Skip to content

Commit

Permalink
Reduce unnecessary casting in SslStreamPal
Browse files Browse the repository at this point in the history
  • Loading branch information
benaadams committed Apr 16, 2021
1 parent 18dc020 commit 95b9c10
Show file tree
Hide file tree
Showing 3 changed files with 41 additions and 49 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -54,16 +54,16 @@ public static SafeFreeCredentials AcquireCredentialsHandle(
return new SafeFreeSslCredentials(certificateContext, protocols, policy);
}

internal static byte[]? GetNegotiatedApplicationProtocol(SafeDeleteContext? context)
internal static byte[]? GetNegotiatedApplicationProtocol(SafeDeleteSslContext? context)
{
if (context == null)
return null;

return Interop.AndroidCrypto.SSLStreamGetApplicationProtocol(((SafeDeleteSslContext)context).SslContext);
return Interop.AndroidCrypto.SSLStreamGetApplicationProtocol(context.SslContext);
}

public static SecurityStatusPal EncryptMessage(
SafeDeleteContext securityContext,
SafeDeleteSslContext securityContext,
ReadOnlyMemory<byte> input,
int headerSize,
int trailerSize,
Expand All @@ -75,8 +75,7 @@ public static SecurityStatusPal EncryptMessage(

try
{
SafeDeleteSslContext sslContext = (SafeDeleteSslContext)securityContext;
SafeSslHandle sslHandle = sslContext.SslContext;
SafeSslHandle sslHandle = securityContext.SslContext;

PAL_SSLStreamStatus ret = Interop.AndroidCrypto.SSLStreamWrite(sslHandle, input);
SecurityStatusPalErrorCode statusCode = ret switch
Expand All @@ -88,13 +87,13 @@ public static SecurityStatusPal EncryptMessage(
_ => SecurityStatusPalErrorCode.InternalError
};

if (sslContext.BytesReadyForConnection <= output?.Length)
if (securityContext.BytesReadyForConnection <= output?.Length)
{
resultSize = sslContext.ReadPendingWrites(output, 0, output.Length);
resultSize = securityContext.ReadPendingWrites(output, 0, output.Length);
}
else
{
output = sslContext.ReadPendingWrites()!;
output = securityContext.ReadPendingWrites()!;
resultSize = output.Length;
}

Expand All @@ -107,17 +106,16 @@ public static SecurityStatusPal EncryptMessage(
}

public static SecurityStatusPal DecryptMessage(
SafeDeleteContext securityContext,
SafeDeleteSslContext securityContext,
byte[] buffer,
ref int offset,
ref int count)
{
try
{
SafeDeleteSslContext sslContext = (SafeDeleteSslContext)securityContext;
SafeSslHandle sslHandle = sslContext.SslContext;
SafeSslHandle sslHandle = securityContext.SslContext;

sslContext.Write(buffer.AsSpan(offset, count));
securityContext.Write(buffer.AsSpan(offset, count));

PAL_SSLStreamStatus ret = Interop.AndroidCrypto.SSLStreamRead(sslHandle, buffer.AsSpan(offset, count), out int read);
if (ret == PAL_SSLStreamStatus.Error)
Expand Down Expand Up @@ -162,10 +160,10 @@ public static void QueryContextStreamSizes(
}

public static void QueryContextConnectionInfo(
SafeDeleteContext securityContext,
SafeDeleteSslContext securityContext,
out SslConnectionInfo connectionInfo)
{
connectionInfo = new SslConnectionInfo(((SafeDeleteSslContext)securityContext).SslContext);
connectionInfo = new SslConnectionInfo(securityContext.SslContext);
}

private static SecurityStatusPal HandshakeInternal(
Expand Down Expand Up @@ -225,10 +223,9 @@ public static SecurityStatusPal ApplyAlertToken(

public static SecurityStatusPal ApplyShutdownToken(
ref SafeFreeCredentials? credentialsHandle,
SafeDeleteContext securityContext)
SafeDeleteSslContext securityContext)
{
SafeDeleteSslContext sslContext = ((SafeDeleteSslContext)securityContext);
SafeSslHandle sslHandle = sslContext.SslContext;
SafeSslHandle sslHandle = securityContext.SslContext;


bool success = Interop.AndroidCrypto.SSLStreamShutdown(sslHandle);
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -61,16 +61,16 @@ public static SafeFreeCredentials AcquireCredentialsHandle(
return new SafeFreeSslCredentials(certificateContext, protocols, policy);
}

internal static byte[]? GetNegotiatedApplicationProtocol(SafeDeleteContext? context)
internal static byte[]? GetNegotiatedApplicationProtocol(SafeDeleteSslContext? context)
{
if (context == null)
return null;

return Interop.AppleCrypto.SslGetAlpnSelected(((SafeDeleteSslContext)context).SslContext);
return Interop.AppleCrypto.SslGetAlpnSelected(context.SslContext);
}

public static SecurityStatusPal EncryptMessage(
SafeDeleteContext securityContext,
SafeDeleteSslContext securityContext,
ReadOnlyMemory<byte> input,
int headerSize,
int trailerSize,
Expand All @@ -83,8 +83,7 @@ public static SecurityStatusPal EncryptMessage(

try
{
SafeDeleteSslContext sslContext = (SafeDeleteSslContext)securityContext;
SafeSslHandle sslHandle = sslContext.SslContext;
SafeSslHandle sslHandle = securityContext.SslContext;

unsafe
{
Expand All @@ -104,13 +103,13 @@ public static SecurityStatusPal EncryptMessage(
Interop.AppleCrypto.CreateExceptionForOSStatus((int)status));
}

if (sslContext.BytesReadyForConnection <= output?.Length)
if (securityContext.BytesReadyForConnection <= output?.Length)
{
resultSize = sslContext.ReadPendingWrites(output, 0, output.Length);
resultSize = securityContext.ReadPendingWrites(output, 0, output.Length);
}
else
{
output = sslContext.ReadPendingWrites()!;
output = securityContext.ReadPendingWrites()!;
resultSize = output.Length;
}

Expand Down Expand Up @@ -138,17 +137,16 @@ public static SecurityStatusPal EncryptMessage(
}

public static SecurityStatusPal DecryptMessage(
SafeDeleteContext securityContext,
SafeDeleteSslContext securityContext,
byte[] buffer,
ref int offset,
ref int count)
{
try
{
SafeDeleteSslContext sslContext = (SafeDeleteSslContext)securityContext;
SafeSslHandle sslHandle = sslContext.SslContext;
SafeSslHandle sslHandle = securityContext.SslContext;

sslContext.Write(buffer.AsSpan(offset, count));
securityContext.Write(buffer.AsSpan(offset, count));

unsafe
{
Expand Down Expand Up @@ -212,10 +210,10 @@ public static void QueryContextStreamSizes(
}

public static void QueryContextConnectionInfo(
SafeDeleteContext securityContext,
SafeDeleteSslContext securityContext,
out SslConnectionInfo connectionInfo)
{
connectionInfo = new SslConnectionInfo(((SafeDeleteSslContext)securityContext).SslContext);
connectionInfo = new SslConnectionInfo(securityContext.SslContext);
}

private static SecurityStatusPal HandshakeInternal(
Expand Down Expand Up @@ -307,10 +305,9 @@ public static SecurityStatusPal ApplyAlertToken(

public static SecurityStatusPal ApplyShutdownToken(
ref SafeFreeCredentials? credentialsHandle,
SafeDeleteContext securityContext)
SafeDeleteSslContext securityContext)
{
SafeDeleteSslContext sslContext = ((SafeDeleteSslContext)securityContext);
SafeSslHandle sslHandle = sslContext.SslContext;
SafeSslHandle sslHandle = securityContext.SslContext;

int osStatus = Interop.AppleCrypto.SslShutdown(sslHandle);

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -42,12 +42,12 @@ public static SafeFreeCredentials AcquireCredentialsHandle(SslStreamCertificateC
return new SafeFreeSslCredentials(certificateContext?.Certificate, protocols, policy);
}

public static SecurityStatusPal EncryptMessage(SafeDeleteContext securityContext, ReadOnlyMemory<byte> input, int headerSize, int trailerSize, ref byte[] output, out int resultSize)
public static SecurityStatusPal EncryptMessage(SafeDeleteSslContext securityContext, ReadOnlyMemory<byte> input, int headerSize, int trailerSize, ref byte[] output, out int resultSize)
{
return EncryptDecryptHelper(securityContext, input, offset: 0, size: 0, encrypt: true, output: ref output, resultSize: out resultSize);
}

public static SecurityStatusPal DecryptMessage(SafeDeleteContext securityContext, byte[] buffer, ref int offset, ref int count)
public static SecurityStatusPal DecryptMessage(SafeDeleteSslContext securityContext, byte[] buffer, ref int offset, ref int count)
{
SecurityStatusPal retVal = EncryptDecryptHelper(securityContext, buffer, offset, count, false, ref buffer, out int resultSize);
if (retVal.ErrorCode == SecurityStatusPalErrorCode.OK ||
Expand All @@ -58,7 +58,7 @@ public static SecurityStatusPal DecryptMessage(SafeDeleteContext securityContext
return retVal;
}

public static ChannelBinding? QueryContextChannelBinding(SafeDeleteContext securityContext, ChannelBindingKind attribute)
public static ChannelBinding? QueryContextChannelBinding(SafeDeleteSslContext securityContext, ChannelBindingKind attribute)
{
ChannelBinding? bindingHandle;

Expand All @@ -74,7 +74,7 @@ public static SecurityStatusPal DecryptMessage(SafeDeleteContext securityContext
else
{
bindingHandle = Interop.OpenSsl.QueryChannelBinding(
((SafeDeleteSslContext)securityContext).SslContext,
securityContext.SslContext,
attribute);
}

Expand All @@ -86,9 +86,9 @@ public static void QueryContextStreamSizes(SafeDeleteContext? securityContext, o
streamSizes = StreamSizes.Default;
}

public static void QueryContextConnectionInfo(SafeDeleteContext securityContext, out SslConnectionInfo connectionInfo)
public static void QueryContextConnectionInfo(SafeDeleteSslContext securityContext, out SslConnectionInfo connectionInfo)
{
connectionInfo = new SslConnectionInfo(((SafeDeleteSslContext)securityContext).SslContext);
connectionInfo = new SslConnectionInfo(securityContext.SslContext);
}

public static byte[] ConvertAlpnProtocolListToByteArray(List<SslApplicationProtocol> applicationProtocols)
Expand All @@ -111,13 +111,13 @@ private static SecurityStatusPal HandshakeInternal(SafeFreeCredentials credentia
context = new SafeDeleteSslContext((credential as SafeFreeSslCredentials)!, sslAuthenticationOptions);
}

bool done = Interop.OpenSsl.DoSslHandshake(((SafeDeleteSslContext)context).SslContext, inputBuffer, out output, out outputSize);
bool done = Interop.OpenSsl.DoSslHandshake(context.SslContext, inputBuffer, out output, out outputSize);

// When the handshake is done, and the context is server, check if the alpnHandle target was set to null during ALPN.
// If it was, then that indicates ALPN failed, send failure.
// We have this workaround, as openssl supports terminating handshake only from version 1.1.0,
// whereas ALPN is supported from version 1.0.2.
SafeSslHandle sslContext = ((SafeDeleteSslContext)context).SslContext;
SafeSslHandle sslContext = context.SslContext;
if (done && sslAuthenticationOptions.IsServer && sslAuthenticationOptions.ApplicationProtocols != null && sslContext.AlpnHandle.IsAllocated && sslContext.AlpnHandle.Target == null)
{
return new SecurityStatusPal(SecurityStatusPalErrorCode.InternalError, Interop.OpenSsl.CreateSslException(SR.net_alpn_failed));
Expand All @@ -142,21 +142,21 @@ private static SecurityStatusPal HandshakeInternal(SafeFreeCredentials credentia
}
}

internal static byte[]? GetNegotiatedApplicationProtocol(SafeDeleteContext? context)
internal static byte[]? GetNegotiatedApplicationProtocol(SafeDeleteSslContext? context)
{
if (context == null)
return null;

return Interop.Ssl.SslGetAlpnSelected(((SafeDeleteSslContext)context).SslContext);
return Interop.Ssl.SslGetAlpnSelected(context.SslContext);
}

private static SecurityStatusPal EncryptDecryptHelper(SafeDeleteContext securityContext, ReadOnlyMemory<byte> input, int offset, int size, bool encrypt, ref byte[] output, out int resultSize)
private static SecurityStatusPal EncryptDecryptHelper(SafeDeleteSslContext securityContext, ReadOnlyMemory<byte> input, int offset, int size, bool encrypt, ref byte[] output, out int resultSize)
{
resultSize = 0;
try
{
Interop.Ssl.SslErrorCode errorCode = Interop.Ssl.SslErrorCode.SSL_ERROR_NONE;
SafeSslHandle scHandle = ((SafeDeleteSslContext)securityContext).SslContext;
SafeSslHandle scHandle = securityContext.SslContext;

if (encrypt)
{
Expand Down Expand Up @@ -194,10 +194,8 @@ public static SecurityStatusPal ApplyAlertToken(ref SafeFreeCredentials? credent
return new SecurityStatusPal(SecurityStatusPalErrorCode.OK);
}

public static SecurityStatusPal ApplyShutdownToken(ref SafeFreeCredentials? credentialsHandle, SafeDeleteContext securityContext)
public static SecurityStatusPal ApplyShutdownToken(ref SafeFreeCredentials? credentialsHandle, SafeDeleteSslContext sslContext)
{
SafeDeleteSslContext sslContext = ((SafeDeleteSslContext)securityContext);

// Unset the quiet shutdown option initially configured.
Interop.Ssl.SslSetQuietShutdown(sslContext.SslContext, 0);

Expand Down

0 comments on commit 95b9c10

Please sign in to comment.