Geek Answers Handbook

Using the TLS API Bouncy Castle

I want to establish a connection between the server and the client using sockets, using the TLS library for the bonus lock. I looked through many documents (which was not enough for me), but I had no idea how to do this,

I am using BouncyCastle v1.7.48 (runtime version = v2.0.50727) binary and I found this information,

I need to use the namespace Org.BouncyCastle.Crypto.Tls and TlsProtocolHandler .

To achieve TLS connectivity,

  • Which API should I use on the server side?

  • Which API should I use on the client side?

      System.IO.Stream inputStream, outputStream; TlsProtocolHandler tls = new TlsProtocolHandler(inputStream, outputStream);

  • What are the parameters of inputStream and outputStream ?

public virtual void Connect (TlsClient tlsClient);

where TlsClient is an interface , but contains many interfaces inside .

4. How to use the above API? Should I declare new classes and implement methods inside this for everyone?

Please help me with this Bouncy Castle.

EDIT 1: I created one class that inherits from an abstract class called DefaultTlsClient . Then I could create an instance of my class and pass it in for an interface reference. Therefore, I can send such a parameter. tls.Connect(tlsClient);

I do not initialize any parameters other than those mentioned above. (Outlets plugged in before this operation on 2055) But I'm not sure if the handshake is complete or not. My program will go to reading state.

+7
source share
1 answer

The boot lock does not have a TLS interface on the server side. You can read on the main page that they support only the client side.

On the client side, you have already found suitable classes. TlsProtocolHandler does the job, but it will not work without custom classes. Here is a sample code:

  // Need class with TlsClient in inheritance chain class MyTlsClient : DefaultTlsClient { public override TlsAuthentication GetAuthentication() { return new MyTlsAuthentication(); } } // Need class to handle certificate auth class MyTlsAuthentication : TlsAuthentication { public TlsCredentials GetClientCredentials(CertificateRequest certificateRequest) { // return client certificate return null; } public void NotifyServerCertificate(Certificate serverCertificate) { // validate server certificate } } class Program { static void Main(string[] args) { TcpClient client = new TcpClient(); client.Connect(IPAddress.Loopback, 6000); // input/output streams are deprecated, just pass client stream TlsProtocolHandler handler = new TlsProtocolHandler(client.GetStream()); handler.Connect(new MyTlsClient()); // handshake completed // use handler.Stream.Write/Read for sending app data Console.ReadLine(); } }

I checked this with my tcp server and received a client greeting.

Keep in mind that this is TLS in version 1.0, so if you need a different version or api server, then I recommend using a different library (.NET framework supports TLS).

+11
source

More articles:


All Articles