
This is the Title of the Book, eMatter Edition
Copyright © 2007 O’Reilly & Associates, Inc. All rights reserved.
Securing Stream Data
|
1001
Discussion
For more information about the inner workings of the TCP server and client and
how to run these applications, see Recipes 16.1 and 16.2. In this recipe, you will
cover only the changes needed to convert the TCP server and client to use the
SslStream object for secure communication.
The
SslStream object uses the SSL protocol to provide a secure encrypted channel on
which to send data. However, encryption is just one of the security features built into
the
SslStream object. Another feature of SslStream is that it prevents malicious or
even accidental modification to the data. Even though the data is encrypted, it may
become modified during transit. To determine if this has occurred, the data is signed
with a hash before it is sent. When it is received, the data is rehashed and the two
hashes are compared. If both hashes are equivalent, the message arrived intact; if the
hashes are not equivalent, then something modified the data during transit.
The
SslStream object also has the ability to use client and/or server certificates to
authenticate the client and/or the server. These certificates are used to prove the
identity of the issuer. For example, if a client attaches to a server using SSL, the
server must provide a certificate to the client that is used ...