Ein frohes neues Jahr! Jetzt will ich mal ein bisschen Leben in die Blog-Bude klopfen. Dieser Beitrag ist eher durch das aktuelle Semester als durch die zur Zeit viel behandelte “NSA-Problematik” motiviert. Kurz und knapp: Mit Powershell mal schnell nen SSL-Stream gebastelt. Hilft gegen neugierige Chefs, Geheimdienste, etc.
Server
# # Server example of SSL # $port = 9105; $cert = "D:\Hier\gehts\zum\Cert\Testserver.pfx"; $pk_pass = "strenggeheim"; # Run the server function RunServer(){ # Listen $listener = New-Object System.Net.Sockets.TcpListener($port); $listener.Start(); Write-Host "Listening on port $port"; # Waiting for client $client = $listener.AcceptTcpClient(); ProcessClient($client); # Stop server $listener.Stop(); } # Create a ssl stream function GetSslStream($client){ $serverCertificate = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2($cert, $pk_pass); $sslStream = New-Object System.Net.Security.SslStream($client.GetStream(), $false) $sslStream.AuthenticateAsServer($serverCertificate, $false, [System.Security.Authentication.SslProtocols]::Tls, $true); return $sslStream; } # Process connected client function ProcessClient($client){ $sslStream = GetSslStream($client); $streamReader = New-Object System.IO.StreamReader($sslStream); $streamWriter = New-Object System.IO.StreamWriter($sslStream); $line = ""; # Sending "welcome" $streamWriter.WriteLine("Welcome to the SSL server!"); $streamWriter.Flush(); # kick out while($line -ne "exit"){ $line = $streamReader.ReadLine(); Write-Host $line; $streamWriter.WriteLine($line); $streamWriter.Flush(); } } RunServer;
Client
# # Connect the Sample Server using SSL # function ConnectClient(){ # Connect $client = New-Object System.Net.Sockets.TcpClient("192.168.30.31", 9105); # Make it possible to use self-signed certification $validate = { $true }; # Authenticate $sslStream = New-Object System.Net.Security.SslStream($client.GetStream(), $false, $validate, $null); $sslStream.AuthenticateAsClient("localhost"); # print welcome $streamReader = New-Object System.IO.StreamReader($sslStream); Write-Host $streamReader.ReadLine(); # Hello ... $streamWriter = New-Object System.IO.StreamWriter($sslStream); $streamWriter.WriteLine("Hello World!"); $streamWriter.Flush(); # ... and bye $streamWriter.WriteLine("exit"); $streamWriter.Flush(); } ConnectClient;