How to Determine the Negotiated TLS Version in .NET Framework?
Jan 10, 2025 am 08:03 AM
Determine negotiated TLS version
.NET Framework 4.7 applications use TLS 1.2 by default. However, it is critical to determine the specific TLS version negotiated during secure communications. Here's how to do it:
Method 1: Use reflection
This technique involves using reflection to access the internal GetRequestStream() properties of the GetResponseStream() or TlsStream returned stream. The TlsStream class exposes the SslState attribute, which provides access to the SslProtocol properties.
using System.IO.Compression;
using System.Net;
using System.Reflection;
using System.Security.Authentication;
HttpWebRequest request = (HttpWebRequest)WebRequest.Create(decodedUri);
using (Stream requestStream = request.GetRequestStream())
{
SslProtocols sslProtocol = ExtractSslProtocol(requestStream);
// 檢查SSL版本,如有必要采取適當(dāng)?shù)拇胧?}
private SslProtocols ExtractSslProtocol(Stream stream)
{
BindingFlags bindingFlags = BindingFlags.Instance | BindingFlags.NonPublic;
Stream metaStream = stream;
// 處理GZip或Deflate流
if (stream is GZipStream) metaStream = (stream as GZipStream).BaseStream;
else if (stream is DeflateStream) metaStream = (stream as DeflateStream).BaseStream;
var tlsStream = metaStream.GetType().GetProperty("Connection", bindingFlags).GetValue(metaStream);
if (!(bool)tlsStream.GetType().GetProperty("UsingSecureStream", bindingFlags).GetValue(tlsStream)) return SslProtocols.None;
var tlsState = tlsStream.GetType().GetField("m_Worker", bindingFlags).GetValue(tlsStream);
return (SslProtocols)tlsState.GetType().GetProperty("SslProtocol", bindingFlags).GetValue(tlsState);
}
Method 2: Use TcpClient
Alternatively, you can use the TcpClient class to establish a TCP connection. TcpClient also provides access to SslStream, allowing you to check the negotiated TLS version. This method is useful if you need to determine the TLS version before initiating an HTTP request.
TlsInfo tlsInfo = null;
IPHostEntry dnsHost = await Dns.GetHostEntryAsync(HostURI.Host);
using (TcpClient client = new TcpClient(dnsHost.HostName, 443))
{
using (SslStream sslStream = new SslStream(client.GetStream(), false,
TlsValidationCallback, null))
{
sslstream.AuthenticateAsClient(dnsHost.HostName, null,
(SslProtocols)ServicePointManager.SecurityProtocol, false);
tlsInfo = new TlsInfo(sslStream);
}
}
public class TlsInfo
{
public TlsInfo(SslStream secStream)
{
this.ProtocolVersion = secStream.SslProtocol;
}
public SslProtocols ProtocolVersion { get; set; }
}
Both methods provide a way to determine the negotiated TLS version during secure HTTP communications, allowing you to make informed decisions based on your security requirements.
The above is the detailed content of How to Determine the Negotiated TLS Version in .NET Framework?. For more information, please follow other related articles on the PHP Chinese website!
Hot AI Tools
Undress AI Tool
Undress images for free
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
C Polymorphism : is function overloading a kind of polymorphism?
Jun 20, 2025 am 12:05 AM
Yes, function overloading is a polymorphic form in C, specifically compile-time polymorphism. 1. Function overload allows multiple functions with the same name but different parameter lists. 2. The compiler decides which function to call at compile time based on the provided parameters. 3. Unlike runtime polymorphism, function overloading has no extra overhead at runtime, and is simple to implement but less flexible.
What Are the Different Kinds of Polymorphism in C ? Explained
Jun 20, 2025 am 12:08 AM
C has two main polymorphic types: compile-time polymorphism and run-time polymorphism. 1. Compilation-time polymorphism is implemented through function overloading and templates, providing high efficiency but may lead to code bloating. 2. Runtime polymorphism is implemented through virtual functions and inheritance, providing flexibility but performance overhead.
C : Is Polymorphism really useful?
Jun 20, 2025 am 12:01 AM
Yes, polymorphisms in C are very useful. 1) It provides flexibility to allow easy addition of new types; 2) promotes code reuse and reduces duplication; 3) simplifies maintenance, making the code easier to expand and adapt to changes. Despite performance and memory management challenges, its advantages are particularly significant in complex systems.
C Destructors: Common Errors
Jun 20, 2025 am 12:12 AM
C destructorscanleadtoseveralcommonerrors.Toavoidthem:1)Preventdoubledeletionbysettingpointerstonullptrorusingsmartpointers.2)Handleexceptionsindestructorsbycatchingandloggingthem.3)Usevirtualdestructorsinbaseclassesforproperpolymorphicdestruction.4
C tutorial for people who know Python
Jul 01, 2025 am 01:11 AM
People who study Python transfer to C The most direct confusion is: Why can't you write like Python? Because C, although the syntax is more complex, provides underlying control capabilities and performance advantages. 1. In terms of syntax structure, C uses curly braces {} instead of indentation to organize code blocks, and variable types must be explicitly declared; 2. In terms of type system and memory management, C does not have an automatic garbage collection mechanism, and needs to manually manage memory and pay attention to releasing resources. RAII technology can assist resource management; 3. In functions and class definitions, C needs to explicitly access modifiers, constructors and destructors, and supports advanced functions such as operator overloading; 4. In terms of standard libraries, STL provides powerful containers and algorithms, but needs to adapt to generic programming ideas; 5
Polymorphism in C : A Comprehensive Guide with Examples
Jun 21, 2025 am 12:11 AM
Polymorphisms in C are divided into runtime polymorphisms and compile-time polymorphisms. 1. Runtime polymorphism is implemented through virtual functions, allowing the correct method to be called dynamically at runtime. 2. Compilation-time polymorphism is implemented through function overloading and templates, providing higher performance and flexibility.
What Are the Various Forms of Polymorphism in C ?
Jun 20, 2025 am 12:21 AM
C polymorphismincludescompile-time,runtime,andtemplatepolymorphism.1)Compile-timepolymorphismusesfunctionandoperatoroverloadingforefficiency.2)Runtimepolymorphismemploysvirtualfunctionsforflexibility.3)Templatepolymorphismenablesgenericprogrammingfo
C Polymorphism: Coding Style
Jun 19, 2025 am 12:25 AM
C polymorphismisuniqueduetoitscombinationofcompile-timeandruntimepolymorphism,allowingforbothefficiencyandflexibility.Toharnessitspowerstylishly:1)Usesmartpointerslikestd::unique_ptrformemorymanagement,2)Ensurebaseclasseshavevirtualdestructors,3)Emp
