0

I'm just putting together an app with SSL, and I've managed to get to the point of establishing a connection and sending a message between the client and server. However, I've noticed that stream.HashAlgorithm and stream.KeyExchangeAlgorithm return Sha384 and None, respectively. Additionally, they both report a strength of 0. This is after sslStream.AuthenticateAsServer() has been run (but before a message is sent), so I believe the connection should be established and authenticated at this point. Here's the code:

Socket handler = await listener.AcceptAsync();
using NetworkStream networkStream = new NetworkStream(handler);
Console.WriteLine(handler.Connected);
SslStream sslStream = new SslStream(networkStream, false);
sslStream.AuthenticateAsServer(serverCertificate, false, true);

DisplaySecurityLevel(sslStream);
DisplaySecurityServices(sslStream);
DisplayCertificateInformation(sslStream);
DisplayStreamProperties(sslStream);

It should be mentioned that I'm using a self-signed certificate without a CA, I gather that could impact the results of these properties, it just seems surprising to me that it would result in these specific values (also, yes, I intend to get a proper certificate later, I'm just currently testing locally and not too concerned about that). Additionally, per WireShark, it appears that .NET has chosen to use TLS 1.3.

So, is this behaviour to be expected?

Megukaphii
  • 41
  • 1
  • 5
  • 1
    On [so] please *always* include the runtime environment specifics (language, library, versions). The language should also be in the tags, which also enables automatic syntax highlighting for it. In this particular case you should also provide indication on what TLS protocols are being used (you can use e.g. WireShark to show what is happening). Don't be skimpy on details here. – Maarten Bodewes Mar 04 '23 at 21:48

0 Answers0