wolfSSL-TLS-PSK-Server.cs 6.9 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214
  1. /* wolfSSL-TLS-PSK-Server.cs
  2. *
  3. * Copyright (C) 2006-2022 wolfSSL Inc.
  4. *
  5. * This file is part of wolfSSL.
  6. *
  7. * wolfSSL is free software; you can redistribute it and/or modify
  8. * it under the terms of the GNU General Public License as published by
  9. * the Free Software Foundation; either version 2 of the License, or
  10. * (at your option) any later version.
  11. *
  12. * wolfSSL is distributed in the hope that it will be useful,
  13. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  14. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  15. * GNU General Public License for more details.
  16. *
  17. * You should have received a copy of the GNU General Public License
  18. * along with this program; if not, write to the Free Software
  19. * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
  20. */
  21. using System;
  22. using System.Runtime.InteropServices;
  23. using System.Text;
  24. using System.Threading;
  25. using System.IO;
  26. using System.Net;
  27. using System.Net.Sockets;
  28. using wolfSSL.CSharp;
  29. public class wolfSSL_TLS_PSK_Server
  30. {
  31. /// <summary>
  32. /// Example of a PSK function call back
  33. /// </summary>
  34. /// <param name="ssl">pointer to ssl structure</param>
  35. /// <param name="identity">identity of client connecting</param>
  36. /// <param name="key">buffer to hold key</param>
  37. /// <param name="max_key">max key size</param>
  38. /// <returns>size of key set</returns>
  39. public static uint my_psk_server_cb(IntPtr ssl, string identity, IntPtr key, uint max_key)
  40. {
  41. /* perform a check on the identity sent across
  42. * log function must be set for print out of logging information
  43. */
  44. wolfssl.log(wolfssl.INFO_LOG, "PSK Client Identity = " + identity);
  45. /* Use desired key, note must be a key smaller than max key size parameter
  46. Replace this with desired key. Is trivial one for testing */
  47. if (max_key < 4)
  48. return 0;
  49. byte[] tmp = { 26, 43, 60, 77 };
  50. Marshal.Copy(tmp, 0, key, 4);
  51. return (uint)4;
  52. }
  53. private static void clean(IntPtr ssl, IntPtr ctx)
  54. {
  55. wolfssl.free(ssl);
  56. wolfssl.CTX_free(ctx);
  57. wolfssl.Cleanup();
  58. }
  59. public static void Main(string[] args)
  60. {
  61. IntPtr ctx;
  62. IntPtr ssl;
  63. Socket fd;
  64. wolfssl.psk_delegate psk_cb = new wolfssl.psk_delegate(my_psk_server_cb);
  65. /* These paths should be changed according to use */
  66. string fileCert = @"server-cert.pem";
  67. string fileKey = @"server-key.pem";
  68. StringBuilder dhparam = new StringBuilder("dh2048.pem");
  69. StringBuilder buff = new StringBuilder(1024);
  70. StringBuilder reply = new StringBuilder("Hello, this is the wolfSSL C# wrapper");
  71. wolfssl.Init();
  72. Console.WriteLine("Calling ctx Init from wolfSSL");
  73. ctx = wolfssl.CTX_new(wolfssl.useTLSv1_2_server());
  74. if (ctx == IntPtr.Zero)
  75. {
  76. Console.WriteLine("Error creating ctx structure");
  77. return;
  78. }
  79. Console.WriteLine("Finished init of ctx .... now load in cert and key");
  80. if (!File.Exists(fileCert) || !File.Exists(fileKey))
  81. {
  82. Console.WriteLine("Could not find cert or key file");
  83. wolfssl.CTX_free(ctx);
  84. return;
  85. }
  86. if (wolfssl.CTX_use_certificate_file(ctx, fileCert, wolfssl.SSL_FILETYPE_PEM) != wolfssl.SUCCESS)
  87. {
  88. Console.WriteLine("Error in setting cert file");
  89. wolfssl.CTX_free(ctx);
  90. return;
  91. }
  92. if (wolfssl.CTX_use_PrivateKey_file(ctx, fileKey, wolfssl.SSL_FILETYPE_PEM) != wolfssl.SUCCESS)
  93. {
  94. Console.WriteLine("Error in setting key file");
  95. wolfssl.CTX_free(ctx);
  96. return;
  97. }
  98. StringBuilder ciphers = new StringBuilder(new String(' ', 4096));
  99. wolfssl.get_ciphers(ciphers, 4096);
  100. Console.WriteLine("Ciphers : " + ciphers.ToString());
  101. short minDhKey = 128;
  102. wolfssl.CTX_SetMinDhKey_Sz(ctx, minDhKey);
  103. Console.Write("Setting cipher suite to ");
  104. /* In order to use static PSK build wolfSSL with the preprocessor flag WOLFSSL_STATIC_PSK */
  105. StringBuilder set_cipher = new StringBuilder("DHE-PSK-AES128-CBC-SHA256");
  106. Console.WriteLine(set_cipher);
  107. if (wolfssl.CTX_set_cipher_list(ctx, set_cipher) != wolfssl.SUCCESS)
  108. {
  109. Console.WriteLine("Failed to set cipher suite");
  110. return;
  111. }
  112. /* Test psk use with DHE */
  113. StringBuilder hint = new StringBuilder("cyassl server");
  114. if (wolfssl.CTX_use_psk_identity_hint(ctx, hint) != wolfssl.SUCCESS)
  115. {
  116. Console.WriteLine("Error setting hint");
  117. wolfssl.CTX_free(ctx);
  118. return;
  119. }
  120. wolfssl.CTX_set_psk_server_callback(ctx, psk_cb);
  121. /* set up TCP socket */
  122. IPAddress ip = IPAddress.Parse("0.0.0.0"); //bind to any
  123. TcpListener tcp = new TcpListener(ip, 11111);
  124. tcp.Start();
  125. Console.WriteLine("Started TCP and waiting for a connection");
  126. fd = tcp.AcceptSocket();
  127. ssl = wolfssl.new_ssl(ctx);
  128. if (ssl == IntPtr.Zero)
  129. {
  130. Console.WriteLine("Error creating ssl object");
  131. tcp.Stop();
  132. wolfssl.CTX_free(ctx);
  133. return;
  134. }
  135. Console.WriteLine("Connection made wolfSSL_accept ");
  136. if (wolfssl.set_fd(ssl, fd) != wolfssl.SUCCESS)
  137. {
  138. /* get and print out the error */
  139. Console.WriteLine(wolfssl.get_error(ssl));
  140. tcp.Stop();
  141. clean(ssl, ctx);
  142. return;
  143. }
  144. wolfssl.SetTmpDH_file(ssl, dhparam, wolfssl.SSL_FILETYPE_PEM);
  145. if (wolfssl.accept(ssl) != wolfssl.SUCCESS)
  146. {
  147. /* get and print out the error */
  148. Console.WriteLine(wolfssl.get_error(ssl));
  149. tcp.Stop();
  150. clean(ssl, ctx);
  151. return;
  152. }
  153. /* print out results of TLS/SSL accept */
  154. Console.WriteLine("SSL version is " + wolfssl.get_version(ssl));
  155. Console.WriteLine("SSL cipher suite is " + wolfssl.get_current_cipher(ssl));
  156. /* read and print out the message then reply */
  157. if (wolfssl.read(ssl, buff, 1023) < 0)
  158. {
  159. Console.WriteLine("Error in read");
  160. tcp.Stop();
  161. clean(ssl, ctx);
  162. return;
  163. }
  164. Console.WriteLine(buff);
  165. if (wolfssl.write(ssl, reply, reply.Length) != reply.Length)
  166. {
  167. Console.WriteLine("Error in write");
  168. tcp.Stop();
  169. clean(ssl, ctx);
  170. return;
  171. }
  172. wolfssl.shutdown(ssl);
  173. fd.Close();
  174. tcp.Stop();
  175. clean(ssl, ctx);
  176. }
  177. }