private static SecurityStatusPal HandshakeInternal(
SafeFreeCredentials credential,
ref SafeDeleteSslContext?context,
ReadOnlySpan <byte> inputBuffer,
ref byte[]?outputBuffer,
SslAuthenticationOptions sslAuthenticationOptions)
{
Debug.Assert(!credential.IsInvalid);
try
{
SafeDeleteSslContext?sslContext = ((SafeDeleteSslContext?)context);
if ((context == null) || context.IsInvalid)
{
context = new SafeDeleteSslContext((credential as SafeFreeSslCredentials) !, sslAuthenticationOptions);
sslContext = context;
}
if (inputBuffer.Length > 0)
{
sslContext !.Write(inputBuffer);
}
SafeSslHandle sslHandle = sslContext !.SslContext;
PAL_SSLStreamStatus ret = Interop.AndroidCrypto.SSLStreamHandshake(sslHandle);
SecurityStatusPalErrorCode statusCode = ret switch
{
PAL_SSLStreamStatus.OK => SecurityStatusPalErrorCode.OK,
PAL_SSLStreamStatus.NeedData => SecurityStatusPalErrorCode.ContinueNeeded,
_ => SecurityStatusPalErrorCode.InternalError
};
outputBuffer = sslContext.ReadPendingWrites();
return(new SecurityStatusPal(statusCode));
}
catch (Exception exc)
{
return(new SecurityStatusPal(SecurityStatusPalErrorCode.InternalError, exc));
}
}
public static SecurityStatusPal EncryptMessage(
SafeDeleteContext securityContext,
ReadOnlyMemory <byte> input,
int headerSize,
int trailerSize,
ref byte[] output,
out int resultSize)
{
resultSize = 0;
Debug.Assert(input.Length > 0, $"{nameof(input.Length)} > 0 since {nameof(CanEncryptEmptyMessage)} is false");
try
{
SafeDeleteSslContext sslContext = (SafeDeleteSslContext)securityContext;
SafeSslHandle sslHandle = sslContext.SslContext;
PAL_SSLStreamStatus ret = Interop.AndroidCrypto.SSLStreamWrite(sslHandle, input);
SecurityStatusPalErrorCode statusCode = ret switch
{
PAL_SSLStreamStatus.OK => SecurityStatusPalErrorCode.OK,
PAL_SSLStreamStatus.NeedData => SecurityStatusPalErrorCode.ContinueNeeded,
PAL_SSLStreamStatus.Renegotiate => SecurityStatusPalErrorCode.Renegotiate,
PAL_SSLStreamStatus.Closed => SecurityStatusPalErrorCode.ContextExpired,
_ => SecurityStatusPalErrorCode.InternalError
};
if (sslContext.BytesReadyForConnection <= output?.Length)
{
resultSize = sslContext.ReadPendingWrites(output, 0, output.Length);
}
else
{
output = sslContext.ReadPendingWrites() !;
resultSize = output.Length;
}
return(new SecurityStatusPal(statusCode));
}
catch (Exception e)
{
return(new SecurityStatusPal(SecurityStatusPalErrorCode.InternalError, e));
}
}
public static SecurityStatusPal DecryptMessage(
SafeDeleteSslContext securityContext,
Span <byte> buffer,
out int offset,
out int count)
{
offset = 0;
count = 0;
try
{
SafeSslHandle sslHandle = securityContext.SslContext;
securityContext.Write(buffer);
PAL_SSLStreamStatus ret = Interop.AndroidCrypto.SSLStreamRead(sslHandle, buffer, out int read);
if (ret == PAL_SSLStreamStatus.Error)
{
return(new SecurityStatusPal(SecurityStatusPalErrorCode.InternalError));
}
count = read;
SecurityStatusPalErrorCode statusCode = ret switch
{
PAL_SSLStreamStatus.OK => SecurityStatusPalErrorCode.OK,
PAL_SSLStreamStatus.NeedData => SecurityStatusPalErrorCode.OK,
PAL_SSLStreamStatus.Renegotiate => SecurityStatusPalErrorCode.Renegotiate,
PAL_SSLStreamStatus.Closed => SecurityStatusPalErrorCode.ContextExpired,
_ => SecurityStatusPalErrorCode.InternalError
};
return(new SecurityStatusPal(statusCode));
}
catch (Exception e)
{
return(new SecurityStatusPal(SecurityStatusPalErrorCode.InternalError, e));
}
}
