /* pointer to 4 bytes */ + buf = wolfSSL_X509_get_der(this.x509, bufSz); + if (buf != IntPtr.Zero) + { + int derSz = Marshal.ReadInt32(bufSz, 0); + if (type == wolfssl.SSL_FILETYPE_ASN1) + { + ret = new byte[derSz]; + Marshal.Copy(buf, ret, 0, derSz); + } + else if (type == wolfssl.SSL_FILETYPE_PEM) + { + int pemSz; + + pemSz = wc_DerToPem(buf, derSz, IntPtr.Zero, 0, CERT_TYPE); + if (pemSz > 0) + { + IntPtr pem = Marshal.AllocHGlobal(pemSz); + pemSz = wc_DerToPem(buf, derSz, pem, pemSz, CERT_TYPE); + ret = new byte[pemSz]; + Marshal.Copy(pem, ret, 0, pemSz); + Marshal.FreeHGlobal(pem); + } + + } + else + { + wolfssl.log(wolfssl.ERROR_LOG, "unsupported export type"); + } + Marshal.FreeHGlobal(bufSz); + return ret; + } + { + wolfssl.log(wolfssl.ERROR_LOG, "unable to get buffer"); + } + Marshal.FreeHGlobal(bufSz); + return ret; + } + catch (Exception e) + { + wolfssl.log(wolfssl.ERROR_LOG, "error getting x509 DER" + e.ToString()); + return null; + } + } + + /// + /// Gets the X509 buffer using this.type set (default PEM) + /// + /// X509 buffer on success + public byte[] Export() + { + return Export(this.type); + } + + /// + /// Gets the X509 format + /// + /// X509 format on success + public string GetFormat() + { + if (this.type == wolfssl.SSL_FILETYPE_PEM) + { + return "PEM"; + } + if (this.type == wolfssl.SSL_FILETYPE_ASN1) + { + return "DER"; + } + return "Unknown"; + } + } +} diff --git a/wrapper/CSharp/wolfSSL_CSharp/wolfSSL.cs b/wrapper/CSharp/wolfSSL_CSharp/wolfSSL.cs index 7acbe77ea..36e81b2b9 100644 --- a/wrapper/CSharp/wolfSSL_CSharp/wolfSSL.cs +++ b/wrapper/CSharp/wolfSSL_CSharp/wolfSSL.cs @@ -155,8 +155,8 @@ namespace wolfSSL.CSharp { } public void free() { - log(INFO_LOG, "freeing ssl handle"); - + log(INFO_LOG, "freeing ssl handle"); + if (!Object.Equals(this.fd_pin, default(GCHandle))) { this.fd_pin.Free(); @@ -298,13 +298,17 @@ namespace wolfSSL.CSharp { /******************************** * Error logging */ - [DllImport(wolfssl_dll, CallingConvention = CallingConvention.Cdecl, CharSet=CharSet.Ansi)] + [DllImport(wolfssl_dll, CallingConvention = CallingConvention.Cdecl, CharSet = CharSet.Ansi)] private extern static IntPtr wolfSSL_ERR_error_string(uint err, StringBuilder errOut); [DllImport(wolfssl_dll, CallingConvention = CallingConvention.Cdecl)] private extern static int wolfSSL_get_error(IntPtr ssl, int err); [UnmanagedFunctionPointer(CallingConvention.Cdecl)] public delegate void loggingCb(int lvl, StringBuilder msg); - private static loggingCb internal_log; + private static loggingCb internal_log; + [DllImport(wolfssl_dll, CallingConvention = CallingConvention.Cdecl)] + private extern static void wolfSSL_Debugging_ON(); + [DllImport(wolfssl_dll, CallingConvention = CallingConvention.Cdecl)] + private extern static void wolfSSL_Debugging_OFF(); /******************************** @@ -315,42 +319,58 @@ namespace wolfSSL.CSharp { [DllImport(wolfssl_dll, CallingConvention = CallingConvention.Cdecl)] private extern static int wolfSSL_SetTmpDH_file(IntPtr ssl, StringBuilder dhParam, int type); [DllImport(wolfssl_dll, CallingConvention = CallingConvention.Cdecl)] - private extern static int wolfSSL_CTX_SetTmpDH_file(IntPtr ctx, StringBuilder dhParam, int type); - - + private extern static int wolfSSL_CTX_SetTmpDH_file(IntPtr ctx, StringBuilder dhParam, int type); + + /******************************** * Verify Callback - */ + */ + [UnmanagedFunctionPointer(CallingConvention.Cdecl)] public delegate int CallbackVerify_delegate(int ret, IntPtr x509_ctx); [DllImport(wolfssl_dll, CallingConvention = CallingConvention.Cdecl)] private extern static void wolfSSL_CTX_set_verify(IntPtr ctx, int mode, CallbackVerify_delegate vc); [DllImport(wolfssl_dll, CallingConvention = CallingConvention.Cdecl)] - private extern static void wolfSSL_set_verify(IntPtr ssl, int mode, CallbackVerify_delegate vc); + private extern static void wolfSSL_set_verify(IntPtr ssl, int mode, CallbackVerify_delegate vc); + + + /******************************** + * X509 Store + */ + [DllImport(wolfssl_dll, CallingConvention = CallingConvention.Cdecl)] + private extern static IntPtr wolfSSL_X509_STORE_CTX_get_current_cert(IntPtr x509Ctx); + [DllImport(wolfssl_dll, CallingConvention = CallingConvention.Cdecl)] + private extern static IntPtr wolfSSL_X509_STORE_GetCerts(IntPtr x509Ctx); + [DllImport(wolfssl_dll, CallingConvention = CallingConvention.Cdecl)] + private extern static int wolfSSL_sk_X509_num(IntPtr sk); + [DllImport(wolfssl_dll, CallingConvention = CallingConvention.Cdecl)] + private extern static void wolfSSL_sk_X509_free(IntPtr sk); + [DllImport(wolfssl_dll, CallingConvention = CallingConvention.Cdecl)] + private extern static IntPtr wolfSSL_sk_X509_pop(IntPtr sk); /******************************** * Enum types from wolfSSL library */ public static readonly int SSL_FILETYPE_PEM = 1; - public static readonly int SSL_FILETYPE_ASN1= 2; - public static readonly int SSL_FILETYPE_RAW = 3; - + public static readonly int SSL_FILETYPE_ASN1 = 2; + public static readonly int SSL_FILETYPE_RAW = 3; + public static readonly int SSL_VERIFY_NONE = 0; public static readonly int SSL_VERIFY_PEER = 1; public static readonly int SSL_VERIFY_FAIL_IF_NO_PEER_CERT = 2; public static readonly int SSL_VERIFY_CLIENT_ONCE = 4; public static readonly int SSL_VERIFY_FAIL_EXCEPT_PSK = 8; - public static readonly int CBIO_ERR_GENERAL = -1; - public static readonly int CBIO_ERR_WANT_READ = -2; + public static readonly int CBIO_ERR_GENERAL = -1; + public static readonly int CBIO_ERR_WANT_READ = -2; public static readonly int CBIO_ERR_WANT_WRITE = -2; - public static readonly int CBIO_ERR_CONN_RST = -3; - public static readonly int CBIO_ERR_ISR = -4; + public static readonly int CBIO_ERR_CONN_RST = -3; + public static readonly int CBIO_ERR_ISR = -4; public static readonly int CBIO_ERR_CONN_CLOSE = -5; - public static readonly int CBIO_ERR_TIMEOUT = -6; + public static readonly int CBIO_ERR_TIMEOUT = -6; public static readonly int ERROR_LOG = 0; - public static readonly int INFO_LOG = 1; + public static readonly int INFO_LOG = 1; public static readonly int ENTER_LOG = 2; public static readonly int LEAVE_LOG = 3; public static readonly int OTHER_LOG = 4; @@ -455,7 +475,7 @@ namespace wolfSSL.CSharp { Socket con = (System.Net.Sockets.Socket)gch.Target; Byte[] msg = new Byte[sz]; Marshal.Copy(buf, msg, 0, sz); - if (con.Send(msg, 0, msg.Length, SocketFlags.None) == 0 && sz !=0) + if (con.Send(msg, 0, msg.Length, SocketFlags.None) == 0 && sz != 0) { /* no data sent and msg size is larger then 0, check for lost connection */ if (con.Poll((con.SendTimeout > 0) ? con.SendTimeout : WC_WAIT, SelectMode.SelectWrite)) @@ -468,7 +488,7 @@ namespace wolfSSL.CSharp { } catch (Exception e) { - log(ERROR_LOG, "socket connection issue "+ e.ToString()); + log(ERROR_LOG, "socket connection issue " + e.ToString()); return wolfssl.CBIO_ERR_CONN_CLOSE; } } @@ -545,7 +565,7 @@ namespace wolfSSL.CSharp { catch (Exception e) { /* issue with receive or size of buffer */ - log(ERROR_LOG, "socket read issue "+ e.ToString()); + log(ERROR_LOG, "socket read issue " + e.ToString()); return wolfssl.CBIO_ERR_CONN_CLOSE; } } @@ -1130,16 +1150,16 @@ namespace wolfSSL.CSharp { if (ssl == IntPtr.Zero) { return FAILURE; - } - - try + } + + try { if (!fd.Equals(null)) { - GCHandle gch = GCHandle.FromIntPtr(ssl); + GCHandle gch = GCHandle.FromIntPtr(ssl); ssl_handle handles = (ssl_handle)gch.Target; - IntPtr sslCtx = handles.get_ssl(); - IntPtr ptr; + IntPtr sslCtx = handles.get_ssl(); + IntPtr ptr; GCHandle fd_pin = GCHandle.Alloc(fd); if (sslCtx == IntPtr.Zero) @@ -1857,7 +1877,92 @@ namespace wolfSSL.CSharp { log(ERROR_LOG, "wolfssl set verify error " + e.ToString()); return FAILURE; } - + } + + + /// + /// Set the certificate verification mode and optional callback function + /// + /// pointer to SSL object that the function is set in + /// See SSL_VERIFY options + /// Optional verify callback function to use + public static X509 X509_STORE_CTX_get_current_cert(IntPtr x509Ctx) + { + X509 ret = null; + try + { + if (x509Ctx == IntPtr.Zero) + { + log(ERROR_LOG, "pointer passed in was not set"); + return ret; + } + IntPtr x509 = wolfSSL_X509_STORE_CTX_get_current_cert(x509Ctx); + if (x509 != IntPtr.Zero) { + return new X509(x509, false); + } + return ret; + } + catch (Exception e) + { + log(ERROR_LOG, "wolfssl WOLFSSL_X509_STORE_CTX error " + e.ToString()); + return ret; + } + } + + + /// + /// Gets all of the certificates from store + /// + /// pointer to store to get certificates from + public static X509[] X509_STORE_CTX_get_certs(IntPtr x509Ctx) + { + X509[] ret = null; + try + { + if (x509Ctx == IntPtr.Zero) + { + log(ERROR_LOG, "pointer passed in was not set"); + return ret; + } + IntPtr sk = wolfSSL_X509_STORE_GetCerts(x509Ctx); + if (sk != IntPtr.Zero) { + int i; + int numCerts = wolfSSL_sk_X509_num(sk); + ret = new X509[numCerts]; + + for (i = 0; i < numCerts; i++) { + IntPtr current = wolfSSL_sk_X509_pop(sk); + if (current != IntPtr.Zero) + { + ret[i] = new X509(current, true); + } + } + wolfSSL_sk_X509_free(sk); + } + return ret; + + } + catch (Exception e) + { + log(ERROR_LOG, "wolfssl WOLFSSL_X509_STORE_CTX error " + e.ToString()); + return ret; + } + } + + /// + /// Print low level C library debug messages to stdout when compiled with macro DEBUG_WOLFSSL + /// + public static void Debugging_ON() + { + wolfSSL_Debugging_ON(); + } + + /// + /// Turn off low level C debug messages + /// + public static void Debugging_OFF() + { + wolfSSL_Debugging_OFF(); } /// diff --git a/wrapper/CSharp/wolfSSL_CSharp/wolfSSL_CSharp.csproj b/wrapper/CSharp/wolfSSL_CSharp/wolfSSL_CSharp.csproj index 128b84a37..6d5c854dc 100755 --- a/wrapper/CSharp/wolfSSL_CSharp/wolfSSL_CSharp.csproj +++ b/wrapper/CSharp/wolfSSL_CSharp/wolfSSL_CSharp.csproj @@ -59,6 +59,7 @@ +