From fbdbc90f1d0e32e555e938d2e93a5d055a43e2b1 Mon Sep 17 00:00:00 2001
From: TheJoKlLa <thejoklla@gmail.com>
Date: Tue, 15 Mar 2022 00:35:00 +0100
Subject: [PATCH] Added: Simple TLS

---
 Borepin/Borepin/Service/BFFH/BFFHService.cs | 23 +++++++++++++++++++++
 1 file changed, 23 insertions(+)

diff --git a/Borepin/Borepin/Service/BFFH/BFFHService.cs b/Borepin/Borepin/Service/BFFH/BFFHService.cs
index 8ee600f..d08ac51 100644
--- a/Borepin/Borepin/Service/BFFH/BFFHService.cs
+++ b/Borepin/Borepin/Service/BFFH/BFFHService.cs
@@ -10,6 +10,9 @@ using Borepin.Service.BFFH.Exceptions;
 using Borepin.Service.Storage.Exceptions;
 using Capnp.Rpc;
 using FabAccessAPI.Exceptions;
+using System.Security.Cryptography.X509Certificates;
+using System.Net.Security;
+using System.Security.Authentication;
 
 namespace Borepin.Service.BFFH
 {
@@ -278,9 +281,29 @@ namespace Borepin.Service.BFFH
         #endregion
 
         #region Private Methods
+        private static bool RemoteCertificateValidationCallback(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors)
+        {
+            return true;
+        }
+
         private async Task<TcpRpcClient> _ConnectAsync(string host, int port)
         {
             TcpRpcClient rpcClient = new TcpRpcClient();
+            rpcClient.InjectMidlayer((tcpstream) =>
+            {
+
+                var sslStream = new SslStream(tcpstream, false, new RemoteCertificateValidationCallback(RemoteCertificateValidationCallback));
+                try
+                {
+                    sslStream.AuthenticateAsClient("bffhd");
+                    return sslStream;
+                }
+                catch (AuthenticationException)
+                {
+                    sslStream.Close();
+                    throw;
+                }
+            });
             rpcClient.Connect(host, port);
             await rpcClient.WhenConnected.ConfigureAwait(false);