SslStream Classe

Definição

Fornece um fluxo usado para comunicação cliente-servidor que usa o protocolo de segurança SSL (Secure Socket Layer) para autenticar o servidor e, opcionalmente, o cliente.Provides a stream used for client-server communication that uses the Secure Socket Layer (SSL) security protocol to authenticate the server and optionally the client.

public ref class SslStream : System::Net::Security::AuthenticatedStream
public class SslStream : System.Net.Security.AuthenticatedStream
type SslStream = class
    inherit AuthenticatedStream
type SslStream = class
    inherit AuthenticatedStream
    interface IDisposable
Public Class SslStream
Inherits AuthenticatedStream
Herança
Herança
Implementações

Exemplos

O exemplo de código a seguir demonstra como criar um TcpListener que usa a classe SslStream para se comunicar com clientes.The following code example demonstrates creating an TcpListener that uses the SslStream class to communicate with clients.

#using <System.dll>

using namespace System;
using namespace System::Collections;
using namespace System::Net;
using namespace System::Net::Sockets;
using namespace System::Net::Security;
using namespace System::Security::Authentication;
using namespace System::Text;
using namespace System::Security::Cryptography::X509Certificates;
using namespace System::IO;
public ref class SslTcpServer sealed
{
private:
   static X509Certificate^ serverCertificate = nullptr;

public:

   // The certificate parameter specifies the name of the file 
   // containing the machine certificate.
   static void RunServer( String^ certificate )
   {
      serverCertificate = X509Certificate::CreateFromCertFile( certificate );
      
      // Create a TCP/IP (IPv4) socket and listen for incoming connections.
      TcpListener^ listener = gcnew TcpListener( IPAddress::Any,8080 );
      listener->Start();
      
      while (true) 
      {
         Console::WriteLine( L"Waiting for a client to connect..." );
         
         // Application blocks while waiting for an incoming connection.
         // Type CNTL-C to terminate the server.
         TcpClient^ client = listener->AcceptTcpClient();
         ProcessClient( client );

      }
   }


   static void ProcessClient( TcpClient^ client )
   {
      
      // A client has connected. Create the 
      // SslStream using the client's network stream.
      SslStream^ sslStream = gcnew SslStream( client->GetStream(),false );
      
      // Authenticate the server but don't require the client to authenticate.
      try
      {
         sslStream->AuthenticateAsServer( serverCertificate, false, true );
         // false == no client cert required; true == check cert revocation.
         
         // Display the properties and settings for the authenticated stream.
         DisplaySecurityLevel( sslStream );
         DisplaySecurityServices( sslStream );
         DisplayCertificateInformation( sslStream );
         DisplayStreamProperties( sslStream );
         
         // Set timeouts for the read and write to 5 seconds.
         sslStream->ReadTimeout = 5000;
         sslStream->WriteTimeout = 5000;
         
         // Read a message from the client.   
         Console::WriteLine( L"Waiting for client message..." );
         String^ messageData = ReadMessage( sslStream );
         Console::WriteLine( L"Received: {0}", messageData );
         
         // Write a message to the client.
         array<Byte>^message = Encoding::UTF8->GetBytes( L"Hello from the server.<EOF>" );
         Console::WriteLine( L"Sending hello message." );
         sslStream->Write( message );
      }
      catch ( AuthenticationException^ e ) 
      {
         Console::WriteLine( L"Exception: {0}", e->Message );
         if ( e->InnerException != nullptr )
         {
            Console::WriteLine( L"Inner exception: {0}", e->InnerException->Message );
         }
         Console::WriteLine( L"Authentication failed - closing the connection." );
         sslStream->Close();
         client->Close();
         return;
      }
      finally
      {
         
         // The client stream will be closed with the sslStream
         // because we specified this behavior when creating
         // the sslStream.
         sslStream->Close();
         client->Close();
      }

   }


   static String^ ReadMessage( SslStream^ sslStream )
   {
      
      // Read the  message sent by the client.
      // The client signals the end of the message using the
      // "<EOF>" marker.
      array<Byte>^buffer = gcnew array<Byte>(2048);
      StringBuilder^ messageData = gcnew StringBuilder;
      int bytes = -1;
      do
      {
         
         // Read the client's test message.
         bytes = sslStream->Read( buffer, 0, buffer->Length );
         
         // Use Decoder class to convert from bytes to UTF8
         // in case a character spans two buffers.
         Decoder^ decoder = Encoding::UTF8->GetDecoder();
         array<Char>^chars = gcnew array<Char>(decoder->GetCharCount( buffer, 0, bytes ));
         decoder->GetChars( buffer, 0, bytes, chars, 0 );
         messageData->Append( chars );
         
         // Check for EOF or an empty message.
         if ( messageData->ToString()->IndexOf( L"<EOF>" ) != -1 )
         {
            break;
         }
      }
      while ( bytes != 0 );

      return messageData->ToString();
   }


   static void DisplaySecurityLevel( SslStream^ stream )
   {
      Console::WriteLine( L"Cipher: {0} strength {1}", stream->CipherAlgorithm, stream->CipherStrength );
      Console::WriteLine( L"Hash: {0} strength {1}", stream->HashAlgorithm, stream->HashStrength );
      Console::WriteLine( L"Key exchange: {0} strength {1}", stream->KeyExchangeAlgorithm, stream->KeyExchangeStrength );
      Console::WriteLine( L"Protocol: {0}", stream->SslProtocol );
   }


   static void DisplaySecurityServices( SslStream^ stream )
   {
      Console::WriteLine( L"Is authenticated: {0} as server? {1}", stream->IsAuthenticated, stream->IsServer );
      Console::WriteLine( L"IsSigned: {0}", stream->IsSigned );
      Console::WriteLine( L"Is Encrypted: {0}", stream->IsEncrypted );
   }


   static void DisplayStreamProperties( SslStream^ stream )
   {
      Console::WriteLine( L"Can read: {0}, write {1}", stream->CanRead, stream->CanWrite );
      Console::WriteLine( L"Can timeout: {0}", stream->CanTimeout );
   }


   static void DisplayCertificateInformation( SslStream^ stream )
   {
      Console::WriteLine( L"Certificate revocation list checked: {0}", stream->CheckCertRevocationStatus );
      X509Certificate^ localCertificate = stream->LocalCertificate;
      if ( stream->LocalCertificate != nullptr )
      {
         Console::WriteLine( L"Local cert was issued to {0} and is valid from {1} until {2}.", 
             localCertificate->Subject, 
             localCertificate->GetEffectiveDateString(), 
             localCertificate->GetExpirationDateString() );
      }
      else
      {
         Console::WriteLine( L"Local certificate is null." );
      }

      X509Certificate^ remoteCertificate = stream->RemoteCertificate;
      if ( stream->RemoteCertificate != nullptr )
      {
         Console::WriteLine( L"Remote cert was issued to {0} and is valid from {1} until {2}.", 
            remoteCertificate->Subject, 
            remoteCertificate->GetEffectiveDateString(), 
            remoteCertificate->GetExpirationDateString() );
      }
      else
      {
         Console::WriteLine( L"Remote certificate is null." );
      }
   }


private:

   static void DisplayUsage()
   {
      Console::WriteLine( L"To start the server specify:" );
      Console::WriteLine( L"serverSync certificateFile.cer" );
      Environment::Exit( 1 );
   }

public:
   int RunServerASync()
   {
      array<String^>^args = Environment::GetCommandLineArgs();
      String^ certificate = nullptr;
      if ( args == nullptr || args->Length < 2 )
      {
         DisplayUsage();
      }

      certificate = args[ 1 ];
      SslTcpServer::RunServer( certificate );
      return 0;
   }

};

int main(){
    SslTcpServer^ sts = gcnew SslTcpServer();
    sts->RunServerASync();
}
using System;
using System.Collections;
using System.Net;
using System.Net.Sockets;
using System.Net.Security;
using System.Security.Authentication;
using System.Text;
using System.Security.Cryptography.X509Certificates;
using System.IO;

namespace Examples.System.Net
{
    public sealed class SslTcpServer 
    {
        static X509Certificate serverCertificate = null;
        // The certificate parameter specifies the name of the file 
        // containing the machine certificate.
        public static void RunServer(string certificate) 
        {
            serverCertificate = X509Certificate.CreateFromCertFile(certificate);
            // Create a TCP/IP (IPv4) socket and listen for incoming connections.
            TcpListener listener = new TcpListener(IPAddress.Any, 8080);    
            listener.Start();
            while (true) 
            {
                Console.WriteLine("Waiting for a client to connect...");
                // Application blocks while waiting for an incoming connection.
                // Type CNTL-C to terminate the server.
                TcpClient client = listener.AcceptTcpClient();
                ProcessClient(client);
            }
        }
        static void ProcessClient (TcpClient client)
        {
            // A client has connected. Create the 
            // SslStream using the client's network stream.
            SslStream sslStream = new SslStream(
                client.GetStream(), false);
            // Authenticate the server but don't require the client to authenticate.
            try 
            {
                sslStream.AuthenticateAsServer(serverCertificate, clientCertificateRequired: false, checkCertificateRevocation: true);
                
                // Display the properties and settings for the authenticated stream.
                DisplaySecurityLevel(sslStream);
                DisplaySecurityServices(sslStream);
                DisplayCertificateInformation(sslStream);
                DisplayStreamProperties(sslStream);

                // Set timeouts for the read and write to 5 seconds.
                sslStream.ReadTimeout = 5000;
                sslStream.WriteTimeout = 5000;
                // Read a message from the client.   
                Console.WriteLine("Waiting for client message...");
                string messageData = ReadMessage(sslStream);
                Console.WriteLine("Received: {0}", messageData);
                
                // Write a message to the client.
                byte[] message = Encoding.UTF8.GetBytes("Hello from the server.<EOF>");
                Console.WriteLine("Sending hello message.");
                sslStream.Write(message);
            }
            catch (AuthenticationException e)
            {
                Console.WriteLine("Exception: {0}", e.Message);
                if (e.InnerException != null)
                {
                    Console.WriteLine("Inner exception: {0}", e.InnerException.Message);
                }
                Console.WriteLine ("Authentication failed - closing the connection.");
                sslStream.Close();
                client.Close();
                return;
            }
            finally
            {
                // The client stream will be closed with the sslStream
                // because we specified this behavior when creating
                // the sslStream.
                sslStream.Close();
                client.Close();
            }
        }
        static string ReadMessage(SslStream sslStream)
        {
            // Read the  message sent by the client.
            // The client signals the end of the message using the
            // "<EOF>" marker.
            byte [] buffer = new byte[2048];
            StringBuilder messageData = new StringBuilder();
            int bytes = -1;
            do
            {
                // Read the client's test message.
                bytes = sslStream.Read(buffer, 0, buffer.Length);
                        
                // Use Decoder class to convert from bytes to UTF8
                // in case a character spans two buffers.
                Decoder decoder = Encoding.UTF8.GetDecoder();
                char[] chars = new char[decoder.GetCharCount(buffer,0,bytes)];
                decoder.GetChars(buffer, 0, bytes, chars,0);
                messageData.Append (chars);
                // Check for EOF or an empty message.
                if (messageData.ToString().IndexOf("<EOF>") != -1)
                {
                    break;
                }
            } while (bytes !=0); 
            
            return messageData.ToString();
        }
         static void DisplaySecurityLevel(SslStream stream)
         {
            Console.WriteLine("Cipher: {0} strength {1}", stream.CipherAlgorithm, stream.CipherStrength);
            Console.WriteLine("Hash: {0} strength {1}", stream.HashAlgorithm, stream.HashStrength);
            Console.WriteLine("Key exchange: {0} strength {1}", stream.KeyExchangeAlgorithm, stream.KeyExchangeStrength);
            Console.WriteLine("Protocol: {0}", stream.SslProtocol);
         }
         static void DisplaySecurityServices(SslStream stream)
         {
            Console.WriteLine("Is authenticated: {0} as server? {1}", stream.IsAuthenticated, stream.IsServer);
            Console.WriteLine("IsSigned: {0}", stream.IsSigned);
            Console.WriteLine("Is Encrypted: {0}", stream.IsEncrypted);
         }
         static void DisplayStreamProperties(SslStream stream)
         {
            Console.WriteLine("Can read: {0}, write {1}", stream.CanRead, stream.CanWrite);
            Console.WriteLine("Can timeout: {0}", stream.CanTimeout);
         }
        static void DisplayCertificateInformation(SslStream stream)
        {
            Console.WriteLine("Certificate revocation list checked: {0}", stream.CheckCertRevocationStatus);
                
            X509Certificate localCertificate = stream.LocalCertificate;
            if (stream.LocalCertificate != null)
            {
                Console.WriteLine("Local cert was issued to {0} and is valid from {1} until {2}.",
                    localCertificate.Subject,
                    localCertificate.GetEffectiveDateString(),
                    localCertificate.GetExpirationDateString());
             } else
            {
                Console.WriteLine("Local certificate is null.");
            }
            // Display the properties of the client's certificate.
            X509Certificate remoteCertificate = stream.RemoteCertificate;
            if (stream.RemoteCertificate != null)
            {
            Console.WriteLine("Remote cert was issued to {0} and is valid from {1} until {2}.",
                remoteCertificate.Subject,
                remoteCertificate.GetEffectiveDateString(),
                remoteCertificate.GetExpirationDateString());
            } else
            {
                Console.WriteLine("Remote certificate is null.");
            }
        }
        private static void DisplayUsage()
        { 
            Console.WriteLine("To start the server specify:");
            Console.WriteLine("serverSync certificateFile.cer");
            Environment.Exit(1);
        }
        public static int Main(string[] args)
        {
            string certificate = null;
            if (args == null ||args.Length < 1 )
            {
                DisplayUsage();
            }
            certificate = args[0];
            SslTcpServer.RunServer (certificate);
            return 0;
        } 
    }
}
Imports System.Collections
Imports System.Net
Imports System.Net.Sockets
Imports System.Net.Security
Imports System.Security.Authentication
Imports System.Text
Imports System.Security.Cryptography.X509Certificates
Imports System.IO

Namespace Examples.System.Net
    Public NotInheritable Class SslTcpServer
        Shared serverCertificate As X509Certificate = Nothing

        ' The certificate parameter specifies the name of the file 
        ' containing the machine certificate.
        Public Shared Sub RunServer(certificate As String)
            serverCertificate = X509Certificate.CreateFromCertFile(certificate)
            ' Create a TCP/IP (IPv4) socket And listen for incoming connections.
            Dim listener = New TcpListener(IPAddress.Any, 8080)
            listener.Start()

            While True
                Console.WriteLine("Waiting for a client to connect...")
                ' Application blocks while waiting for an incoming connection.
                ' Type CNTL-C to terminate the server.
                Dim client As TcpClient = listener.AcceptTcpClient()
                ProcessClient(client)
            End While
        End Sub
        Private Shared Sub ProcessClient(client As TcpClient)
            ' A client has connected. Create the 
            ' SslStream using the client's network stream.
            Dim sslStream = New SslStream(client.GetStream(), False)

            Try

                sslStream.AuthenticateAsServer(serverCertificate, clientCertificateRequired:=False, checkCertificateRevocation:=True)
                ' Display the properties And settings for the authenticated stream.
                DisplaySecurityLevel(sslStream)
                DisplaySecurityServices(sslStream)
                DisplayCertificateInformation(sslStream)
                DisplayStreamProperties(sslStream)

                ' Set timeouts for the read and write to 5 seconds.
                sslStream.ReadTimeout = 5000
                sslStream.WriteTimeout = 5000

                ' Read a message from the client.   
                Console.WriteLine("Waiting for client message...")
                Dim messageData As String = ReadMessage(sslStream)
                Console.WriteLine("Received: {0}", messageData)

                ' Write a message to the client.
                Dim message As Byte() = Encoding.UTF8.GetBytes("Hello from the server.<EOF>")
                Console.WriteLine("Sending hello message.")
                sslStream.Write(message)
            Catch e As AuthenticationException
                Console.WriteLine("Exception: {0}", e.Message)

                If e.InnerException IsNot Nothing Then
                    Console.WriteLine("Inner exception: {0}", e.InnerException.Message)
                End If

                Console.WriteLine("Authentication failed - closing the connection.")
                sslStream.Close()
                client.Close()
                Return
            Finally
                ' The client stream will be closed with the sslStream
                ' because we specified this behavior when creating
                ' the sslStream.
                sslStream.Close()
                client.Close()
            End Try
        End Sub

        Private Shared Function ReadMessage(sslStream As SslStream) As String

            ' Read the  message sent by the client.
            ' The client signals the end of the message using the
            ' "<EOF>" marker.
            Dim buffer As Byte() = New Byte(2048) {}
            Dim messageData As StringBuilder = New StringBuilder()
            Dim bytes As Integer = -1

            Do
                ' Read the client's test message.
                bytes = sslStream.Read(buffer, 0, buffer.Length)

                ' Use decoder class to convert from bytes to UTF8
                ' in case a character spans two buffers.
                Dim decoder As Decoder = Encoding.UTF8.GetDecoder()
                Dim chars As Char() = New Char(decoder.GetCharCount(buffer, 0, bytes) - 1) {}
                decoder.GetChars(buffer, 0, bytes, chars, 0)
                messageData.Append(chars)

                ' Check for EOF or an empty message.
                If messageData.ToString().IndexOf("<EOF>") <> -1 Then
                    Exit Do
                End If
            Loop While bytes <> 0

            Return messageData.ToString()
        End Function

        Private Shared Sub DisplaySecurityLevel(stream As SslStream)
            Console.WriteLine("Cipher: {0} strength {1}", stream.CipherAlgorithm, stream.CipherStrength)
            Console.WriteLine("Hash: {0} strength {1}", stream.HashAlgorithm, stream.HashStrength)
            Console.WriteLine("Key exchange: {0} strength {1}", stream.KeyExchangeAlgorithm, stream.KeyExchangeStrength)
            Console.WriteLine("Protocol: {0}", stream.SslProtocol)
        End Sub

        Private Shared Sub DisplaySecurityServices(stream As SslStream)
            Console.WriteLine("Is authenticated: {0} as server? {1}", stream.IsAuthenticated, stream.IsServer)
            Console.WriteLine("IsSigned: {0}", stream.IsSigned)
            Console.WriteLine("Is Encrypted: {0}", stream.IsEncrypted)
        End Sub

        Private Shared Sub DisplayStreamProperties(stream As SslStream)
            Console.WriteLine("Can read: {0}, write {1}", stream.CanRead, stream.CanWrite)
            Console.WriteLine("Can timeout: {0}", stream.CanTimeout)
        End Sub

        Private Shared Sub DisplayCertificateInformation(stream As SslStream)
            Console.WriteLine("Certificate revocation list checked: {0}", stream.CheckCertRevocationStatus)
            Dim localCertificate As X509Certificate = stream.LocalCertificate

            If stream.LocalCertificate IsNot Nothing Then
                Console.WriteLine("Local cert was issued to {0} and is valid from {1} until {2}.", localCertificate.Subject, localCertificate.GetEffectiveDateString(), localCertificate.GetExpirationDateString())
            Else
                Console.WriteLine("Local certificate is null.")
            End If

            ' Display the properties of the client's certificate.
            Dim remoteCertificate As X509Certificate = stream.RemoteCertificate

            If stream.RemoteCertificate IsNot Nothing Then
                Console.WriteLine("Remote cert was issued to {0} and is valid from {1} until {2}.", remoteCertificate.Subject, remoteCertificate.GetEffectiveDateString(), remoteCertificate.GetExpirationDateString())
            Else
                Console.WriteLine("Remote certificate is null.")
            End If
        End Sub

        Private Shared Sub DisplayUsage()
            Console.WriteLine("To start the server specify:")
            Console.WriteLine("serverSync certificateFile.cer")
            Environment.[Exit](1)
        End Sub

        Public Shared Function Main(ByVal args As String()) As Integer
            Dim certificate As String

            If args Is Nothing OrElse args.Length < 1 Then
                DisplayUsage()
            End If

            certificate = args(0)
            RunServer(certificate)
            Return 0
        End Function
    End Class
End Namespace

O exemplo de código a seguir demonstra como criar um TcpClient que usa a classe SslStream para se comunicar com um servidor.The following code example demonstrates creating a TcpClient that uses the SslStream class to communicate with a server.

#using <System.dll>
#using <System.Security.dll>

using namespace System;
using namespace System::Collections;
using namespace System::Globalization;
using namespace System::Net;
using namespace System::Net::Security;
using namespace System::Net::Sockets;
using namespace System::Security::Authentication;
using namespace System::Text;
using namespace System::Security::Cryptography::X509Certificates;
using namespace System::IO;

namespace NlsClientSync
{
    public ref class SslTcpClient
    {
    private:
        static Hashtable^ certificateErrors = gcnew Hashtable;
        // Load a table of errors that might cause 
        // the certificate authentication to fail.
        static void InitializeCertificateErrors()
        {
            certificateErrors->Add(0x800B0101,
                "The certification has expired.");
            certificateErrors->Add(0x800B0104,
                "A path length constraint "
                "in the certification chain has been violated.");
            certificateErrors->Add(0x800B0105,
                "A certificate contains an unknown extension "
                "that is marked critical.");
            certificateErrors->Add(0x800B0107,
                "A parent of a given certificate in fact "
                "did not issue that child certificate.");
            certificateErrors->Add(0x800B0108,
                "A certificate is missing or has an empty value "
                "for a necessary field.");
            certificateErrors->Add(0x800B0109,
                "The certificate root is not trusted.");
            certificateErrors->Add(0x800B010C,
                "The certificate has been revoked.");
            certificateErrors->Add(0x800B010F,
                "The name in the certificate does not not match "
                "the host name requested by the client.");
            certificateErrors->Add(0x800B0111,
                "The certificate was explicitly marked "
                "as untrusted by the user.");
            certificateErrors->Add(0x800B0112,
                "A certification chain processed correctly, "
                "but one of the CA certificates is not trusted.");
            certificateErrors->Add(0x800B0113,
                "The certificate has an invalid policy.");
            certificateErrors->Add(0x800B0114,
                "The certificate name is either not "
                "in the permitted list or is explicitly excluded.");
            certificateErrors->Add(0x80092012,
                "The revocation function was unable to check "
                "revocation for the certificate.");
            certificateErrors->Add(0x80090327,
                "An unknown error occurred while "
                "processing the certificate.");
            certificateErrors->Add(0x80096001,
                "A system-level error occurred "
                "while verifying trust.");
            certificateErrors->Add(0x80096002,
                "The certificate for the signer of the message "
                "is invalid or not found.");
            certificateErrors->Add(0x80096003,
                "One of the counter signatures was invalid.");
            certificateErrors->Add(0x80096004,
                "The signature of the certificate "
                "cannot be verified.");
            certificateErrors->Add(0x80096005,
                "The time stamp signature or certificate "
                "could not be verified or is malformed.");
            certificateErrors->Add(0x80096010,
                "The digital signature of the object "
                "was not verified.");
            certificateErrors->Add(0x80096019,
                "The basic constraint extension of a certificate "
                "has not been observed.");
        }

        static String^ CertificateErrorDescription(UInt32 problem)
        {
            // Initialize the error message dictionary 
            // if it is not yet available.
            if (certificateErrors->Count == 0)
            {
                InitializeCertificateErrors();
            }

            String^ description = safe_cast<String^>(
                certificateErrors[problem]);
            if (description == nullptr)
            {
                description = String::Format(
                    CultureInfo::CurrentCulture,
                    "Unknown certificate error - 0x{0:x8}",
                    problem);
            }

            return description;
        }

    public:
        // The following method is invoked 
        // by the CertificateValidationDelegate.
    static bool ValidateServerCertificate(
            Object^ sender,
            X509Certificate^ certificate,
            X509Chain^ chain,
            SslPolicyErrors sslPolicyErrors)
        {
        
            Console::WriteLine("Validating the server certificate.");
            if (sslPolicyErrors == SslPolicyErrors::None)
                return true;

            Console::WriteLine("Certificate error: {0}", sslPolicyErrors);

            // Do not allow this client to communicate with unauthenticated servers.
            return false;
        }

        static void RunClient(String^ machineName, String^ serverName)
        {
              
            // Create a TCP/IP client socket.
            // machineName is the host running the server application.
            TcpClient^ client = gcnew TcpClient(machineName, 8080);
            Console::WriteLine("Client connected.");
              
            // Create an SSL stream that will close 
            // the client's stream.
            SslStream^ sslStream = gcnew SslStream(
                client->GetStream(), false,
                gcnew RemoteCertificateValidationCallback(ValidateServerCertificate),
                nullptr);
              
            // The server name must match the name
            // on the server certificate.
            try
            {
                sslStream->AuthenticateAsClient(serverName);
            }
            catch (AuthenticationException^ ex) 
            {
                Console::WriteLine("Exception: {0}", ex->Message);
                if (ex->InnerException != nullptr)
                {
                    Console::WriteLine("Inner exception: {0}", 
                        ex->InnerException->Message);
                }

                Console::WriteLine("Authentication failed - "
                    "closing the connection.");
                sslStream->Close();
                client->Close();
                return;
            }
            // Encode a test message into a byte array.
            // Signal the end of the message using the "<EOF>".
            array<Byte>^ messsage = Encoding::UTF8->GetBytes(
                "Hello from the client.<EOF>");
              
            // Send hello message to the server.
            sslStream->Write(messsage);
            sslStream->Flush();
            // Read message from the server.
            String^ serverMessage = ReadMessage(sslStream);
            Console::WriteLine("Server says: {0}", serverMessage);
           
            // Close the client connection.
            sslStream->Close();
            client->Close();
            Console::WriteLine("Client closed.");
        }
    private:
        static String^ ReadMessage(SslStream^ sslStream)
        {
              
            // Read the  message sent by the server.
            // The end of the message is signaled using the
            // "<EOF>" marker.
            array<Byte>^ buffer = gcnew array<Byte>(2048);
            StringBuilder^ messageData = gcnew StringBuilder;
            // Use Decoder class to convert from bytes to UTF8
            // in case a character spans two buffers.
            Encoding^ u8 = Encoding::UTF8;
            Decoder^ decoder = u8->GetDecoder();

            int bytes = -1;
            do
            {
                bytes = sslStream->Read(buffer, 0, buffer->Length);
                 
                array<__wchar_t>^ chars = gcnew array<__wchar_t>(
                    decoder->GetCharCount(buffer, 0, bytes));
                decoder->GetChars(buffer, 0, bytes, chars, 0);
                messageData->Append(chars);
                 
                // Check for EOF.
                if (messageData->ToString()->IndexOf("<EOF>") != -1)
                {
                    break;
                }
            }
            while (bytes != 0);

            return messageData->ToString();
        }
    };
}

int main()
{
    array<String^>^ args = Environment::GetCommandLineArgs();
    String^ serverCertificateName = nullptr;
    String^ machineName = nullptr;
    if (args == nullptr || args->Length < 2)
    {
        Console::WriteLine("To start the client specify:");
        Console::WriteLine("clientSync machineName [serverName]");
        return 1;
    }
        
    // User can specify the machine name and server name.
    // Server name must match the name on 
    // the server's certificate.
    machineName = args[1];
    if (args->Length < 3)
    {
        serverCertificateName = machineName;
    }
    else
    {
        serverCertificateName = args[2];
    };

    NlsClientSync::SslTcpClient::RunClient(machineName,
        serverCertificateName);

    return 0;
}

using System;
using System.Collections;
using System.Net;
using System.Net.Security;
using System.Net.Sockets;
using System.Security.Authentication;
using System.Text;
using System.Security.Cryptography.X509Certificates;
using System.IO;

namespace Examples.System.Net
{
    public class SslTcpClient 
    {   
        private static Hashtable certificateErrors = new Hashtable();
      
        // The following method is invoked by the RemoteCertificateValidationDelegate.
        public static bool ValidateServerCertificate(
              object sender,
              X509Certificate certificate,
              X509Chain chain,
              SslPolicyErrors sslPolicyErrors)
        {
           if (sslPolicyErrors == SslPolicyErrors.None)
                return true;

            Console.WriteLine("Certificate error: {0}", sslPolicyErrors);
            
            // Do not allow this client to communicate with unauthenticated servers.
            return false;
        }
        public static void RunClient(string machineName, string serverName)  
        {
            // Create a TCP/IP client socket.
            // machineName is the host running the server application.
            TcpClient client = new TcpClient(machineName,443);
            Console.WriteLine("Client connected.");
            // Create an SSL stream that will close the client's stream.
            SslStream sslStream = new SslStream(
                client.GetStream(), 
                false, 
                new RemoteCertificateValidationCallback (ValidateServerCertificate), 
                null
                );
            // The server name must match the name on the server certificate.
            try 
            {
                sslStream.AuthenticateAsClient(serverName);
            } 
            catch (AuthenticationException e)
            {
                Console.WriteLine("Exception: {0}", e.Message);
                if (e.InnerException != null)
                {
                    Console.WriteLine("Inner exception: {0}", e.InnerException.Message);
                }
                Console.WriteLine ("Authentication failed - closing the connection.");
                client.Close();
                return;
            }
            // Encode a test message into a byte array.
            // Signal the end of the message using the "<EOF>".
            byte[] messsage = Encoding.UTF8.GetBytes("Hello from the client.<EOF>");
            // Send hello message to the server. 
            sslStream.Write(messsage);
            sslStream.Flush();
            // Read message from the server.
            string serverMessage = ReadMessage(sslStream);
            Console.WriteLine("Server says: {0}", serverMessage);
            // Close the client connection.
            client.Close();
            Console.WriteLine("Client closed.");
        }
        static string ReadMessage(SslStream sslStream)
        {
            // Read the  message sent by the server.
            // The end of the message is signaled using the
            // "<EOF>" marker.
            byte [] buffer = new byte[2048];
            StringBuilder messageData = new StringBuilder();
            int bytes = -1;
            do
            {
                bytes = sslStream.Read(buffer, 0, buffer.Length);
                        
                // Use Decoder class to convert from bytes to UTF8
                // in case a character spans two buffers.
                Decoder decoder = Encoding.UTF8.GetDecoder();
                char[] chars = new char[decoder.GetCharCount(buffer,0,bytes)];
                decoder.GetChars(buffer, 0, bytes, chars,0);
                messageData.Append (chars);
                // Check for EOF.
                if (messageData.ToString().IndexOf("<EOF>") != -1)
                {
                    break;
                }
            } while (bytes != 0); 
            
            return messageData.ToString();
        }
        private static void DisplayUsage()
        { 
            Console.WriteLine("To start the client specify:");
            Console.WriteLine("clientSync machineName [serverName]");
            Environment.Exit(1);
        }
        public static int Main(string[] args)
        {
            string serverCertificateName = null;
            string machineName = null;
            if (args == null ||args.Length <1 )
            {
                DisplayUsage();
            }
            // User can specify the machine name and server name.
            // Server name must match the name on the server's certificate. 
            machineName = args[0];
            if (args.Length <2 )
            {
                serverCertificateName = machineName;
            }
            else 
            {
                serverCertificateName = args[1];
            }
            SslTcpClient.RunClient (machineName, serverCertificateName);
            return 0;
        }
    }
}
    
Imports System.Collections
Imports System.Net
Imports System.Net.Security
Imports System.Net.Sockets
Imports System.Security.Authentication
Imports System.Text
Imports System.Security.Cryptography.X509Certificates
Imports System.IO

Namespace Examples.System.Net

    Public Class SslTcpClient
        
        ' The following method is invoked by the RemoteCertificateValidationDelegate.
        Public Shared Function ValidateServerCertificate(
            sender As Object, 
            certificate As X509Certificate, 
            chain As X509Chain, 
            sslPolicyErrors As SslPolicyErrors) As Boolean
            
            If sslPolicyErrors = SslPolicyErrors.None Then Return True

            Console.WriteLine("Certificate error: {0}", sslPolicyErrors)

            ' Do not allow this client to communicate with unauthenticated servers.
            Return False
        End Function
        Public Shared Sub RunClient(machineName As String, serverName As String)

            ' Create a TCP/IP client socket.
            ' machineName is the host running the server application.
            Dim client = New TcpClient(machineName, 443)
            Console.WriteLine("Client connected.")

            ' Create an SSL stream that will close the client's stream.
            Dim sslStream = New SslStream(
                client.GetStream(), False, 
                New RemoteCertificateValidationCallback(AddressOf ValidateServerCertificate), Nothing)

            ' The server name must match the name on the server certificate.
            Try
                sslStream.AuthenticateAsClient(serverName)
            Catch e As AuthenticationException
                Console.WriteLine("Exception: {0}", e.Message)

                If e.InnerException IsNot Nothing Then
                    Console.WriteLine("Inner exception: {0}", e.InnerException.Message)
                End If

                Console.WriteLine("Authentication failed - closing the connection.")
                client.Close()
                Return
            End Try
            
            ' Encode a test message into a byte array.
            ' Signal the end of the message using the "<EOF>".
            Dim messsage As Byte() = Encoding.UTF8.GetBytes("Hello from the client.<EOF>")
            
            ' Send hello message to the server.
            sslStream.Write(messsage)
            sslStream.Flush()
            ' Read message from the server.
            Dim serverMessage = ReadMessage(sslStream)
            Console.WriteLine("Server says: {0}", serverMessage)

            ' Close the client connection
            client.Close()
            Console.WriteLine("Client closed.")
        End Sub
        
        Private Shared Function ReadMessage(sslStream As SslStream) As String

            ' Read the  message sent by the server.
            ' The end of the message is signaled using the "<EOF>" marker.
            Dim buffer = New Byte(2048) {}
            Dim messageData = New StringBuilder()
            Dim bytes As Integer

            Do
                bytes = sslStream.Read(buffer, 0, buffer.Length)

                ' Use Decoder class to convert from bytes to UTF8
                ' in case a character spans two buffers.        
                Dim decoder As Decoder = Encoding.UTF8.GetDecoder()
                Dim chars = New Char(decoder.GetCharCount(buffer, 0, bytes) - 1) {}
                decoder.GetChars(buffer, 0, bytes, chars, 0)
                messageData.Append(chars)

                ' Check for EOF.
                If messageData.ToString().IndexOf("<EOF>") <> -1 Then Exit Do
                
            Loop While bytes <> 0

            Return messageData.ToString()

        End Function

        Private Shared Sub DisplayUsage()

            Console.WriteLine("To start the client specify:")
            Console.WriteLine("clientSync machineName [serverName]")
            Environment.[Exit](1)

        End Sub

        Public Shared Function Main(args As String()) As Integer

            Dim serverCertificateName As String
            Dim machineName As String

            If args Is Nothing OrElse args.Length < 1 Then
                DisplayUsage()
            End If

            ' User can specify the machine name and server name.
            ' Server name must match the name on the server's certificate. 
            machineName = args(0)

            If args.Length < 2 Then
                serverCertificateName = machineName
            Else
                serverCertificateName = args(1)
            End If

            SslTcpClient.RunClient(machineName, serverCertificateName)

            Return 0

        End Function

    End Class

End Namespace

Comentários

Os protocolos SSL ajudam a fornecer confidencialidade e verificação de integridade para mensagens transmitidas usando um SslStream.SSL protocols help to provide confidentiality and integrity checking for messages transmitted using an SslStream. Uma conexão SSL, como a fornecida pelo SslStream, deve ser usada ao comunicar informações confidenciais entre um cliente e um servidor.An SSL connection, such as that provided by SslStream, should be used when communicating sensitive information between a client and a server. O uso de um SslStream ajuda a impedir que qualquer pessoa leia e viole informações enquanto estiver em trânsito na rede.Using an SslStream helps to prevent anyone from reading and tampering with information while it is in transit on the network.

Uma instância de SslStream transmite dados usando um fluxo que você fornece ao criar o SslStream.An SslStream instance transmits data using a stream that you supply when creating the SslStream. Ao fornecer esse fluxo subjacente, você tem a opção de especificar se fechar o SslStream também fecha o fluxo subjacente.When you supply this underlying stream, you have the option to specify whether closing the SslStream also closes the underlying stream. Normalmente, a classe SslStream é usada com as classes TcpClient e TcpListener.Typically, the SslStream class is used with the TcpClient and TcpListener classes. O método GetStream fornece um NetworkStream adequado para uso com a classe SslStream.The GetStream method provides a NetworkStream suitable for use with the SslStream class.

Depois de criar um SslStream, o servidor e, opcionalmente, o cliente deve ser autenticado.After creating an SslStream, the server and optionally, the client must be authenticated. O servidor deve fornecer um certificado X509 que estabelece uma prova de sua identidade e pode solicitar que o cliente também o faça.The server must provide an X509 certificate that establishes proof of its identity and can request that the client also do so. A autenticação deve ser executada antes de transmitir informações usando uma SslStream.Authentication must be performed before transmitting information using an SslStream. Os clientes iniciam a autenticação usando os métodos de AuthenticateAsClient síncronos, que são bloqueados até que a autenticação seja concluída, ou os métodos de BeginAuthenticateAsClient assíncronos, que não bloqueiam a espera pela autenticação ser concluída.Clients initiate authentication using the synchronous AuthenticateAsClient methods, which block until the authentication completes, or the asynchronous BeginAuthenticateAsClient methods, which do not block waiting for the authentication to complete. Os servidores iniciam a autenticação usando os métodos de BeginAuthenticateAsServer síncronos AuthenticateAsServer ou assíncronos.Servers initiate authentication using the synchronous AuthenticateAsServer or asynchronous BeginAuthenticateAsServer methods. Tanto o cliente quanto o servidor devem iniciar a autenticação.Both client and server must initiate the authentication.

A autenticação é tratada pelo provedor de canal do provedor de suporte de segurança (SSPI).The authentication is handled by the Security Support Provider (SSPI) channel provider. O cliente tem a oportunidade de controlar a validação do certificado do servidor, especificando um delegado RemoteCertificateValidationCallback ao criar um SslStream.The client is given an opportunity to control validation of the server's certificate by specifying a RemoteCertificateValidationCallback delegate when creating an SslStream. O servidor também pode controlar a validação fornecendo um RemoteCertificateValidationCallback delegado.The server can also control validation by supplying a RemoteCertificateValidationCallback delegate. O método referenciado pelo delegado inclui o certificado da parte remota e todos os erros SSPI encontrados ao validar o certificado.The method referenced by the delegate includes the remote party's certificate and any errors SSPI encountered while validating the certificate. Observe que, se o servidor especificar um delegado, o método do delegado será invocado independentemente de o servidor ter solicitado a autenticação do cliente.Note that if the server specifies a delegate, the delegate's method is invoked regardless of whether the server requested client authentication. Se o servidor não solicitou a autenticação do cliente, o método delegate do servidor recebe um certificado nulo e uma matriz vazia de erros de certificado.If the server did not request client authentication, the server's delegate method receives a null certificate and an empty array of certificate errors.

Se o servidor exigir autenticação de cliente, o cliente deverá especificar um ou mais certificados para autenticação.If the server requires client authentication, the client must specify one or more certificates for authentication. Se o cliente tiver mais de um certificado, o cliente poderá fornecer um LocalCertificateSelectionCallback delegado para selecionar o certificado correto para o servidor.If the client has more than one certificate, the client can provide a LocalCertificateSelectionCallback delegate to select the correct certificate for the server. Os certificados do cliente devem estar localizados no repositório de certificados "My" do usuário atual.The client's certificates must be located in the current user's "My" certificate store. Não há suporte para a autenticação de cliente por meio de certificados para o protocolo Ssl2 (versão de SSL 2).Client authentication via certificates is not supported for the Ssl2 (SSL version 2) protocol.

Se a autenticação falhar, você receberá um AuthenticationExceptione o SslStream não será mais utilizável.If the authentication fails, you receive a AuthenticationException, and the SslStream is no longer useable. Você deve fechar esse objeto e remover todas as referências a ele para que ele possa ser coletado pelo coletor de lixo.You should close this object and remove all references to it so that it can be collected by the garbage collector.

Quando o processo de autenticação, também conhecido como handshake de SSL, é bem sucedido, a identidade do servidor (e, opcionalmente, o cliente) é estabelecida e o SslStream pode ser usado pelo cliente e pelo servidor para trocar mensagens.When the authentication process, also known as the SSL handshake, succeeds, the identity of the server (and optionally, the client) is established and the SslStream can be used by the client and server to exchange messages. Antes de enviar ou receber informações, o cliente e o servidor devem verificar os serviços de segurança e os níveis fornecidos pelo SslStream para determinar se o protocolo, os algoritmos e os pontos fortes selecionados atendem aos requisitos de integridade e confidencialidade.Before sending or receiving information, the client and server should check the security services and levels provided by the SslStream to determine whether the protocol, algorithms, and strengths selected meet their requirements for integrity and confidentiality. Se as configurações atuais não forem suficientes, o fluxo deverá ser fechado.If the current settings are not sufficient, the stream should be closed. Você pode verificar os serviços de segurança fornecidos pelo SslStream usando as propriedades IsEncrypted e IsSigned.You can check the security services provided by the SslStream using the IsEncrypted and IsSigned properties. A tabela a seguir mostra os elementos que relatam as configurações de criptografia usadas para autenticação, criptografia e assinatura de dados.The following table shows the elements that report the cryptographic settings used for authentication, encryption and data signing.

ElementoElement MembrosMembers
O protocolo de segurança usado para autenticar o servidor e, opcionalmente, o cliente.The security protocol used to authenticate the server and, optionally, the client. A propriedade SslProtocol e a enumeração SslProtocols associada.The SslProtocol property and the associated SslProtocols enumeration.
O algoritmo de troca de chaves.The key exchange algorithm. A propriedade KeyExchangeAlgorithm e a enumeração ExchangeAlgorithmType associada.The KeyExchangeAlgorithm property and the associated ExchangeAlgorithmType enumeration.
O algoritmo de integridade da mensagem.The message integrity algorithm. A propriedade HashAlgorithm e a enumeração HashAlgorithmType associada.The HashAlgorithm property and the associated HashAlgorithmType enumeration.
O algoritmo de confidencialidade da mensagem.The message confidentiality algorithm. A propriedade CipherAlgorithm e a enumeração CipherAlgorithmType associada.The CipherAlgorithm property and the associated CipherAlgorithmType enumeration.
Os pontos fortes dos algoritmos selecionados.The strengths of the selected algorithms. As propriedades KeyExchangeStrength, HashStrengthe CipherStrength.The KeyExchangeStrength, HashStrength, and CipherStrength properties.

Após uma autenticação bem-sucedida, você pode enviar dados usando os métodos síncronos de Write ou assíncronos BeginWrite.After a successful authentication, you can send data using the synchronous Write or asynchronous BeginWrite methods. Você pode receber dados usando os métodos síncronos Read ou assíncronos BeginRead.You can receive data using the synchronous Read or asynchronous BeginRead methods.

Se você especificou para a SslStream que o fluxo subjacente deve ser deixado aberto, você será responsável por fechar esse fluxo quando terminar de usá-lo.If you specified to the SslStream that the underlying stream should be left open, you are responsible for closing that stream when you are done using it.

Observação

Se o aplicativo que cria o objeto SslStream for executado com as credenciais de um usuário normal, o aplicativo não poderá acessar os certificados instalados no armazenamento do computador local, a menos que a permissão tenha sido explicitamente concedida ao usuário para fazer isso.If the application that creates the SslStream object runs with the credentials of a Normal user, the application will not be able to access certificates installed in the local machine store unless permission has been explicitly given to the user to do so.

SslStream pressupõe que um tempo limite junto com qualquer outro IOException quando um é gerado do fluxo interno será tratado como fatal pelo seu chamador.SslStream assumes that a timeout along with any other IOException when one is thrown from the inner stream will be treated as fatal by its caller. Reutilizar uma instância de SslStream após um tempo limite retornará o lixo.Reusing a SslStream instance after a timeout will return garbage. Um aplicativo deve Close o SslStream e gerar uma exceção nesses casos.An application should Close the SslStream and throw an exception in these cases.

O .NET Framework 4,6 inclui um novo recurso de segurança que bloqueia algoritmos de codificação e hash não seguros para conexões.The .NET Framework 4.6 includes a new security feature that blocks insecure cipher and hashing algorithms for connections. Os aplicativos que usam TLS/SSL por meio de APIs como HttpClient, HttpWebRequest, FTPClient, SmtpClient, SslStream etc. e direcionamento .NET Framework 4,6 obtêm o comportamento mais seguro por padrão.Applications using TLS/SSL through APIs such as HttpClient, HttpWebRequest, FTPClient, SmtpClient, SslStream, etc. and targeting .NET Framework 4.6 get the more-secure behavior by default.

Os desenvolvedores podem optar por recusar esse comportamento para manter a interoperabilidade com os serviços SSL3s existentes ou os serviços de TLS w/RC4.Developers may want to opt out of this behavior in order to maintain interoperability with their existing SSL3 services OR TLS w/ RC4 services. Este artigo explica como modificar seu código para que o novo comportamento seja desabilitado.This article explains how to modify your code so that the new behavior is disabled.

O .NET Framework 4,7 adiciona novas sobrecargas para os métodos que autenticam SslStreams que não especificam uma versão TLS, mas, em vez disso, usam a versão TLS definida como o padrão do sistema no Schannel.The .NET Framework 4.7 adds new overloads for the methods that authenticate SslStreams that do not specify a TLS version, but instead use the TLS version defined as the system default in SCHANNEL. Use esses métodos em seu aplicativo como uma maneira de poder modificar os padrões mais tarde conforme a prática recomendada de versão do TLS muda ao longo do tempo, sem a necessidade de recompilar e reimplantar seu aplicativo.Use these methods in your app as a way to be able to later modify the defaults as TLS version best practice changes over time, without the need to rebuild and redeploy your app.

Consulte também práticas recomendadas de TLS com o .NET Framework.Also see Transport Layer Security (TLS) best practices with the .NET Framework.

Construtores

SslStream(Stream)

Inicializa uma nova instância da classe SslStream usando o Stream especificado.Initializes a new instance of the SslStream class using the specified Stream.

SslStream(Stream, Boolean)

Inicializa uma nova instância da classe SslStream usando o Stream e o comportamento de fechamento de fluxo especificados.Initializes a new instance of the SslStream class using the specified Stream and stream closure behavior.

SslStream(Stream, Boolean, RemoteCertificateValidationCallback)

Inicializa uma nova instância da classe SslStream usando o Stream especificado, o comportamento de fechamento de fluxo e o delegado de validação de certificado.Initializes a new instance of the SslStream class using the specified Stream, stream closure behavior and certificate validation delegate.

SslStream(Stream, Boolean, RemoteCertificateValidationCallback, LocalCertificateSelectionCallback)

Inicializa uma nova instância da classe SslStream usando o Stream especificado, o comportamento de fechamento de fluxo, o delegado de validação de certificado e o delegado de seleção de certificado.Initializes a new instance of the SslStream class using the specified Stream, stream closure behavior, certificate validation delegate and certificate selection delegate.

SslStream(Stream, Boolean, RemoteCertificateValidationCallback, LocalCertificateSelectionCallback, EncryptionPolicy)

Inicializa uma nova instância da classe SslStream usando o Stream especificadoInitializes a new instance of the SslStream class using the specified Stream

Propriedades

CanRead

Obtém um valor Boolean que indica se o fluxo subjacente é legível.Gets a Boolean value that indicates whether the underlying stream is readable.

CanSeek

Obtém um valor Boolean que indica se o fluxo subjacente é pesquisável.Gets a Boolean value that indicates whether the underlying stream is seekable.

CanTimeout

Obtém um valor Boolean que indica se o fluxo subjacente dá suporte a tempos limite.Gets a Boolean value that indicates whether the underlying stream supports time-outs.

CanWrite

Obtém um valor Boolean que indica se o fluxo subjacente é gravável.Gets a Boolean value that indicates whether the underlying stream is writable.

CheckCertRevocationStatus

Obtém um valor Boolean que indica se a lista de certificados revogados é verificada durante o processo de validação de certificado.Gets a Boolean value that indicates whether the certificate revocation list is checked during the certificate validation process.

CipherAlgorithm

Obtém um valor que identifica o algoritmo de criptografia em massa usado por este SslStream.Gets a value that identifies the bulk encryption algorithm used by this SslStream.

CipherStrength

Obtém um valor que identifica a força do algoritmo de criptografia usado por esse SslStream.Gets a value that identifies the strength of the cipher algorithm used by this SslStream.

HashAlgorithm

Obtém o algoritmo usado para gerar MACs (Message Authentication Codes).Gets the algorithm used for generating message authentication codes (MACs).

HashStrength

Obtém um valor que identifica a força do algoritmo de hash usado por essa instância.Gets a value that identifies the strength of the hash algorithm used by this instance.

InnerStream

Obtém o fluxo usado por este AuthenticatedStream para envio e recebimento de dados.Gets the stream used by this AuthenticatedStream for sending and receiving data.

(Herdado de AuthenticatedStream)
IsAuthenticated

Obtém um valor Boolean que indica se a autenticação foi bem-sucedida.Gets a Boolean value that indicates whether authentication was successful.

IsEncrypted

Obtém um valor Boolean que indica se esse SslStream usa criptografia de dados.Gets a Boolean value that indicates whether this SslStream uses data encryption.

IsMutuallyAuthenticated

Obtém um valor Boolean que indica se o servidor e o cliente foram autenticados.Gets a Boolean value that indicates whether both server and client have been authenticated.

IsServer

Obtém um valor Boolean que indica se o lado local da conexão usada por esse SslStream foi autenticado como o servidor.Gets a Boolean value that indicates whether the local side of the connection used by this SslStream was authenticated as the server.

IsSigned

Obtém um valor Boolean que indica se os dados enviados usando esse fluxo são assinados.Gets a Boolean value that indicates whether the data sent using this stream is signed.

KeyExchangeAlgorithm

Obtém o algoritmo de troca de chaves usado por este SslStream.Gets the key exchange algorithm used by this SslStream.

KeyExchangeStrength

Obtém um valor que identifica a força do algoritmo de troca de chaves usado por essa instância.Gets a value that identifies the strength of the key exchange algorithm used by this instance.

LeaveInnerStreamOpen

Obtém a indicação de se o fluxo usado por este AuthenticatedStream para envio e recebimento de dados foi deixado aberto.Gets whether the stream used by this AuthenticatedStream for sending and receiving data has been left open.

(Herdado de AuthenticatedStream)
Length

Obtém o comprimento do fluxo subjacente.Gets the length of the underlying stream.

LocalCertificate

Obtém o certificado usado para autenticar o ponto de extremidade local.Gets the certificate used to authenticate the local endpoint.

NegotiatedApplicationProtocol
NegotiatedCipherSuite

Obtém o conjunto de criptografias que foi negociado para esta conexão.Gets the cipher suite which was negotiated for this connection.

Position

Obtém ou define a posição atual no fluxo subjacente.Gets or sets the current position in the underlying stream.

ReadTimeout

Obtém ou define a quantidade de tempo, expressa em milissegundos, que uma operação de leitura é bloqueada aguardando dados.Gets or sets the amount of time, expressed in milliseconds, a read operation blocks waiting for data.

RemoteCertificate

Obtém o certificado usado para autenticar o ponto de extremidade remoto.Gets the certificate used to authenticate the remote endpoint.

SslProtocol

Obtém um valor que indica o protocolo de segurança usado para autenticar esta conexão.Gets a value that indicates the security protocol used to authenticate this connection.

TransportContext

Obtém o TransportContext usado para autenticação utilizando a proteção estendida.Gets the TransportContext used for authentication using extended protection.

WriteTimeout

Obtém ou define a quantidade de tempo pela qual uma operação de gravação fica bloqueada aguardando dados.Gets or sets the amount of time a write operation blocks waiting for data.

Métodos

AuthenticateAsClient(String)

Chamado por clientes para autenticar o servidor e, como opção, o cliente em uma conexão de cliente-servidor.Called by clients to authenticate the server and optionally the client in a client-server connection.

AuthenticateAsClient(String, X509CertificateCollection, Boolean)

Chamado por clientes para autenticar o servidor e, como opção, o cliente em uma conexão de cliente-servidor.Called by clients to authenticate the server and optionally the client in a client-server connection. O processo de autenticação usa o protocolo SSL padrão do sistema e a coleção de certificado especificados.The authentication process uses the specified certificate collection, and the system default SSL protocol.

AuthenticateAsClient(String, X509CertificateCollection, SslProtocols, Boolean)

Chamado por clientes para autenticar o servidor e, como opção, o cliente em uma conexão de cliente-servidor.Called by clients to authenticate the server and optionally the client in a client-server connection. O processo de autenticação usa o protocolo SSL e coleção de certificado especificados.The authentication process uses the specified certificate collection and SSL protocol.

AuthenticateAsClientAsync(SslClientAuthenticationOptions, CancellationToken)
AuthenticateAsClientAsync(String)

Chamado por clientes para autenticar o servidor e, como opção, o cliente em uma conexão de cliente-servidor como uma operação assíncrona.Called by clients to authenticate the server and optionally the client in a client-server connection as an asynchronous operation.

AuthenticateAsClientAsync(String, X509CertificateCollection, Boolean)

Chamado por clientes para autenticar o servidor e, como opção, o cliente em uma conexão de cliente-servidor como uma operação assíncrona.Called by clients to authenticate the server and optionally the client in a client-server connection as an asynchronous operation. O processo de autenticação usa o protocolo SSL padrão do sistema e a coleção de certificado especificados.The authentication process uses the specified certificate collection and the system default SSL protocol.

AuthenticateAsClientAsync(String, X509CertificateCollection, SslProtocols, Boolean)

Chamado por clientes para autenticar o servidor e, como opção, o cliente em uma conexão de cliente-servidor como uma operação assíncrona.Called by clients to authenticate the server and optionally the client in a client-server connection as an asynchronous operation. O processo de autenticação usa o protocolo SSL e coleção de certificado especificados.The authentication process uses the specified certificate collection and SSL protocol.

AuthenticateAsServer(X509Certificate)

Chamada pelos servidores para autenticar o servidor e, opcionalmente, o cliente em uma conexão cliente-servidor usando o certificado especificado.Called by servers to authenticate the server and optionally the client in a client-server connection using the specified certificate.

AuthenticateAsServer(X509Certificate, Boolean, Boolean)

Chamado pelos servidores para autenticar o servidor e, opcionalmente, o cliente em uma conexão cliente-servidor usando os certificados e requisitos especificados e o protocolo de segurança padrão.Called by servers to authenticate the server and optionally the client in a client-server connection using the specified certificates and requirements, and using the system default security protocol.

AuthenticateAsServer(X509Certificate, Boolean, SslProtocols, Boolean)

Chamado pelos servidores para autenticar o servidor e, opcionalmente, o cliente em uma conexão cliente-servidor usando os certificados especificados, requisitos e o protocolo de segurança.Called by servers to authenticate the server and optionally the client in a client-server connection using the specified certificates, requirements and security protocol.

AuthenticateAsServerAsync(SslServerAuthenticationOptions, CancellationToken)
AuthenticateAsServerAsync(X509Certificate)

Chamado pelos servidores para autenticar o servidor e, opcionalmente, o cliente em uma conexão cliente-servidor usando o certificado especificado como uma operação assíncrona.Called by servers to authenticate the server and optionally the client in a client-server connection using the specified certificate as an asynchronous operation.

AuthenticateAsServerAsync(X509Certificate, Boolean, Boolean)

Chamado pelos servidores para autenticar o servidor e, opcionalmente, o cliente em uma conexão cliente-servidor usando os certificados especificados, requisitos e o protocolo de segurança como uma operação síncrona.Called by servers to authenticate the server and optionally the client in a client-server connection using the specified certificates, requirements and security protocol as an asynchronous operation.

AuthenticateAsServerAsync(X509Certificate, Boolean, SslProtocols, Boolean)

Chamado pelos servidores para autenticar o servidor e, opcionalmente, o cliente em uma conexão cliente-servidor usando os certificados especificados, requisitos e o protocolo de segurança como uma operação síncrona.Called by servers to authenticate the server and optionally the client in a client-server connection using the specified certificates, requirements and security protocol as an asynchronous operation.

BeginAuthenticateAsClient(String, AsyncCallback, Object)

Chamado por clientes para iniciar uma operação assíncrona para autenticar o servidor e, opcionalmente, o cliente.Called by clients to begin an asynchronous operation to authenticate the server and optionally the client.

BeginAuthenticateAsClient(String, X509CertificateCollection, Boolean, AsyncCallback, Object)

Chamado por clientes para iniciar uma operação assíncrona para autenticar o servidor e, opcionalmente, o cliente usando os certificados especificados e o protocolo de segurança do sistema padrão.Called by clients to begin an asynchronous operation to authenticate the server and optionally the client using the specified certificates and the system default security protocol.

BeginAuthenticateAsClient(String, X509CertificateCollection, SslProtocols, Boolean, AsyncCallback, Object)

Chamado por clientes para iniciar uma operação assíncrona para autenticar o servidor e, opcionalmente, o cliente usando o protocolo de segurança e certificados especificados.Called by clients to begin an asynchronous operation to authenticate the server and optionally the client using the specified certificates and security protocol.

BeginAuthenticateAsServer(X509Certificate, AsyncCallback, Object)

Chamado por servidores para iniciar uma operação assíncrona para autenticar o cliente e, opcionalmente, o servidor em uma conexão cliente-servidor.Called by servers to begin an asynchronous operation to authenticate the client and optionally the server in a client-server connection.

BeginAuthenticateAsServer(X509Certificate, Boolean, Boolean, AsyncCallback, Object)

Chamado por servidores para iniciar uma operação assíncrona para autenticar o servidor e, opcionalmente, o cliente usando os certificados e requisitos especificados, e o protocolo de segurança do sistema padrão.Called by servers to begin an asynchronous operation to authenticate the server and optionally the client using the specified certificates and requirements, and the system default security protocol.

BeginAuthenticateAsServer(X509Certificate, Boolean, SslProtocols, Boolean, AsyncCallback, Object)

Chamado por servidores para iniciar uma operação assíncrona para autenticar o servidor e, opcionalmente, o cliente usando os certificados, requisitos e protocolo de segurança especificados.Called by servers to begin an asynchronous operation to authenticate the server and optionally the client using the specified certificates, requirements and security protocol.

BeginRead(Byte[], Int32, Int32, AsyncCallback, Object)

Inicia uma operação de leitura assíncrona que lê os dados do fluxo e os armazena na matriz especificada.Begins an asynchronous read operation that reads data from the stream and stores it in the specified array.

BeginWrite(Byte[], Int32, Int32, AsyncCallback, Object)

Inicia uma operação de gravação assíncrona que grava Bytes do buffer especificado no fluxo.Begins an asynchronous write operation that writes Bytes from the specified buffer to the stream.

Close()

Fecha o fluxo atual e libera todos os recursos (como soquetes e identificadores de arquivos) associados ao fluxo atual.Closes the current stream and releases any resources (such as sockets and file handles) associated with the current stream. Em vez de chamar esse método, verifique se o fluxo é descartado corretamente.Instead of calling this method, ensure that the stream is properly disposed.

(Herdado de Stream)
CopyTo(Stream)

Lê os bytes do fluxo atual e os grava em outro fluxo.Reads the bytes from the current stream and writes them to another stream.

(Herdado de Stream)
CopyTo(Stream, Int32)

Lê os bytes do fluxo atual e os grava em outro fluxo usando um tamanho do buffer especificado.Reads the bytes from the current stream and writes them to another stream, using a specified buffer size.

(Herdado de Stream)
CopyToAsync(Stream)

Lê de forma assíncrona os bytes do fluxo atual e os grava em outro fluxo.Asynchronously reads the bytes from the current stream and writes them to another stream.

(Herdado de Stream)
CopyToAsync(Stream, CancellationToken)

Lê de forma assíncrona os bytes do fluxo atual e os grava em outro fluxo usando um token de cancelamento especificado.Asynchronously reads the bytes from the current stream and writes them to another stream, using a specified cancellation token.

(Herdado de Stream)
CopyToAsync(Stream, Int32)

Lê de maneira assíncrona os bytes do fluxo atual e os grava em outro fluxo usando um tamanho do buffer especificado.Asynchronously reads the bytes from the current stream and writes them to another stream, using a specified buffer size.

(Herdado de Stream)
CopyToAsync(Stream, Int32, CancellationToken)

Lê de forma assíncrona os bytes do fluxo atual e os grava em outro fluxo usando um tamanho do buffer especificado e um token de cancelamento.Asynchronously reads the bytes from the current stream and writes them to another stream, using a specified buffer size and cancellation token.

(Herdado de Stream)
CreateObjRef(Type)

Cria um objeto que contém todas as informações relevantes necessárias para gerar um proxy usado para se comunicar com um objeto remoto.Creates an object that contains all the relevant information required to generate a proxy used to communicate with a remote object.

(Herdado de MarshalByRefObject)
CreateWaitHandle()

Aloca um objeto WaitHandle.Allocates a WaitHandle object.

(Herdado de Stream)
Dispose()

Libera todos os recursos usados pelo Stream.Releases all resources used by the Stream.

(Herdado de Stream)
Dispose(Boolean)

Libera os recursos não gerenciados usados pelo SslStream e opcionalmente libera os recursos gerenciados.Releases the unmanaged resources used by the SslStream and optionally releases the managed resources.

DisposeAsync()

Libera de forma assíncrona os recursos gerenciados e não gerenciados usados pelo SslStream.Asynchronously releases the unmanaged and managed resources used by the SslStream.

EndAuthenticateAsClient(IAsyncResult)

Encerra uma operação assíncrona de autenticação de servidor pendente iniciada com uma chamada anterior para BeginAuthenticateAsClient.Ends a pending asynchronous server authentication operation started with a previous call to BeginAuthenticateAsClient.

EndAuthenticateAsServer(IAsyncResult)

Encerra uma operação assíncrona de autenticação de cliente pendente iniciada com uma chamada anterior para BeginAuthenticateAsClient.Ends a pending asynchronous client authentication operation started with a previous call to BeginAuthenticateAsClient.

EndRead(IAsyncResult)

Encerra uma operação de leitura assíncrona iniciada em uma chamada anterior a BeginRead(Byte[], Int32, Int32, AsyncCallback, Object).Ends an asynchronous read operation started with a previous call to BeginRead(Byte[], Int32, Int32, AsyncCallback, Object).

EndWrite(IAsyncResult)

Encerra uma operação de gravação assíncrona iniciada em uma chamada anterior a BeginWrite(Byte[], Int32, Int32, AsyncCallback, Object).Ends an asynchronous write operation started with a previous call to BeginWrite(Byte[], Int32, Int32, AsyncCallback, Object).

Equals(Object)

Determina se o objeto especificado é igual ao objeto atual.Determines whether the specified object is equal to the current object.

(Herdado de Object)
Flush()

Faz com que os dados armazenados em buffer sejam gravados no dispositivo subjacente.Causes any buffered data to be written to the underlying device.

FlushAsync()

Limpa de forma assíncrona todos os buffers nesse fluxo e faz com que os dados armazenados em buffer sejam gravados no dispositivo subjacente.Asynchronously clears all buffers for this stream and causes any buffered data to be written to the underlying device.

(Herdado de Stream)
FlushAsync(CancellationToken)
GetHashCode()

Serve como a função de hash padrão.Serves as the default hash function.

(Herdado de Object)
GetLifetimeService()

Recupera o objeto de serviço de tempo de vida atual que controla a política de ciclo de vida para esta instância.Retrieves the current lifetime service object that controls the lifetime policy for this instance.

(Herdado de MarshalByRefObject)
GetType()

Obtém o Type da instância atual.Gets the Type of the current instance.

(Herdado de Object)
InitializeLifetimeService()

Obtém um objeto de serviço de tempo de vida para controlar a política de tempo de vida para essa instância.Obtains a lifetime service object to control the lifetime policy for this instance.

(Herdado de MarshalByRefObject)
MemberwiseClone()

Cria uma cópia superficial do Object atual.Creates a shallow copy of the current Object.

(Herdado de Object)
MemberwiseClone(Boolean)

Cria uma cópia superficial do objeto MarshalByRefObject atual.Creates a shallow copy of the current MarshalByRefObject object.

(Herdado de MarshalByRefObject)
ObjectInvariant()

Oferece suporte a um Contract.Provides support for a Contract.

(Herdado de Stream)
Read(Byte[], Int32, Int32)

Lê os dados desse fluxo e o armazena na matriz especificada.Reads data from this stream and stores it in the specified array.

Read(Span<Byte>)

Quando for substituído em uma classe derivada, lê uma sequência de bytes do fluxo atual e avança a posição dentro do fluxo até o número de bytes lidos.When overridden in a derived class, reads a sequence of bytes from the current stream and advances the position within the stream by the number of bytes read.

(Herdado de Stream)
ReadAsync(Byte[], Int32, Int32)

Lê uma sequência de bytes do fluxo atual de forma assíncrona e avança a posição no fluxo até o número de bytes lidos.Asynchronously reads a sequence of bytes from the current stream and advances the position within the stream by the number of bytes read.

(Herdado de Stream)
ReadAsync(Byte[], Int32, Int32, CancellationToken)

Lê de forma assíncrona os dados desse fluxo e armazena-os no intervalo especificado de uma matriz de bytes.Asynchronously reads data from this stream and stores it in the specified range of a byte array.

ReadAsync(Memory<Byte>, CancellationToken)

Lê de forma assíncrona os dados desse fluxo e armazena-os no intervalo de memória especificado.Asynchronously reads data from this stream and stores it in the specified memory range.

ReadByte()

Lê um byte do SslStream e avança a posição no fluxo em um byte ou retorna -1 caso esteja no final do fluxo.Reads a byte from the SslStream and advances the position within the stream by one byte, or returns -1 if at the end of the stream.

Seek(Int64, SeekOrigin)

Gera uma NotSupportedException.Throws a NotSupportedException.

SetLength(Int64)

Define o comprimento do fluxo subjacente.Sets the length of the underlying stream.

ShutdownAsync()

Desliga este SslStream.Shuts down this SslStream.

ToString()

Retorna uma cadeia de caracteres que representa o objeto atual.Returns a string that represents the current object.

(Herdado de Object)
Write(Byte[])

Grava os dados especificados nesse fluxo.Writes the specified data to this stream.

Write(Byte[], Int32, Int32)

Grave o número especificado de Bytes no fluxo subjacente usando o buffer e o deslocamento especificados.Write the specified number of Bytes to the underlying stream using the specified buffer and offset.

Write(ReadOnlySpan<Byte>)

Quando for substituído em uma classe derivada, grava uma sequência de bytes no fluxo atual e avança a posição atual dentro desse fluxo até o número de bytes gravados.When overridden in a derived class, writes a sequence of bytes to the current stream and advances the current position within this stream by the number of bytes written.

(Herdado de Stream)
WriteAsync(Byte[], Int32, Int32)

Grava assincronamente uma sequência de bytes no fluxo atual e avança a posição atual dentro desse fluxo no número de bytes gravados.Asynchronously writes a sequence of bytes to the current stream and advances the current position within this stream by the number of bytes written.

(Herdado de Stream)
WriteAsync(Byte[], Int32, Int32, CancellationToken)

Grava de forma assíncrona os dados compactados no fluxo subjacente do intervalo especificado de uma matriz de bytes.Asynchronously writes data to the underlying stream from the specified range of a byte array.

WriteAsync(ReadOnlyMemory<Byte>, CancellationToken)

Grava de forma assíncrona os dados no fluxo subjacente de um intervalo de memória de bytes somente leitura.Asynchronously writes data to the underlying stream from a read-only byte memory range.

WriteByte(Byte)

Grava um byte na posição atual no fluxo e avança a posição dentro no fluxo em um byte.Writes a byte to the current position in the stream and advances the position within the stream by one byte.

(Herdado de Stream)

Implantações explícitas de interface

IDisposable.Dispose()

Libera todos os recursos usados pelo Stream.Releases all resources used by the Stream.

(Herdado de Stream)

Aplica-se a

Veja também