Hello,
I went thru your first version of the SSL.
At that time you could use a P12 file, encoded and certified.
I liked that solution because no private information existed on the hard disk in clear. Only in memory ! This is the simplest and safest solution.
But the last version you show me like :
PgSqlConnection conn = new PgSqlConnection("user id=postgres;password=postgres;host=localhost;");
conn.SslOptions.CACert = "E:\Test\root.crt";
conn.SslOptions.Cert = "E:\Test\client.crt";
conn.SslOptions.Key = "E:\Test\client.key";
conn.SslOptions.SslMode = SslMode.Require;
conn.Open();
has got an horrible drawback : the information are to be provided in clear, an the hard disk.
This lead to 3 questions :
1) Why the encoded P12 method, which was safe in my opinion, has been removed ?
2) Why don't you accept the certificate/key from a stream or a byte[] or a string ? Chilkat Software offer free libs to extract the cert/keys from pem or p12 to memory objects.
3) The root certificates are to be stored in the system. C#/.NET infrastructure allow a certificates to be automatically checked against the stored certificates. See my Appendix.
For me, there is an absolute opposition between SECURITY and KEYRINGS LYING ON THE CARPET IN THE MIDDLE OF THE LIVING ROOM.
I hope you will find a solution, but we would have to go back to some other ssl tunnel technique if you maintain thoses exposed methods.
seb
APPENDIX:
// If it has not been done yet, record your root certificate...
using System.Security.Cryptography;
using System.Security.Cryptography.X509Certificates;
.....
X509Store store = new X509Store( StoreName.Root, StoreLocation.CurrentUser );
store.Open( OpenFlags.ReadWrite );
X509Certificate2 certificate = new X509Certificate2( );
X509Certificate2 certificate1 = new X509Certificate2( Environment.GetFolderPath( Environment.SpecialFolder.ProgramFiles )+@"\briosoft\cacert.cer" );
X509Certificate2Collection col = store.Certificates;
Boolean noup=false;
foreach( X509Certificate2 c in col ) {
if( c.GetCertHashString( ) == certificate1.GetCertHashString( ) ) {
noup = true;
break;
}
}
if( !noup ) {
XtraMessageBox.Show( "Pour assurer la confidentialité, nous allons maintenant\r\n"
+"procéder à une opération qui requière votre intervention.\r\n"
+"Un écran va s'ouvrir après celui-ci et vous demander votre accord.\r\n"
+"Vous allez donner votre accord une fois pour toute.\r\n"
+"\r\nPour continuer, cliquez sur le bouton SVP...",
"Installation du certificat de cryptage BRIOSOFT", MessageBoxButtons.OK, MessageBoxIcon.Asterisk );
store.Add( certificate1 );
}
store.Close( );
With this, your first method (4.50.29) works perfectly)
Recommended security improvments
1) and 3): We have rejected the .NET Framework approach of SSL (with a P12 file) because we have encountered some technical difficulties during the implementation. We are using the OpenSSL approach with dotConnect for PostgreSQL instead at the moment (with root.crt, client.crt and client.key) like dotConnect for MySQL has. We will make deeper investigation of the issue and notify you about the results as soon as possible.
2) We will consider adding such interface (stream / byte[] / string) to work with certificates and keys in the nearest future.
Also we will investigate the possibility of using certificates storage for authenticity checking of server's certificates.
Thank you for your suggestions. We will notify you about the results.
2) We will consider adding such interface (stream / byte[] / string) to work with certificates and keys in the nearest future.
Also we will investigate the possibility of using certificates storage for authenticity checking of server's certificates.
Thank you for your suggestions. We will notify you about the results.
Some news ?
I read your answer :
I am very sad my points 1 and 3 were rejected, but as a developer myself, i will accept this.
If you set up a way to provides the certificates as byte[]/String/Stream to your lib, i will solve (with some additionnal code on my side) the problem. I apreciable, i would publish my snipets in this forum record a CA certificates by code, open a P12 by code IN MEMORY and feed your lib with the results.
I have got confirmation from my customers that they would not accept to write anywhere on a disk such sensitive information like the private key.
I saw you published a new version. Nothing about the present topic in this version ? Will you mention any change in the version log ?
Seb
I am very sad my points 1 and 3 were rejected, but as a developer myself, i will accept this.
If you set up a way to provides the certificates as byte[]/String/Stream to your lib, i will solve (with some additionnal code on my side) the problem. I apreciable, i would publish my snipets in this forum record a CA certificates by code, open a P12 by code IN MEMORY and feed your lib with the results.
I have got confirmation from my customers that they would not accept to write anywhere on a disk such sensitive information like the private key.
I saw you published a new version. Nothing about the present topic in this version ? Will you mention any change in the version log ?
Seb
Re: Recommended security improvments
New build of dotConnect for PostgreSQL 6.0.17 is available for download!
It can be downloaded from http://www.devart.com/dotconnect/postgr ... nload.html (trial version) or from Registered Users' Area (for users with active subscription only).
For more information, please refer to http://forums.devart.com/viewtopic.php?f=3&t=24292 .
It can be downloaded from http://www.devart.com/dotconnect/postgr ... nload.html (trial version) or from Registered Users' Area (for users with active subscription only).
For more information, please refer to http://forums.devart.com/viewtopic.php?f=3&t=24292 .