Making HTTPS call in C# with the BouncyCastle library
Asked Answered
C

1

4

Using C# 4.0, I need to make HTTPS call with the BouncyCastle library (Short story : Windows XP + TLS 1.2).

When using the following code, I get a "HTTP Error 400. The request verb is invalid."

Here is my code :

using (var client = new TcpClient("serverName", 443))
{
    var sr = new SecureRandom();
    var cl = new MyTlsClient();
    var protocol = new TlsClientProtocol(client.GetStream(), sr);
    protocol.Connect(new MyTlsClient());

    using (var stream = protocol.Stream)
    {
         var hdr = new StringBuilder();
         hdr.AppendLine("GET /Url/WebService.asmx?wsdl HTTP/1.1");
         hdr.AppendLine("Host: serverName");
         hdr.AppendLine("Content-Type: text/xml; charset=utf-8");
         hdr.AppendLine("Connection: close");
         hdr.AppendLine();

         var dataToSend = Encoding.ASCII.GetBytes(hdr.ToString());
         sr.NextBytes(dataToSend);

         stream.Write(dataToSend, 0, dataToSend.Length);

         int totalRead = 0;
         string response = "";
         byte[] buff = new byte[1000];
         do
         {
              totalRead = stream.Read(buff, 0, buff.Length);
              response += Encoding.ASCII.GetString(buff, 0, totalRead);
         } while (totalRead == buff.Length);
     }
 } 

class MyTlsClient : DefaultTlsClient
{
    public override TlsAuthentication GetAuthentication() 
    {
        return new MyTlsAuthentication();
    }
}

class MyTlsAuthentication : TlsAuthentication
{
    public TlsCredentials GetClientCredentials(CertificateRequest certificateRequest) { return null; }

    public void NotifyServerCertificate(Certificate serverCertificate) {    }
}

What I've already done :

  • Using WireShark to decrypt the ssl stream and inspect the request send => I've never succeeded to decrypt ssl stream

  • Using fiddler to decrypt the https stream => No detection by fiddler so I suspect something might be badly encrypted

Any ideas ?

Consecrate answered 15/6, 2018 at 12:45 Comment(2)
Why are you calling "sr.NextBytes(dataToSend);"? That will overwrite the 'dataSend' buffer with random data, so no surprise it mangles the request.Postrider
@PeterDettman You were right, removing this instruction was the key.Consecrate
C
3

Thanks to PeterDettman who gave me the solution :

I must not use the sr.NextBytes(instructions), so the code becomes :

using (var client = new TcpClient("serverName", 443))
{
    var sr = new SecureRandom();
    var cl = new MyTlsClient();
    var protocol = new TlsClientProtocol(client.GetStream(), sr);
    protocol.Connect(new MyTlsClient());

    using (var stream = protocol.Stream)
    {
         var hdr = new StringBuilder();
         hdr.AppendLine("GET /Url/WebService.asmx?wsdl HTTP/1.1");
         hdr.AppendLine("Host: serverName");
         hdr.AppendLine("Content-Type: text/xml; charset=utf-8");
         hdr.AppendLine("Connection: close");
         hdr.AppendLine();

         var dataToSend = Encoding.ASCII.GetBytes(hdr.ToString());

         stream.Write(dataToSend, 0, dataToSend.Length);

         int totalRead = 0;
         string response = "";
         byte[] buff = new byte[1000];
         do
         {
              totalRead = stream.Read(buff, 0, buff.Length);
              response += Encoding.ASCII.GetString(buff, 0, totalRead);
         } while (totalRead == buff.Length);
     }
 } 
Consecrate answered 18/6, 2018 at 15:56 Comment(1)
Is there any way to combine this with a WSDL consumed by visual studio so that we can use TLS1.2 communication without having to manually develop each request and response?Thickskinned

© 2022 - 2024 — McMap. All rights reserved.