wolfSSL-DTLS-PSK-Server.cs 7.5 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234
  1. /* wolfSSL-DTLS-PSK-Server.cs
  2. *
  3. * Copyright (C) 2006-2023 wolfSSL Inc.
  4. *
  5. * This file is part of wolfSSL.
  6. *
  7. * wolfSSL is free software; you can redistribute it and/or modify
  8. * it under the terms of the GNU General Public License as published by
  9. * the Free Software Foundation; either version 2 of the License, or
  10. * (at your option) any later version.
  11. *
  12. * wolfSSL is distributed in the hope that it will be useful,
  13. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  14. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  15. * GNU General Public License for more details.
  16. *
  17. * You should have received a copy of the GNU General Public License
  18. * along with this program; if not, write to the Free Software
  19. * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
  20. */
  21. using System;
  22. using System.Runtime.InteropServices;
  23. using System.Text;
  24. using System.Threading;
  25. using System.IO;
  26. using System.Net;
  27. using System.Net.Sockets;
  28. using wolfSSL.CSharp;
  29. public class wolfSSL_DTLS_PSK_Server
  30. {
  31. /// <summary>
  32. /// Example of a PSK function call back
  33. /// </summary>
  34. /// <param name="ssl">pointer to ssl structure</param>
  35. /// <param name="identity">identity of client connecting</param>
  36. /// <param name="key">buffer to hold key</param>
  37. /// <param name="max_key">max key size</param>
  38. /// <returns>size of key set</returns>
  39. public static uint my_psk_server_cb(IntPtr ssl, string identity, IntPtr key, uint max_key)
  40. {
  41. /* perform a check on the identity sent across
  42. * log function must be set for print out of logging information
  43. */
  44. wolfssl.log(wolfssl.INFO_LOG, "PSK Client Identity = " + identity);
  45. /* Use desired key, note must be a key smaller than max key size parameter
  46. Replace this with desired key. Is trivial one for testing */
  47. if (max_key < 4)
  48. return 0;
  49. byte[] tmp = { 26, 43, 60, 77 };
  50. Marshal.Copy(tmp, 0, key, 4);
  51. return (uint)4;
  52. }
  53. private static void clean(IntPtr ssl, IntPtr ctx)
  54. {
  55. wolfssl.free(ssl);
  56. wolfssl.CTX_free(ctx);
  57. wolfssl.Cleanup();
  58. }
  59. public static void Main(string[] args)
  60. {
  61. IntPtr ctx;
  62. IntPtr ssl;
  63. /* These paths should be changed according to use */
  64. string fileCert = wolfssl.setPath("server-cert.pem");
  65. string fileKey = wolfssl.setPath("server-key.pem");
  66. StringBuilder dhparam = new StringBuilder(wolfssl.setPath("dh2048.pem"));
  67. if (fileCert == "" || fileKey == "" || dhparam.Length == 0) {
  68. Console.WriteLine("Platform not supported");
  69. return;
  70. }
  71. wolfssl.psk_delegate psk_cb = new wolfssl.psk_delegate(my_psk_server_cb);
  72. StringBuilder buff = new StringBuilder(1024);
  73. StringBuilder reply = new StringBuilder("Hello, this is the wolfSSL C# wrapper");
  74. wolfssl.Init();
  75. Console.WriteLine("Calling ctx Init from wolfSSL");
  76. ctx = wolfssl.CTX_dtls_new(wolfssl.useDTLSv1_2_server());
  77. if (ctx == IntPtr.Zero)
  78. {
  79. Console.WriteLine("Error creating ctx structure");
  80. return;
  81. }
  82. Console.WriteLine("Finished init of ctx .... now load in cert and key");
  83. if (!File.Exists(fileCert) || !File.Exists(fileKey))
  84. {
  85. Console.WriteLine("Could not find cert or key file");
  86. wolfssl.CTX_free(ctx);
  87. return;
  88. }
  89. if (!File.Exists(dhparam.ToString())) {
  90. Console.WriteLine("Could not find dh file");
  91. wolfssl.CTX_free(ctx);
  92. return;
  93. }
  94. if (wolfssl.CTX_use_certificate_file(ctx, fileCert, wolfssl.SSL_FILETYPE_PEM) != wolfssl.SUCCESS)
  95. {
  96. Console.WriteLine("Error setting cert file");
  97. wolfssl.CTX_free(ctx);
  98. return;
  99. }
  100. if (wolfssl.CTX_use_PrivateKey_file(ctx, fileKey, wolfssl.SSL_FILETYPE_PEM) != wolfssl.SUCCESS)
  101. {
  102. Console.WriteLine("Error setting key file");
  103. wolfssl.CTX_free(ctx);
  104. return;
  105. }
  106. /* Test psk use with DHE */
  107. StringBuilder hint = new StringBuilder("cyassl server");
  108. if (wolfssl.CTX_use_psk_identity_hint(ctx, hint) != wolfssl.SUCCESS)
  109. {
  110. Console.WriteLine("Error setting hint");
  111. wolfssl.CTX_free(ctx);
  112. return;
  113. }
  114. wolfssl.CTX_set_psk_server_callback(ctx, psk_cb);
  115. short minDhKey = 128;
  116. wolfssl.CTX_SetMinDhKey_Sz(ctx, minDhKey);
  117. Console.Write("Setting cipher suite to ");
  118. StringBuilder set_cipher = new StringBuilder("DHE-PSK-AES128-CBC-SHA256");
  119. Console.WriteLine(set_cipher);
  120. if (wolfssl.CTX_set_cipher_list(ctx, set_cipher) != wolfssl.SUCCESS)
  121. {
  122. Console.WriteLine("Failed to set cipher suite");
  123. wolfssl.CTX_free(ctx);
  124. return;
  125. }
  126. IPAddress ip = IPAddress.Parse("0.0.0.0");
  127. UdpClient udp = new UdpClient(11111);
  128. IPEndPoint ep = new IPEndPoint(ip, 11111);
  129. Console.WriteLine("Started UDP and waiting for a connection");
  130. ssl = wolfssl.new_ssl(ctx);
  131. if (ssl == IntPtr.Zero)
  132. {
  133. Console.WriteLine("Error creating ssl object");
  134. udp.Close();
  135. wolfssl.CTX_free(ctx);
  136. return;
  137. }
  138. if (wolfssl.SetTmpDH_file(ssl, dhparam, wolfssl.SSL_FILETYPE_PEM) != wolfssl.SUCCESS)
  139. {
  140. Console.WriteLine("Error in setting dhparam");
  141. Console.WriteLine(wolfssl.get_error(ssl));
  142. udp.Close();
  143. clean(ssl, ctx);
  144. return;
  145. }
  146. if (wolfssl.set_dtls_fd(ssl, udp, ep) != wolfssl.SUCCESS)
  147. {
  148. Console.WriteLine(wolfssl.get_error(ssl));
  149. udp.Close();
  150. clean(ssl, ctx);
  151. return;
  152. }
  153. if (wolfssl.accept(ssl) != wolfssl.SUCCESS)
  154. {
  155. Console.WriteLine(wolfssl.get_error(ssl));
  156. udp.Close();
  157. clean(ssl, ctx);
  158. return;
  159. }
  160. /* print out results of TLS/SSL accept */
  161. Console.WriteLine("SSL version is " + wolfssl.get_version(ssl));
  162. Console.WriteLine("SSL cipher suite is " + wolfssl.get_current_cipher(ssl));
  163. /* get connection information and print ip - port */
  164. wolfssl.DTLS_con con = wolfssl.get_dtls_fd(ssl);
  165. Console.Write("Connected to ip ");
  166. Console.Write(con.ep.Address.ToString());
  167. Console.Write(" on port ");
  168. Console.WriteLine(con.ep.Port.ToString());
  169. /* read information sent and send a reply */
  170. if (wolfssl.read(ssl, buff, 1023) < 0)
  171. {
  172. Console.WriteLine("Error reading message");
  173. Console.WriteLine(wolfssl.get_error(ssl));
  174. udp.Close();
  175. clean(ssl, ctx);
  176. return;
  177. }
  178. Console.WriteLine(buff);
  179. if (wolfssl.write(ssl, reply, reply.Length) != reply.Length)
  180. {
  181. Console.WriteLine("Error writing message");
  182. Console.WriteLine(wolfssl.get_error(ssl));
  183. udp.Close();
  184. clean(ssl, ctx);
  185. return;
  186. }
  187. Console.WriteLine("At the end freeing stuff");
  188. wolfssl.shutdown(ssl);
  189. udp.Close();
  190. clean(ssl, ctx);
  191. }
  192. }