5 // Created by Martin Baulig on 14/11/15.
6 // Copyright (c) 2015 Xamarin. All rights reserved.
10 #include <btls-x509-verify-param.h>
17 #define debug_print(ptr,message) \
18 do { if (mono_btls_ssl_ctx_is_debug_enabled(ptr->ctx)) \
19 mono_btls_ssl_ctx_debug_printf (ptr->ctx, "%s:%d:%s(): " message, __FILE__, __LINE__, \
20 __func__); } while (0)
22 #define debug_printf(ptr,fmt, ...) \
23 do { if (mono_btls_ssl_ctx_is_debug_enabled(ptr->ctx)) \
24 mono_btls_ssl_ctx_debug_printf (ptr->ctx, "%s:%d:%s(): " fmt, __FILE__, __LINE__, \
25 __func__, __VA_ARGS__); } while (0)
27 STACK_OF(SSL_CIPHER
) *ssl_bytes_to_cipher_list (SSL
*s
, const CBS
*cbs
);
29 MONO_API MonoBtlsSsl
*
30 mono_btls_ssl_new (MonoBtlsSslCtx
*ctx
)
34 ptr
= calloc (1, sizeof (MonoBtlsSsl
));
36 ptr
->ctx
= mono_btls_ssl_ctx_up_ref (ctx
);
37 ptr
->ssl
= SSL_new (mono_btls_ssl_ctx_get_ctx (ptr
->ctx
));
43 mono_btls_ssl_destroy (MonoBtlsSsl
*ptr
)
45 mono_btls_ssl_close (ptr
);
51 mono_btls_ssl_ctx_free (ptr
->ctx
);
58 mono_btls_ssl_close (MonoBtlsSsl
*ptr
)
64 mono_btls_ssl_shutdown (MonoBtlsSsl
*ptr
)
66 return SSL_shutdown (ptr
->ssl
);
70 mono_btls_ssl_set_quiet_shutdown (MonoBtlsSsl
*ptr
, int mode
)
72 SSL_set_quiet_shutdown (ptr
->ssl
, mode
);
76 mono_btls_ssl_set_bio (MonoBtlsSsl
*ptr
, BIO
*bio
)
79 SSL_set_bio (ptr
->ssl
, bio
, bio
);
83 mono_btls_ssl_print_errors_cb (ERR_print_errors_callback_t callback
, void *ctx
)
85 ERR_print_errors_cb (callback
, ctx
);
89 mono_btls_ssl_use_certificate (MonoBtlsSsl
*ptr
, X509
*x509
)
91 return SSL_use_certificate (ptr
->ssl
, x509
);
95 mono_btls_ssl_use_private_key (MonoBtlsSsl
*ptr
, EVP_PKEY
*key
)
97 return SSL_use_PrivateKey (ptr
->ssl
, key
);
101 mono_btls_ssl_add_chain_certificate (MonoBtlsSsl
*ptr
, X509
*x509
)
103 return SSL_add1_chain_cert (ptr
->ssl
, x509
);
107 mono_btls_ssl_accept (MonoBtlsSsl
*ptr
)
109 return SSL_accept (ptr
->ssl
);
113 mono_btls_ssl_connect (MonoBtlsSsl
*ptr
)
115 return SSL_connect (ptr
->ssl
);
119 mono_btls_ssl_handshake (MonoBtlsSsl
*ptr
)
121 return SSL_do_handshake (ptr
->ssl
);
125 mono_btls_ssl_read (MonoBtlsSsl
*ptr
, void *buf
, int count
)
127 return SSL_read (ptr
->ssl
, buf
, count
);
131 mono_btls_ssl_write (MonoBtlsSsl
*ptr
, void *buf
, int count
)
133 return SSL_write (ptr
->ssl
, buf
, count
);
137 mono_btls_ssl_get_version (MonoBtlsSsl
*ptr
)
139 return SSL_version (ptr
->ssl
);
143 mono_btls_ssl_set_min_version (MonoBtlsSsl
*ptr
, int version
)
145 SSL_set_min_version (ptr
->ssl
, version
);
149 mono_btls_ssl_set_max_version (MonoBtlsSsl
*ptr
, int version
)
151 SSL_set_max_version (ptr
->ssl
, version
);
155 mono_btls_ssl_get_cipher (MonoBtlsSsl
*ptr
)
157 const SSL_CIPHER
*cipher
;
159 cipher
= SSL_get_current_cipher (ptr
->ssl
);
162 return (uint16_t)SSL_CIPHER_get_id (cipher
);
166 mono_btls_ssl_set_cipher_list (MonoBtlsSsl
*ptr
, const char *str
)
168 return SSL_set_cipher_list(ptr
->ssl
, str
);
172 mono_btls_ssl_get_ciphers (MonoBtlsSsl
*ptr
, uint16_t **data
)
174 STACK_OF(SSL_CIPHER
) *ciphers
;
179 ciphers
= SSL_get_ciphers (ptr
->ssl
);
183 count
= (int)sk_SSL_CIPHER_num (ciphers
);
185 *data
= OPENSSL_malloc (2 * count
);
189 for (i
= 0; i
< count
; i
++) {
190 const SSL_CIPHER
*cipher
= sk_SSL_CIPHER_value (ciphers
, i
);
191 (*data
) [i
] = (uint16_t) SSL_CIPHER_get_id (cipher
);
198 mono_btls_ssl_get_peer_certificate (MonoBtlsSsl
*ptr
)
200 return SSL_get_peer_certificate (ptr
->ssl
);
204 mono_btls_ssl_get_error (MonoBtlsSsl
*ptr
, int ret_code
)
206 return SSL_get_error (ptr
->ssl
, ret_code
);
210 mono_btls_ssl_set_verify_param (MonoBtlsSsl
*ptr
, const MonoBtlsX509VerifyParam
*param
)
212 return SSL_set1_param (ptr
->ssl
, mono_btls_x509_verify_param_peek_param (param
));
216 mono_btls_ssl_set_server_name (MonoBtlsSsl
*ptr
, const char *name
)
218 return SSL_set_tlsext_host_name (ptr
->ssl
, name
);
221 MONO_API
const char *
222 mono_btls_ssl_get_server_name (MonoBtlsSsl
*ptr
)
224 return SSL_get_servername (ptr
->ssl
, TLSEXT_NAMETYPE_host_name
);
228 mono_btls_ssl_set_renegotiate_mode (MonoBtlsSsl
*ptr
, MonoBtlsSslRenegotiateMode mode
)
230 SSL_set_renegotiate_mode (ptr
->ssl
, (enum ssl_renegotiate_mode_t
)mode
);
234 mono_btls_ssl_renegotiate_pending (MonoBtlsSsl
*ptr
)
236 return SSL_renegotiate_pending (ptr
->ssl
);