Archived Forum Post

Index of archived forum posts

Question:

SSL Certificate Not Sent???

Jul 10 '14 at 08:46

I'm attempting to get the SSL Server/Client example to work in .Net, but it appears as though the certificate is never sent as part of the handshake. Here is my code for the server and client...

Server:

class ChilkatServer
{
    Chilkat.Socket listenSocket = new Chilkat.Socket();
    Chilkat.CertStore cstore = null;
    Chilkat.Cert cert = null;
    bool success;

    public ChilkatServer()
    {
        success = listenSocket.UnlockComponent("Give me 30 days!");
        if (success != true)
        {
            Console.WriteLine(listenSocket.LastErrorText);
            return;
        }
    }

    public void RunServer(string cf, string cfp)
    {
        // Load the certificate store
        cstore = new Chilkat.CertStore();
        success = cstore.LoadPfxFile(cf, cfp);
        if (success != true)
        {
            Console.WriteLine(cstore.LastErrorText);
            return;
        }

        // Load the certificate
        cert = cstore.GetCertificate(0);
        if (cert == null)
        {
            Console.WriteLine(cstore.LastErrorText);
            return;
        }

        success = listenSocket.InitSslServer(cert);
        if (success != true)
        {
            Console.WriteLine(listenSocket.LastErrorText);
            return;
        }

        int myPort = 8055;
        int backLog = 5;

        listenSocket.MaxReadIdleMs = 10000;
        listenSocket.MaxSendIdleMs = 10000;

        success = listenSocket.BindAndListen(myPort, backLog);
        if (success != true)
        {
            Console.WriteLine(listenSocket.LastErrorText);
            return;
        }

        int maxWaitMilli = 20000;

        while (true)
        {
            Chilkat.Socket clientSocket = null;
            clientSocket = listenSocket.AcceptNextConnection(maxWaitMilli);

            if (clientSocket == null)
            {
                Console.WriteLine("Still waiting...");
                continue;
            }
            else
            {
                Thread clientThread = new Thread(new ParameterizedThreadStart(ProcessClient));
                clientThread.Start(clientSocket);
                continue;
            }
        }
    }

    private void ProcessClient(object obj)
    {
        Chilkat.Socket client = (Chilkat.Socket)obj;

        while (client.IsConnected)
        {
            string rcvdMessage;
            rcvdMessage = client.ReceiveUntilMatch("<EOF>");
            if (string.IsNullOrEmpty(rcvdMessage))
            {
                Console.WriteLine(client.LastErrorText);
            }
            else
            {
                Console.WriteLine("Received: " + rcvdMessage);
            }
        }
    }
}

Client:

public class ChilkatClient
{
    Chilkat.Socket socket = new Chilkat.Socket();
    bool success;
    bool ssl = true;
    int maxWaitMilli = 20000;
    string serverName;
    int serverPort;

    public delegate void MessageReceivedHandler(object sender, MessageReceivedEventArgs e);
    public event MessageReceivedHandler OnMessageReceived;

    public ChilkatClient(string server, int port)
    {
        success = socket.UnlockComponent("Give me 30 days!");
        if (success != true)
        {
            Console.WriteLine(socket.LastErrorText);
            return;
        }

        serverName = server;
        serverPort = port;
    }

    public void StartClient()
    {
        //  Set maximum timeouts for reading an writing (in millisec)
        socket.MaxReadIdleMs = 20000;
        socket.MaxSendIdleMs = 20000;

        success = socket.Connect(serverName, serverPort, ssl, maxWaitMilli);
        if (success != true)
        {
            Console.WriteLine(socket.LastErrorText);
            return;
        }

        success = socket.SendString("Hello Server! <EOF>");
        if (success == true)
        {
            Console.WriteLine("Sent 'Hello Server! <EOF>");
        }

        while(socket.IsConnected)
        {
            string rcvdMessage;
            rcvdMessage = socket.ReceiveUntilMatch("<EOF>");

            if (string.IsNullOrEmpty(rcvdMessage))
            {
                Console.WriteLine("No message received from server...");
                continue;
            }
            else
            {
                if (OnMessageReceived != null)
                {
                    OnMessageReceived(new object(), new MessageReceivedEventArgs() { Message = new Messaging.Message() { Body = rcvdMessage } });
                }
            }
        }
    }
}

socket.Connect fails with the following:

ChilkatLog:
Connect_Socket:
DllDate: Jun 10 2014
ChilkatVersion: 9.5.0.40
UnlockPrefix: Give me 30 days!
Username: myuname
Architecture: Little Endian; 64-bit
Language: .NET 4.5 / x64
VerboseLogging: 0
objectId: 1
Connect_Socket:
  hostname: local.xyz.com
  port: 8055
  ssl: 1
  maxWaitMs: 20000
  socket2Connect:
    connect2:
      connectImplicitSsl:
        clientHandshake:
          clientHandshake2:
            processHandshakeRecord:
              processHandshakeMessage:
                processIncomingCertificates:
                  Warning, no certificates were received!
                --processIncomingCertificates
              --processHandshakeMessage
            --processHandshakeRecord
            buildClientKeyExchange:
              buildClientKeyExchangeRsa:
                getServerCertPublicKey:
                  Certificate not available in TlsCertificates object.
                  Failed to get server certificate at index 0.
                  numServerCertsReceived: 0
                --getServerCertPublicKey
              --buildClientKeyExchangeRsa
            --buildClientKeyExchange
            Failed to build ClientKeyExchange
          --clientHandshake2
        --clientHandshake
        Client handshake failed. (3)
      --connectImplicitSsl
      ConnectFailReason: 0
    --connect2
  --socket2Connect
  Failed.
--Connect_Socket

--Connect_Socket --ChilkatLog


Accepted Answer

I think these new builds should fix it:

32-bit: http://www.chilkatsoft.com/download/preRelease/ChilkatDotNet45-9.5.0-win32.zip

64-bit: http://www.chilkatsoft.com/download/preRelease/ChilkatDotNet45-9.5.0-x64.zip


Answer

Thanks, I'll give them a shot.


Answer

Worked like a charm! Thanks!


Answer

I have problem. Can not loaded pfx file. I use chilkat library.

My error is: Failed to verify PFX HMAC with password.

ChilkatLog:
  LoadPfxFile:
    DllDate: Jun 12 2014
    ChilkatVersion: 9.5.0.40
    UnlockPrefix: NONE
    Username: TYMAJ_NTB:jtyma
    Architecture: Little Endian; 32-bit
    Language: .NET 2.0
    VerboseLogging: 0
    class: Cert
    pfxPath: C:\www-xdslCheck\spdsl_from_spd.pfx
    loadPfxData:
      addPfxSource:
        pkcs12_loadAndParseDer:
          loadAndParseDerInner:
            verifyHmacIntegrity:
              saltNumBytes: 20
              saltBase64: wF7RxS3vZpjSowhNTatwQ7xqiYk=
              numIterations: 1
              macHashOid: 1.3.14.3.2.26
              macStoredDigest: 5CDF 5C70 1ED7 74E6 A2FA 5AFD E51D 80A1
64B3 7E95
              Failed to verify PFX HMAC with password.
              computedDigest: 8126 6C3E 0964 45E7 9BF9 1115 1F5D 795F
C2B7 F333
            --verifyHmacIntegrity
            Retry with NULL password instead of zero-length password.
            verifyHmacIntegrity:
              saltNumBytes: 20
              saltBase64: wF7RxS3vZpjSowhNTatwQ7xqiYk=
              numIterations: 1
              macHashOid: 1.3.14.3.2.26
              macStoredDigest: 5CDF 5C70 1ED7 74E6 A2FA 5AFD E51D 80A1
64B3 7E95
              Password and HMAC verified.
            --verifyHmacIntegrity
            nContentInfos: 2
            ContentInfo:
              loadPkcs7Xml:
                PKCS7 Data
                dataSize: 945
              --loadPkcs7Xml
              PKCS7_DATA
              processSafeContents:
                SafeBagOid: 1.2.840.113549.1.12.10.1.2
                Pkcs8ShroudedKeyBag
                processPkcs8ShroudedKeyBag:
                  AlgorithmIdentifier_loadXml:
                    PBE encryption.
                    Salt: Lt3f8bcYUFg=
                    Iterations: 2000
                  --AlgorithmIdentifier_loadXml
                  numEncryptedBytes: 656
                  passwordDecryptData:
                    decryptPkcs12:
                      algorithm: des
                      keyLength: 192
                      outputSize: 650
                    --decryptPkcs12
                  --passwordDecryptData
                --processPkcs8ShroudedKeyBag
              --processSafeContents
            --ContentInfo
            ContentInfo:
              loadPkcs7Xml:
                Pkcs7_EncryptedData:
                  pkcs7_passwordDecrypt:
                    AlgorithmIdentifier_loadXml:
                      PBE encryption.
                      Salt: YoILVI6uqxQ=
                      Iterations: 2000
                    --AlgorithmIdentifier_loadXml
                    numEncryptedBytes: 1528
                    passwordDecryptData:
                      decryptPkcs12:
                        algorithm: rc2
                        keyLength: 40
                        outputSize: 1524
                      --decryptPkcs12
                    --passwordDecryptData
                  --pkcs7_passwordDecrypt
                --Pkcs7_EncryptedData
              --loadPkcs7Xml
              PKCS7_ENCRYPTED_DATA
              processSafeContents:
                SafeBagOid: 1.2.840.113549.1.12.10.1.3
                CertBag
                processCertBag:
                  cert_CN: sp-dsl.mobilkom.loc
                  cert_E: adminit@ufon.cz
                  cert_DN: CZ, Czech Republic, Prague, Air Telecom a.s., IT, sp-dsl.mobilkom.loc, adminit@ufon.cz
                  serial: 5330FF9D000200000623
                --processCertBag
              --processSafeContents
            --ContentInfo
          --loadAndParseDerInner
          populateWithKeys:
            numPrivateKeys: 1
          --populateWithKeys
        --pkcs12_loadAndParseDer
        addPkcs12:
          numCerts: 1
        --addPkcs12
      --addPfxSource
    --loadPfxData
    Success.
  --LoadPfxFile
--ChilkatLog

Answer

Chilkat.Cert cert = new Chilkat.Cert();
success = cert.LoadPfxFile(@"C:\www-xdslCheck\spdsl_from_spd.pfx","");

I use chilkat version 9.5.0.40.