开发者

SSL without SslStream because I'd like to connect through a SOCKS5 Proxy

BACKGROUND INFORMATION: PROGRAM WRITTEN IN C#

I'm working on a program right now that connects through a SOCKS5 proxy (coded from scratch. works well enough.), but I'd also like to (through that proxy) communicate to a DESTINATION through SSL.

I've done some research, googled many a time, and have come to the conclusion that SslStream won't be ideal for my situation. I NEED to first authenticate with the SSL through the proxy, and THEN start sending encrypted packets, once I receive the key.

QUESTIONS:

How can I encrypt my packets with TLS in C#? For some reason I can't at all figure it out. 开发者_如何学Python I'm stuck! :(

What is the raw syntax required to even REQUEST said SSL certificate?


You might want to have a look at the TLS implementation in the open source Bouncy Castle cryptography library. If it won't work as-is, you can hack it into doing what you need. If you want to deep-dive the specification itself, you'll find it as IETF RFC 5246.

As you've probably discovered, though, doing any portion of the connection setup work yourself leaves you with no way to use the WebRequest family of classes to handle the HTTP portion of the protocol work. That leaves you with two options I can see: do the HTTP yourself as well (I found a trivial example HTTP client floating around the net), or change the current user proxy server settings

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable"=dword:00000001
"ProxyServer"="socks=socks.example.net:1080"

then send the request normally using the WebRequest classes.


I'd like to offer you SSLBlackbox package of our SecureBlackbox product. Among numerous other components it has a simple SSL client component that is socket-based, can connect via different proxies (SOCKS, HTTPS CONNECT) and supports all features of SSL/TLS up to TLS 1.2. If you need more control, you can use any custom socket, and not just built-in socket support. This lets you use the components for securing traffic that goes not via sockets at all (pigeon mail can be secured this way as well).

An HTTPS client is available and included into SSLBlackbox as well.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜