[Mono-list] SslStream + mono == error

Sebastien Pouliot sebastien.pouliot at gmail.com
Mon Sep 13 13:48:22 EDT 2010 

Simply google "mono ssl" - first link is the mono security faq

Sebastien

Le 2010-09-13 à 13:44, astromag <astromag4 at wp.pl> a écrit :

>
> Hi,
> I wrotea small application (test) of type client - server(Tcp/Ip, SSL).
> Unfortunately it doeas not work under linux (server on Linux - client on M$
> Windows), in M$ Windows it works.
> It turned out, that server stops on method AuthenticateAsServer of class
> SslStream.
>
> Server application:
> namespace ConsoleApplication1
> {
>    class Program
>    {
>        static void Main(string[] args)
>        {
>            try
>            {
>                TcpListener listener = new TcpListener(IPAddress.Any, 7777);
>                listener.Start();
>
>                X509Certificate cert = new
> X509Certificate2("XServerCertificate.pfx", "0987654321");
>
>                while (true)
>                {
>                    TcpClient client = listener.AcceptTcpClient();
>                    SslStream sslStream = new SslStream(client.GetStream());
>
>                    sslStream.AuthenticateAsServer(cert, false,
> System.Security.Authentication.SslProtocols.Tls, false); // Aplikacja
> zatrzymuje się na działaniu tej metody
>                    BinaryWriter writer = new BinaryWriter(sslStream,
> System.Text.Encoding.UTF8);
>                    string s = "Witam :)";
>                    writer.Write(s);
>                    writer.Flush();
>                    sslStream.Flush();
>                    System.Threading.Thread.Sleep(500);
>                    writer.Close();
>                }
>            }
>            catch (Exception e)
>            {
>                Console.WriteLine(e.Message);
>            }
>        }
>    }
> }
>
> Client Application:
> namespace SslClient
> {
>    class Program
>    {
>        static void Main(string[] args)
>        {
>            TcpClient client = new TcpClient();
>            client.Connect(IPAddress.Parse("127.0.0.1"), 7777);
>            SslStream sslStream = new SslStream(client.GetStream(), false,
> new RemoteCertificateValidationCallback(Program.CWC));
>            X509Certificate cert1 = new X509Certificate2("MyCa.cer");
>            X509Certificate cert2 = new
> X509Certificate2("XServerCertificate.cer");
>            X509Certificate[] certs = new X509Certificate[2];
>            certs[0] = cert1;
>            certs[1] = cert2;
>            X509CertificateCollection cc = new
> X509CertificateCollection(certs);
>
>            sslStream.AuthenticateAsClient("XServerCertificate", cc,
> System.Security.Authentication.SslProtocols.Ssl3, false);
>
>            System.IO.BinaryReader reader = new
> System.IO.BinaryReader(sslStream, System.Text.Encoding.UTF8);
>
>            Console.WriteLine(reader.ReadString());
>            reader.Close();
>
>            Console.WriteLine("Koniec");
>            Console.ReadKey(false);
>
>        }
>
>        static bool CWC(object sender, X509Certificate cert, X509Chain
> chain, SslPolicyErrors errors)
>        {
>            if (errors == SslPolicyErrors.None)
>            {
>                return true;
>            }
>            else
>            {
>                return false;
>            }
>        }
>    }
> }
>
> I assume, that problem lies in interpretation of certificates under Linux (
> I have not  problems, with the same certificates under M$ Windows).
>
> So far Google did not bring answer.
>
> Client's code  started in mono 2.6.7 threw out an error.
> Unhandled Exception: System.IO.IOException: The authentication or decryption
> has
> failed. ---> Mono.Security.Protocol.Tls.TlsException: Invalid certificate
> recei
> ved from server.
>  at
> Mono.Security.Protocol.Tls.Handshake.Client.TlsServerCertificate.validateCe
> rtificates (Mono.Security.X509.X509CertificateCollection certificates)
> [0x00000]
> in <filename unknown>:0
>  at
> Mono.Security.Protocol.Tls.Handshake.Client.TlsServerCertificate.ProcessAsT
> ls1 () [0x00000] in <filename unknown>:0
>  at
> Mono.Security.Protocol.Tls.Handshake.Client.TlsServerCertificate.ProcessAsS
> sl3 () [0x00000] in <filename unknown>:0
>  at Mono.Security.Protocol.Tls.Handshake.HandshakeMessage.Process ()
> [0x00000]
> in <filename unknown>:0
>  at (wrapper remoting-invoke-with-check)
> Mono.Security.Protocol.Tls.Handshake.H
> andshakeMessage:Process ()
>  at Mono.Security.Protocol.Tls.ClientRecordProtocol.ProcessHandshakeMessage
> (Mo
> no.Security.Protocol.Tls.TlsStream handMsg) [0x00000] in <filename
> unknown>:0
>  at Mono.Security.Protocol.Tls.RecordProtocol.InternalReceiveRecordCallback
> (IA
> syncResult asyncResult) [0x00000] in <filename unknown>:0
>  --- End of inner exception stack trace ---
>  at Mono.Security.Protocol.Tls.SslStreamBase.AsyncHandshakeCallback
> (IAsyncResu
> lt asyncResult) [0x00000] in <filename unknown>:0
>
> I ask for help.
> --
> View this message in context: http://mono.1490590.n4.nabble.com/SslStream-mono-error-tp2537849p2537849.html
> Sent from the Mono - General mailing list archive at Nabble.com.
> _______________________________________________
> Mono-list maillist  -  Mono-list at lists.ximian.com
> http://lists.ximian.com/mailman/listinfo/mono-list

More information about the Mono-list mailing list