SslStream 类

定义

提供用于使用安全套接字层(SSL)安全协议对服务器和客户端进行身份验证的客户端-服务器通信的流。

public ref class SslStream : System::Net::Security::AuthenticatedStream
public class SslStream : System.Net.Security.AuthenticatedStream
type SslStream = class
    inherit AuthenticatedStream
Public Class SslStream
Inherits AuthenticatedStream
继承
继承

示例

下面的代码示例演示如何创建使用 SslStream 类与客户端通信的 TcpListener

#using <System.dll>

using namespace System;
using namespace System::Collections;
using namespace System::Net;
using namespace System::Net::Sockets;
using namespace System::Net::Security;
using namespace System::Security::Authentication;
using namespace System::Text;
using namespace System::Security::Cryptography::X509Certificates;
using namespace System::IO;
public ref class SslTcpServer sealed
{
private:
   static X509Certificate^ serverCertificate = nullptr;

public:

   // The certificate parameter specifies the name of the file 
   // containing the machine certificate.
   static void RunServer( String^ certificate )
   {
      serverCertificate = X509Certificate::CreateFromCertFile( certificate );
      
      // Create a TCP/IP (IPv4) socket and listen for incoming connections.
      TcpListener^ listener = gcnew TcpListener( IPAddress::Any,5000 );
      listener->Start();
      
      while (true) 
      {
         Console::WriteLine( L"Waiting for a client to connect..." );
         
         // Application blocks while waiting for an incoming connection.
         // Type CNTL-C to terminate the server.
         TcpClient^ client = listener->AcceptTcpClient();
         ProcessClient( client );

      }
   }


   static void ProcessClient( TcpClient^ client )
   {
      
      // A client has connected. Create the 
      // SslStream using the client's network stream.
      SslStream^ sslStream = gcnew SslStream( client->GetStream(),false );
      
      // Authenticate the server but don't require the client to authenticate.
      try
      {
         sslStream->AuthenticateAsServer( serverCertificate, false, true );
         // false == no client cert required; true == check cert revocation.
         
         // Display the properties and settings for the authenticated stream.
         DisplaySecurityLevel( sslStream );
         DisplaySecurityServices( sslStream );
         DisplayCertificateInformation( sslStream );
         DisplayStreamProperties( sslStream );
         
         // Set timeouts for the read and write to 5 seconds.
         sslStream->ReadTimeout = 5000;
         sslStream->WriteTimeout = 5000;
         
         // Read a message from the client.   
         Console::WriteLine( L"Waiting for client message..." );
         String^ messageData = ReadMessage( sslStream );
         Console::WriteLine( L"Received: {0}", messageData );
         
         // Write a message to the client.
         array<Byte>^message = Encoding::UTF8->GetBytes( L"Hello from the server.<EOF>" );
         Console::WriteLine( L"Sending hello message." );
         sslStream->Write( message );
      }
      catch ( AuthenticationException^ e ) 
      {
         Console::WriteLine( L"Exception: {0}", e->Message );
         if ( e->InnerException != nullptr )
         {
            Console::WriteLine( L"Inner exception: {0}", e->InnerException->Message );
         }
         Console::WriteLine( L"Authentication failed - closing the connection." );
         sslStream->Close();
         client->Close();
         return;
      }
      finally
      {
         
         // The client stream will be closed with the sslStream
         // because we specified this behavior when creating
         // the sslStream.
         sslStream->Close();
         client->Close();
      }

   }


   static String^ ReadMessage( SslStream^ sslStream )
   {
      
      // Read the  message sent by the client.
      // The client signals the end of the message using the
      // "<EOF>" marker.
      array<Byte>^buffer = gcnew array<Byte>(2048);
      StringBuilder^ messageData = gcnew StringBuilder;
      int bytes = -1;
      do
      {
         
         // Read the client's test message.
         bytes = sslStream->Read( buffer, 0, buffer->Length );
         
         // Use Decoder class to convert from bytes to UTF8
         // in case a character spans two buffers.
         Decoder^ decoder = Encoding::UTF8->GetDecoder();
         array<Char>^chars = gcnew array<Char>(decoder->GetCharCount( buffer, 0, bytes ));
         decoder->GetChars( buffer, 0, bytes, chars, 0 );
         messageData->Append( chars );
         
         // Check for EOF or an empty message.
         if ( messageData->ToString()->IndexOf( L"<EOF>" ) != -1 )
         {
            break;
         }
      }
      while ( bytes != 0 );

      return messageData->ToString();
   }


   static void DisplaySecurityLevel( SslStream^ stream )
   {
      Console::WriteLine( L"Cipher: {0} strength {1}", stream->CipherAlgorithm, stream->CipherStrength );
      Console::WriteLine( L"Hash: {0} strength {1}", stream->HashAlgorithm, stream->HashStrength );
      Console::WriteLine( L"Key exchange: {0} strength {1}", stream->KeyExchangeAlgorithm, stream->KeyExchangeStrength );
      Console::WriteLine( L"Protocol: {0}", stream->SslProtocol );
   }


   static void DisplaySecurityServices( SslStream^ stream )
   {
      Console::WriteLine( L"Is authenticated: {0} as server? {1}", stream->IsAuthenticated, stream->IsServer );
      Console::WriteLine( L"IsSigned: {0}", stream->IsSigned );
      Console::WriteLine( L"Is Encrypted: {0}", stream->IsEncrypted );
      Console::WriteLine( L"Is mutually authenticated: {0}", stream->IsMutuallyAuthenticated );
   }


   static void DisplayStreamProperties( SslStream^ stream )
   {
      Console::WriteLine( L"Can read: {0}, write {1}", stream->CanRead, stream->CanWrite );
      Console::WriteLine( L"Can timeout: {0}", stream->CanTimeout );
   }


   static void DisplayCertificateInformation( SslStream^ stream )
   {
      Console::WriteLine( L"Certificate revocation list checked: {0}", stream->CheckCertRevocationStatus );
      X509Certificate^ localCertificate = stream->LocalCertificate;
      if ( stream->LocalCertificate != nullptr )
      {
         Console::WriteLine( L"Local cert was issued to {0} and is valid from {1} until {2}.", 
             localCertificate->Subject, 
             localCertificate->GetEffectiveDateString(), 
             localCertificate->GetExpirationDateString() );
      }
      else
      {
         Console::WriteLine( L"Local certificate is null." );
      }

      X509Certificate^ remoteCertificate = stream->RemoteCertificate;
      if ( stream->RemoteCertificate != nullptr )
      {
         Console::WriteLine( L"Remote cert was issued to {0} and is valid from {1} until {2}.", 
            remoteCertificate->Subject, 
            remoteCertificate->GetEffectiveDateString(), 
            remoteCertificate->GetExpirationDateString() );
      }
      else
      {
         Console::WriteLine( L"Remote certificate is null." );
      }
   }


private:

   static void DisplayUsage()
   {
      Console::WriteLine( L"To start the server specify:" );
      Console::WriteLine( L"serverSync certificateFile.cer" );
      Environment::Exit( 1 );
   }

public:
   int RunServerASync()
   {
      array<String^>^args = Environment::GetCommandLineArgs();
      String^ certificate = nullptr;
      if ( args == nullptr || args->Length < 2 )
      {
         DisplayUsage();
      }

      certificate = args[ 1 ];
      SslTcpServer::RunServer( certificate );
      return 0;
   }

};

int main(){
    SslTcpServer^ sts = gcnew SslTcpServer();
    sts->RunServerASync();
}
using System;
using System.Collections;
using System.Net;
using System.Net.Sockets;
using System.Net.Security;
using System.Security.Authentication;
using System.Text;
using System.Security.Cryptography.X509Certificates;
using System.IO;

namespace Examples.System.Net
{
    public sealed class SslTcpServer
    {
        static X509Certificate serverCertificate = null;
        // The certificate parameter specifies the name of the file
        // containing the machine certificate.
        public static void RunServer(string certificate)
        {
            serverCertificate = X509Certificate.CreateFromCertFile(certificate);
            // Create a TCP/IP (IPv4) socket and listen for incoming connections.
            TcpListener listener = new TcpListener(IPAddress.Any, 5000);
            listener.Start();
            while (true)
            {
                Console.WriteLine("Waiting for a client to connect...");
                // Application blocks while waiting for an incoming connection.
                // Type CNTL-C to terminate the server.
                TcpClient client = listener.AcceptTcpClient();
                ProcessClient(client);
            }
        }
        static void ProcessClient (TcpClient client)
        {
            // A client has connected. Create the
            // SslStream using the client's network stream.
            SslStream sslStream = new SslStream(
                client.GetStream(), false);
            // Authenticate the server but don't require the client to authenticate.
            try
            {
                sslStream.AuthenticateAsServer(serverCertificate, clientCertificateRequired: false, checkCertificateRevocation: true);

                // Display the properties and settings for the authenticated stream.
                DisplaySecurityLevel(sslStream);
                DisplaySecurityServices(sslStream);
                DisplayCertificateInformation(sslStream);
                DisplayStreamProperties(sslStream);

                // Set timeouts for the read and write to 5 seconds.
                sslStream.ReadTimeout = 5000;
                sslStream.WriteTimeout = 5000;
                // Read a message from the client.
                Console.WriteLine("Waiting for client message...");
                string messageData = ReadMessage(sslStream);
                Console.WriteLine("Received: {0}", messageData);

                // Write a message to the client.
                byte[] message = Encoding.UTF8.GetBytes("Hello from the server.<EOF>");
                Console.WriteLine("Sending hello message.");
                sslStream.Write(message);
            }
            catch (AuthenticationException e)
            {
                Console.WriteLine("Exception: {0}", e.Message);
                if (e.InnerException != null)
                {
                    Console.WriteLine("Inner exception: {0}", e.InnerException.Message);
                }
                Console.WriteLine ("Authentication failed - closing the connection.");
                sslStream.Close();
                client.Close();
                return;
            }
            finally
            {
                // The client stream will be closed with the sslStream
                // because we specified this behavior when creating
                // the sslStream.
                sslStream.Close();
                client.Close();
            }
        }
        static string ReadMessage(SslStream sslStream)
        {
            // Read the  message sent by the client.
            // The client signals the end of the message using the
            // "<EOF>" marker.
            byte [] buffer = new byte[2048];
            StringBuilder messageData = new StringBuilder();
            int bytes = -1;
            do
            {
                // Read the client's test message.
                bytes = sslStream.Read(buffer, 0, buffer.Length);

                // Use Decoder class to convert from bytes to UTF8
                // in case a character spans two buffers.
                Decoder decoder = Encoding.UTF8.GetDecoder();
                char[] chars = new char[decoder.GetCharCount(buffer,0,bytes)];
                decoder.GetChars(buffer, 0, bytes, chars,0);
                messageData.Append (chars);
                // Check for EOF or an empty message.
                if (messageData.ToString().IndexOf("<EOF>") != -1)
                {
                    break;
                }
            } while (bytes !=0);

            return messageData.ToString();
        }
         static void DisplaySecurityLevel(SslStream stream)
         {
            Console.WriteLine("Cipher: {0} strength {1}", stream.CipherAlgorithm, stream.CipherStrength);
            Console.WriteLine("Hash: {0} strength {1}", stream.HashAlgorithm, stream.HashStrength);
            Console.WriteLine("Key exchange: {0} strength {1}", stream.KeyExchangeAlgorithm, stream.KeyExchangeStrength);
            Console.WriteLine("Protocol: {0}", stream.SslProtocol);
         }
         static void DisplaySecurityServices(SslStream stream)
         {
            Console.WriteLine("Is authenticated: {0} as server? {1}", stream.IsAuthenticated, stream.IsServer);
            Console.WriteLine("IsSigned: {0}", stream.IsSigned);
            Console.WriteLine("Is Encrypted: {0}", stream.IsEncrypted);
            Console.WriteLine("Is mutually authenticated: {0}", stream.IsMutuallyAuthenticated);
         }
         static void DisplayStreamProperties(SslStream stream)
         {
            Console.WriteLine("Can read: {0}, write {1}", stream.CanRead, stream.CanWrite);
            Console.WriteLine("Can timeout: {0}", stream.CanTimeout);
         }
        static void DisplayCertificateInformation(SslStream stream)
        {
            Console.WriteLine("Certificate revocation list checked: {0}", stream.CheckCertRevocationStatus);

            X509Certificate localCertificate = stream.LocalCertificate;
            if (stream.LocalCertificate != null)
            {
                Console.WriteLine("Local cert was issued to {0} and is valid from {1} until {2}.",
                    localCertificate.Subject,
                    localCertificate.GetEffectiveDateString(),
                    localCertificate.GetExpirationDateString());
             } else
            {
                Console.WriteLine("Local certificate is null.");
            }
            // Display the properties of the client's certificate.
            X509Certificate remoteCertificate = stream.RemoteCertificate;
            if (stream.RemoteCertificate != null)
            {
            Console.WriteLine("Remote cert was issued to {0} and is valid from {1} until {2}.",
                remoteCertificate.Subject,
                remoteCertificate.GetEffectiveDateString(),
                remoteCertificate.GetExpirationDateString());
            } else
            {
                Console.WriteLine("Remote certificate is null.");
            }
        }
        private static void DisplayUsage()
        {
            Console.WriteLine("To start the server specify:");
            Console.WriteLine("serverSync certificateFile.cer");
            Environment.Exit(1);
        }
        public static int Main(string[] args)
        {
            string certificate = null;
            if (args == null ||args.Length < 1 )
            {
                DisplayUsage();
            }
            certificate = args[0];
            SslTcpServer.RunServer (certificate);
            return 0;
        }
    }
}
Imports System.Collections
Imports System.Net
Imports System.Net.Sockets
Imports System.Net.Security
Imports System.Security.Authentication
Imports System.Text
Imports System.Security.Cryptography.X509Certificates
Imports System.IO

Namespace Examples.System.Net
    Public NotInheritable Class SslTcpServer
        Shared serverCertificate As X509Certificate = Nothing

        ' The certificate parameter specifies the name of the file 
        ' containing the machine certificate.
        Public Shared Sub RunServer(certificate As String)
            serverCertificate = X509Certificate.CreateFromCertFile(certificate)
            ' Create a TCP/IP (IPv4) socket And listen for incoming connections.
            Dim listener = New TcpListener(IPAddress.Any, 5000)
            listener.Start()

            While True
                Console.WriteLine("Waiting for a client to connect...")
                ' Application blocks while waiting for an incoming connection.
                ' Type CNTL-C to terminate the server.
                Dim client As TcpClient = listener.AcceptTcpClient()
                ProcessClient(client)
            End While
        End Sub
        Private Shared Sub ProcessClient(client As TcpClient)
            ' A client has connected. Create the 
            ' SslStream using the client's network stream.
            Dim sslStream = New SslStream(client.GetStream(), False)

            Try

                sslStream.AuthenticateAsServer(serverCertificate, clientCertificateRequired:=False, checkCertificateRevocation:=True)
                ' Display the properties And settings for the authenticated stream.
                DisplaySecurityLevel(sslStream)
                DisplaySecurityServices(sslStream)
                DisplayCertificateInformation(sslStream)
                DisplayStreamProperties(sslStream)

                ' Set timeouts for the read and write to 5 seconds.
                sslStream.ReadTimeout = 5000
                sslStream.WriteTimeout = 5000

                ' Read a message from the client.   
                Console.WriteLine("Waiting for client message...")
                Dim messageData As String = ReadMessage(sslStream)
                Console.WriteLine("Received: {0}", messageData)

                ' Write a message to the client.
                Dim message As Byte() = Encoding.UTF8.GetBytes("Hello from the server.<EOF>")
                Console.WriteLine("Sending hello message.")
                sslStream.Write(message)
            Catch e As AuthenticationException
                Console.WriteLine("Exception: {0}", e.Message)

                If e.InnerException IsNot Nothing Then
                    Console.WriteLine("Inner exception: {0}", e.InnerException.Message)
                End If

                Console.WriteLine("Authentication failed - closing the connection.")
                sslStream.Close()
                client.Close()
                Return
            Finally
                ' The client stream will be closed with the sslStream
                ' because we specified this behavior when creating
                ' the sslStream.
                sslStream.Close()
                client.Close()
            End Try
        End Sub

        Private Shared Function ReadMessage(sslStream As SslStream) As String

            ' Read the  message sent by the client.
            ' The client signals the end of the message using the
            ' "<EOF>" marker.
            Dim buffer As Byte() = New Byte(2048) {}
            Dim messageData As StringBuilder = New StringBuilder()
            Dim bytes As Integer = -1

            Do
                ' Read the client's test message.
                bytes = sslStream.Read(buffer, 0, buffer.Length)

                ' Use decoder class to convert from bytes to UTF8
                ' in case a character spans two buffers.
                Dim decoder As Decoder = Encoding.UTF8.GetDecoder()
                Dim chars As Char() = New Char(decoder.GetCharCount(buffer, 0, bytes) - 1) {}
                decoder.GetChars(buffer, 0, bytes, chars, 0)
                messageData.Append(chars)

                ' Check for EOF or an empty message.
                If messageData.ToString().IndexOf("<EOF>") <> -1 Then
                    Exit Do
                End If
            Loop While bytes <> 0

            Return messageData.ToString()
        End Function

        Private Shared Sub DisplaySecurityLevel(stream As SslStream)
            Console.WriteLine("Cipher: {0} strength {1}", stream.CipherAlgorithm, stream.CipherStrength)
            Console.WriteLine("Hash: {0} strength {1}", stream.HashAlgorithm, stream.HashStrength)
            Console.WriteLine("Key exchange: {0} strength {1}", stream.KeyExchangeAlgorithm, stream.KeyExchangeStrength)
            Console.WriteLine("Protocol: {0}", stream.SslProtocol)
        End Sub

        Private Shared Sub DisplaySecurityServices(stream As SslStream)
            Console.WriteLine("Is authenticated: {0} as server? {1}", stream.IsAuthenticated, stream.IsServer)
            Console.WriteLine("IsSigned: {0}", stream.IsSigned)
            Console.WriteLine("Is Encrypted: {0}", stream.IsEncrypted)
            Console.WriteLine("Is mutually authenticated: {0}", stream.IsMutuallyAuthenticated)
        End Sub

        Private Shared Sub DisplayStreamProperties(stream As SslStream)
            Console.WriteLine("Can read: {0}, write {1}", stream.CanRead, stream.CanWrite)
            Console.WriteLine("Can timeout: {0}", stream.CanTimeout)
        End Sub

        Private Shared Sub DisplayCertificateInformation(stream As SslStream)
            Console.WriteLine("Certificate revocation list checked: {0}", stream.CheckCertRevocationStatus)
            Dim localCertificate As X509Certificate = stream.LocalCertificate

            If stream.LocalCertificate IsNot Nothing Then
                Console.WriteLine("Local cert was issued to {0} and is valid from {1} until {2}.", localCertificate.Subject, localCertificate.GetEffectiveDateString(), localCertificate.GetExpirationDateString())
            Else
                Console.WriteLine("Local certificate is null.")
            End If

            ' Display the properties of the client's certificate.
            Dim remoteCertificate As X509Certificate = stream.RemoteCertificate

            If stream.RemoteCertificate IsNot Nothing Then
                Console.WriteLine("Remote cert was issued to {0} and is valid from {1} until {2}.", remoteCertificate.Subject, remoteCertificate.GetEffectiveDateString(), remoteCertificate.GetExpirationDateString())
            Else
                Console.WriteLine("Remote certificate is null.")
            End If
        End Sub

        Private Shared Sub DisplayUsage()
            Console.WriteLine("To start the server specify:")
            Console.WriteLine("serverSync certificateFile.cer")
            Environment.[Exit](1)
        End Sub

        Public Shared Function Main(ByVal args As String()) As Integer
            Dim certificate As String

            If args Is Nothing OrElse args.Length < 1 Then
                DisplayUsage()
            End If

            certificate = args(0)
            RunServer(certificate)
            Return 0
        End Function
    End Class
End Namespace

下面的代码示例演示如何创建使用 SslStream 类与服务器通信的 TcpClient

#using <System.dll>
#using <System.Security.dll>

using namespace System;
using namespace System::Collections;
using namespace System::Globalization;
using namespace System::Net;
using namespace System::Net::Security;
using namespace System::Net::Sockets;
using namespace System::Security::Authentication;
using namespace System::Text;
using namespace System::Security::Cryptography::X509Certificates;
using namespace System::IO;

namespace NlsClientSync
{
    public ref class SslTcpClient
    {
    private:
        static Hashtable^ certificateErrors = gcnew Hashtable;
        // Load a table of errors that might cause 
        // the certificate authentication to fail.
        static void InitializeCertificateErrors()
        {
            certificateErrors->Add(0x800B0101,
                "The certification has expired.");
            certificateErrors->Add(0x800B0104,
                "A path length constraint "
                "in the certification chain has been violated.");
            certificateErrors->Add(0x800B0105,
                "A certificate contains an unknown extension "
                "that is marked critical.");
            certificateErrors->Add(0x800B0107,
                "A parent of a given certificate in fact "
                "did not issue that child certificate.");
            certificateErrors->Add(0x800B0108,
                "A certificate is missing or has an empty value "
                "for a necessary field.");
            certificateErrors->Add(0x800B0109,
                "The certificate root is not trusted.");
            certificateErrors->Add(0x800B010C,
                "The certificate has been revoked.");
            certificateErrors->Add(0x800B010F,
                "The name in the certificate does not not match "
                "the host name requested by the client.");
            certificateErrors->Add(0x800B0111,
                "The certificate was explicitly marked "
                "as untrusted by the user.");
            certificateErrors->Add(0x800B0112,
                "A certification chain processed correctly, "
                "but one of the CA certificates is not trusted.");
            certificateErrors->Add(0x800B0113,
                "The certificate has an invalid policy.");
            certificateErrors->Add(0x800B0114,
                "The certificate name is either not "
                "in the permitted list or is explicitly excluded.");
            certificateErrors->Add(0x80092012,
                "The revocation function was unable to check "
                "revocation for the certificate.");
            certificateErrors->Add(0x80090327,
                "An unknown error occurred while "
                "processing the certificate.");
            certificateErrors->Add(0x80096001,
                "A system-level error occurred "
                "while verifying trust.");
            certificateErrors->Add(0x80096002,
                "The certificate for the signer of the message "
                "is invalid or not found.");
            certificateErrors->Add(0x80096003,
                "One of the counter signatures was invalid.");
            certificateErrors->Add(0x80096004,
                "The signature of the certificate "
                "cannot be verified.");
            certificateErrors->Add(0x80096005,
                "The time stamp signature or certificate "
                "could not be verified or is malformed.");
            certificateErrors->Add(0x80096010,
                "The digital signature of the object "
                "was not verified.");
            certificateErrors->Add(0x80096019,
                "The basic constraint extension of a certificate "
                "has not been observed.");
        }

        static String^ CertificateErrorDescription(UInt32 problem)
        {
            // Initialize the error message dictionary 
            // if it is not yet available.
            if (certificateErrors->Count == 0)
            {
                InitializeCertificateErrors();
            }

            String^ description = safe_cast<String^>(
                certificateErrors[problem]);
            if (description == nullptr)
            {
                description = String::Format(
                    CultureInfo::CurrentCulture,
                    "Unknown certificate error - 0x{0:x8}",
                    problem);
            }

            return description;
        }

    public:
        // The following method is invoked 
        // by the CertificateValidationDelegate.
    static bool ValidateServerCertificate(
            Object^ sender,
            X509Certificate^ certificate,
            X509Chain^ chain,
            SslPolicyErrors sslPolicyErrors)
        {
        
            Console::WriteLine("Validating the server certificate.");
            if (sslPolicyErrors == SslPolicyErrors::None)
                return true;

            Console::WriteLine("Certificate error: {0}", sslPolicyErrors);

            // Do not allow this client to communicate with unauthenticated servers.
            return false;
        }

        static void RunClient(String^ machineName, String^ serverName)
        {
              
            // Create a TCP/IP client socket.
            // machineName is the host running the server application.
            TcpClient^ client = gcnew TcpClient(machineName, 5000);
            Console::WriteLine("Client connected.");
              
            // Create an SSL stream that will close 
            // the client's stream.
            SslStream^ sslStream = gcnew SslStream(
                client->GetStream(), false,
                gcnew RemoteCertificateValidationCallback(ValidateServerCertificate),
                nullptr);
              
            // The server name must match the name
            // on the server certificate.
            try
            {
                sslStream->AuthenticateAsClient(serverName);
            }
            catch (AuthenticationException^ ex) 
            {
                Console::WriteLine("Exception: {0}", ex->Message);
                if (ex->InnerException != nullptr)
                {
                    Console::WriteLine("Inner exception: {0}", 
                        ex->InnerException->Message);
                }

                Console::WriteLine("Authentication failed - "
                    "closing the connection.");
                sslStream->Close();
                client->Close();
                return;
            }
            // Encode a test message into a byte array.
            // Signal the end of the message using the "<EOF>".
            array<Byte>^ messsage = Encoding::UTF8->GetBytes(
                "Hello from the client.<EOF>");
              
            // Send hello message to the server.
            sslStream->Write(messsage);
            sslStream->Flush();
            // Read message from the server.
            String^ serverMessage = ReadMessage(sslStream);
            Console::WriteLine("Server says: {0}", serverMessage);
           
            // Close the client connection.
            sslStream->Close();
            client->Close();
            Console::WriteLine("Client closed.");
        }
    private:
        static String^ ReadMessage(SslStream^ sslStream)
        {
              
            // Read the  message sent by the server.
            // The end of the message is signaled using the
            // "<EOF>" marker.
            array<Byte>^ buffer = gcnew array<Byte>(2048);
            StringBuilder^ messageData = gcnew StringBuilder;
            // Use Decoder class to convert from bytes to UTF8
            // in case a character spans two buffers.
            Encoding^ u8 = Encoding::UTF8;
            Decoder^ decoder = u8->GetDecoder();

            int bytes = -1;
            do
            {
                bytes = sslStream->Read(buffer, 0, buffer->Length);
                 
                array<__wchar_t>^ chars = gcnew array<__wchar_t>(
                    decoder->GetCharCount(buffer, 0, bytes));
                decoder->GetChars(buffer, 0, bytes, chars, 0);
                messageData->Append(chars);
                 
                // Check for EOF.
                if (messageData->ToString()->IndexOf("<EOF>") != -1)
                {
                    break;
                }
            }
            while (bytes != 0);

            return messageData->ToString();
        }
    };
}

int main()
{
    array<String^>^ args = Environment::GetCommandLineArgs();
    String^ serverCertificateName = nullptr;
    String^ machineName = nullptr;
    if (args == nullptr || args->Length < 2)
    {
        Console::WriteLine("To start the client specify:");
        Console::WriteLine("clientSync machineName [serverName]");
        return 1;
    }
        
    // User can specify the machine name and server name.
    // Server name must match the name on 
    // the server's certificate.
    machineName = args[1];
    if (args->Length < 3)
    {
        serverCertificateName = machineName;
    }
    else
    {
        serverCertificateName = args[2];
    };

    NlsClientSync::SslTcpClient::RunClient(machineName,
        serverCertificateName);

    return 0;
}
using System;
using System.Collections;
using System.Net;
using System.Net.Security;
using System.Net.Sockets;
using System.Security.Authentication;
using System.Text;
using System.Security.Cryptography.X509Certificates;
using System.IO;

namespace Examples.System.Net
{
    public class SslTcpClient
    {
        private static Hashtable certificateErrors = new Hashtable();

        // The following method is invoked by the RemoteCertificateValidationDelegate.
        public static bool ValidateServerCertificate(
              object sender,
              X509Certificate certificate,
              X509Chain chain,
              SslPolicyErrors sslPolicyErrors)
        {
           if (sslPolicyErrors == SslPolicyErrors.None)
                return true;

            Console.WriteLine("Certificate error: {0}", sslPolicyErrors);

            // Do not allow this client to communicate with unauthenticated servers.
            return false;
        }
        public static void RunClient(string machineName, string serverName)
        {
            // Create a TCP/IP client socket.
            // machineName is the host running the server application.
            TcpClient client = new TcpClient(machineName,5000);
            Console.WriteLine("Client connected.");
            // Create an SSL stream that will close the client's stream.
            SslStream sslStream = new SslStream(
                client.GetStream(),
                false,
                new RemoteCertificateValidationCallback (ValidateServerCertificate),
                null
                );
            // The server name must match the name on the server certificate.
            try
            {
                sslStream.AuthenticateAsClient(serverName);
            }
            catch (AuthenticationException e)
            {
                Console.WriteLine("Exception: {0}", e.Message);
                if (e.InnerException != null)
                {
                    Console.WriteLine("Inner exception: {0}", e.InnerException.Message);
                }
                Console.WriteLine ("Authentication failed - closing the connection.");
                client.Close();
                return;
            }
            // Encode a test message into a byte array.
            // Signal the end of the message using the "<EOF>".
            byte[] messsage = Encoding.UTF8.GetBytes("Hello from the client.<EOF>");
            // Send hello message to the server.
            sslStream.Write(messsage);
            sslStream.Flush();
            // Read message from the server.
            string serverMessage = ReadMessage(sslStream);
            Console.WriteLine("Server says: {0}", serverMessage);
            // Close the client connection.
            client.Close();
            Console.WriteLine("Client closed.");
        }
        static string ReadMessage(SslStream sslStream)
        {
            // Read the  message sent by the server.
            // The end of the message is signaled using the
            // "<EOF>" marker.
            byte [] buffer = new byte[2048];
            StringBuilder messageData = new StringBuilder();
            int bytes = -1;
            do
            {
                bytes = sslStream.Read(buffer, 0, buffer.Length);

                // Use Decoder class to convert from bytes to UTF8
                // in case a character spans two buffers.
                Decoder decoder = Encoding.UTF8.GetDecoder();
                char[] chars = new char[decoder.GetCharCount(buffer,0,bytes)];
                decoder.GetChars(buffer, 0, bytes, chars,0);
                messageData.Append (chars);
                // Check for EOF.
                if (messageData.ToString().IndexOf("<EOF>") != -1)
                {
                    break;
                }
            } while (bytes != 0);

            return messageData.ToString();
        }
        private static void DisplayUsage()
        {
            Console.WriteLine("To start the client specify:");
            Console.WriteLine("clientSync machineName [serverName]");
            Environment.Exit(1);
        }
        public static int Main(string[] args)
        {
            string serverCertificateName = null;
            string machineName = null;
            if (args == null ||args.Length <1 )
            {
                DisplayUsage();
            }
            // User can specify the machine name and server name.
            // Server name must match the name on the server's certificate.
            machineName = args[0];
            if (args.Length <2 )
            {
                serverCertificateName = machineName;
            }
            else
            {
                serverCertificateName = args[1];
            }
            SslTcpClient.RunClient (machineName, serverCertificateName);
            return 0;
        }
    }
}
Imports System.Collections
Imports System.Net
Imports System.Net.Security
Imports System.Net.Sockets
Imports System.Security.Authentication
Imports System.Text
Imports System.Security.Cryptography.X509Certificates
Imports System.IO

Namespace Examples.System.Net

    Public Class SslTcpClient
        
        ' The following method is invoked by the RemoteCertificateValidationDelegate.
        Public Shared Function ValidateServerCertificate(
            sender As Object, 
            certificate As X509Certificate, 
            chain As X509Chain, 
            sslPolicyErrors As SslPolicyErrors) As Boolean
            
            If sslPolicyErrors = SslPolicyErrors.None Then Return True

            Console.WriteLine("Certificate error: {0}", sslPolicyErrors)

            ' Do not allow this client to communicate with unauthenticated servers.
            Return False
        End Function
        Public Shared Sub RunClient(machineName As String, serverName As String)

            ' Create a TCP/IP client socket.
            ' machineName is the host running the server application.
            Dim client = New TcpClient(machineName, 5000)
            Console.WriteLine("Client connected.")

            ' Create an SSL stream that will close the client's stream.
            Dim sslStream = New SslStream(
                client.GetStream(), False, 
                New RemoteCertificateValidationCallback(AddressOf ValidateServerCertificate), Nothing)

            ' The server name must match the name on the server certificate.
            Try
                sslStream.AuthenticateAsClient(serverName)
            Catch e As AuthenticationException
                Console.WriteLine("Exception: {0}", e.Message)

                If e.InnerException IsNot Nothing Then
                    Console.WriteLine("Inner exception: {0}", e.InnerException.Message)
                End If

                Console.WriteLine("Authentication failed - closing the connection.")
                client.Close()
                Return
            End Try
            
            ' Encode a test message into a byte array.
            ' Signal the end of the message using the "<EOF>".
            Dim messsage As Byte() = Encoding.UTF8.GetBytes("Hello from the client.<EOF>")
            
            ' Send hello message to the server.
            sslStream.Write(messsage)
            sslStream.Flush()
            ' Read message from the server.
            Dim serverMessage = ReadMessage(sslStream)
            Console.WriteLine("Server says: {0}", serverMessage)

            ' Close the client connection
            client.Close()
            Console.WriteLine("Client closed.")
        End Sub
        
        Private Shared Function ReadMessage(sslStream As SslStream) As String

            ' Read the  message sent by the server.
            ' The end of the message is signaled using the "<EOF>" marker.
            Dim buffer = New Byte(2048) {}
            Dim messageData = New StringBuilder()
            Dim bytes As Integer

            Do
                bytes = sslStream.Read(buffer, 0, buffer.Length)

                ' Use Decoder class to convert from bytes to UTF8
                ' in case a character spans two buffers.        
                Dim decoder As Decoder = Encoding.UTF8.GetDecoder()
                Dim chars = New Char(decoder.GetCharCount(buffer, 0, bytes) - 1) {}
                decoder.GetChars(buffer, 0, bytes, chars, 0)
                messageData.Append(chars)

                ' Check for EOF.
                If messageData.ToString().IndexOf("<EOF>") <> -1 Then Exit Do
                
            Loop While bytes <> 0

            Return messageData.ToString()

        End Function

        Private Shared Sub DisplayUsage()

            Console.WriteLine("To start the client specify:")
            Console.WriteLine("clientSync machineName [serverName]")
            Environment.[Exit](1)

        End Sub

        Public Shared Function Main(args As String()) As Integer

            Dim serverCertificateName As String
            Dim machineName As String

            If args Is Nothing OrElse args.Length < 1 Then
                DisplayUsage()
            End If

            ' User can specify the machine name and server name.
            ' Server name must match the name on the server's certificate. 
            machineName = args(0)

            If args.Length < 2 Then
                serverCertificateName = machineName
            Else
                serverCertificateName = args(1)
            End If

            SslTcpClient.RunClient(machineName, serverCertificateName)

            Return 0

        End Function

    End Class

End Namespace

注解

SSL 协议有助于为使用 SslStream传输的消息提供机密性和完整性检查。 在客户端和服务器之间通信敏感信息时,应使用 SSL 连接,例如由 SslStream提供的连接。 使用 SslStream 有助于防止任何人在网络上传输时读取和篡改信息。

SslStream 实例使用创建 SslStream时提供的流传输数据。 提供此基础流时,可以选择指定是否关闭 SslStream 也会关闭基础流。 通常,SslStream 类与 TcpClientTcpListener 类一起使用。 GetStream 方法提供了一个适合用于 SslStream 类的 NetworkStream

创建 SslStream后,服务器和(可选)必须对客户端进行身份验证。 服务器必须提供 X509 证书,该证书可建立其标识证明,并且可以请求客户端也这样做。 在使用 SslStream传输信息之前,必须执行身份验证。 客户端使用同步 AuthenticateAsClient 方法(在身份验证完成之前阻止)或异步 BeginAuthenticateAsClient 方法(不会阻止等待身份验证完成)来启动身份验证。 服务器使用同步 AuthenticateAsServer 或异步 BeginAuthenticateAsServer 方法启动身份验证。 客户端和服务器必须启动身份验证。

身份验证由安全支持提供程序(SSPI)通道提供程序处理。 客户端有机会在创建 SslStream时指定 RemoteCertificateValidationCallback 委托来控制服务器的证书验证。 服务器还可以通过提供 RemoteCertificateValidationCallback 委托来控制验证。 委托引用的方法包括远程方的证书以及验证证书时遇到的任何 SSPI 错误。 请注意,如果服务器指定委托,则无论服务器是否请求客户端身份验证,都会调用委托的方法。 如果服务器未请求客户端身份验证,则服务器的委托方法会收到 null 证书和空的证书错误数组。

如果服务器需要客户端身份验证,客户端必须指定一个或多个证书进行身份验证。 如果客户端有多个证书,客户端可以提供 LocalCertificateSelectionCallback 委托来为服务器选择正确的证书。 客户端的证书必须位于当前用户的“我的”证书存储中。 Ssl2(SSL 版本 2)协议不支持通过证书进行客户端身份验证。

如果身份验证失败,将收到 AuthenticationException,并且 SslStream 不再可用。 应关闭此对象并删除对该对象的所有引用,以便垃圾回收器可以收集它。

身份验证过程(也称为 SSL 握手)成功后,将建立服务器(以及(可选)的标识,并且客户端和服务器可以使用 SslStream 来交换消息。 在发送或接收信息之前,客户端和服务器应检查 SslStream 提供的安全服务和级别,以确定选择的协议、算法和强度是否符合其完整性和机密性要求。 如果当前设置不够,则应关闭流。 可以使用 IsEncryptedIsSigned 属性检查 SslStream 提供的安全服务。 下表显示了报告用于身份验证、加密和数据签名的加密设置的元素。

元素 成员
用于对服务器进行身份验证以及客户端(可选)的安全协议。 SslProtocol 属性和关联的 SslProtocols 枚举。
密钥交换算法。 KeyExchangeAlgorithm 属性和关联的 ExchangeAlgorithmType 枚举。
消息完整性算法。 HashAlgorithm 属性和关联的 HashAlgorithmType 枚举。
消息保密算法。 CipherAlgorithm 属性和关联的 CipherAlgorithmType 枚举。
所选算法的优势。 KeyExchangeStrengthHashStrengthCipherStrength 属性。

身份验证成功后,可以使用同步 Write 或异步 BeginWrite 方法发送数据。 可以使用同步 Read 或异步 BeginRead 方法接收数据。

如果已指定 SslStream 基础流应保持打开状态,则你负责在使用完该流后关闭该流。

注意

如果创建 SslStream 对象的应用程序使用 Normal 用户的凭据运行,则除非向用户显式授予权限,否则应用程序将无法访问本地计算机存储中安装的证书。

SslStream 假定当从内部流中引发超时时,超时与其他任何 IOException 将被调用方视为致命的。 超时后重用 SslStream 实例将返回垃圾。 应用程序应 CloseSslStream,并在这些情况下引发异常。

.NET Framework 4.6 包括一项新的安全功能,用于阻止连接的不安全密码和哈希算法。 通过 HTTPClient、HttpWebRequest、FTPClient、SmtpClient、SslStream 等 API 使用 TLS/SSL 的应用程序,默认情况下面向 .NET Framework 4.6 获取更安全的行为。

开发人员可能希望选择退出此行为,以便保持与其现有 SSL3 服务或 TLS w/ RC4 服务的互操作性。 本文 介绍如何修改代码,以便禁用新行为。

.NET Framework 4.7 为对不指定 TLS 版本的 SslStreams 进行身份验证的方法添加了新的重载,而是使用在 SCHANNEL中定义为系统默认值的 TLS 版本。 在应用中使用这些方法作为以后能够修改默认值的方法,因为 TLS 版本在一段时间内的最佳做法更改,而无需重新生成和重新部署应用。

另请参阅 .NET Framework的 传输层安全性(TLS)最佳做法。

构造函数

SslStream(Stream)

使用指定的 Stream初始化 SslStream 类的新实例。

SslStream(Stream, Boolean)

使用指定的 Stream 和流关闭行为初始化 SslStream 类的新实例。

SslStream(Stream, Boolean, RemoteCertificateValidationCallback)

使用指定的 Stream、流关闭行为和证书验证委托初始化 SslStream 类的新实例。

SslStream(Stream, Boolean, RemoteCertificateValidationCallback, LocalCertificateSelectionCallback)

使用指定的 Stream、流关闭行为、证书验证委托和证书选择委托初始化 SslStream 类的新实例。

SslStream(Stream, Boolean, RemoteCertificateValidationCallback, LocalCertificateSelectionCallback, EncryptionPolicy)

使用指定的 Stream初始化 SslStream 类的新实例。

属性

CanRead

获取一个 Boolean 值,该值指示基础流是否可读。

CanSeek

获取一个 Boolean 值,该值指示基础流是否可查找。

CanTimeout

获取一个 Boolean 值,该值指示基础流是否支持超时。

CanWrite

获取一个 Boolean 值,该值指示基础流是否可写。

CheckCertRevocationStatus

获取一个 Boolean 值,该值指示证书验证过程中是否检查证书吊销列表。

CipherAlgorithm

获取一个值,该值标识此 SslStream使用的批量加密算法。

CipherStrength

获取一个值,该值标识此 SslStream使用的密码算法的强度。

HashAlgorithm

获取用于生成消息身份验证代码(MAC)的算法。

HashStrength

获取一个值,该值标识此实例使用的哈希算法的强度。

InnerStream

获取此 AuthenticatedStream 用于发送和接收数据的流。

(继承自 AuthenticatedStream)
IsAuthenticated

获取一个 Boolean 值,该值指示身份验证是否成功。

IsEncrypted

获取一个 Boolean 值,该值指示此 SslStream 是否使用数据加密。

IsMutuallyAuthenticated

获取一个 Boolean 值,该值指示服务器和客户端是否已进行身份验证。

IsServer

获取一个 Boolean 值,该值指示此 SslStream 使用的连接的本地端是否作为服务器进行身份验证。

IsSigned

获取一个 Boolean 值,该值指示是否使用此流发送的数据已签名。

KeyExchangeAlgorithm

获取此 SslStream使用的密钥交换算法。

KeyExchangeStrength

获取一个值,该值标识此实例使用的密钥交换算法的强度。

LeaveInnerStreamOpen

获取此 AuthenticatedStream 用于发送和接收数据的流是否已保持打开状态。

(继承自 AuthenticatedStream)
Length

获取基础流的长度。

LocalCertificate

获取用于对本地终结点进行身份验证的证书。

NegotiatedApplicationProtocol

TLS 握手中协商的应用程序协议。

NegotiatedCipherSuite

获取为此连接协商的密码套件。

Position

获取或设置基础流中的当前位置。

ReadTimeout

获取或设置读取操作块等待数据的时间量(以毫秒为单位)。

RemoteCertificate

获取用于对远程终结点进行身份验证的证书。

SslProtocol

获取一个值,该值指示用于对此连接进行身份验证的安全协议。

TargetHostName

获取客户端尝试连接到的服务器的名称。 该名称用于服务器证书验证。 它可以是 DNS 名称或 IP 地址。

TransportContext

获取用于使用扩展保护进行身份验证的 TransportContext

WriteTimeout

获取或设置写入操作阻止等待数据的时间量。

方法

AuthenticateAsClient(SslClientAuthenticationOptions)

客户端调用以对服务器和客户端连接中的客户端进行身份验证(可选)。

AuthenticateAsClient(String)

客户端调用以对服务器和客户端连接中的客户端进行身份验证(可选)。

AuthenticateAsClient(String, X509CertificateCollection, Boolean)

客户端调用以对服务器和客户端连接中的客户端进行身份验证(可选)。 身份验证过程使用指定的证书集合和系统默认 SSL 协议。

AuthenticateAsClient(String, X509CertificateCollection, SslProtocols, Boolean)

客户端调用以对服务器和客户端连接中的客户端进行身份验证(可选)。 身份验证过程使用指定的证书集合和 SSL 协议。

AuthenticateAsClientAsync(SslClientAuthenticationOptions, CancellationToken)

由客户端调用,以异步操作的形式在客户端-服务器连接中对服务器和客户端进行身份验证。 身份验证过程使用 sslClientAuthenticationOptions 属性包中指定的信息。

AuthenticateAsClientAsync(String)

由客户端调用,以异步操作的形式在客户端-服务器连接中对服务器和客户端进行身份验证。

AuthenticateAsClientAsync(String, X509CertificateCollection, Boolean)

由客户端调用,以异步操作的形式在客户端-服务器连接中对服务器和客户端进行身份验证。 身份验证过程使用指定的证书集合和系统默认 SSL 协议。

AuthenticateAsClientAsync(String, X509CertificateCollection, SslProtocols, Boolean)

由客户端调用,以异步操作的形式在客户端-服务器连接中对服务器和客户端进行身份验证。 身份验证过程使用指定的证书集合和 SSL 协议。

AuthenticateAsServer(SslServerAuthenticationOptions)

由服务器调用,以使用指定的证书在客户端-服务器连接中对服务器和客户端进行身份验证(可选)。

AuthenticateAsServer(X509Certificate)

由服务器调用,以使用指定的证书在客户端-服务器连接中对服务器和客户端进行身份验证(可选)。

AuthenticateAsServer(X509Certificate, Boolean, Boolean)

由服务器调用,以使用指定的证书和要求以及系统默认安全协议在客户端-服务器连接中对服务器和客户端进行身份验证( 可选)。

AuthenticateAsServer(X509Certificate, Boolean, SslProtocols, Boolean)

由服务器调用,以使用指定的证书、要求和安全协议在客户端-服务器连接中对服务器和客户端进行身份验证( 可选)。

AuthenticateAsServerAsync(ServerOptionsSelectionCallback, Object, CancellationToken)

由服务器调用,以将服务器和客户端-服务器连接中的客户端作为异步操作进行身份验证。 身份验证过程使用 optionsCallback返回的信息。

AuthenticateAsServerAsync(SslServerAuthenticationOptions, CancellationToken)

由服务器调用,以将服务器和客户端-服务器连接中的客户端作为异步操作进行身份验证。 身份验证过程使用 sslClientAuthenticationOptions 属性包中指定的信息。

AuthenticateAsServerAsync(X509Certificate)

由服务器调用,以使用指定的证书作为异步操作在客户端-服务器连接中对服务器和客户端进行身份验证。

AuthenticateAsServerAsync(X509Certificate, Boolean, Boolean)

由服务器调用,以使用指定的证书、要求和安全协议作为异步操作在客户端-服务器连接中对服务器和客户端进行身份验证。

AuthenticateAsServerAsync(X509Certificate, Boolean, SslProtocols, Boolean)

由服务器调用,以使用指定的证书、要求和安全协议作为异步操作在客户端-服务器连接中对服务器和客户端进行身份验证。

BeginAuthenticateAsClient(String, AsyncCallback, Object)

客户端调用以开始异步操作以对服务器和客户端进行身份验证(可选)。

BeginAuthenticateAsClient(String, X509CertificateCollection, Boolean, AsyncCallback, Object)

客户端调用以开始异步操作,以使用指定的证书和系统默认安全协议(可选)对服务器和客户端进行身份验证。

BeginAuthenticateAsClient(String, X509CertificateCollection, SslProtocols, Boolean, AsyncCallback, Object)

客户端调用以开始异步操作,以使用指定的证书和安全协议对服务器和客户端进行身份验证(可选)。

BeginAuthenticateAsServer(X509Certificate, AsyncCallback, Object)

由服务器调用以开始异步操作,以对客户端和客户端-服务器连接中的服务器(可选)进行身份验证。

BeginAuthenticateAsServer(X509Certificate, Boolean, Boolean, AsyncCallback, Object)

服务器调用以开始异步操作,以使用指定的证书和要求以及系统默认安全协议(可选)对服务器和客户端进行身份验证。

BeginAuthenticateAsServer(X509Certificate, Boolean, SslProtocols, Boolean, AsyncCallback, Object)

服务器调用以开始异步操作,以使用指定的证书、要求和安全协议(可选)对服务器和客户端进行身份验证。

BeginRead(Byte[], Int32, Int32, AsyncCallback, Object)

开始一个异步读取操作,该操作从流中读取数据并将其存储在指定的数组中。

BeginRead(Byte[], Int32, Int32, AsyncCallback, Object)

开始异步读取操作。 (请考虑改用 ReadAsync(Byte[], Int32, Int32)

(继承自 Stream)
BeginWrite(Byte[], Int32, Int32, AsyncCallback, Object)

开始一个异步写入操作,该操作将 Byte从指定的缓冲区写入流。

BeginWrite(Byte[], Int32, Int32, AsyncCallback, Object)

开始异步写入操作。 (请考虑改用 WriteAsync(Byte[], Int32, Int32)

(继承自 Stream)
Close()

关闭当前流并释放与当前流关联的任何资源(如套接字和文件句柄)。 请确保流已正确释放,而不是调用此方法。

(继承自 Stream)
CopyTo(Stream)

从当前流中读取字节并将其写入另一个流。 这两个流位置都是按复制的字节数进行高级的。

(继承自 Stream)
CopyTo(Stream, Int32)

从当前流中读取字节,并使用指定的缓冲区大小将其写入另一个流。 这两个流位置都是按复制的字节数进行高级的。

(继承自 Stream)
CopyToAsync(Stream)

从当前流异步读取字节并将其写入另一个流。 这两个流位置都是按复制的字节数进行高级的。

(继承自 Stream)
CopyToAsync(Stream, CancellationToken)

使用指定的取消标记异步读取当前流中的字节并将其写入另一个流。 这两个流位置都是按复制的字节数进行高级的。

(继承自 Stream)
CopyToAsync(Stream, Int32)

使用指定的缓冲区大小异步读取当前流中的字节并将其写入另一个流。 这两个流位置都是按复制的字节数进行高级的。

(继承自 Stream)
CopyToAsync(Stream, Int32, CancellationToken)

使用指定的缓冲区大小和取消令牌异步读取当前流中的字节并将其写入另一个流。 这两个流位置都是按复制的字节数进行高级的。

(继承自 Stream)
CreateObjRef(Type)

创建一个对象,其中包含生成用于与远程对象通信的代理所需的所有相关信息。

(继承自 MarshalByRefObject)
CreateWaitHandle()
已过时.
已过时.
已过时.

分配 WaitHandle 对象。

(继承自 Stream)
Dispose()

释放 Stream使用的所有资源。

(继承自 Stream)
Dispose(Boolean)

释放 SslStream 使用的非托管资源,并选择性地释放托管资源。

Dispose(Boolean)

释放 AuthenticatedStream 使用的非托管资源,并选择性地释放托管资源。

(继承自 AuthenticatedStream)
DisposeAsync()

异步释放 SslStream使用的非托管和管理资源。

DisposeAsync()

异步释放 AuthenticatedStream使用的非托管和管理资源。

(继承自 AuthenticatedStream)
EndAuthenticateAsClient(IAsyncResult)

结束挂起的异步服务器身份验证操作,该操作以上一次调用 BeginAuthenticateAsClient开始。

EndAuthenticateAsServer(IAsyncResult)

结束挂起的异步客户端身份验证操作,该操作以上一次调用 BeginAuthenticateAsClient开始。

EndRead(IAsyncResult)

结束以上一次调用 BeginRead(Byte[], Int32, Int32, AsyncCallback, Object)开始的异步读取操作。

EndRead(IAsyncResult)

等待挂起的异步读取完成。 (请考虑改用 ReadAsync(Byte[], Int32, Int32)

(继承自 Stream)
EndWrite(IAsyncResult)

结束以上一次调用 BeginWrite(Byte[], Int32, Int32, AsyncCallback, Object)开始的异步写入操作。

EndWrite(IAsyncResult)

结束异步写入操作。 (请考虑改用 WriteAsync(Byte[], Int32, Int32)

(继承自 Stream)
Equals(Object)

确定指定的对象是否等于当前对象。

(继承自 Object)
Finalize()

释放 SslStream使用的所有资源。

Flush()

导致任何缓冲数据写入基础设备。

FlushAsync()

异步清除此流的所有缓冲区,并导致任何缓冲数据写入基础设备。

(继承自 Stream)
FlushAsync(CancellationToken)

将任何缓冲的数据异步写入基础设备。

FlushAsync(CancellationToken)

异步清除此流的所有缓冲区,导致任何缓冲数据写入基础设备,并监视取消请求。

(继承自 Stream)
GetHashCode()

用作默认哈希函数。

(继承自 Object)
GetLifetimeService()
已过时.

检索控制此实例的生存期策略的当前生存期服务对象。

(继承自 MarshalByRefObject)
GetType()

获取当前实例的 Type

(继承自 Object)
InitializeLifetimeService()
已过时.

获取生存期服务对象来控制此实例的生存期策略。

(继承自 MarshalByRefObject)
MemberwiseClone()

创建当前 Object的浅表副本。

(继承自 Object)
MemberwiseClone(Boolean)

创建当前 MarshalByRefObject 对象的浅表副本。

(继承自 MarshalByRefObject)
NegotiateClientCertificateAsync(CancellationToken)

协商经过身份验证的连接上的客户端证书。

ObjectInvariant()
已过时.

Contract提供支持。

(继承自 Stream)
Read(Byte[], Int32, Int32)

从此流中读取数据并将其存储在指定的数组中。

Read(Span<Byte>)

在派生类中重写时,从当前流中读取字节序列,并通过读取的字节数推进流中的位置。

(继承自 Stream)
ReadAsync(Byte[], Int32, Int32)

从当前流异步读取字节序列,并通过读取的字节数推进流中的位置。

(继承自 Stream)
ReadAsync(Byte[], Int32, Int32, CancellationToken)

从此流异步读取数据,并将其存储在字节数组的指定范围内。

ReadAsync(Byte[], Int32, Int32, CancellationToken)

从当前流异步读取字节序列,按读取的字节数推进流中的位置,并监视取消请求。

(继承自 Stream)
ReadAsync(Memory<Byte>, CancellationToken)

从此流异步读取数据并将其存储在指定的内存范围内。

ReadAsync(Memory<Byte>, CancellationToken)

从当前流异步读取字节序列,按读取的字节数推进流中的位置,并监视取消请求。

(继承自 Stream)
ReadAtLeast(Span<Byte>, Int32, Boolean)

至少从当前流中读取最小字节数,并通过读取的字节数提升流中的位置。

(继承自 Stream)
ReadAtLeastAsync(Memory<Byte>, Int32, Boolean, CancellationToken)

异步读取当前流的最小字节数,按读取的字节数推进流中的位置,并监视取消请求。

(继承自 Stream)
ReadByte()

SslStream 读取字节并将流中的位置向前推进一个字节,或者返回 -1(如果位于流末尾)。

ReadByte()

从流中读取字节,并将流中的位置向前推进一个字节,或者在流末尾返回 -1。

(继承自 Stream)
ReadExactly(Byte[], Int32, Int32)

从当前流中读取 count 字节数,并提升流中的位置。

(继承自 Stream)
ReadExactly(Span<Byte>)

从当前流中读取字节,并在填充 buffer 之前推进流中的位置。

(继承自 Stream)
ReadExactlyAsync(Byte[], Int32, Int32, CancellationToken)

从当前流异步读取 count 字节数,推进流中的位置,并监视取消请求。

(继承自 Stream)
ReadExactlyAsync(Memory<Byte>, CancellationToken)

从当前流异步读取字节,在填充 buffer 之前先行流中的位置,并监视取消请求。

(继承自 Stream)
Seek(Int64, SeekOrigin)

引发 NotSupportedException

SetLength(Int64)

设置基础流的长度。

ShutdownAsync()

关闭此 SslStream。

ToString()

返回一个表示当前对象的字符串。

(继承自 Object)
Write(Byte[])

将指定的数据写入此流。

Write(Byte[], Int32, Int32)

使用指定的缓冲区和偏移量将指定的 Byte数写入基础流。

Write(ReadOnlySpan<Byte>)

在派生类中重写时,将字节序列写入当前流,并通过写入的字节数推进此流中的当前位置。

(继承自 Stream)
WriteAsync(Byte[], Int32, Int32)

以异步方式将字节序列写入当前流,并通过写入的字节数推进此流中的当前位置。

(继承自 Stream)
WriteAsync(Byte[], Int32, Int32, CancellationToken)

从字节数组的指定范围异步将数据写入基础流。

WriteAsync(Byte[], Int32, Int32, CancellationToken)

将字节序列异步写入当前流,按写入的字节数推进此流中的当前位置,并监视取消请求。

(继承自 Stream)
WriteAsync(ReadOnlyMemory<Byte>, CancellationToken)

从只读字节内存范围异步将数据写入基础流。

WriteAsync(ReadOnlyMemory<Byte>, CancellationToken)

将字节序列异步写入当前流,按写入的字节数推进此流中的当前位置,并监视取消请求。

(继承自 Stream)
WriteByte(Byte)

将字节写入流中的当前位置,并将流中的位置向前推进一个字节。

(继承自 Stream)

扩展方法

CopyToAsync(Stream, PipeWriter, CancellationToken)

使用取消令牌从 Stream 异步读取字节并将其写入指定的 PipeWriter

ConfigureAwait(IAsyncDisposable, Boolean)

配置如何执行从异步可释放项返回的任务的 await。

适用于

另请参阅