private int OnCallback(IntPtr ssl_ptr, IntPtr cookie_ptr, ref int cookie_len)
{
Ssl ssl = new Ssl(ssl_ptr, false);
byte[] cookie;
int result = _local_callback(ssl, out cookie);
Marshal.Copy(cookie, 0, cookie_ptr, cookie.Length);
cookie_len = cookie.Length;
return(result);
}
public override void Close()
{
//base.Close();
if (ssl != null)
{
ssl.Dispose();
ssl = null;
}
if (sslContext != null)
{
sslContext.Dispose();
sslContext = null;
}
}
protected void InitializeClientContext(X509List certificates, SslProtocols enabledSslProtocols, SslStrength sslStrength, bool checkCertificateRevocation)
{
// Initialize the context with the specified ssl version
// Initialize the context
sslContext = new SslContext(SslMethod.SSLv23_client_method);
// Remove support for protocols not specified in the enabledSslProtocols
if ((enabledSslProtocols & SslProtocols.Ssl2) != SslProtocols.Ssl2)
{
sslContext.Options |= SslOptions.SSL_OP_NO_SSLv2;
}
if ((enabledSslProtocols & SslProtocols.Ssl3) != SslProtocols.Ssl3 &&
((enabledSslProtocols & SslProtocols.Default) != SslProtocols.Default))
{
// no SSLv3 support
sslContext.Options |= SslOptions.SSL_OP_NO_SSLv3;
}
if ((enabledSslProtocols & SslProtocols.Tls) != SslProtocols.Tls &&
(enabledSslProtocols & SslProtocols.Default) != SslProtocols.Default)
{
sslContext.Options |= SslOptions.SSL_OP_NO_TLSv1;
}
// Set the Local certificate selection callback
sslContext.SetClientCertCallback(this.internalCertificateSelectionCallback);
// Set the enabled cipher list
sslContext.SetCipherList(GetCipherString(false, enabledSslProtocols, sslStrength));
// Set the callbacks for remote cert verification and local cert selection
if (remoteCertificateSelectionCallback != null)
{
sslContext.SetVerify(VerifyMode.SSL_VERIFY_PEER | VerifyMode.SSL_VERIFY_FAIL_IF_NO_PEER_CERT, remoteCertificateSelectionCallback);
}
// Set the CA list into the store
if (caCertificates != null)
{
X509Store store = new X509Store(caCertificates);
sslContext.SetCertificateStore(store);
}
// Set up the read/write bio's
read_bio = BIO.MemoryBuffer(false);
write_bio = BIO.MemoryBuffer(false);
ssl = new Ssl(sslContext);
ssl.SetBIO(read_bio, write_bio);
read_bio.SetClose(BIO.CloseOption.Close);
write_bio.SetClose(BIO.CloseOption.Close);
// Set the Ssl object into Client mode
ssl.SetConnectState();
}
internal int OnClientCertThunk(IntPtr ssl_ptr, out IntPtr cert_ptr, out IntPtr key_ptr)
{
X509Certificate cert = null;
CryptoKey key = null;
Ssl ssl = new Ssl(ssl_ptr, false);
cert_ptr = IntPtr.Zero;
key_ptr = IntPtr.Zero;
int nRet = OnClientCertCallback(ssl, out cert, out key);
if (nRet != 0)
{
if (cert != null)
{
cert_ptr = cert.Handle;
}
if (key != null)
{
key_ptr = key.Handle;
}
}
return(nRet);
}
// PSK client callback
public int InternalPskServerCallback(Ssl ssl, String identity, out byte[] psk, uint max_psk_len)
{
psk = this.pskPsk;
return(1); // success
}