4

I made a client server socket connection with sslStream but there is a a exception on server when the code reaches to line AuthenticateAsServer I searched in internet but I couldn't find a good answer why it happens. I made the .pfx testfile in my project and made a simple password for it. I don't know the problem is from file or not.

the exception is in line: sslStream.AuthenticateAsServer(certificate);

basic exception is: a call to sspi failed

inner exception is: clientsThe client and server cannot communicate, because they do not possess a common algorithm

server is a little long and I add the part of code that exception happens and all of client code:

this is server:

 public void AcceptCallBack(IAsyncResult ar) 
        {
        //    clients.Add(new myClient(server.EndAccept(ar)));
        //    try
       //     {
                myClient c = new myClient();

               // Socket handle = (Socket)ar.AsyncState;
                TcpListener handle = (TcpListener)ar.AsyncState;
                byte[] buff=new byte[2048] ;
               // Socket hand = handle.EndAccept(out buff,ar);
                TcpClient hand = handle.EndAcceptTcpClient(ar);
                dowork.Set();
                c.tcp = hand;
                clients.Add(c);
               // hand.BeginReceive(c.buffer, 0, c.buffer.Length, SocketFlags.None, new AsyncCallback(receiveIDCallBack), c);
                using (SslStream sslStream = new SslStream(hand.GetStream()))
                {
                    sslStream.AuthenticateAsServer(certificate);
                    // ... Send and read data over the stream
                    sslStream.BeginWrite(buff,0,buff.Length,new AsyncCallback(sendCallBack),c);
                    count++;
                    sslStream.BeginRead(c.buffer,0,c.buffer.Length,new AsyncCallback(receiveIDCallBack),c);
                }
       //     }
         //   catch(Exception)
          //  {

         //   }
        }//end of acceptcallback function

this is client:

using UnityEngine;
using System.Collections;
using System;
using System.Net;
using System.Net.Sockets;
using System.Text;
using System.Net.Security;
using System.Security.Cryptography;
using System.Security.Cryptography.X509Certificates;
public class sslCode : MonoBehaviour {


   // private Socket _clientSocket = new Socket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp);
    private byte[] _recieveBuffer = new byte[8142];

   static string server = "127.0.0.1";
    TcpClient client;

    public string message;
    public string receive;
    public string send;
    private void SetupServer()
    {
        try
        {

           // client.Connect(new IPEndPoint(IPAddress.Parse("127.0.0.1"), 1500));
            client = new TcpClient(server,1500);
            message = "connected";
        }
        catch (SocketException ex)
        {
            Debug.Log(ex.Message);
            message = ex.Message;
        }

       // _clientSocket.BeginReceive(_recieveBuffer, 0, _recieveBuffer.Length, SocketFlags.None, new AsyncCallback(ReceiveCallback), null);
        // Create a secure stream
        using (SslStream sslStream = new SslStream(client.GetStream(), false,
            new RemoteCertificateValidationCallback(ValidateServerCertificate), null))
        {
            sslStream.AuthenticateAsClient(server);

            // ... Send and read data over the stream
            sslStream.BeginRead(_recieveBuffer, 0, _recieveBuffer.Length, new AsyncCallback(ReceiveCallback),null);
        }

    }

    private bool ValidateServerCertificate(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors)
    {
        throw new NotImplementedException();
    }// end of setup server

    private void ReceiveCallback(IAsyncResult AR)
    {
        //Check how much bytes are recieved and call EndRecieve to finalize handshake
        using (SslStream sslStream = new SslStream(client.GetStream(), false,
       new RemoteCertificateValidationCallback(ValidateServerCertificate), null))
        {
            sslStream.AuthenticateAsClient(server);
            // ... Send and read data over the stream


            int recieved = sslStream.EndRead(AR);

            if (recieved <= 0)
                return;

            //Copy the recieved data into new buffer , to avoid null bytes
            byte[] recData = new byte[recieved];
            Buffer.BlockCopy(_recieveBuffer, 0, recData, 0, recieved);

            //Process data here the way you want , all your bytes will be stored in recData

            receive = Encoding.ASCII.GetString(recData);

            //Start receiving again
            sslStream.BeginRead(_recieveBuffer, 0, _recieveBuffer.Length, new AsyncCallback(ReceiveCallback), null);
        }
    }// end of receiveCallBack

    private void SendData(string dd)
    {
        using (SslStream sslStream = new SslStream(client.GetStream(), false,
       new RemoteCertificateValidationCallback(ValidateServerCertificate), null))
        {
          sslStream.AuthenticateAsClient(server);

            // ... Send and read data over the stream

            byte[] data = Encoding.ASCII.GetBytes(dd);
            SocketAsyncEventArgs socketAsyncData = new SocketAsyncEventArgs();
            socketAsyncData.SetBuffer(data, 0, data.Length);
           sslStream.BeginWrite(data,0,data.Length,new AsyncCallback(sendcallback),null);
            send = dd;
            sslStream.BeginRead(_recieveBuffer, 0, _recieveBuffer.Length, new AsyncCallback(ReceiveCallback), null);
        }
    }

    private void sendcallback(IAsyncResult ar)
    {

    }// end of send data

can this be problem of certificate file generated in vs or options of windows?

I searched a little more on internet and and I think there should be probability of algorithm mismatch that I use for my certificate file and what windows 8.1 can understand. i really don't know....

that algorithms that vs let me make for my certificate are "sha256RSA" and "sha1RSA" thanks for your help

Improve this question
4
  • Post the exact message you are getting and the location where it occurs. Commented Feb 19, 2015 at 19:45
  • @500-InternalServerError thank you for answering. i eddited the post and added lines and messages in bold. Commented Feb 19, 2015 at 20:07
  • 1
    Just a guess, but this may be happening because of the code in your client method ValidateServerCertificate? Presumably that is getting called as soon as the server sends its credentials, and the throw is causing both sides to abort? Try replacing throw... with return true;. Commented Feb 20, 2015 at 22:32
  • @Dusty thank you dusty for answering. i think you are right. i did but i still have the problem. Commented Feb 20, 2015 at 23:03

2 Answers 2

Reset to default
3
+50

i made the .pfx testfile in my project

That's a Big Red Flag. Without knowing anything about the tools you use, the best guess is that you created a signing certificate. It is not suitable for key exchange. A failure-mode covered by this blog post.

Without knowing anything about your OS, I'd have to guess that you use Linux. In which case this question ought to be helpful. If that's a wrong guess then help yourself by googling "create self signed ssl certificate, add the appropriate keywords to select your OS and/or tool chain.

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

my tag is c# so certainly its windows and its 8.1 and in most common situations you use vs to work with c#. please
sorry but someone who makes a bounty after 2 days, probably have seen all possible links. i saw you links before and none of them solved my problem. you could comment your links
2

thank you my friends, i finally could find my problem.

the code needed a little edit but the main problem wasnt the code.

the problem was from the way certificate files work. i just had generated a pfx file and gave its address to code below:

sslStream.AuthenticateAsServer(server);

but now i made the pfx format in internet options and imported it to personal section, after that exported it to trusted root section, so cer format of that pfx file will be generateed that only contains the public key of that pfx file.

so right now code runs very well.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.