Socket.ReceiveAsync 和 SslStream
使用 SslStream 时,我似乎无法获得 ReceiveAsync 的好处,因为我必须通过 SslStream 进行读取,而 SslStream 仅支持 Begin* End* 异步模型。
是否可以在身份验证完成之前只使用 SslStream,然后直接访问套接字?这意味着我必须找出协商的安全级别,然后自己对缓冲区应用正确的加密/解密。发送前加密,接收后解密。
这可行吗?
谢谢!
It seems that I cannot get the benefit of ReceiveAsync when using SslStream since I will have to do the reading through SslStream, which only supports the Begin* End* async model.
Is it possible to just use SslStream until authentication is done, and from then on just access the socket directly? This means I would have to find out what level of security was negotiated, and then apply the correct encryption/decryption to the buffers myself. Encryption before sending, and decryption after receiving.
Is this doable?
Thanks!
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
SslStream 为您提供隐私+服务器身份验证,并且取决于您是否使用 ClientCertificates、客户端身份验证。您不能直接使用套接字,因为一旦建立了 SSL 会话,密钥交换就会将加密和其他算法绑定到会话,并且不可能在代码中复制它。
无论如何,SslStream.Begin/End 方法为您提供了所需的异步功能。为什么需要回退到 Socket.SendAsync/ReceiveAsync() ?
SslStream is giving you privacy + server auth, and depending on whether you use ClientCertificates, Client authentication as well. You cannot use the socket directly, because once the SSL session is established, the key exchange would have bound the encryption and other algorithms to the session, and it is not possible to duplicate that in code.
Anyway, SslStream.Begin/End methods give you the async functionality you need. Why do you need to fall back to Socket.SendAsync/ReceiveAsync() ?