koobas.hobune.stream
This question was
closed Apr 15, 2016 at 06:13 AM by
KaushikRahul for the following reason:
The question is answered, right answer was accepted
What Version of SSL Protocol does unity supports?
I am trying to create a secure connection between my unity application(client) and C application(server) using SSLStream, but am facing an issue. Unity Editor crashes every time try to authenticate the user as client. Here is the code :
// Create an SSL stream that will close the client's stream.
SslStream sslStream = new SslStream(
client.GetStream(),
false,
new RemoteCertificateValidationCallback(ValidateServerCertificate),
null
);
// The server name must match the name on the server certificate.
try
{
//sslStream.AuthenticateAsClient(serverName);
//X509Certificate2Collection xc = new X509Certificate2Collection();
sslStream.AuthenticateAsClient(machineName, cCollection, SslProtocols.Ssl3, false);
}
catch (AuthenticationException e)
{
Console.WriteLine("Exception: {0}", e.Message);
if (e.InnerException != null)
{
Console.WriteLine("Inner exception: {0}", e.InnerException.Message);
}
Console.WriteLine("Authentication failed - closing the connection.");
client.Close();
return;
}
The app crashes if i use SSL3 but not if i use TLS.
the issue is i cannot use TLS as my server is using SSL3. So they wont communicate, neither send nor receive data.
Please help me. Its been a week am stuck here and found no good answer anywhere.
Best Answer
As no one Answered, I am going to answer it for myself.
The app was Crashing due to some buggy code not because of the SSLProtocol. I figured it out and now its working absolutely fine.
And i would like to suggest people to use TLS as SSLProtocol instead of SSL3, as it is more secure.
This is the whole class that i wrote:
using UnityEngine;
using System;
using System.Collections;
using System.Net.Security;
using System.Net.Sockets;
using System.Security.Authentication;
using System.Text;
using System.Security.Cryptography.X509Certificates;
using System.Runtime.InteropServices;
public class SslTcpClient
{
public const int BUFFSIZE1 = 32000;
[StructLayout(LayoutKind.Sequential, Pack = 4)]
public struct cheader
{
ushort tran_type;
public ushort data_size;
uint user_id;
byte iscontinue;
ushort branch_id;
[MarshalAs(UnmanagedType.ByValArray, ArraySubType = UnmanagedType.U4, SizeConst = 4)]
byte[] tran_date;
int encrypt;
};
[StructLayout(LayoutKind.Sequential, Pack = 4)]
public struct sheader
{
public cheader chdr;
int srv_trno;
byte iscontinue;
byte send_count;
int result_nsec;
};
public struct client_buffer
{
cheader chdr;
[MarshalAs(UnmanagedType.ByValArray, ArraySubType = UnmanagedType.U4, SizeConst = BUFFSIZE1)]
byte[] buffer;
};
public struct server_buffer
{
sheader shdr;
[MarshalAs(UnmanagedType.ByValArray, ArraySubType = UnmanagedType.U4, SizeConst = BUFFSIZE1)]
byte[] buffer;
};
public struct tran_time
{
long res_nsec;
long res_usec;
long req_nsec;
long req_usec;
};
private static Hashtable certificateErrors = new Hashtable();
X509Certificate clientCertificate;
public static string serverMessage;
public static int counter = 0;
private string fileName;
public static bool CertificateValidationCallback(
object sender,
X509Certificate certificate,
X509Chain chain,
SslPolicyErrors sslPolicyErrors)
{
return true;
}
static X509Certificate CertificateSelectionCallback(object sender,
string targetHost,
X509CertificateCollection localCertificates,
X509Certificate remoteCertificate,
string[] acceptableIssuers)
{
return localCertificates[0];
}
public void RunClient(string machineName)
{
fileName = "1411134668.p12";
TcpClient client = new TcpClient();
client.Connect(machineName, 8080);
counter++;
SslStream sslStream = new SslStream(client.GetStream(), false,
new RemoteCertificateValidationCallback(CertificateValidationCallback),
new LocalCertificateSelectionCallback(CertificateSelectionCallback));
bool authenticationPassed = true;
try
{
string path = getPath();
#if UNITY_EDITOR
X509Certificate2 cert = new X509Certificate2(path, "test");
#elif UNITY_ANDROID
WWW reader = new WWW(path);
while (!reader.isDone) { }
X509Certificate2 cert = new X509Certificate2(reader.bytes, "test");
#endif
X509Certificate2Collection certs = new X509Certificate2Collection();
certs.Add(cert);
counter++;
sslStream.AuthenticateAsClient(
machineName,
certs,
SslProtocols.Tls,
true); // check cert revokation
counter++;
}
catch (AuthenticationException e)
{
Debug.Log("Exception: " + e.Message);
if (e.InnerException != null)
{
Debug.Log("Inner exception: " + e.InnerException.Message);
}
Debug.Log("Authentication failed - closing the connection.");
client.Close();
authenticationPassed = false;
return;
}
if (authenticationPassed)
{
byte[] messsage = Encoding.UTF8.GetBytes("Hello from the client.<EOF>");
Debug.Log("After : " + sslStream.LocalCertificate);
serverMessage = ReadMessage(sslStream);
Debug.Log("Server says: " + serverMessage);
client.Close();
Debug.Log("Client closed.");
counter++;
}
}
private string getPath()
{
#if UNITY_EDITOR
return Application.streamingAssetsPath + "/" + fileName;
#elif UNITY_ANDROID
return Application.streamingAssetsPath + "/" + fileName;
#elif UNITY_IPHONE
return GetiPhoneDocumentsPath()+"/" + fileName;
#else
return Application.dataPath +"/" + fileName;
#endif
}
static string ReadMessage(SslStream sslStream)
{
byte[] buffer = new byte[2048];
StringBuilder messageData = new StringBuilder();
int k = sslStream.Read(buffer, 0, 200);
Debug.Log("Value of k : " + k);
sheader returndata = ByteArrayToStructure<sheader>(buffer);
Debug.Log("This is what the host returned to you: " + returndata);
Debug.Log("Buffer Size : " + k);
char[] c = new char[k];
for (int i = 0; i < k; i++)
{
c[i] = Convert.ToChar(buffer[i]);
}
string s = new string(c);
return s;
}
static sheader ByteArrayToStructure<sheader>(byte[] bytes)
{
GCHandle handle = GCHandle.Alloc(bytes, GCHandleType.Pinned);
sheader stuff = (sheader)Marshal.PtrToStructure(handle.AddrOfPinnedObject(), typeof(sheader));
handle.Free();
return stuff;
}
public static void callFunc(string addr)
{
SslTcpClient obj = new SslTcpClient();
Environment.SetEnvironmentVariable("MONO_TLS_SESSION_CACHE_TIMEOUT", "0");
obj.RunClient(addr);
}
private static void DisplayUsage()
{
Debug.Log("To start the client specify:");
Debug.Log("clientSync machineName [serverName]");
Environment.Exit(1);
}
}
I don't know if i should expose the whole code, But its for the help of everyone out there who is stuck with SSL communication.
Cheers!! :) :)
What version of unity were you using? I'm struggling a little bit with the cyphering.
