What Version of SSL Protocol does unity supports?

I am trying to create a secure connection between my unity application(client) and C application(server) using SSLStream, but am facing an issue. Unity Editor crashes every time try to authenticate the user as client. Here is the code :

        // Create an SSL stream that will close the client's stream.
        SslStream sslStream = new SslStream(
            client.GetStream(),
            false,
            new RemoteCertificateValidationCallback(ValidateServerCertificate),
            null
            );
        // The server name must match the name on the server certificate.
        try
        {
            //sslStream.AuthenticateAsClient(serverName);
            //X509Certificate2Collection xc = new X509Certificate2Collection();
            sslStream.AuthenticateAsClient(machineName, cCollection, SslProtocols.Ssl3, false);
        }
        catch (AuthenticationException e)
        {
            Console.WriteLine("Exception: {0}", e.Message);
            if (e.InnerException != null)
            {
                Console.WriteLine("Inner exception: {0}", e.InnerException.Message);
            }
            Console.WriteLine("Authentication failed - closing the connection.");
            client.Close();
            return;
        }

The app crashes if i use SSL3 but not if i use TLS.

the issue is i cannot use TLS as my server is using SSL3. So they wont communicate, neither send nor receive data.

Please help me. Its been a week am stuck here and found no good answer anywhere.

As no one Answered, I am going to answer it for myself.

The app was Crashing due to some buggy code not because of the SSLProtocol. I figured it out and now its working absolutely fine.

And i would like to suggest people to use TLS as SSLProtocol instead of SSL3, as it is more secure.

This is the whole class that i wrote:

using UnityEngine;
using System;
using System.Collections;
using System.Net.Security;
using System.Net.Sockets;
using System.Security.Authentication;
using System.Text;
using System.Security.Cryptography.X509Certificates;
using System.Runtime.InteropServices;

public class SslTcpClient
{
    public const int BUFFSIZE1 = 32000;

    [StructLayout(LayoutKind.Sequential, Pack = 4)]
    public struct cheader
    {
        ushort tran_type;
        public ushort data_size;
        uint user_id;
        byte iscontinue;
        ushort branch_id;
        [MarshalAs(UnmanagedType.ByValArray, ArraySubType = UnmanagedType.U4, SizeConst = 4)]
        byte[] tran_date;
        int encrypt;
    };

    [StructLayout(LayoutKind.Sequential, Pack = 4)]
    public struct sheader
    {
        public cheader chdr;
        int srv_trno;
        byte iscontinue;
        byte send_count;
        int result_nsec;
    };

    public struct client_buffer
    {
        cheader chdr;
        [MarshalAs(UnmanagedType.ByValArray, ArraySubType = UnmanagedType.U4, SizeConst = BUFFSIZE1)]
        byte[] buffer;
    };

    public struct server_buffer
    {
        sheader shdr;
        [MarshalAs(UnmanagedType.ByValArray, ArraySubType = UnmanagedType.U4, SizeConst = BUFFSIZE1)]
        byte[] buffer;
    };

    public struct tran_time
    {
        long res_nsec;
        long res_usec;
        long req_nsec;
        long req_usec;
    };

    private static Hashtable certificateErrors = new Hashtable();

    X509Certificate clientCertificate;

    public static string serverMessage;

    public static int counter = 0;

    private string fileName;

    public static bool CertificateValidationCallback(
            object sender,
            X509Certificate certificate,
            X509Chain chain,
            SslPolicyErrors sslPolicyErrors)
    {
        return true;
    }

    static X509Certificate CertificateSelectionCallback(object sender,
    string targetHost,
    X509CertificateCollection localCertificates,
    X509Certificate remoteCertificate,
    string[] acceptableIssuers)
    {
        return localCertificates[0];
    }

    public void RunClient(string machineName)
    {
        fileName = "1411134668.p12";

        TcpClient client = new TcpClient();
        client.Connect(machineName, 8080);

        counter++;

        SslStream sslStream = new SslStream(client.GetStream(), false,
            new RemoteCertificateValidationCallback(CertificateValidationCallback),
            new LocalCertificateSelectionCallback(CertificateSelectionCallback));

        bool authenticationPassed = true;
        try
        {
            string path = getPath();

#if UNITY_EDITOR
            X509Certificate2 cert = new X509Certificate2(path, "test");
#elif UNITY_ANDROID
            WWW reader = new WWW(path);
            while (!reader.isDone) { }
            X509Certificate2 cert = new X509Certificate2(reader.bytes, "test");
#endif
            X509Certificate2Collection certs = new X509Certificate2Collection();
            certs.Add(cert);

            counter++;

            sslStream.AuthenticateAsClient(
                machineName,
                certs,
                SslProtocols.Tls,
                true); // check cert revokation

            counter++;
        }
        catch (AuthenticationException e)
        {
            Debug.Log("Exception: " + e.Message);
            if (e.InnerException != null)
            {
                Debug.Log("Inner exception: " + e.InnerException.Message);
            }
            Debug.Log("Authentication failed - closing the connection.");
            client.Close();
            authenticationPassed = false;
            return;
        }

        if (authenticationPassed)
        {
            byte[] messsage = Encoding.UTF8.GetBytes("Hello from the client.<EOF>");

            Debug.Log("After : " + sslStream.LocalCertificate);


            serverMessage = ReadMessage(sslStream);

            Debug.Log("Server says: " + serverMessage);

            client.Close();
            Debug.Log("Client closed.");

            counter++;

        }
    }

    private string getPath()
    {
#if UNITY_EDITOR
        return Application.streamingAssetsPath + "/" + fileName;
#elif UNITY_ANDROID
        return Application.streamingAssetsPath + "/" + fileName;
#elif UNITY_IPHONE
        return GetiPhoneDocumentsPath()+"/" + fileName;
#else
        return Application.dataPath +"/" + fileName;
#endif
    }

    static string ReadMessage(SslStream sslStream)
    {

        byte[] buffer = new byte[2048];
        StringBuilder messageData = new StringBuilder();

        int k = sslStream.Read(buffer, 0, 200);

        Debug.Log("Value of k : " + k);

        sheader returndata = ByteArrayToStructure<sheader>(buffer);

        Debug.Log("This is what the host returned to you: " + returndata);

        Debug.Log("Buffer Size : " + k);

        char[] c = new char[k];

        for (int i = 0; i < k; i++)
        {
            
            c _= Convert.ToChar(buffer*);*_

}

string s = new string(c);

return s;
}

static sheader ByteArrayToStructure(byte[] bytes)
{
GCHandle handle = GCHandle.Alloc(bytes, GCHandleType.Pinned);
sheader stuff = (sheader)Marshal.PtrToStructure(handle.AddrOfPinnedObject(), typeof(sheader));
handle.Free();
return stuff;
}

public static void callFunc(string addr)
{
SslTcpClient obj = new SslTcpClient();
Environment.SetEnvironmentVariable(“MONO_TLS_SESSION_CACHE_TIMEOUT”, “0”);
obj.RunClient(addr);
}

private static void DisplayUsage()
{
Debug.Log(“To start the client specify:”);
Debug.Log(“clientSync machineName [serverName]”);
Environment.Exit(1);
}

}
I don’t know if i should expose the whole code, But its for the help of everyone out there who is stuck with SSL communication.
Cheers!! :slight_smile: :slight_smile: