public bool InitializeAsServerAndGetStream(TcpClient tcpClient, cEncryptionSettings EncryptionSettings)
{
bool bSuccess = false;
bSSLStreamIsOk = false;
this.IgnoreCertificateErrors = EncryptionSettings.IgnoreCertificateErrors;
if (UseEncryption)
{
X509Certificate2 certificate = CreateCertificate(EncryptionSettings.ServerCertificateFile, EncryptionSettings.ServerCertificateFilePassword);
if (certificate == null)
{
return(false);
}
sslStream = new SslStream(tcpClient.GetStream(), false, new RemoteCertificateValidationCallback(ClientCertificateValidationCallback), null);
//SslStream sslStream = new SslStream(tcpClient.GetStream(), false);
try
{
sslStream.AuthenticateAsServer(certificate, EncryptionSettings.RequireClientCertificate, EncryptionSettings.sslProtocols, EncryptionSettings.CheckCertificateRevocationList);
RSMPGS.SysLog.SysLog(cSysLogAndDebug.Severity.Info, "Authentication succeeded");
LogSecurityLevel(sslStream);
LogSecurityServices(sslStream);
LogCertificateInformation(sslStream);
bSSLStreamIsOk = true;
bSuccess = true;
}
catch (Exception e)
{
RSMPGS.SysLog.SysLog(cSysLogAndDebug.Severity.Error, "Authentication failed, error: {0}", e.ToString());
//if (e.InnerException != null)
//{
// Console.WriteLine("Inner exception: {0}", e.InnerException.Message);
//}
//Console.WriteLine("Authentication failed - closing the connection.");
}
}
else
{
try
{
networkStream = tcpClient.GetStream();
bSuccess = true;
}
catch (Exception e)
{
RSMPGS.SysLog.SysLog(cSysLogAndDebug.Severity.Error, "Could not get network stream, error: {0}", e.ToString());
}
}
return(bSuccess);
}
public bool InitializeAsClientAndGetStream(TcpClient tcpClient, cEncryptionSettings EncryptionSettings)
{
bool bSuccess = false;
bSSLStreamIsOk = false;
this.IgnoreCertificateErrors = EncryptionSettings.IgnoreCertificateErrors;
ClientCertificates.Clear();
if (UseEncryption)
{
if (EncryptionSettings.AuthenticateAsClientUsingCertificate)
{
X509Certificate2 certificate = CreateCertificate(EncryptionSettings.ClientCertificateFile, EncryptionSettings.ClientCertificateFilePassword);
if (certificate == null)
{
return(false);
}
ClientCertificates.Add(certificate);
}
sslStream = new SslStream(tcpClient.GetStream(), false, new RemoteCertificateValidationCallback(ServerCertificateValidationCallback), new LocalCertificateSelectionCallback(SelectLocalCertificate));
try
{
if (EncryptionSettings.AuthenticateAsClientUsingCertificate)
{
sslStream.AuthenticateAsClient(EncryptionSettings.ServerName, ClientCertificates, EncryptionSettings.sslProtocols, EncryptionSettings.CheckCertificateRevocationList);
}
else
{
sslStream.AuthenticateAsClient(EncryptionSettings.ServerName, null, EncryptionSettings.sslProtocols, EncryptionSettings.CheckCertificateRevocationList);
}
RSMPGS.SysLog.SysLog(cSysLogAndDebug.Severity.Info, "Authentication succeeded");
LogSecurityLevel(sslStream);
LogSecurityServices(sslStream);
LogCertificateInformation(sslStream);
bSSLStreamIsOk = true;
bSuccess = true;
}
catch (Exception e)
{
RSMPGS.SysLog.SysLog(cSysLogAndDebug.Severity.Error, "Authentication failed, error: {0}", e.ToString());
}
}
else
{
try
{
networkStream = tcpClient.GetStream();
bSuccess = true;
}
catch (AuthenticationException e)
{
RSMPGS.SysLog.SysLog(cSysLogAndDebug.Severity.Error, "Could not get network stream, error: {0}", e.ToString());
}
}
return(bSuccess);
}
