HRESULT Library_spot_net_security_native_Microsoft_SPOT_Net_Security_SslNative::SecureConnect___STATIC__VOID__I4__STRING__OBJECT( CLR_RT_StackFrame& stack ) { NATIVE_PROFILE_CLR_NETWORK(); TINYCLR_HEADER(); CLR_INT32 sslContext = stack.Arg0().NumericByRef().s4; CLR_RT_HeapBlock* hb = stack.Arg1().DereferenceString(); CLR_RT_HeapBlock* socket = stack.Arg2().Dereference(); CLR_INT32 timeout_ms = -1; // wait forever CLR_RT_HeapBlock hbTimeout; int result; LPCSTR szName; CLR_INT32 handle; bool fRes = true; CLR_INT64 *timeout; FAULT_ON_NULL(socket); handle = socket[ Library_spot_net_native_Microsoft_SPOT_Net_SocketNative::FIELD__m_Handle ].NumericByRef().s4; /* Because we could have been a rescheduled call due to a prior call that would have blocked, we need to see * if our handle has been shutdown before continuing. */ if (handle == Library_spot_net_native_Microsoft_SPOT_Net_SocketNative::DISPOSED_HANDLE) { ThrowError( stack, CLR_E_OBJECT_DISPOSED ); TINYCLR_SET_AND_LEAVE(CLR_E_PROCESS_EXCEPTION); } FAULT_ON_NULL_ARG(hb); szName = hb->StringText(); hbTimeout.SetInteger( timeout_ms ); TINYCLR_CHECK_HRESULT(stack.SetupTimeout( hbTimeout, timeout )); while(true) { result = SSL_Connect( handle, szName, sslContext ); if(result == SOCK_EWOULDBLOCK || result == SOCK_TRY_AGAIN) { // non-blocking - allow other threads to run while we wait for socket activity TINYCLR_CHECK_HRESULT(g_CLR_RT_ExecutionEngine.WaitEvents( stack.m_owningThread, *timeout, CLR_RT_ExecutionEngine::c_Event_Socket, fRes )); if(result < 0) break; } else { break; } } stack.PopValue(); // Timeout TINYCLR_CHECK_HRESULT(ThrowOnError( stack, result )); TINYCLR_NOCLEANUP(); }
HRESULT Library_spot_net_security_native_Microsoft_SPOT_Net_Security_SslNative::UpdateCertificates___STATIC__VOID__I4__MicrosoftSPOTNativeSystemSecurityCryptographyX509CertificatesX509Certificate__SZARRAY_MicrosoftSPOTNativeSystemSecurityCryptographyX509CertificatesX509Certificate( CLR_RT_StackFrame& stack ) { NATIVE_PROFILE_CLR_NETWORK(); TINYCLR_HEADER(); CLR_INT32 sslContext = stack.Arg0().NumericByRef().s4; CLR_RT_HeapBlock* hbCert = stack.Arg1().Dereference(); CLR_RT_HeapBlock_Array* arrCA = stack.Arg2().DereferenceArray(); CLR_RT_HeapBlock_Array* arrCert; CLR_UINT8* sslCert; int i; CLR_RT_HeapBlock* hbPwd; LPCSTR szPwd; FAULT_ON_NULL(hbCert); FAULT_ON_NULL(arrCA); arrCert = hbCert[ Library_spot_native_System_Security_Cryptography_X509Certificates_X509Certificate::FIELD__m_certificate ].DereferenceArray(); FAULT_ON_NULL(arrCert); sslCert = arrCert->GetFirstElement(); hbPwd = hbCert[ Library_spot_native_System_Security_Cryptography_X509Certificates_X509Certificate::FIELD__m_password ].Dereference(); FAULT_ON_NULL(hbPwd); szPwd = hbPwd->StringText(); SSL_ClearCertificateAuthority( sslContext ); if(!SSL_AddCertificateAuthority( sslContext, (const char*)sslCert, arrCert->m_numOfElements, szPwd )) TINYCLR_SET_AND_LEAVE(CLR_E_FAIL); for(i=0; i<(int)arrCA->m_numOfElements; i++) { hbCert = (CLR_RT_HeapBlock*)arrCA->GetElement( i ); FAULT_ON_NULL(arrCert); arrCert = hbCert[ Library_spot_native_System_Security_Cryptography_X509Certificates_X509Certificate::FIELD__m_certificate ].DereferenceArray(); sslCert = arrCert->GetFirstElement(); hbPwd = hbCert[ Library_spot_native_System_Security_Cryptography_X509Certificates_X509Certificate::FIELD__m_password ].Dereference(); szPwd = hbPwd->StringText(); if(!SSL_AddCertificateAuthority( sslContext, (const char*)sslCert, arrCert->m_numOfElements, szPwd )) TINYCLR_SET_AND_LEAVE(CLR_E_FAIL); } TINYCLR_NOCLEANUP(); }
HRESULT Library_spot_net_security_native_Microsoft_SPOT_Net_Security_SslNative::InitHelper( CLR_RT_StackFrame& stack, bool isServer ) { NATIVE_PROFILE_CLR_NETWORK(); TINYCLR_HEADER(); CLR_INT32 sslContext = -1; CLR_INT32 sslMode = stack.Arg0().NumericByRef().s4; CLR_INT32 sslVerify = stack.Arg1().NumericByRef().s4; CLR_RT_HeapBlock *hbCert = stack.Arg2().Dereference(); CLR_RT_HeapBlock_Array* arrCA = stack.Arg3().DereferenceArray(); CLR_RT_HeapBlock_Array* arrCert = NULL; CLR_UINT8* sslCert = NULL; int result; int i; bool isFirstCall = false; LPCSTR szPwd = ""; if(!g_SSL_SeedData.Initialized) { BOOL fOK = FALSE; isFirstCall = true; #if !defined(_WIN32) && !defined(WIN32) && !defined(_WIN32_WCE) int i; if(!HAL_CONFIG_BLOCK::ApplyConfig( g_SSL_SeedData.Config.GetDriverName(), &g_SSL_SeedData.Config, sizeof(g_SSL_SeedData.Config) )) { return CLR_E_NOT_SUPPORTED; } // validate the security key (make sure it isn't all 0x00 or all 0xFF for(i=1; i<sizeof(g_SSL_SeedData.Config.SslSeedKey) && !fOK; i++) { if( g_SSL_SeedData.Config.SslSeedKey[ i ] != 0 && g_SSL_SeedData.Config.SslSeedKey[ i ] != 0xFF && g_SSL_SeedData.Config.SslSeedKey[ i-1 ] != g_SSL_SeedData.Config.SslSeedKey[ i ]) { fOK = TRUE; } } if(!fOK) { return CLR_E_NOT_SUPPORTED; } #endif g_SSL_SeedData.m_completion.Initialize(); g_SSL_SeedData.m_completion.InitializeForUserMode( UpdateSslSeedValue, NULL ); g_SSL_SeedData.Initialized = TRUE; } if(hbCert != NULL) { arrCert = hbCert[ Library_spot_native_System_Security_Cryptography_X509Certificates_X509Certificate::FIELD__m_certificate ].DereferenceArray(); //FAULT_ON_NULL(arrCert); // If arrCert == NULL then the certificate is an X509Certificate2 which uses a certificate handle if(arrCert == NULL) { arrCert = hbCert[ Library_spot_native_System_Security_Cryptography_X509Certificates_X509Certificate::FIELD__m_handle ].DereferenceArray(); FAULT_ON_NULL(arrCert); // pass the certificate handle as the cert data parameter sslCert = arrCert->GetFirstElement(); arrCert = hbCert[ Library_spot_native_System_Security_Cryptography_X509Certificates_X509Certificate::FIELD__m_sessionHandle ].DereferenceArray(); FAULT_ON_NULL(arrCert); // pass the session handle as the ssl context parameter sslContext = *(INT32*)arrCert->GetFirstElement(); // the certificate has already been loaded so just pass an empty string szPwd = ""; } else { arrCert->Pin(); sslCert = arrCert->GetFirstElement(); CLR_RT_HeapBlock *hbPwd = hbCert[ Library_spot_native_System_Security_Cryptography_X509Certificates_X509Certificate::FIELD__m_password ].Dereference();// FAULT_ON_NULL(hbPwd); szPwd = hbPwd->StringText(); } } SSL_RegisterTimeCallback( Time_GetDateTime ); if(isServer) { result = (SSL_ServerInit( sslMode, sslVerify, (const char*)sslCert, sslCert == NULL ? 0 : arrCert->m_numOfElements, szPwd, sslContext ) ? 0 : -1); } else { result = (SSL_ClientInit( sslMode, sslVerify, (const char*)sslCert, sslCert == NULL ? 0 : arrCert->m_numOfElements, szPwd, sslContext ) ? 0 : -1); } TINYCLR_CHECK_HRESULT(ThrowOnError( stack, result )); if(isFirstCall) { GenerateNewSslSeed(); } if(arrCA != NULL) { for(i=0; i<(int)arrCA->m_numOfElements; i++) { hbCert = (CLR_RT_HeapBlock*)arrCA->GetElement( i ); FAULT_ON_NULL(hbCert); hbCert = hbCert->Dereference(); FAULT_ON_NULL(hbCert); arrCert = hbCert[ Library_spot_native_System_Security_Cryptography_X509Certificates_X509Certificate::FIELD__m_certificate ].DereferenceArray(); //FAULT_ON_NULL(arrCert); // If arrCert == NULL then the certificate is an X509Certificate2 which uses a certificate handle if(arrCert == NULL) { CLR_INT32 sessionCtx = 0; arrCert = hbCert[ Library_spot_native_System_Security_Cryptography_X509Certificates_X509Certificate::FIELD__m_handle ].DereferenceArray(); FAULT_ON_NULL(arrCert); sslCert = arrCert->GetFirstElement(); arrCert = hbCert[ Library_spot_native_System_Security_Cryptography_X509Certificates_X509Certificate::FIELD__m_sessionHandle ].DereferenceArray(); FAULT_ON_NULL(arrCert); sessionCtx = *(INT32*)arrCert->GetFirstElement(); // pass the session handle down as the password paramter and the certificate handle as the data parameter result = (SSL_AddCertificateAuthority( sslContext, (const char*)sslCert, arrCert->m_numOfElements, (LPCSTR)&sessionCtx ) ? 0 : -1); TINYCLR_CHECK_HRESULT(ThrowOnError( stack, result )); } else { arrCert->Pin(); sslCert = arrCert->GetFirstElement(); CLR_RT_HeapBlock *hbPwd = hbCert[ Library_spot_native_System_Security_Cryptography_X509Certificates_X509Certificate::FIELD__m_password ].Dereference(); FAULT_ON_NULL(hbPwd); LPCSTR szCAPwd = hbPwd->StringText(); result = (SSL_AddCertificateAuthority( sslContext, (const char*)sslCert, arrCert->m_numOfElements, szCAPwd ) ? 0 : -1); TINYCLR_CHECK_HRESULT(ThrowOnError( stack, result )); } } } stack.SetResult_I4( sslContext ); TINYCLR_CLEANUP(); if(FAILED(hr) && (sslContext != -1)) { SSL_ExitContext( sslContext ); } TINYCLR_CLEANUP_END(); }
HRESULT Library_spot_net_security_native_Microsoft_SPOT_Net_Security_SslNative::ParseCertificate___STATIC__VOID__SZARRAY_U1__STRING__BYREF_STRING__BYREF_STRING__BYREF_mscorlibSystemDateTime__BYREF_mscorlibSystemDateTime( CLR_RT_StackFrame& stack ) { NATIVE_PROFILE_CLR_NETWORK(); TINYCLR_HEADER(); CLR_RT_HeapBlock_Array* arrData = stack.Arg0().DereferenceArray(); CLR_UINT8* certBytes; CLR_RT_HeapBlock hbIssuer; CLR_RT_HeapBlock hbSubject; CLR_RT_ProtectFromGC gc1( hbIssuer ); CLR_RT_ProtectFromGC gc2( hbSubject ); X509CertData cert; CLR_INT64* val; CLR_INT64 tzOffset; SYSTEMTIME st; INT32 standardBias; CLR_RT_HeapBlock* hbPwd = stack.Arg1().DereferenceString(); LPCSTR szPwd; FAULT_ON_NULL_ARG(hbPwd); szPwd = hbPwd->StringText(); CLR_RT_Memory::ZeroFill( &cert, sizeof(cert) ); FAULT_ON_NULL(arrData); certBytes = arrData->GetFirstElement(); if(!SSL_ParseCertificate( (const char*)certBytes, arrData->m_numOfElements, szPwd, &cert )) TINYCLR_SET_AND_LEAVE(CLR_E_INVALID_PARAMETER); TINYCLR_CHECK_HRESULT(CLR_RT_HeapBlock_String::CreateInstance( hbIssuer, cert.Issuer )); TINYCLR_CHECK_HRESULT(hbIssuer.StoreToReference( stack.Arg2(), 0 )); TINYCLR_CHECK_HRESULT(CLR_RT_HeapBlock_String::CreateInstance( hbSubject, cert.Subject )); TINYCLR_CHECK_HRESULT(hbSubject.StoreToReference( stack.Arg3(), 0 )); st.wYear = cert.EffectiveDate.year; st.wMonth = cert.EffectiveDate.month; st.wDay = cert.EffectiveDate.day; st.wHour = cert.EffectiveDate.hour; st.wMinute = cert.EffectiveDate.minute; st.wSecond = cert.EffectiveDate.second; st.wMilliseconds = cert.EffectiveDate.msec; standardBias = Time_GetTimeZoneOffset(); standardBias *= TIME_CONVERSION__ONEMINUTE; val = Library_corlib_native_System_DateTime::GetValuePtr( stack.Arg4() ); *val = Time_FromSystemTime( &st ); tzOffset = cert.EffectiveDate.tzOffset; // adjust for timezone differences if(standardBias != tzOffset) { *val += tzOffset - standardBias; } st.wYear = cert.ExpirationDate.year; st.wMonth = cert.ExpirationDate.month; st.wDay = cert.ExpirationDate.day; st.wHour = cert.ExpirationDate.hour; st.wMinute = cert.ExpirationDate.minute; st.wSecond = cert.ExpirationDate.second; st.wMilliseconds = cert.ExpirationDate.msec; val = Library_corlib_native_System_DateTime::GetValuePtr( stack.ArgN( 5 ) ); *val = Time_FromSystemTime( &st ); tzOffset = cert.ExpirationDate.tzOffset; if(standardBias != tzOffset) { *val += tzOffset - standardBias; } TINYCLR_NOCLEANUP(); }