[Mono-list] Re: Mono.Security

Carlos Guzmán Álvarez carlosga@telefonica.net
Fri, 05 Dec 2003 13:38:23 +0100

Previous message: [Mono-list] XSP in a multi-user Linux box
Next message: [Mono-list] gtk version of SWF
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hello:

 >   I was trying to use some  of the classes provided in
 >Mono.Security.Protocol.Tls like TlsSocket,TlsSession etc.

I have removed it two weeks ago, and replaced it with an SslClientStream 
implementation similar to the existent in the .NET 1.2 documentation.

 >Can anyone tell me about the status of these classes.

They are under development, and at this moment they have some limitations:

	- Client only.

	- No real server certificate validation (only the 	certificate date and 
target host are validated now).

	- No client authentication.

The supported Cipher Suites for TLS protocol are:

	- TLS_RSA_WITH_AES_256_CBC_SHA

	- TLS_RSA_WITH_AES_128_CBC_SHA

	- TLS_RSA_WITH_3DES_EDE_CBC_SHA

	- TLS_RSA_WITH_DES_CBC_SHA

	- TLS_RSA_WITH_RC4_128_SHA

	- TLS_RSA_WITH_RC4_128_MD5
		

And for SSL3 are:

	- SSL_RSA_WITH_3DES_EDE_CBC_SHA

	- SSL_RSA_WITH_DES_CBC_SHA

	- SSL_RSA_WITH_RC4_128_SHA

	- SSL_RSA_WITH_RC4_128_MD5				

I was busy this week and have no time for work on it but i have plans 
for restart the work next week.

 >BTW I was looking for a way to create SSL/TLS socket, Is there >any 
other way thru which I can do without using TlsSocket >class?

You can use the Mono.Security.SslClientStream class for it.

An example on how to setup it:

string targetHost = "localhost";

IPAddress hostadd = Dns.Resolve("localhost").AddressList[0];

IPEndPoint EPhost = new IPEndPoint(hostadd, 443);

Socket socket = new Socket(AddressFamily.InterNetwork,
				SocketType.Stream,
				ProtocolType.IP);

// Make the socket to connect to the Server
socket.Connect(EPhost);					

// Create a Network Stream that owns the socket
NetworkStream networkStream = new NetworkStream(socket, true);

// Create a new SslClientStream instance that owns the
// networkStream
SslClientStream sslStream = new SslClientStream(
		networkStream,								targetHost,
		true,									SecurityProtocolType.Default);


With SecurityProtocolType.Default the SslClientStream will use TLS as 
security protocol, the handshake will be negotiated in the first 
read/write operation.




--
Best regards

Carlos Guzmán Álvarez
Vigo-Spain

Previous message: [Mono-list] XSP in a multi-user Linux box
Next message: [Mono-list] gtk version of SWF
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]