wolfSSL-TLS-Client.cs 7.8 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255
  1. /* wolfSSL-TLS-Client.cs
  2. *
  3. * Copyright (C) 2006-2023 wolfSSL Inc.
  4. *
  5. * This file is part of wolfSSL.
  6. *
  7. * wolfSSL is free software; you can redistribute it and/or modify
  8. * it under the terms of the GNU General Public License as published by
  9. * the Free Software Foundation; either version 2 of the License, or
  10. * (at your option) any later version.
  11. *
  12. * wolfSSL is distributed in the hope that it will be useful,
  13. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  14. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  15. * GNU General Public License for more details.
  16. *
  17. * You should have received a copy of the GNU General Public License
  18. * along with this program; if not, write to the Free Software
  19. * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
  20. */
  21. using System;
  22. using System.Runtime.InteropServices;
  23. using System.Text;
  24. using System.IO;
  25. using System.Net;
  26. using System.Net.Sockets;
  27. using wolfSSL.CSharp;
  28. public class wolfSSL_TLS_Client
  29. {
  30. /// <summary>
  31. /// Example of a logging function
  32. /// </summary>
  33. /// <param name="lvl">level of log</param>
  34. /// <param name="msg">message to log</param>
  35. public static void standard_log(int lvl, StringBuilder msg)
  36. {
  37. Console.WriteLine(msg);
  38. }
  39. private static void clean(IntPtr ssl, IntPtr ctx)
  40. {
  41. wolfssl.free(ssl);
  42. wolfssl.CTX_free(ctx);
  43. wolfssl.Cleanup();
  44. }
  45. /// <summary>
  46. /// Verification callback
  47. /// </summary>
  48. /// <param name="preverify">1=Verify Okay, 0=Failure</param>
  49. /// <param name="x509_ctx">Certificate in WOLFSSL_X509_STORE_CTX format</param>
  50. private static int myVerify(int preverify, IntPtr x509_ctx)
  51. {
  52. /* Use the provided verification */
  53. /* Can optionally override failures by returning non-zero value */
  54. return preverify;
  55. }
  56. /// <summary>
  57. /// Checks if the SNI option was enabled via command line.
  58. /// Must be enabled with ./configure --enable-sni when configuring
  59. /// wolfSSL.
  60. /// <param name="args">Parameters passed via command line</param>
  61. /// </summary>
  62. private static int haveSNI(string[] args)
  63. {
  64. for (int i = 0; i < args.Length; i++) {
  65. if (args[i] == "-S") {
  66. Console.WriteLine("SNI IS ON");
  67. return i+1;
  68. }
  69. }
  70. Console.WriteLine("SNI IS OFF");
  71. return -1;
  72. }
  73. public static void Main(string[] args)
  74. {
  75. IntPtr ctx;
  76. IntPtr ssl;
  77. Socket tcp;
  78. IntPtr sniHostName;
  79. /* These paths should be changed for use */
  80. string caCert = wolfssl.setPath("ca-cert.pem");
  81. StringBuilder dhparam = new StringBuilder(wolfssl.setPath("dh2048.pem"));
  82. if (caCert == "" || dhparam.Length == 0) {
  83. Console.WriteLine("Platform not supported.");
  84. return;
  85. }
  86. StringBuilder buff = new StringBuilder(1024);
  87. StringBuilder reply = new StringBuilder("Hello, this is the wolfSSL C# wrapper");
  88. //example of function used for setting logging
  89. wolfssl.SetLogging(standard_log);
  90. wolfssl.Init();
  91. Console.WriteLine("Calling ctx Init from wolfSSL");
  92. ctx = wolfssl.CTX_new(wolfssl.usev23_client());
  93. if (ctx == IntPtr.Zero)
  94. {
  95. Console.WriteLine("Error in creating ctx structure");
  96. return;
  97. }
  98. Console.WriteLine("Finished init of ctx .... now load in CA");
  99. if (!File.Exists(caCert))
  100. {
  101. Console.WriteLine("Could not find CA cert file");
  102. wolfssl.CTX_free(ctx);
  103. return;
  104. }
  105. if (!File.Exists(dhparam.ToString())) {
  106. Console.WriteLine("Could not find dh file");
  107. wolfssl.CTX_free(ctx);
  108. return;
  109. }
  110. if (wolfssl.CTX_load_verify_locations(ctx, caCert, null)
  111. != wolfssl.SUCCESS)
  112. {
  113. Console.WriteLine("Error loading CA cert");
  114. wolfssl.CTX_free(ctx);
  115. return;
  116. }
  117. int sniArg = haveSNI(args);
  118. if (sniArg >= 0)
  119. {
  120. string sniHostNameString = args[sniArg].Trim();
  121. sniHostName = Marshal.StringToHGlobalAnsi(sniHostNameString);
  122. ushort size = (ushort)sniHostNameString.Length;
  123. if (wolfssl.CTX_UseSNI(ctx, (byte)wolfssl.WOLFSSL_SNI_HOST_NAME, sniHostName, size) != wolfssl.SUCCESS)
  124. {
  125. Console.WriteLine("UseSNI failed");
  126. wolfssl.CTX_free(ctx);
  127. return;
  128. }
  129. }
  130. StringBuilder ciphers = new StringBuilder(new String(' ', 4096));
  131. wolfssl.get_ciphers(ciphers, 4096);
  132. Console.WriteLine("Ciphers : " + ciphers.ToString());
  133. /* Uncomment Section to enable specific cipher suite */
  134. #if false
  135. ciphers = new StringBuilder("ECDHE-ECDSA-AES128-GCM-SHA256");
  136. if (wolfssl.CTX_set_cipher_list(ctx, ciphers) != wolfssl.SUCCESS)
  137. {
  138. Console.WriteLine("ERROR CTX_set_cipher_list()");
  139. wolfssl.CTX_free(ctx);
  140. return;
  141. }
  142. #endif
  143. short minDhKey = 128;
  144. wolfssl.CTX_SetMinDhKey_Sz(ctx, minDhKey);
  145. /* Setup Verify Callback */
  146. if (wolfssl.CTX_set_verify(ctx, wolfssl.SSL_VERIFY_PEER, myVerify)
  147. != wolfssl.SUCCESS)
  148. {
  149. Console.WriteLine("Error setting verify callback!");
  150. }
  151. /* set up TCP socket */
  152. tcp = new Socket(AddressFamily.InterNetwork, SocketType.Stream,
  153. ProtocolType.Tcp);
  154. try
  155. {
  156. tcp.Connect("localhost", 11111);
  157. }
  158. catch (Exception e)
  159. {
  160. Console.WriteLine("tcp.Connect() error " + e.ToString());
  161. wolfssl.CTX_free(ctx);
  162. return;
  163. }
  164. if (!tcp.Connected)
  165. {
  166. Console.WriteLine("tcp.Connect() failed!");
  167. tcp.Close();
  168. wolfssl.CTX_free(ctx);
  169. return;
  170. }
  171. Console.WriteLine("Connected TCP");
  172. ssl = wolfssl.new_ssl(ctx);
  173. if (ssl == IntPtr.Zero)
  174. {
  175. Console.WriteLine("Error in creating ssl object");
  176. wolfssl.CTX_free(ctx);
  177. return;
  178. }
  179. Console.WriteLine("Connection made wolfSSL_connect ");
  180. if (wolfssl.set_fd(ssl, tcp) != wolfssl.SUCCESS)
  181. {
  182. /* get and print out the error */
  183. Console.WriteLine(wolfssl.get_error(ssl));
  184. tcp.Close();
  185. clean(ssl, ctx);
  186. return;
  187. }
  188. wolfssl.SetTmpDH_file(ssl, dhparam, wolfssl.SSL_FILETYPE_PEM);
  189. if (wolfssl.connect(ssl) != wolfssl.SUCCESS)
  190. {
  191. /* get and print out the error */
  192. Console.WriteLine(wolfssl.get_error(ssl));
  193. tcp.Close();
  194. clean(ssl, ctx);
  195. return;
  196. }
  197. /* print out results of TLS/SSL accept */
  198. Console.WriteLine("SSL version is " + wolfssl.get_version(ssl));
  199. Console.WriteLine("SSL cipher suite is " + wolfssl.get_current_cipher(ssl));
  200. if (wolfssl.write(ssl, reply, reply.Length) != reply.Length)
  201. {
  202. Console.WriteLine("Error in write");
  203. tcp.Close();
  204. clean(ssl, ctx);
  205. return;
  206. }
  207. /* read and print out the message then reply */
  208. if (wolfssl.read(ssl, buff, 1023) < 0)
  209. {
  210. Console.WriteLine("Error in read");
  211. tcp.Close();
  212. clean(ssl, ctx);
  213. return;
  214. }
  215. Console.WriteLine(buff);
  216. wolfssl.shutdown(ssl);
  217. tcp.Close();
  218. clean(ssl, ctx);
  219. }
  220. }