使用C#实现SSLSocket加密通讯_c# sslsocket-CSDN博客

本文链接：https://blog.csdn.net/wuyb_2004/article/details/51393290

SSL Socket通讯是对socket的扩展，增加Socket通讯的数据安全性，SSL认证分为单向和双向认证。单向认证只认证服务器端的合法性而不认证客户端的合法性。双向认证是同时认证服务端和客户端。下面我分别说说使用C#实现单向认证和双向认证的过程，并用代码实现。

一、单向认证

第1步：准备一个数字证书，可以使用如下脚本生成
先进入到vs2005的命令行状态，即:
开始–>程序–>Microsoft Visual Studio 2005–>Visual Studio Tools–>Visual Studio 2005 命令提示
键入: makecert -r -pe -n “CN=TestServer” -ss Root -sky exchange
说明：上面的指令将在创建一个受信任的根证书，这里写图片描述
第2步创建服务器端程序，代码如下：
using System;
using System.ServiceModel;
using System.Net;
using System.Net.Sockets;
using System.Net.Security;
using System.Text;
using System.Security.Authentication;
using System.Security.Cryptography.X509Certificates;
using System.IdentityModel.Tokens;
using System.IdentityModel.Selectors;

namespace ConsoleApp
{
public class Program
{
static X509Certificate serverCertificate = null;

    public static void RunServer()
    {
        TcpListener listener = new TcpListener(IPAddress.Parse("192.168.1.25"), 901);
        listener.Start();
        while (true)
        {
            try
            {
                Console.WriteLine("Waiting for a client to connect...");
                TcpClient client = listener.AcceptTcpClient();
                ProcessClient(client);
            }
            catch
            {
            }
        }
    }

    static void ProcessClient(TcpClient client)
    {
        SslStream sslStream = new SslStream(client.GetStream(), false);
        try
        {
            sslStream.AuthenticateAsServer(serverCertificate, false, SslProtocols.Tls, true);
            DisplaySecurityLevel(sslStream);
            DisplaySecurityServices(sslStream);
            DisplayCertificateInformation(sslStream);
            DisplayStreamProperties(sslStream);

            sslStream.ReadTimeout = 5000;
            sslStream.WriteTimeout = 5000;
            byte[] message = Encoding.UTF8.GetBytes("Hello from the server.");
            Console.WriteLine("Sending hello message.");
            sslStream.Write(message);
            Console.WriteLine("Waiting for client message...");
            while (true)
            {
                string messageData = ReadMessage(sslStream);
                Console.WriteLine("Received: {0}", messageData);
                if (messageData.ToUpper() == "EXIT")
                    break;
            } 
        }
        catch (AuthenticationException e)
        {
            Console.WriteLine("Exception: {0}", e.Message);
            if (e.InnerException != null)
            {
                Console.WriteLine("Inner exception: {0}", e.InnerException.Message);
            }
            Console.WriteLine("Authentication failed - closing the connection.");
            sslStream.Close();
            client.Close();
            return;
        }
        finally
        {
            sslStream.Close();
            client.Close();
        }
    }

    static string ReadMessage(SslStream sslStream)
    {
        byte[] buffer = new byte[2048];
        StringBuilder messageData = new StringBuilder();
        int bytes = -1;
        do
        {
            bytes = sslStream.Read(buffer, 0, buffer.Length);
            Decoder decoder = Encoding.UTF8.Ge

使用C#实现SSLSocket加密通讯

一、 单向认证

一、单向认证