Not logged in. · Lost password · Register
Forum: agsXMPP RSS
Avatar
bilalkhan #1
Member since Oct 2016 · 81 posts · Location: Pakistan
Group memberships: Members
Show profile · Link to this post
Subject: AGSXMPP secure communication
how to make xmpp communication secure, am only talking about the server implementation, if i make the authentication SSL, server will start the secure communication?

Should i need some certification ? or any configuration at the server end?

  1. private void streamParser_OnStreamStart(object sender, Node e)
  2. {
  3.          SendOpenStream();
  4.             if (!IsAuthenticated)
  5.             {
  6.                 SendStreamFeatures(StreamFeatures.SSL);
  7.             }   
  8.  }
  9.  
  10.  
  11. private void SendStreamFeatures(StreamFeatures choice)
  12. {
  13.     StringBuilder sb = new StringBuilder();
  14.  
  15.     switch (choice)
  16.     {
  17.         case StreamFeatures.SSL:
  18.             sb.Append(
  19.                 "<stream:features><starttls xmlns=\"urn:ietf:params:xml:ns:xmpp-tls\"><required/></starttls>\">");
  20.             sb.Append("<mechanisms xmlns=\"urn:ietf:params:xml:ns:xmpp-sasl\">");
  21.             sb.Append("<mechanism>PLAIN</mechanism>");
  22.             sb.Append("</mechanisms>");
  23.             sb.Append("</stream:features>");
  24.             break;
  25.  
  26.         case StreamFeatures.Sasl:
  27.             sb.Append("<stream:features xmlns:stream=\"http://etherx.jabber.org/streams\">");
  28.             sb.Append("<mechanisms xmlns=\"urn:ietf:params:xml:ns:xmpp-sasl\">");
  29.             sb.Append("<mechanism>PLAIN</mechanism>");
  30.             sb.Append("</mechanisms>");
  31.             sb.Append("</stream:features>");
  32.             break;
  33.  
  34.         case StreamFeatures.Bind:
  35.             sb.Append("<stream:features xmlns:stream=\"http://etherx.jabber.org/streams\">");
  36.             sb.Append("<bind xmlns=\"urn:ietf:params:xml:ns:xmpp-bind\" />");
  37.             sb.Append("</stream:features>");
  38.             break;
  39.     }
  40.     Send(sb.ToString());
  41. }
This post was edited on 2016-12-20, 11:14 by Alex.
Avatar
bilalkhan #2
Member since Oct 2016 · 81 posts · Location: Pakistan
Group memberships: Members
Show profile · Link to this post
Currently, i have this ceritficate on my server, ChatServer_TemporaryKey.pfx
Avatar
Alex #3
Member since Feb 2003 · 4327 posts · Location: Germany
Group memberships: Administrators, Members
Show profile · Link to this post
In reply to post #1
This is described here in RFC 6120.

You upgrade the socket from plain to encrypted over Tls. In .NET you use the SslStream classes for that with AuthenticateAsServer and AuthenticateAsClient.

Also you should not build your packets with a StringBuilder. There are classes for this in agsXMPP which build the XML and deserialize it.
This post was edited on 2016-12-20, 11:23 by Alex.
Avatar
bilalkhan #4
Member since Oct 2016 · 81 posts · Location: Pakistan
Group memberships: Members
Show profile · Link to this post
ok i have seen agsxmpp is using secure socket using SslStream classes, and their is certificate available in agsxmpp,

my question is if i select the options   private void streamParser_OnStreamStart(object sender, Node e){

                     SendStreamFeatures(StreamFeatures.SSL);
                   }

it means that my server is now able to start secure communication with the client.?
Avatar
Alex #5
Member since Feb 2003 · 4327 posts · Location: Germany
Group memberships: Administrators, Members
Show profile · Link to this post
you have to implement the SslStream in the server side as well. agsXMPP has implemented on the client side of the SslStream.
Avatar
bilalkhan #6
Member since Oct 2016 · 81 posts · Location: Pakistan
Group memberships: Members
Show profile · Link to this post
but above code is server code and sslstream is their and it is implemented?
 private SslStream secureStream;

on every send stream
  1. private bool Send(string data)
  2. {
  3.     if (IsTLSAuthenticated)
  4.     {
  5.         Send(Encoding.UTF8.GetBytes(data));
  6.     }
  7. }
  8.  
  9. public void Send(byte[] bData)
  10. {
  11.     secureStream.BeginWrite(bData, 0, bData.Length, new AsyncCallback(EndSend), null);
  12. }
This post was edited on 2016-12-20, 11:55 by Alex.
Avatar
Alex #7
Member since Feb 2003 · 4327 posts · Location: Germany
Group memberships: Administrators, Members
Show profile · Link to this post
I don't see any SslStream code in teh snippets you posted. I pointed you the SslStream class abd AuthenticateAsServer method  in the MSDN.

Please read this and implement in your server code:
https://msdn.microsoft.com/en-us/library/ms145065(v=vs.110).aspx
Close Smaller – Larger + Reply to this post:
Verification code: VeriCode Please enter the word from the image into the text field below. (Type the letters only, lower case is okay.)
Smileys: :-) ;-) :-D :-p :blush: :cool: :rolleyes: :huh: :-/ <_< :-( :'( :#: :scared: 8-( :nuts: :-O
Special characters:
Forum: agsXMPP RSS