SslStream implematation

+1 vote
asked Apr 6, 2018 by Gerhard Koell (160 points)

Hi
does one of you libraries extend or replace the .Net2 class System.Net.Security.SslStream?

Because we use the third party library WebSocket4Net. This lib uses for creating a websocket connection this class. But under Windows XP it does not work with the SLL/TSL encryption settings of the company (AES needed)

Because I got this error:

System.IO.IOException: Received an unexpected EOF or 0 bytes from the transport stream.
   at System.Net.Security.SslState.InternalEndProcessAuthentication(LazyAsyncResult lazyResult)
   at System.Net.Security.SslState.EndProcessAuthentication(IAsyncResult result)
   at System.Net.Security.SslStream.EndAuthenticateAsClient(IAsyncResult asyncResult)
   at SuperSocket.ClientEngine.SslStreamTcpSession.OnAuthenticated(IAsyncResult result)

The HTTPS connection with Rebex HTTPS is working very well

Thx Gerhard

1 Answer

0 votes
answered Apr 9, 2018 by Lukas Pokorny (96,370 points)

Hi,

Rebex HTTPS includes Rebex.Networking.dll assembly which provides TlsSocket class that implements TLS 1.0/1.1/1.2 (and legacy SSL 3.0). It's a stand-alone class that provides a Socket-like TLS/SSL API instead of a Stream-based API, so it's not a direct replacement for SslStream. TlsSocket actually provides the TLS/SSL layer for Rebex HTTPS as well.

To get started with TlsSocket - it's used mostly like System.Net.Socket. In order to initiate a TLS negotiation and encryption, configure TlsSocket object's using Parameters property and call Negotiate() method.

commented Apr 9, 2018 by Gerhard Koell (160 points)
Thx for the information
I have changed the implementation with your TlsSocket class. It works very well. I have only the problem to create a CertificateVerifier for the Parameters.
Because I want to check the allowed certificates and/or server name missmatch and so on. Do you have a sample of such an object?
thx
commented Apr 10, 2018 by Lukas Matyska (48,390 points)
For custom ICertificateVerifier implementation, please see http://blog.rebex.net/howto-solve-the-server-certificate-was-rejected-by-the-verifier-exception/
It also discussed common problems when validating certificates.
...