SslStream implematation

0 votes
asked Apr 6 by Gerhard Koell (150 points)

Hi
does one of you libraries extend or replace the .Net2 class System.Net.Security.SslStream?

Because we use the third party library WebSocket4Net. This lib uses for creating a websocket connection this class. But under Windows XP it does not work with the SLL/TSL encryption settings of the company (AES needed)

Because I got this error:

System.IO.IOException: Received an unexpected EOF or 0 bytes from the transport stream.
   at System.Net.Security.SslState.InternalEndProcessAuthentication(LazyAsyncResult lazyResult)
   at System.Net.Security.SslState.EndProcessAuthentication(IAsyncResult result)
   at System.Net.Security.SslStream.EndAuthenticateAsClient(IAsyncResult asyncResult)
   at SuperSocket.ClientEngine.SslStreamTcpSession.OnAuthenticated(IAsyncResult result)

The HTTPS connection with Rebex HTTPS is working very well

Thx Gerhard

1 Answer

0 votes
answered Apr 9 by Lukas Pokorny (90,910 points)

Hi,

Rebex HTTPS includes Rebex.Networking.dll assembly which provides TlsSocket class that implements TLS 1.0/1.1/1.2 (and legacy SSL 3.0). It's a stand-alone class that provides a Socket-like TLS/SSL API instead of a Stream-based API, so it's not a direct replacement for SslStream. TlsSocket actually provides the TLS/SSL layer for Rebex HTTPS as well.

To get started with TlsSocket - it's used mostly like System.Net.Socket. In order to initiate a TLS negotiation and encryption, configure TlsSocket object's using Parameters property and call Negotiate() method.

commented Apr 9 by Gerhard Koell (150 points)
Thx for the information
I have changed the implementation with your TlsSocket class. It works very well. I have only the problem to create a CertificateVerifier for the Parameters.
Because I want to check the allowed certificates and/or server name missmatch and so on. Do you have a sample of such an object?
thx
commented Apr 10 by Lukas Matyska (42,060 points)
For custom ICertificateVerifier implementation, please see http://blog.rebex.net/howto-solve-the-server-certificate-was-rejected-by-the-verifier-exception/
It also discussed common problems when validating certificates.
...