/// <summary>
/// 获取指定类型的 SSL Session 信息(输出类型参考:SSLSessionInfo)
/// </summary>
/// <param name="info">指定获取内容的类型</param>
/// <returns></returns>
public IntPtr GetSSLSessionInfo(SSLSessionInfo info)
{
var ret = IntPtr.Zero;
SSLSdk.HP_SSLClient_GetSSLSessionInfo(pClient, info, ref ret);
return(ret);
}
/// <summary>
/// 反初始化SSL环境
/// </summary>
protected virtual void Uninitialize()
{
if (Interlocked.Decrement(ref ObjectReferer) == 0)
{
SSLSdk.HP_SSLAgent_CleanupSSLContext(pAgent);
}
}
/// <summary>
/// 初始化SSL环境
/// </summary>
/// <returns></returns>
protected virtual bool Initialize()
{
lock (SSLInitLock)
{
if (SSLSdk.HP_SSL_IsValid() == false)
{
if (string.IsNullOrWhiteSpace(PemCertFile))
{
throw new NullReferenceException("PemCertFile");
}
if (string.IsNullOrWhiteSpace(PemKeyFile))
{
throw new NullReferenceException("PemKeyFile");
}
if (string.IsNullOrWhiteSpace(KeyPasswod))
{
throw new NullReferenceException("KeyPasswod");
}
if (string.IsNullOrWhiteSpace(CAPemCertFileOrPath))
{
throw new NullReferenceException("CAPemCertFileOrPath");
}
return(SSLSdk.HP_SSL_Initialize(SSLSessionMode.Server, VerifyMode, PemCertFile, PemKeyFile, KeyPasswod, CAPemCertFileOrPath));
}
return(true);
}
}
/// <summary>
/// 反初始化SSL环境
/// </summary>
public virtual void Uninitialize()
{
if (pServer != IntPtr.Zero)
{
SSLSdk.HP_SSLServer_CleanupSSLContext(pServer);
}
}
/// <summary>
/// 反初始化SSL环境
/// </summary>
public virtual void Uninitialize()
{
if (Interlocked.Decrement(ref ObjectReferer) == 0)
{
SSLSdk.HP_SSLServer_CleanupSSLContext(pServer);
}
}
/// <summary>
/// 反初始化SSL环境
/// </summary>
protected virtual void Uninitialize()
{
if (Interlocked.Decrement(ref ObjectReferer) == 0 && pClient != IntPtr.Zero)
{
SSLSdk.HP_SSLClient_CleanupSSLContext(pClient);
}
}
/// <summary>
/// 反初始化SSL环境
/// </summary>
public virtual void UnInitialize()
{
if (pClient != IntPtr.Zero)
{
SSLSdk.HP_SSLClient_CleanupSSLContext(pClient);
}
}
/// <summary>
/// 获取指定类型的 SSL Session 信息(输出类型参考:SSLSessionInfo)
/// </summary>
/// <param name="connId"></param>
/// <param name="info">指定获取内容的类型</param>
/// <returns></returns>
public IntPtr GetSSLSessionInfo(IntPtr connId, SSLSessionInfo info)
{
var ret = IntPtr.Zero;
SSLSdk.HP_SSLServer_GetSSLSessionInfo(pServer, connId, info, ref ret);
return(ret);
}
/// <summary>
/// 反初始化SSL环境
/// </summary>
protected virtual void Uninitialize()
{
if (Interlocked.Decrement(ref ObjectReferer) == 0)
{
SSLSdk.HP_SSL_Cleanup();
}
}
public new bool Start()
{
if (SSLSdk.HP_SSL_IsValid() == false && Initialize() == false)
{
throw new Exception("法初始化SSL环境失败!");
}
return(base.Start());
}
/// <summary>
/// 初始化SSL环境
/// </summary>
/// <param name="callback"></param>
/// <returns></returns>
public virtual bool Initialize()
{
if (pServer != IntPtr.Zero)
{
PemCertFile = string.IsNullOrWhiteSpace(PemCertFile) ? null : PemCertFile;
PemKeyFile = string.IsNullOrWhiteSpace(PemKeyFile) ? null : PemKeyFile;
KeyPasswod = string.IsNullOrWhiteSpace(KeyPasswod) ? null : KeyPasswod;
CAPemCertFileOrPath = string.IsNullOrWhiteSpace(CAPemCertFileOrPath) ? null : CAPemCertFileOrPath;
return(SSLSdk.HP_SSLServer_SetupSSLContext(pServer, VerifyMode, PemCertFile, PemKeyFile, KeyPasswod, CAPemCertFileOrPath, SNIServerNameCallback));
}
return(false);
}
/// <summary>
/// 初始化SSL环境
/// </summary>
/// <returns></returns>
public virtual bool Initialize()
{
if (pAgent != IntPtr.Zero)
{
PemCertFile = string.IsNullOrWhiteSpace(PemCertFile) ? null : PemCertFile;
PemKeyFile = string.IsNullOrWhiteSpace(PemKeyFile) ? null : PemKeyFile;
KeyPasswod = string.IsNullOrWhiteSpace(KeyPasswod) ? null : KeyPasswod;
CAPemCertFileOrPath = string.IsNullOrWhiteSpace(CAPemCertFileOrPath) ? null : CAPemCertFileOrPath;
return(SSLSdk.HP_SSLAgent_SetupSSLContext(pAgent, VerifyMode, PemCertFile, PemKeyFile, KeyPasswod, CAPemCertFileOrPath));
}
return(true);
}
/// <summary>
/// 名称:增加 SNI 主机证书(只用于服务端)
/// 描述:SSL 服务端在 SetupSSLContext() 成功后可以调用本方法增加多个 SNI 主机证书
/// 返回值:正数 -- 成功,并返回 SNI 主机证书对应的索引,该索引用于在 SNI 回调函数中定位 SNI 主机
/// 返回值:负数 -- 失败,可通过 SYS_GetLastError() 获取失败原因
/// </summary>
/// <param name="verifyMode">SSL 验证模式(参考 EnSSLVerifyMode)</param>
/// <param name="pemCertFile">证书文件</param>
/// <param name="pemKeyFile">私钥文件</param>
/// <param name="keyPassword">私钥密码(没有密码则为空)</param>
/// <param name="caPemCertFileOrPath">CA 证书文件或目录(单向验证可选)</param>
/// <returns></returns>
public int AddServerContext(SSLVerifyMode verifyMode, string pemCertFile, string pemKeyFile, string keyPassword, string caPemCertFileOrPath)
{
if (string.IsNullOrWhiteSpace(pemCertFile))
{
throw new ArgumentException("参数无效", pemCertFile);
}
if (string.IsNullOrWhiteSpace(pemKeyFile))
{
throw new ArgumentException("参数无效", pemKeyFile);
}
keyPassword = string.IsNullOrWhiteSpace(keyPassword) ? null : keyPassword;
caPemCertFileOrPath = string.IsNullOrWhiteSpace(caPemCertFileOrPath) ? null : caPemCertFileOrPath;
return(SSLSdk.HP_SSLServer_AddSSLContext(pServer, verifyMode, pemCertFile, pemKeyFile, KeyPassword, caPemCertFileOrPath));
}
/// <summary>
/// 初始化SSL环境
/// <param name="memory">是否通过内存加载证书</param>
/// </summary>
/// <returns></returns>
public virtual bool Initialize(bool memory = false)
{
if (pClient != IntPtr.Zero)
{
PemCertFile = string.IsNullOrWhiteSpace(PemCertFile) ? null : PemCertFile;
PemKeyFile = string.IsNullOrWhiteSpace(PemKeyFile) ? null : PemKeyFile;
KeyPassword = string.IsNullOrWhiteSpace(KeyPassword) ? null : KeyPassword;
CAPemCertFileOrPath = string.IsNullOrWhiteSpace(CAPemCertFileOrPath) ? null : CAPemCertFileOrPath;
return(memory
? SSLSdk.HP_SSLClient_SetupSSLContextByMemory(pClient, VerifyMode, PemCertFile, PemKeyFile, KeyPassword, CAPemCertFileOrPath)
: SSLSdk.HP_SSLClient_SetupSSLContext(pClient, VerifyMode, PemCertFile, PemKeyFile, KeyPassword, CAPemCertFileOrPath));
}
return(false);
}
public override void Destroy()
{
Stop();
if (pClient != IntPtr.Zero)
{
SSLSdk.Destroy_HP_SSLClient(pClient);
pClient = IntPtr.Zero;
}
if (pListener != IntPtr.Zero)
{
Sdk.Destroy_HP_TcpClientListener(pListener);
pListener = IntPtr.Zero;
}
IsCreate = false;
}
/// <summary>
/// 终止服务并释放资源
/// </summary>
public override void Destroy()
{
Stop();
if (pServer != IntPtr.Zero)
{
SSLSdk.Destroy_HP_SSLPullServer(pServer);
pServer = IntPtr.Zero;
}
if (pListener != IntPtr.Zero)
{
Sdk.Destroy_HP_TcpPullServerListener(pListener);
pListener = IntPtr.Zero;
}
IsCreate = false;
}
/// <summary>
/// 初始化SSL环境
/// </summary>
/// <returns></returns>
protected virtual bool Initialize()
{
lock (SSLInitLock)
{
if (SSLSdk.HP_SSL_IsValid() == false)
{
PemCertFile = string.IsNullOrWhiteSpace(PemCertFile) ? null : PemCertFile;
PemKeyFile = string.IsNullOrWhiteSpace(PemKeyFile) ? null : PemKeyFile;
KeyPasswod = string.IsNullOrWhiteSpace(KeyPasswod) ? null : KeyPasswod;
CAPemCertFileOrPath = string.IsNullOrWhiteSpace(CAPemCertFileOrPath) ? null : CAPemCertFileOrPath;
return(SSLSdk.HP_SSL_Initialize(SSLSessionMode.Client, VerifyMode, PemCertFile, PemKeyFile, KeyPasswod, CAPemCertFileOrPath, null));
}
return(true);
}
}
/// <summary>
/// 初始化SSL环境
/// </summary>
/// <param name="callback"></param>
/// <returns></returns>
public virtual bool Initialize()
{
lock (SSLInitLock)
{
if (SSLSdk.HP_SSL_IsValid() == false)
{
PemCertFile = string.IsNullOrWhiteSpace(PemCertFile) ? null : PemCertFile;
PemKeyFile = string.IsNullOrWhiteSpace(PemKeyFile) ? null : PemKeyFile;
KeyPasswod = string.IsNullOrWhiteSpace(KeyPasswod) ? null : KeyPasswod;
CAPemCertFileOrPath = string.IsNullOrWhiteSpace(CAPemCertFileOrPath) ? null : CAPemCertFileOrPath;
return(SSLSdk.HP_SSL_Initialize(SSLSessionMode.Server, VerifyMode, PemCertFile, PemKeyFile, KeyPasswod, CAPemCertFileOrPath, SNIServerNameCallback));
}
return(true);
}
}
/// <summary>
/// 初始化SSL环境
/// </summary>
/// <returns></returns>
protected virtual bool Initialize()
{
lock (SSLInitLock)
{
//if (SSLSdk.HP_SSL_IsValid() == false)
{
PemCertFile = string.IsNullOrWhiteSpace(PemCertFile) ? null : PemCertFile;
PemKeyFile = string.IsNullOrWhiteSpace(PemKeyFile) ? null : PemKeyFile;
KeyPasswod = string.IsNullOrWhiteSpace(KeyPasswod) ? null : KeyPasswod;
CAPemCertFileOrPath = string.IsNullOrWhiteSpace(CAPemCertFileOrPath) ? null : CAPemCertFileOrPath;
var ret = SSLSdk.HP_SSLServer_SetupSSLContext(pServer, VerifyMode, PemCertFile, PemKeyFile, KeyPasswod, CAPemCertFileOrPath, SNIServerNameCallback);
System.Diagnostics.Trace.WriteLine($"ssl Initialize : {ret}");
}
return(true);
}
}
/// <summary>
/// 名称:增加 SNI 主机证书(只用于服务端)
/// 描述:SSL 服务端在 SetupSSLContext() 成功后可以调用本方法增加多个 SNI 主机证书
/// 返回值:正数 -- 成功,并返回 SNI 主机证书对应的索引,该索引用于在 SNI 回调函数中定位 SNI 主机
/// 返回值:负数 -- 失败,可通过 SYS_GetLastError() 获取失败原因
/// </summary>
/// <param name="verifyMode">SSL 验证模式(参考 EnSSLVerifyMode)</param>
/// <param name="pemCertFile">证书文件</param>
/// <param name="pemKeyFile">私钥文件</param>
/// <param name="keyPasswod">私钥密码(没有密码则为空)</param>
/// <param name="caPemCertFileOrPath">CA 证书文件或目录(单向验证可选)</param>
/// <returns></returns>
public int AddServerContext(SSLVerifyMode verifyMode, string pemCertFile, string pemKeyFile, string keyPasswod, string caPemCertFileOrPath)
{
/*if (SSLSdk.HP_SSL_IsValid() == false)
* {
* throw new InvalidOperationException("请先调用Initialize()方法初始化SSL环境");
* }*/
if (string.IsNullOrWhiteSpace(pemCertFile))
{
throw new ArgumentException("参数无效", pemCertFile);
}
if (string.IsNullOrWhiteSpace(pemKeyFile))
{
throw new ArgumentException("参数无效", pemKeyFile);
}
keyPasswod = string.IsNullOrWhiteSpace(keyPasswod) ? null : keyPasswod;
caPemCertFileOrPath = string.IsNullOrWhiteSpace(caPemCertFileOrPath) ? null : caPemCertFileOrPath;
return(SSLSdk.HP_SSLServer_AddSSLContext(pServer, verifyMode, pemCertFile, pemKeyFile, KeyPasswod, caPemCertFileOrPath));
}
/// <summary>
/// 初始化SSL环境
/// </summary>
/// <param name="memory">是否通过内存加载证书</param>
/// <returns></returns>
protected virtual bool Initialize(bool memory = false)
{
lock (SSLInitLock)
{
//if (SSLSdk.HP_SSL_IsValid() == false)
{
PemCertFile = string.IsNullOrWhiteSpace(PemCertFile) ? null : PemCertFile;
PemKeyFile = string.IsNullOrWhiteSpace(PemKeyFile) ? null : PemKeyFile;
KeyPassword = string.IsNullOrWhiteSpace(KeyPassword) ? null : KeyPassword;
CAPemCertFileOrPath = string.IsNullOrWhiteSpace(CAPemCertFileOrPath) ? null : CAPemCertFileOrPath;
var ret = memory
? SSLSdk.HP_SSLAgent_SetupSSLContextByMemory(pAgent, VerifyMode, PemCertFile, PemKeyFile, KeyPassword, CAPemCertFileOrPath)
: SSLSdk.HP_SSLAgent_SetupSSLContext(pAgent, VerifyMode, PemCertFile, PemKeyFile, KeyPassword, CAPemCertFileOrPath);
System.Diagnostics.Trace.WriteLine($"ssl Initialize : {ret}");
}
return(true);
}
}
protected override bool CreateListener()
{
if (IsCreate == true || pListener != IntPtr.Zero || pServer != IntPtr.Zero)
{
return(false);
}
pListener = Sdk.Create_HP_TcpServerListener();
if (pListener == IntPtr.Zero)
{
return(false);
}
pServer = SSLSdk.Create_HP_SSLServer(pListener);
if (pServer == IntPtr.Zero)
{
return(false);
}
IsCreate = true;
return(true);
}
/// <summary> 创建socket监听&服务组件 </summary> <returns></returns>
protected override bool CreateListener()
{
if (IsCreate == true || pListener != IntPtr.Zero || pAgent != IntPtr.Zero)
{
return(false);
}
pListener = Sdk.Create_HP_TcpPullAgentListener();
if (pListener == IntPtr.Zero)
{
return(false);
}
pAgent = SSLSdk.Create_HP_SSLPullAgent(pListener);
if (pAgent == IntPtr.Zero)
{
return(false);
}
IsCreate = true;
return(true);
}
/// <summary>
/// 启动 SSL 握手
/// 当通信组件设置为非自动握手时,需要调用本方法启动 SSL 握手
/// </summary>
/// <param name="connId"></param>
/// <returns></returns>
public bool StartSSLHandShake(IntPtr connId)
{
return(SSLSdk.HP_SSLAgent_StartSSLHandShake(pAgent, connId));
}
/// <summary>
/// 增加 SNI 主机证书(通过内存加载证书)
/// 描述:SSL 服务端在 SetupSSLContext() 成功后可以调用本方法增加多个 SNI 主机证书
/// 返回值:正数 -- 成功,并返回 SNI 主机证书对应的索引,该索引用于在 SNI 回调函数中定位 SNI 主机
/// 返回值:负数 -- 失败,可通过 SYS_GetLastError() 获取失败原因
/// </summary>
/// <param name="verifyMode">SSL 验证模式(参考 EnSSLVerifyMode)</param>
/// <param name="pemCert">证书内容</param>
/// <param name="pemKey">私钥内容</param>
/// <param name="keyPassword">私钥密码(没有密码则为空)</param>
/// <param name="caPemCert">CA 证书内容(单向验证可选)</param>
/// <returns></returns>
public int AddSSLContextByMemory(SSLVerifyMode verifyMode, string pemCert, string pemKey, string keyPassword = null, string caPemCert = null)
{
return(SSLSdk.HP_SSLServer_AddSSLContextByMemory(pServer, verifyMode, pemCert, pemKey, keyPassword, caPemCert));
}
/// <summary>
/// 绑定 SNI 主机域名
/// 描述:SSL 服务端在 AddSSLContext() 成功后可以调用本方法绑定主机域名到 SNI 主机证书
/// 返回:TRUE -- 成功
/// 返回:FALSE -- 失败,可通过 SYS_GetLastError() 获取失败原因
/// </summary>
/// <param name="serverName">主机域名</param>
/// <param name="contextIndex">SNI 主机证书对应的索引</param>
/// <returns></returns>
public bool BindSSLServerName(string serverName, int contextIndex)
{
return(SSLSdk.HP_SSLServer_BindSSLServerName(pServer, serverName, contextIndex));
}
/// <summary>
/// 启动 SSL 握手
/// 当通信组件设置为非自动握手时,需要调用本方法启动 SSL 握手
/// </summary>
/// <param name="connId"></param>
/// <returns></returns>
public bool StartSSLHandShake(IntPtr connId)
{
return(SSLSdk.HP_SSLServer_StartSSLHandShake(pServer, connId));
}
/// <summary>
/// 启动 SSL 握手
/// 当通信组件设置为非自动握手时,需要调用本方法启动 SSL 握手
/// </summary>
/// <returns></returns>
public bool StartSSLHandShake()
{
return(SSLSdk.HP_SSLClient_StartSSLHandShake(pClient));
}