Monday, July 30, 2012

Simple Instant Messenger with SSL Encryption in C#

Inline image 1

Introduction

Did you ever want to write your own instant messenger program like Skype? OK, not so advanced... I will try to explain how to write a simple instant messenger (IM) in C#.NET.

First, some theory. Our instant messenger will work on a client-server model.

Inline image 2

Users have client programs which connect to the server application. Client programs know the server's IP or hostname (e.g., example.com).

The most popular internet protocols are TCP and UDP. We will use TCP/IP, because it is reliable and it has established connection. .NET offers TcpClient and TcpListener classes for this protocol. TCP/IP doesn't offer encryption. It is possible to create own encryption protocol over TCP, but I recommend using SSL (used in HTTPS). It authenticates server (and optionally client) and encrypts connection.

SSL is using X.509 certificates for authenticating. You can buy real SSL certificate (trusted) or generate self-signed certificate (untrusted). Untrusted certificates allow encryption, but authentication isn't safe. We can use them for testing. I made batch script, which generates self-signed certificate in PFX package. My script requires OpenSSL installed in system. I included also one in server application project.

At the end there is your higher-level protocol, which sends messages to specified users and does other IM stuff. I will explain my protocol during article.

You can debug your server and client on the same computer: hostname of server will be localhost or 127.0.0.1 (local IP - same computer).

Background

You should know something about SSL protocol, certificates, and networking.

Preparing

Create two projects: server and client. Server will be a console application, client - Windows Forms (or WPF). You will need to debug two projects at once, so don't place them in one solution.

Read more: Codeproject
QR: Inline image 3

Posted via email from Jasper-Net