André Snede

Developer blog

Category: .NET Core

TLS PSK C# 0

.NET / .NET Core / .NET Framework

How to support TLS PSK in C# (Pre-shared key)

TLS PSK (Pre-shared key) support in C# and .NET is very hard to come by. And is not natively supported. The SSLStream class in both .NET framework and .NET Core does not currently support getting SSL/TLS connections with the PSK or PSK-DHE Ciphersuites. The TLS-PSK implementation in OpenSSL has seen many security flaws in recent years, mostly because it is used only by a minority of applications. Please consider all alternative solutions before switching to PSK ciphers.  https://nodejs.org/api/tls.html To actually make this work you have to look for alternatives such as SSL termination proxies, or other programming languages all together. Resources to look into: wolfSSL C# Wrapper The wolfSSL C# wrapper gives the ability to make use of the TLS/SSL security perfected from IoT and embedded devices in C# development....

The most dangerous constructor in .NET 12

.NET / .NET Core / .NET Framework

The most dangerous constructor in .NET

You should never instantiate a X509Certificate2 with the “new” keyword if you can avoid it, it is one of the most dangerous constructors in .NET – X509Certificate2, and if you do, you must be aware of these gotchas. Doing this wrong can mean you flood your disk with one-time use files, that are never removed. If you load in a new X509Certificate2 from a file by calling the public X509Certificate2 (string fileName, SecureString password); constructor, or similar constructor then you will without knowing it, create a brand new file on your disk, and this will happen every time you new it up. When you instantiate a X509Certificate2 from disk, say from a .pfx file, a new storage file of 3-4kb will be created in one of the following places depending...

Get started with .NET Generic Host 2

.NET Core / ASP.NET Core

Get started with .NET Generic Host

Learn how Microsoft made it easier to bootstrap your new .NET Core project and get started with .NET Generic host. In the version bump to .NET Core 2.1, Microsoft added the .NET Generic Host, which is a non-web version of the WebHost that runs ASP.NET Core. The thought behind this addition was to allow us to re-use the tools that we use in ASP.NET, such as dependency injection and logging abstractions of Microsoft.Extensions. Later on, in ASP.NET Core 3.0 and 3.1, they moved ASP.NET to run on .NET Generic Host instead of the previously used WebHost, merging the two approaches together to make them truly the same. Now we can build our console applications, systemd’s, windows services or web apps on the same underlying hosting paradigm, with the same shared...