RoundSparrow
Show profile
Link to this post
Subject: SSL / TLS support on Compact Framework
anyone been able to make progress on having secure work on Compact Framework for xmpp?
Thanks.
Thanks.
Hello,
we are working on a SSL library for the compact framework. But due to other projects this work is paused at the moment.
For now you would have to use a 3rd party library for SSL on CF.
Alex
we are working on a SSL library for the compact framework. But due to other projects this work is paused at the moment.
For now you would have to use a 3rd party library for SSL on CF.
Alex
Subject: Compact Framework Security
Is there a white paper or FAQ that gives a high level description of how agsxmpp handles authentication and encryption on compact framework?
Just a quick one liner.
Thanks!!
Just a quick one liner.
Thanks!!
no there is no whitepaper. Let us know what you need exactly.
Alex
Alex
authentication depends on the server. All xmpp compliant servers support SASL authentication. SASL Digest-MD5 mechanism is used with the most servers.
Alex
Alex
Alex - you are a very patient person!
I am trying out agsxmpp on windows mobile 5. The API is written in a way that makes it easy to try out applications without a lot of headaches. The JXTA API on the other hand is too hard to use.
I know that I am going to be asked "what about security?". So, if someone asked you "What about security?" what would be your brief answer?
Is the data sent between agsxmpp windows mobile 5 clients and an XMPP server encrypted or just plain text?
Thanks again!
I am trying out agsxmpp on windows mobile 5. The API is written in a way that makes it easy to try out applications without a lot of headaches. The JXTA API on the other hand is too hard to use.
I know that I am going to be asked "what about security?". So, if someone asked you "What about security?" what would be your brief answer?
Is the data sent between agsxmpp windows mobile 5 clients and an XMPP server encrypted or just plain text?
Thanks again!
Hello ayyrk,
on pocket pc and smartphone the data is not encrypted because the .NET compact framework still supports no SSL and TLS.
On all other systems agsXMPP is using the .NET SslStream encrypt all data with TLS.
There is also no SSL/TLS component for CF available which we could use in agsXMPP.
Alex
on pocket pc and smartphone the data is not encrypted because the .NET compact framework still supports no SSL and TLS.
On all other systems agsXMPP is using the .NET SslStream encrypt all data with TLS.
There is also no SSL/TLS component for CF available which we could use in agsXMPP.
Alex
It's been a while... I see that the mobile library still doesn't include SSL.
Have there been any updates? I rememer finding a thread on this forum where somebody had tried to port Mono over to the mobile environment, but that seems to have just been dropped about a year ago or so.
What about doing a P/Invoke on winsock.dll and using the setsockopt() function? I think that I read someplace that winsock.dll is a protected dll and requires a signed project. Is that what's holding everything up?
I was playing around with it (didn't try to sign my code yet), but I still can't get it to drop into SSL/TLS - no error, it just doesn't encrypt. Probably could be one of a couple of things...
I have always been a bit hazy on the whole marshalling objects, so I'm probably not calling setsockopt correctly
I may not actually be sending setsockopt the socket handle correctly (I'm using _socket.Handle within the Connect() function in agsXMPP.net.ClientSocket
Like I said, the code isn't signed even using a private certificate.
Any thoughts? suggestions? I'd be interested in licensing agsXMPP_PPC.dll, but without secure connections, it's not really of any use to me (in a commercial application).
Have there been any updates? I rememer finding a thread on this forum where somebody had tried to port Mono over to the mobile environment, but that seems to have just been dropped about a year ago or so.
What about doing a P/Invoke on winsock.dll and using the setsockopt() function? I think that I read someplace that winsock.dll is a protected dll and requires a signed project. Is that what's holding everything up?
I was playing around with it (didn't try to sign my code yet), but I still can't get it to drop into SSL/TLS - no error, it just doesn't encrypt. Probably could be one of a couple of things...
I have always been a bit hazy on the whole marshalling objects, so I'm probably not calling setsockopt correctly
I may not actually be sending setsockopt the socket handle correctly (I'm using _socket.Handle within the Connect() function in agsXMPP.net.ClientSocket
Like I said, the code isn't signed even using a private certificate.
Any thoughts? suggestions? I'd be interested in licensing agsXMPP_PPC.dll, but without secure connections, it's not really of any use to me (in a commercial application).
This post was edited on 2008-09-03, 02:10 by
Hello jmanley,
there is still no SslStream available in CF which is the reason why StartTls is not implemented. I have looked at different commercial and Open Source SSL/TLS libraries in the past and they all did not work or had other issues. I prefer managed code whenever possible and want to avoid PInvoke stuff.
I had the best results with the bccrypto library, but their TLS implementation did not support some features required by ejabberd and other servers. I got it working only with 1 server (Openfire). I filed some bug reports and I think they have fixed it. Its on my TODO list to test TLS again with the latest bccyptro library.
There were rumors that SslStream will be in CF3, this was the reason why I stopped working on TLS for CF. TLs is als very important for us, because there is still no support in the CF we have to start working again on this task.
Alex
there is still no SslStream available in CF which is the reason why StartTls is not implemented. I have looked at different commercial and Open Source SSL/TLS libraries in the past and they all did not work or had other issues. I prefer managed code whenever possible and want to avoid PInvoke stuff.
I had the best results with the bccrypto library, but their TLS implementation did not support some features required by ejabberd and other servers. I got it working only with 1 server (Openfire). I filed some bug reports and I think they have fixed it. Its on my TODO list to test TLS again with the latest bccyptro library.
There were rumors that SslStream will be in CF3, this was the reason why I stopped working on TLS for CF. TLs is als very important for us, because there is still no support in the CF we have to start working again on this task.
Alex
Hello,
I have a first Beta with TLS support for CF available.
If anybody is interested at testing please leave me a message.
Alex
I have a first Beta with TLS support for CF available.
If anybody is interested at testing please leave me a message.
Alex
Forum: XMPP Protocol 