SSLHttpServer.cs 6.9 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193
  1. using System;
  2. using System.Collections.Generic;
  3. using System.Linq;
  4. using System.Text;
  5. using System.Threading;
  6. namespace HPSocketCS
  7. {
  8. public class HttpsServer : SSLHttpServer
  9. {
  10. public HttpsServer()
  11. : base()
  12. {
  13. }
  14. public HttpsServer(SSLVerifyMode verifyModel, string pemCertFile, string pemKeyFile, string keyPasswod, string caPemCertFileOrPath, SSLSdk.SNIServerNameCallback sniServerNameCallback)
  15. : base(verifyModel,pemCertFile, pemKeyFile,keyPasswod,caPemCertFileOrPath, sniServerNameCallback)
  16. {
  17. }
  18. }
  19. public class SSLHttpServer : HttpServer
  20. {
  21. /// <summary>
  22. /// 验证模式
  23. /// </summary>
  24. public SSLVerifyMode VerifyMode { get; set; }
  25. /// <summary>
  26. /// 证书文件(客户端可选)
  27. /// </summary>
  28. public string PemCertFile { get; set; }
  29. /// <summary>
  30. /// 私钥文件(客户端可选)
  31. /// </summary>
  32. public string PemKeyFile { get; set; }
  33. /// <summary>
  34. /// 私钥密码(没有密码则为空)
  35. /// </summary>
  36. public string KeyPasswod { get; set; }
  37. /// <summary>
  38. /// CA 证书文件或目录(单向验证或客户端可选)
  39. /// </summary>
  40. public string CAPemCertFileOrPath { get; set; }
  41. /// <summary>
  42. /// 名称:SNI 服务名称回调函数
  43. /// 描述:根据服务器名称选择 SSL 证书
  44. /// 返回值:
  45. /// 0 -- 成功,使用默认 SSL 证书
  46. /// 正数 -- 成功,使用返回值对应的 SNI 主机证书
  47. /// 负数 -- 失败,中断 SSL 握手
  48. /// </summary>
  49. /// <param name="serverName"></param>
  50. /// <returns></returns>
  51. public SSLSdk.SNIServerNameCallback SNIServerNameCallback { get; set; }
  52. public SSLHttpServer()
  53. {
  54. }
  55. /// <summary>
  56. ///
  57. /// </summary>
  58. /// <param name="verifyModel">验证模式</param>
  59. /// <param name="pemCertFile">证书文件</param>
  60. /// <param name="pemKeyFile">私钥文件</param>
  61. /// <param name="keyPasswod">私钥密码(没有密码则为空)</param>
  62. /// <param name="caPemCertFileOrPath">CA 证书文件或目录(单向验证或客户端可选)</param>
  63. public SSLHttpServer(SSLVerifyMode verifyModel, string pemCertFile, string pemKeyFile, string keyPasswod, string caPemCertFileOrPath, SSLSdk.SNIServerNameCallback sniServerNameCallback)
  64. {
  65. this.VerifyMode = verifyModel;
  66. this.PemCertFile = pemCertFile;
  67. this.PemKeyFile = pemKeyFile;
  68. this.KeyPasswod = keyPasswod;
  69. this.CAPemCertFileOrPath = caPemCertFileOrPath;
  70. this.SNIServerNameCallback = sniServerNameCallback;
  71. }
  72. protected override bool CreateListener()
  73. {
  74. if (IsCreate == true || pListener != IntPtr.Zero || pServer != IntPtr.Zero)
  75. {
  76. return false;
  77. }
  78. pListener = HttpSdk.Create_HP_HttpServerListener();
  79. if (pListener == IntPtr.Zero)
  80. {
  81. return false;
  82. }
  83. pServer = SSLHttpSdk.Create_HP_HttpsServer(pListener);
  84. if (pServer == IntPtr.Zero)
  85. {
  86. return false;
  87. }
  88. IsCreate = true;
  89. return true;
  90. }
  91. /// <summary>
  92. /// 初始化SSL环境
  93. /// </summary>
  94. /// <param name="callback"></param>
  95. /// <returns></returns>
  96. public virtual bool Initialize()
  97. {
  98. if (pServer != IntPtr.Zero)
  99. {
  100. PemCertFile = string.IsNullOrWhiteSpace(PemCertFile) ? null : PemCertFile;
  101. PemKeyFile = string.IsNullOrWhiteSpace(PemKeyFile) ? null : PemKeyFile;
  102. KeyPasswod = string.IsNullOrWhiteSpace(KeyPasswod) ? null : KeyPasswod;
  103. CAPemCertFileOrPath = string.IsNullOrWhiteSpace(CAPemCertFileOrPath) ? null : CAPemCertFileOrPath;
  104. return SSLSdk.HP_SSLServer_SetupSSLContext(pServer, VerifyMode, PemCertFile, PemKeyFile, KeyPasswod, CAPemCertFileOrPath, SNIServerNameCallback);
  105. }
  106. return false;
  107. }
  108. /// <summary>
  109. /// 反初始化SSL环境
  110. /// </summary>
  111. public virtual void Uninitialize()
  112. {
  113. if (pServer != IntPtr.Zero)
  114. {
  115. SSLSdk.HP_SSLServer_CleanupSSLContext(pServer);
  116. }
  117. }
  118. public new bool Start()
  119. {
  120. return base.Start();
  121. }
  122. public override void Destroy()
  123. {
  124. Stop();
  125. if (pServer != IntPtr.Zero)
  126. {
  127. SSLHttpSdk.Destroy_HP_HttpsServer(pServer);
  128. pServer = IntPtr.Zero;
  129. }
  130. if (pListener != IntPtr.Zero)
  131. {
  132. HttpSdk.Destroy_HP_HttpServerListener(pListener);
  133. pListener = IntPtr.Zero;
  134. }
  135. IsCreate = false;
  136. }
  137. /// <summary>
  138. /// 名称:增加 SNI 主机证书(只用于服务端)
  139. /// 描述:SSL 服务端在 SetupSSLContext() 成功后可以调用本方法增加多个 SNI 主机证书
  140. /// 返回值:正数 -- 成功,并返回 SNI 主机证书对应的索引,该索引用于在 SNI 回调函数中定位 SNI 主机
  141. /// 返回值:负数 -- 失败,可通过 SYS_GetLastError() 获取失败原因
  142. /// </summary>
  143. /// <param name="verifyMode">SSL 验证模式(参考 EnSSLVerifyMode)</param>
  144. /// <param name="pemCertFile">证书文件</param>
  145. /// <param name="pemKeyFile">私钥文件</param>
  146. /// <param name="keyPasswod">私钥密码(没有密码则为空)</param>
  147. /// <param name="caPemCertFileOrPath">CA 证书文件或目录(单向验证可选)</param>
  148. /// <returns></returns>
  149. public int AddServerContext(SSLVerifyMode verifyMode, string pemCertFile, string pemKeyFile, string keyPasswod, string caPemCertFileOrPath)
  150. {
  151. /*if (SSLSdk.HP_SSL_IsValid() == false)
  152. {
  153. throw new InvalidOperationException("请先调用Initialize()方法初始化SSL环境");
  154. }*/
  155. if (string.IsNullOrWhiteSpace(pemCertFile))
  156. {
  157. throw new ArgumentException("参数无效", pemCertFile);
  158. }
  159. if (string.IsNullOrWhiteSpace(pemKeyFile))
  160. {
  161. throw new ArgumentException("参数无效", pemKeyFile);
  162. }
  163. keyPasswod = string.IsNullOrWhiteSpace(keyPasswod) ? null : keyPasswod;
  164. caPemCertFileOrPath = string.IsNullOrWhiteSpace(caPemCertFileOrPath) ? null : caPemCertFileOrPath;
  165. return SSLSdk.HP_SSLServer_AddSSLContext(pServer, verifyMode, pemCertFile, pemKeyFile, KeyPasswod, caPemCertFileOrPath);
  166. }
  167. }
  168. }