How to determine the strength of an SSL connection

Question

How to determine the strength of an SSL connection

I have a rich client application that connects to a set of supporting web services where the connection is secured by SSL. I need to determine the "strength" of encryption used for the actual SSL stream to display this information to the end user.

I understand that the client and server will agree on a symmetric encryption method between them (SSL / TLS) with different levels of encryption (40,56,128,256). Is there a way to determine which mode is used from HttpWebRequest / ServicePoint / other in C # code?

+4

c # web-services httpwebrequest

Weakday Jan 18 '10 at 17:17

source share

2 answers

Since you installed SslStream stream , you can use the following:

 stream.CipherAlgorithm //to get the algorithm that is used stream.CipherStrength //to get the strength of the cipher algorithm

You can find more information here .

+1

Alex Jan 18 '10 at 17:27

source share

Chris haas · Accepted Answer · 2010-01-18T18:06:44+0000

This expands after the @Alex message, obviously adds your own error handling

System.Net.Sockets.TcpClient TC = new System.Net.Sockets.TcpClient(); TC.Connect("mail.google.com", 443); using (System.Net.Security.SslStream Ssl = new System.Net.Security.SslStream(TC.GetStream())) { Ssl.AuthenticateAsClient("mail.google.com"); Console.WriteLine(Ssl.CipherAlgorithm); Console.WriteLine(Ssl.CipherStrength); } TC.Close();

I do not think that you can directly access SSL information from a web service, you will have to use this helper code to communicate directly with the host.

How to determine the strength of an SSL connection

More articles: