Skip to content

Commit e5f564c

Browse files
josesimoesjosesimoes
committed
Rework SSL sample to "using" for SslStream
Signed-off-by: José Simões <[email protected]>
1 parent c17193d commit e5f564c

File tree

1 file changed

+54
-57
lines changed

1 file changed

+54
-57
lines changed

samples/SSL/SecureClient/Program.cs

+54-57
Original file line numberDiff line numberDiff line change
@@ -61,59 +61,61 @@ public static void Main()
6161
Console.WriteLine("Authenticating with server...");
6262

6363
// setup SSL stream
64-
SslStream ss = new SslStream(mySocket);
65-
66-
///////////////////////////////////////////////////////////////////////////////////
67-
// Authenticating the server can be handled in one of three ways:
68-
//
69-
// 1. By providing the root CA certificate of the server being connected to.
70-
//
71-
// 2. Having the target device preloaded with the root CA certificate.
72-
//
73-
// !! NOT SECURED !! NOT RECOMENDED !!
74-
// 3. Forcing the authentication workflow to NOT validate the server certificate.
75-
//
76-
///////////////////////////////////////////////////////////////////////////////////
77-
78-
// option 1
79-
// setup authentication (add CA root certificate to the call)
80-
// Let's encrypt test certificate
81-
ss.AuthenticateAsClient("www.howsmyssl.com", null, letsEncryptCACert, SslProtocols.Tls11);
82-
// GlobalRoot CA cert from resources
83-
//ss.AuthenticateAsClient("global-root-ca.chain-demos.digicert.com", null, digiCertGlobalRootCACert, SslProtocols.Tls11);
84-
85-
// option 2
86-
// setup authentication (without providing root CA certificate)
87-
// this requires that the trusted root CA certificates are available in the device certificate store
88-
//ss.AuthenticateAsClient("www.howsmyssl.com", SslProtocols.Tls11);
89-
//ss.AuthenticateAsClient("global-root-ca.chain-demos.digicert.com", SslProtocols.Tls12);
90-
91-
// option 3
92-
// disable certificate validation
93-
//ss.SslVerification = SslVerification.NoVerification;
94-
//ss.AuthenticateAsClient("www.howsmyssl.com", SslProtocols.TLSv11);
95-
96-
Console.WriteLine("SSL handshake OK!");
97-
98-
// write an HTTP GET request to receive data
99-
byte[] buffer = Encoding.UTF8.GetBytes("GET / HTTP/1.0\r\n\r\n");
100-
ss.Write(buffer, 0, buffer.Length);
101-
102-
Console.WriteLine($"Wrote {buffer.Length} bytes");
103-
104-
// setup buffer to read data from socket
105-
buffer = new byte[1024];
106-
107-
// trying to read from socket
108-
int bytes = ss.Read(buffer, 0, buffer.Length);
109-
110-
Console.WriteLine($"Read {bytes} bytes");
111-
112-
if (bytes > 0)
64+
using (SslStream stream = new SslStream(mySocket))
11365
{
114-
// we have data!
115-
// output as string
116-
Console.WriteLine(new String(Encoding.UTF8.GetChars(buffer)));
66+
67+
///////////////////////////////////////////////////////////////////////////////////
68+
// Authenticating the server can be handled in one of three ways:
69+
//
70+
// 1. By providing the root CA certificate of the server being connected to.
71+
//
72+
// 2. Having the target device preloaded with the root CA certificate.
73+
//
74+
// !! NOT SECURED !! NOT RECOMENDED !!
75+
// 3. Forcing the authentication workflow to NOT validate the server certificate.
76+
//
77+
///////////////////////////////////////////////////////////////////////////////////
78+
79+
// option 1
80+
// setup authentication (add CA root certificate to the call)
81+
// Let's encrypt test certificate
82+
stream.AuthenticateAsClient("www.howsmyssl.com", null, letsEncryptCACert, SslProtocols.Tls11);
83+
// GlobalRoot CA cert from resources
84+
//stream.AuthenticateAsClient("global-root-ca.chain-demos.digicert.com", null, digiCertGlobalRootCACert, SslProtocols.Tls11);
85+
86+
// option 2
87+
// setup authentication (without providing root CA certificate)
88+
// this requires that the trusted root CA certificates are available in the device certificate store
89+
//stream.AuthenticateAsClient("www.howsmyssl.com", SslProtocols.Tls11);
90+
//stream.AuthenticateAsClient("global-root-ca.chain-demos.digicert.com", SslProtocols.Tls12);
91+
92+
// option 3
93+
// disable certificate validation
94+
//stream.SslVerification = SslVerification.NoVerification;
95+
//stream.AuthenticateAsClient("www.howsmyssl.com", SslProtocols.TLSv11);
96+
97+
Console.WriteLine("SSL handshake OK!");
98+
99+
// write an HTTP GET request to receive data
100+
byte[] buffer = Encoding.UTF8.GetBytes("GET / HTTP/1.0\r\n\r\n");
101+
stream.Write(buffer, 0, buffer.Length);
102+
103+
Console.WriteLine($"Wrote {buffer.Length} bytes");
104+
105+
// setup buffer to read data from socket
106+
buffer = new byte[1024];
107+
108+
// trying to read from socket
109+
int bytes = stream.Read(buffer, 0, buffer.Length);
110+
111+
Console.WriteLine($"Read {bytes} bytes");
112+
113+
if (bytes > 0)
114+
{
115+
// we have data!
116+
// output as string
117+
Console.WriteLine(new String(Encoding.UTF8.GetChars(buffer)));
118+
}
117119
}
118120
}
119121
catch (SocketException ex)
@@ -124,11 +126,6 @@ public static void Main()
124126
{
125127
Console.WriteLine($"** Exception occurred: {ex.Message}!**");
126128
}
127-
finally
128-
{
129-
Console.WriteLine("Closing socket");
130-
mySocket.Close();
131-
}
132129
}
133130

134131
Thread.Sleep(Timeout.Infinite);

0 commit comments

Comments
 (0)