Class
SSLSocket
Description
Use the SSLSocket class to do secure communications via TCP/IP using secure sockets layer (SSL) technology.
Properties
Name |
Type |
Read-Only |
Shared |
---|---|---|---|
✓ |
|||
✓ |
|||
✓ |
|||
✓ |
|||
✓ |
|||
✓ |
|||
✓ |
|||
✓ |
|||
Methods
Name |
Parameters |
Returns |
Shared |
---|---|---|---|
Encoding As TextEncoding = Nil |
|||
Bytes As Integer, Encoding As TextEncoding = Nil |
|||
Encoding As TextEncoding = Nil |
|||
Data As String |
|||
Events
Name |
Parameters |
Returns |
---|---|---|
err As RuntimeException |
||
userAborted As Boolean |
||
Enumerations
SSLSocket.SSLConnectionTypes
SSLConnectionTypes
Specifies the available types of SSL connections.
Enum |
Description |
---|---|
SSLv23 |
A TLS/SSL connection established with this value may understand the SSLv3, TLSv1, TLSv1.1, TLSv1.2 and TLSv1.3 protocols. If extensions are required (for example server name) a client will send out TLSv1 client hello messages including extensions and will indicate that it also understands TLSv1.1, TLSv1.2 and permits a fallback to SSLv3. A server will support SSLv3, TLSv1, TLSv1.1 and TLSv1.2 protocols. This is the best choice when compatibility is a concern. |
TLSv1 |
TLS (Transport Layer Security) version 1. (default). |
TLSv11 |
TLS (Transport Layer Security) version 1.1. |
TLSv12 |
TLS (Transport Layer Security) version 1.2 |
TLSv13 |
TLS (Transport Layer Security) version 1.3 |
Important
On Windows, TLSv13 requires Windows 11.
Property descriptions
SSLSocket.Address
Address As String
The TCP/IP address to try to connect to.
In this example, the address has been entered into a TextField.
TCPSocket1.Address = TextField1.Text
SSLSocket.BytesAvailable
BytesAvailable As Integer
The number of bytes of data are available in the internal receive buffer.
This property is read-only.
TextField1.Text = Me.BytesAvailable.ToString
SSLSocket.BytesLeftToSend
BytesLeftToSend As Integer
The number of bytes left in the queue remaining to be sent.
This property is read-only.
This enables you to create a synchronous socket without needing to subclass it.
TextField1.Text = Me.BytesLeftToSend.ToString
SSLSocket.CertificateFile
CertificateFile As FolderItem
The file that contains the SSL certificate.
This example opens the certificate file and assigns it to the property.
Var f As FolderItem
f = FolderItem.ShowOpenFileDialog("text/plain")
If f <> Nil Then
Socket1.CertificateFile = f
End If
SSLSocket.CertificatePassword
CertificatePassword As String
The certificate password for the secure connection.
This example sets the certificate password from a TextField.
socket1.CertificatePassword=TextField1.Text
SSLSocket.CertificateRejectionFile
CertificateRejectionFile As FolderItem
The certificate rejection file.
This example gets the certificate rejection file from disk.
Var f As FolderItem
f = FolderItem.ShowOpenFileDialog("text/plain")
If f <> Nil Then
Socket1.CertificateRejectionFile = f
End If
SSLSocket.Handle
Handle As Integer
This is the socket's internal descriptor and it can be used with Declare statements.
This property is read-only.
Important
This property is not supported for Android.
On Windows, Handle is a Socket, suitable for use in Declares on Windows.
On macOS and Linux, Handle is a UNIX socket descriptor.
The descriptor is platform-specific. If Handle is less than zero, the descriptor is not available.
SSLSocket.IsConnected
IsConnected As Boolean
Indicates whether the socket is currently connected.
This property is read-only.
For TCPSockets, a connection means you can send and receive data and are connected to a remote machine. For UDPSockets, this means that you are bound to the port and are able to send, receive, join or leave multicast groups, or set socket options.
If EasyUDPSocket1.IsConnected Then
' proceed using the connection
Else
MessageBox("Connection failed!")
End If
SSLSocket.LocalAddress
LocalAddress As String
The local IP address of the computer.
This property is read-only.
Var localIP As String = Socket1.LocalAddress
SSLSocket.NetworkInterface
NetworkInterface As NetworkInterface
Specifies which network interface the socket should use when binding.
You can get the network interface(s) of the user's computer by calling the GetNetworkInterface method of the System module.
Leaving this property set to Nil will use the currently selected interface. In the case of UDPSockets, if you assign a non-Nil value, the socket may not be able to receive broadcast messages. The behavior is OS-dependent; it appears to work on Windows but not on other supported operating systems. If you wish to send broadcast packets out, then you should not bind to a specific interface because the behavior is undefined.
Important
This property is not supported for Android.
This example specifies that the TCPSocket will use the first Network Interface on the user's computer.
TCPSocket1.NetworkInterface = System.NetworkInterface(0)
SSLSocket.Port
Port As Integer
The port to bind on or connect to.
On most operating systems, attempting to bind to a port less than 1024 causes a Error event to fire with an error number 107 unless the application is running with administrative permissions. This is due to security features built into the underlying OS.
You need to set the port property explicitly before any call to Listen or Connect as the Port property will be modified to reflect what the actual bound port is during the various stages of operation.
For instance, if you listen on port 8080 and a connection comes in, you can check the Port property to ensure that you're still listening on port 8080 (that the port hasn't been hijacked). Or, if you connect to a socket on port 8080, once the connection occurs, you can check to see what port the OS has bound you to. This will be a random-seeming port number.
This trick can be very useful when you do things like Listen on port 0. In that case, the OS will pick a port for you and listen on it. Then you can check the Port property to see which port the OS picked. This functionality is used for various protocols, such as FTP.
This example sets the Port to 8080.
TCPSocket1.Port = 8080
SSLSocket.RemoteAddress
RemoteAddress As String
The address of the remote machine you are connected to.
This property is read-only.
Use this instead of the Address property to determine the address of the machine you are actually connected to.
This example reports the address of the remote machine that the user is connected to. It is in the Connected event.
TextField1.Text = Me.RemoteAddress
SSLSocket.SSLConnected
SSLConnected As Boolean
True if you have an SSL connection.
This property is read-only.
If Me.SSLConnected Then
' connection established with secure communications, proceed ...
Else
Exit
End If
SSLSocket.SSLConnecting
SSLConnecting As Boolean
True if the socket is in the process of doing a handshake to establish an SSL connection.
This property is read-only.
If Me.SSLConnecting Then
' proceed with connection
End If
SSLSocket.SSLConnectionType
SSLConnectionType As SSLConnectionTypes
Specifies the type of SSL connection.
Set this property by assigning a SSLConnectionTypes value to it.
The default is TLSv1. If you need to change the connection type, close the connection first.
This example changes the connection type to TLSv1.
Socket1.SSLConnectionType = SSLSocket.SSLConnectionTypes.TLSv1
SSLSocket.SSLEnabled
SSLEnabled As Boolean
Set to True to specify an SSL connection.
If SSLEnabled is False, the SSLSocket transmits data just like a TCPSocket. This property can be toggled at any time.
Me.SSLEnabled = True
Method descriptions
SSLSocket.Close
Close
Closes the socket's connection, closes any connections the socket may have, and resets the socket.
The only information that is retained after calling Close is the socket's port, address (in the case of TCPSockets), and data left in the socket's receive buffer. All other information is discarded.
This example closes the EasyTCPSockets that were open. The sockets were added to the main window.
Connector.Close
Listener.Close
SSLSocket.Connect
Connect
Attempts to connect.
For TCPSockets, the address and port properties must be set. For UDPSockets, the port property must be set. The Connect method binds a socket to a port. After calling Connect, the Port property will report the actual port you are bound to.
SSLSocket.Disconnect
Disconnect
Disconnects the socket, resets it, and fires a SocketCore Error event with a 102 error to let you know that the socket has been disconnected.
This example disconnects the EasyTCPSockets that were opened.
Connector.Disconnect
Listener.Disconnect
SSLSocket.EndOfFile
EndOfFile As Boolean
Returns True when there's no more data left to read.
This code reads the rows and columns of data from a tab-delimited text file into a ListBox:
Var f As FolderItem
Var textInput As TextInputStream
Var rowFromFile As String
f = FolderItem.ShowOpenFileDialog("text/plain") ' defined as a FileType
If f <> Nil Then
textInput = TextInputStream.Open(f)
textInput.Encoding = Encodings.UTF8
Do
rowFromFile = textInput.ReadLine
Var values() As String = rowFromFile.ToArray(String.Chr(9))
ListBox1.ColumnCount = values.Count
ListBox1.AddRow("")
Var col As Integer
For Each value As String In values
ListBox1.CellTextAt(ListBox1.LastAddedRowIndex, col) = value
col = col + 1
Next
Loop Until textInput.EndOfFile
textInput.Close
End If
This example reads each pair of bytes from a file and writes them in reverse order to a new file. The user chooses the source file using the Open-file dialog box and saves the new file using the Save as dialog box. The EOF property is used to terminate the Do...Loop.
Var readFile As FolderItem = FolderItem.ShowOpenFileDialog("text")
If readFile <> Nil Then
Var ReadStream As BinaryStream = BinaryStream.Open(readFile, False)
ReadStream.LittleEndian = True
Var writeFile As FolderItem = FolderItem.ShowSaveFileDialog("", "")
If writeFile <> Nil Then
Var writeStream As BinaryStream = BinaryStream.Create(writeFile, True)
writeStream.LittleEndian = True
Do Until ReadStream.EndOfFile
writeStream.WriteInt8(ReadStream.ReadInt8)
Loop
writeStream = Nil
End If
readStream = Nil
End If
SSLSocket.Flush
Flush
Immediately sends the contents of internal write buffers to disk or to the output stream.
This function can be useful in point-to-point communication over sockets and similar connections: To optimize for transmission performance, some types of output streams try to collect small pieces of written data into one larger piece for sending instead of sending each piece out individually. By calling Flush, the data collection is stopped and the data is sent without further delay, reducing latency.
When using this on a stream that ends up as a file on disk, it is useful, too: Any short parts of previously written data are written to disk right away, ensuring the data is actually on disk if the application terminates abruptly, e.g. due to a crash.
Avoid calling this method too often. For example, do not call it between successive Write calls because you'll slow down performance without getting much benefit.
A typical use case would look like this:
mySocket.Write("you typed: ")
mySocket.Write(key)
mySocket.Write(".")
mySocket.Flush
SSLSocket.Listen
Listen
Attempts to listen for incoming connections on the currently specified port.
After calling Listen, the Port property will report the actual port you are bound to.
SSLSocket.Lookahead
Lookahead(Encoding As TextEncoding = Nil) As String
Returns a String, containing the data that is available in the internal queue without removing it.
The optional Encoding parameter enables you to specify the text encoding of the data to be returned. The default is Nil. Use the Encodings module to specify an encoding.
This example adds the contents of the internal queue to a TextArea. The Listener EasyTCPSocket has been added to the window.
TextArea1.AddText(listener.Lookahead)
SSLSocket.Poll
Poll
Polls the socket manually, which allows a socket to be used synchronously.
The EasyTCPSocket "Listener" has been added to the window.
Listener.Poll
SSLSocket.Purge
Purge
Removes all data from the socket's internal receive buffer. It does not affect the socket's internal send buffer.
Listener.Purge
SSLSocket.Read
Read(Bytes As Integer, Encoding As TextEncoding = Nil) As String
Reads Bytes bytes from the input stream and returns a String.
If provided, the optional parameter Encoding specifies the text encoding to be defined for the String to be read.
If Bytes is higher than the amount of bytes currently available in the stream, all available bytes will be returned. Therefore, make sure to always consider the case that you get less than you requested. To see if you received all requested bytes, check the returned string's String property (avoid using Length as it may give a different number if the encoding is not nil).
If not enough memory is available, you get back an empty string.
This example reads the first 1000 bytes from a BinaryStream.
Var readFile As FolderItem = FolderItem.ShowOpenFileDialog("text/plain")
If readFile <> Nil Then
Var ReadStream As BinaryStream = BinaryStream.Open(readFile, False)
ReadStream.LittleEndian = True
TextArea1.Text = ReadStream.Read(1000, Encodings.UTF8)
End If
SSLSocket.ReadAll
ReadAll(Encoding As TextEncoding = Nil) As String
Reads all the data from the internal buffer.
This example reads all the data in the buffer into a TextArea.
TextField1.AddText(listener.ReadAll)
SSLSocket.ReadError
ReadError As Boolean
If True then an error occurred during reading.
SSLSocket.Write
Write(Data As String)
Writes the passed data to the output stream.
Note that in order to make sure that the data actually ends up on disk or gets sent to the socket it is connected to, the stream must either get closed or the Flush method be called. Otherwise, the data, if small, may end up temporarily in a write buffer before either a certain time has passed or more data is written. This buffering increases performance when writing lots of small pieces of data, but may be causing unwanted delays when another process, e.g. the other end of a socket connection, is waiting for the data. Consider calling the Flush method to reduce latencies that this buffering may cause in such cases.
If Write fails, an IOException will be raised.
This example displays the Save As dialog box and writes the contents of the TextArea1 to a text file.
Var f As FolderItem
Var stream As BinaryStream
f = FolderItem.ShowSaveFileDialog(FileTypes1.Text, "Untitled.txt")
If f<> Nil Then
stream = BinaryStream.Create(f, True)
stream.Write(TextArea1.Text)
stream.Close
End If
SSLSocket.WriteError
WriteError As Boolean
If True then an error occurred during writing.
Event descriptions
SSLSocket.Connected
Connected
Executes when the connection is established with the server.
SSLSocket.DataAvailable
DataAvailable
Occurs when additional data has come into the internal receive buffer.
SSLSocket.Error
Error(err As RuntimeException)
Occurs when an error occurs with the socket.
These error codes provide you with key information about your socket, and it is not advisable to ignore them.
When an error occurs, the RuntimeException property will likely contain one of the following error codes:
Error Code |
Description |
---|---|
0 |
No error occurred. |
100 |
There was an error opening and initializing the drivers. |
101 |
This error code is no longer used. |
102 |
This code means that you lost your connection. |
103 |
The socket was unable to resolve the address that was specified. |
104 |
This error code is no longer used. |
105 |
The address is currently in use. |
106 |
This is an invalid state error, which means that the socket is not in the proper state to be doing a certain operation. |
107 |
This error means that the port you specified is invalid. |
108 |
This error indicates that your application has run out of memory. |
These are not the only errors that are returned. For Windows, additional error codes are usually positive numbers in the range [10004, 11004]. For Windows error codes, see WinSock.h. MacOS and Linux use POSIX error codes. For a description of macOS and Linux error codes, see http://www.ioplex.com/~miallen/errcmp.html.
e.g. error 64 is for "host is down".
The following example in the Error event handler displays the error code.
MessageBox(err.ErrorNumber.ToString)
SSLSocket.SendComplete
SendComplete(userAborted As Boolean)
Occurs when a send has completed.
Use this to determine when all your data has been sent. userAborted will be True if the user aborted the send by returning True from the SendProgress event. You can use this information to update different status variables or to inform user about the success or failure of the transfer. If the send was completed, this value is False. userAborted will always be False for UDP sockets.
SSLSocket.SendProgress
SendProgress(bytesSent As Integer, bytesLeft As Integer) As Boolean
Occurs when your network provider queues your data in chunks and is about to send the next chunk.
The parameters indicate the amount of progress that has been made during the send. Returns a Boolean.
Returning True from this event causes the send to be cancelled. This does not close the socket's connection; it only clears the buffer. After all of the data has been transferred you will get a final SendProgress event followed by a SendComplete event.
bytesSent is the number of bytes that were sent in the chunk, not the total number of bytes sent.
Notes
To establish an SSL connection, set the SSLEnabled property to True and use the Connect method. SSLSocket supports secure listening sockets.
The SSLSocket control is not listed in the Controls pane in the Window Editor. There are two ways to add an SSLSocket control to a window:
Drag a TCPSocket control to a window and then change its Super class to SSLSocket.
Display the window's contextual menu by right+clicking (Windows and Linux) or control-clicking on the window (Macintosh) and then choosing Add > SocketCore > TCPSocket > SSLSocket.
The SSLSocket control can be instantiated via code since it is not a subclass of DesktopControl. This allows you to easily write code that does communications without adding the control to a window.
Writing to a socket is done asynchronously. This means each time the Write method is called, the data passed goes into a buffer in memory before actually being sent and then removed from the buffer. Once the socket has finished sending the data in the buffer to the computer at the other end of the socket connection, the SendComplete event handler is executed. This allows you to know when all of the data has really been sent.
Calling Read, ReadAll, or Lookahead may not fetch all of the data in the internal buffer. This is because SSL needs to read data in blocks (due to the cryptography), and it may not have a complete block in the buffer. For example, there may be 700 bytes available in the buffer, but SSL can only decrypt 512 bytes due to the remainder being an incomplete block. What occurs in this case is some data may remain stagnant in the buffer. When more data comes in, the DataAvailable event handler is called. If there are no more DataAvailable events, then upon disconnection, additional DataAvailable event will be issued to let you pick up any stagnant data that SSL can give us back. There are two things to watch out for because of this:
If there is not sufficient data for SSL to decrypt, you may get a DataAvailable event but no data.
Calling SSLSocket.Close may execute DataAvailable events.
When using an SSLSocket to Listen for a connection, you must specify a CertificateFile. For Linux and macOS the certificate should contain both the public and private keys, like this:
-----BEGIN RSA PRIVATE KEY-----
…Certificate Data Here...
-----END RSA PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
…Certificate Data Here...
-----END CERTIFICATE-----
Xojo Cloud
Web apps running on Xojo Cloud first have to use the FirewallPort class to open the port used to connect to TCP externally.
Compatibility
All project types on all supported operating systems.
See also
TCPSocket parent class; SocketCore, TCPSocket, ServerSocket classes.