[Mono-list] Re: Mono.Security

Fri, 05 Dec 2003 05:42:42 -0800

Hello:

>   I was trying to use some  of the classes provided in
>Mono.Security.Protocol.Tls like TlsSocket,TlsSession etc.

I have removed it two weeks ago, and replaced it with an SslClientStream implementation similar to the existent in the .NET 1.2 documentation.

>Can anyone tell me about the status of these classes.

They are under development, and at this moment they have some limitations:

- Client only.

- No real server certificate validation (only the certificate date and target host are validated now).

- No client authentication.

The supported Cipher Suites for TLS protocol are:

- TLS_RSA_WITH_AES_256_CBC_SHA

- TLS_RSA_WITH_AES_128_CBC_SHA

- TLS_RSA_WITH_3DES_EDE_CBC_SHA

- TLS_RSA_WITH_DES_CBC_SHA

- TLS_RSA_WITH_RC4_128_SHA

        - TLS_RSA_WITH_RC4_128_MD5

And for SSL3 are:

- SSL_RSA_WITH_3DES_EDE_CBC_SHA

- SSL_RSA_WITH_DES_CBC_SHA

- SSL_RSA_WITH_RC4_128_SHA

- SSL_RSA_WITH_RC4_128_MD5

I was busy this week and have no time for work on it but i have plans for restart the work next week.

>BTW I was looking for a way to create SSL/TLS socket, Is there >any other way thru which I can do without using TlsSocket >class?

You can use the Mono.Security.SslClientStream class for it.

An example on how to setup it:

string targetHost = "localhost";

IPAddress hostadd = Dns.Resolve("localhost").AddressList[0];

IPEndPoint EPhost = new IPEndPoint(hostadd, 443);

Socket socket = new Socket(AddressFamily.InterNetwork,
                                SocketType.Stream,
                                ProtocolType.IP);

// Make the socket to connect to the Server
socket.Connect(EPhost);                                 

// Create a Network Stream that owns the socket
NetworkStream networkStream = new NetworkStream(socket, true);

// Create a new SslClientStream instance that owns the
// networkStream
SslClientStream sslStream = new SslClientStream(
                networkStream,                                                         
 targetHost,
                true,                                                                  
 SecurityProtocolType.Default);


With SecurityProtocolType.Default the SslClientStream will use TLS as security protocol, the handshake will be negotiated in the first read/write operation.




--
Best regards

Carlos Guzm�n �lvarez
Vigo-Spain



_______________________________________________
Mono-list maillist  -  [EMAIL PROTECTED]
http://lists.ximian.com/mailman/listinfo/mono-list

Reply via email to