ssl 证书代码异常
Exception in ssl certificate code
我用 sslStream 建立了一个客户端服务器套接字连接,但是当代码到达第 AuthenticateAsServer 行时,服务器上出现异常我在互联网上搜索但我找不到合适的回答为什么会这样。
我在我的项目中创建了 .pfx 测试文件,并为其设置了一个简单的密码。我不知道问题是否来自文件。
异常在行:sslStream.AuthenticateAsServer(certificate);
基本异常是:调用 sspi 失败
内部异常是:clients客户端和服务端无法通信,因为他们不具备通用算法
服务器有点长,我添加了发生异常的部分代码和所有客户端代码:
这是服务器:
public void AcceptCallBack(IAsyncResult ar)
{
// clients.Add(new myClient(server.EndAccept(ar)));
// try
// {
myClient c = new myClient();
// Socket handle = (Socket)ar.AsyncState;
TcpListener handle = (TcpListener)ar.AsyncState;
byte[] buff=new byte[2048] ;
// Socket hand = handle.EndAccept(out buff,ar);
TcpClient hand = handle.EndAcceptTcpClient(ar);
dowork.Set();
c.tcp = hand;
clients.Add(c);
// hand.BeginReceive(c.buffer, 0, c.buffer.Length, SocketFlags.None, new AsyncCallback(receiveIDCallBack), c);
using (SslStream sslStream = new SslStream(hand.GetStream()))
{
sslStream.AuthenticateAsServer(certificate);
// ... Send and read data over the stream
sslStream.BeginWrite(buff,0,buff.Length,new AsyncCallback(sendCallBack),c);
count++;
sslStream.BeginRead(c.buffer,0,c.buffer.Length,new AsyncCallback(receiveIDCallBack),c);
}
// }
// catch(Exception)
// {
// }
}//end of acceptcallback function
这是客户:
using UnityEngine;
using System.Collections;
using System;
using System.Net;
using System.Net.Sockets;
using System.Text;
using System.Net.Security;
using System.Security.Cryptography;
using System.Security.Cryptography.X509Certificates;
public class sslCode : MonoBehaviour {
// private Socket _clientSocket = new Socket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp);
private byte[] _recieveBuffer = new byte[8142];
static string server = "127.0.0.1";
TcpClient client;
public string message;
public string receive;
public string send;
private void SetupServer()
{
try
{
// client.Connect(new IPEndPoint(IPAddress.Parse("127.0.0.1"), 1500));
client = new TcpClient(server,1500);
message = "connected";
}
catch (SocketException ex)
{
Debug.Log(ex.Message);
message = ex.Message;
}
// _clientSocket.BeginReceive(_recieveBuffer, 0, _recieveBuffer.Length, SocketFlags.None, new AsyncCallback(ReceiveCallback), null);
// Create a secure stream
using (SslStream sslStream = new SslStream(client.GetStream(), false,
new RemoteCertificateValidationCallback(ValidateServerCertificate), null))
{
sslStream.AuthenticateAsClient(server);
// ... Send and read data over the stream
sslStream.BeginRead(_recieveBuffer, 0, _recieveBuffer.Length, new AsyncCallback(ReceiveCallback),null);
}
}
private bool ValidateServerCertificate(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors)
{
throw new NotImplementedException();
}// end of setup server
private void ReceiveCallback(IAsyncResult AR)
{
//Check how much bytes are recieved and call EndRecieve to finalize handshake
using (SslStream sslStream = new SslStream(client.GetStream(), false,
new RemoteCertificateValidationCallback(ValidateServerCertificate), null))
{
sslStream.AuthenticateAsClient(server);
// ... Send and read data over the stream
int recieved = sslStream.EndRead(AR);
if (recieved <= 0)
return;
//Copy the recieved data into new buffer , to avoid null bytes
byte[] recData = new byte[recieved];
Buffer.BlockCopy(_recieveBuffer, 0, recData, 0, recieved);
//Process data here the way you want , all your bytes will be stored in recData
receive = Encoding.ASCII.GetString(recData);
//Start receiving again
sslStream.BeginRead(_recieveBuffer, 0, _recieveBuffer.Length, new AsyncCallback(ReceiveCallback), null);
}
}// end of receiveCallBack
private void SendData(string dd)
{
using (SslStream sslStream = new SslStream(client.GetStream(), false,
new RemoteCertificateValidationCallback(ValidateServerCertificate), null))
{
sslStream.AuthenticateAsClient(server);
// ... Send and read data over the stream
byte[] data = Encoding.ASCII.GetBytes(dd);
SocketAsyncEventArgs socketAsyncData = new SocketAsyncEventArgs();
socketAsyncData.SetBuffer(data, 0, data.Length);
sslStream.BeginWrite(data,0,data.Length,new AsyncCallback(sendcallback),null);
send = dd;
sslStream.BeginRead(_recieveBuffer, 0, _recieveBuffer.Length, new AsyncCallback(ReceiveCallback), null);
}
}
private void sendcallback(IAsyncResult ar)
{
}// end of send data
请问是vs生成的证书文件的问题还是windows的选项?
我在互联网上搜索了一些,我认为我用于我的证书文件的算法不匹配的可能性应该与 windows 8.1 可以理解的算法不匹配。我真的不知道....
让我为我的证书制作的算法是 "sha256RSA" 和 "sha1RSA"
感谢您的帮助
i made the .pfx testfile in my project
这是一个大红旗。在对您使用的工具一无所知的情况下,最好的猜测是您创建了一个 signing 证书。它不适用于密钥交换。 blog post.
涵盖的故障模式
在不了解您的 OS 的情况下,我不得不猜测您使用 Linux。在这种情况下 this question 应该会有帮助。如果这是一个错误的猜测,那么通过谷歌搜索“创建自签名 ssl 证书,将适当的关键字添加到 select 您的 OS and/or 工具链来帮助自己。
谢谢我的朋友们,我终于找到了我的问题。
代码需要稍作修改,但主要问题不是代码。
问题出在证书文件的工作方式上。我刚刚生成了一个 pfx 文件并将其地址提供给以下代码:
sslStream.AuthenticateAsServer(server);
但现在我在 Internet 选项中制作了 pfx 格式并将其导入到个人部分,然后将其导出到受信任的根部分,因此将生成该 pfx 文件的 cer 格式,它只包含 public该 pfx 文件的密钥。
所以现在代码运行得很好。
我用 sslStream 建立了一个客户端服务器套接字连接,但是当代码到达第 AuthenticateAsServer 行时,服务器上出现异常我在互联网上搜索但我找不到合适的回答为什么会这样。 我在我的项目中创建了 .pfx 测试文件,并为其设置了一个简单的密码。我不知道问题是否来自文件。
异常在行:sslStream.AuthenticateAsServer(certificate);
基本异常是:调用 sspi 失败
内部异常是:clients客户端和服务端无法通信,因为他们不具备通用算法
服务器有点长,我添加了发生异常的部分代码和所有客户端代码:
这是服务器:
public void AcceptCallBack(IAsyncResult ar)
{
// clients.Add(new myClient(server.EndAccept(ar)));
// try
// {
myClient c = new myClient();
// Socket handle = (Socket)ar.AsyncState;
TcpListener handle = (TcpListener)ar.AsyncState;
byte[] buff=new byte[2048] ;
// Socket hand = handle.EndAccept(out buff,ar);
TcpClient hand = handle.EndAcceptTcpClient(ar);
dowork.Set();
c.tcp = hand;
clients.Add(c);
// hand.BeginReceive(c.buffer, 0, c.buffer.Length, SocketFlags.None, new AsyncCallback(receiveIDCallBack), c);
using (SslStream sslStream = new SslStream(hand.GetStream()))
{
sslStream.AuthenticateAsServer(certificate);
// ... Send and read data over the stream
sslStream.BeginWrite(buff,0,buff.Length,new AsyncCallback(sendCallBack),c);
count++;
sslStream.BeginRead(c.buffer,0,c.buffer.Length,new AsyncCallback(receiveIDCallBack),c);
}
// }
// catch(Exception)
// {
// }
}//end of acceptcallback function
这是客户:
using UnityEngine;
using System.Collections;
using System;
using System.Net;
using System.Net.Sockets;
using System.Text;
using System.Net.Security;
using System.Security.Cryptography;
using System.Security.Cryptography.X509Certificates;
public class sslCode : MonoBehaviour {
// private Socket _clientSocket = new Socket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp);
private byte[] _recieveBuffer = new byte[8142];
static string server = "127.0.0.1";
TcpClient client;
public string message;
public string receive;
public string send;
private void SetupServer()
{
try
{
// client.Connect(new IPEndPoint(IPAddress.Parse("127.0.0.1"), 1500));
client = new TcpClient(server,1500);
message = "connected";
}
catch (SocketException ex)
{
Debug.Log(ex.Message);
message = ex.Message;
}
// _clientSocket.BeginReceive(_recieveBuffer, 0, _recieveBuffer.Length, SocketFlags.None, new AsyncCallback(ReceiveCallback), null);
// Create a secure stream
using (SslStream sslStream = new SslStream(client.GetStream(), false,
new RemoteCertificateValidationCallback(ValidateServerCertificate), null))
{
sslStream.AuthenticateAsClient(server);
// ... Send and read data over the stream
sslStream.BeginRead(_recieveBuffer, 0, _recieveBuffer.Length, new AsyncCallback(ReceiveCallback),null);
}
}
private bool ValidateServerCertificate(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors)
{
throw new NotImplementedException();
}// end of setup server
private void ReceiveCallback(IAsyncResult AR)
{
//Check how much bytes are recieved and call EndRecieve to finalize handshake
using (SslStream sslStream = new SslStream(client.GetStream(), false,
new RemoteCertificateValidationCallback(ValidateServerCertificate), null))
{
sslStream.AuthenticateAsClient(server);
// ... Send and read data over the stream
int recieved = sslStream.EndRead(AR);
if (recieved <= 0)
return;
//Copy the recieved data into new buffer , to avoid null bytes
byte[] recData = new byte[recieved];
Buffer.BlockCopy(_recieveBuffer, 0, recData, 0, recieved);
//Process data here the way you want , all your bytes will be stored in recData
receive = Encoding.ASCII.GetString(recData);
//Start receiving again
sslStream.BeginRead(_recieveBuffer, 0, _recieveBuffer.Length, new AsyncCallback(ReceiveCallback), null);
}
}// end of receiveCallBack
private void SendData(string dd)
{
using (SslStream sslStream = new SslStream(client.GetStream(), false,
new RemoteCertificateValidationCallback(ValidateServerCertificate), null))
{
sslStream.AuthenticateAsClient(server);
// ... Send and read data over the stream
byte[] data = Encoding.ASCII.GetBytes(dd);
SocketAsyncEventArgs socketAsyncData = new SocketAsyncEventArgs();
socketAsyncData.SetBuffer(data, 0, data.Length);
sslStream.BeginWrite(data,0,data.Length,new AsyncCallback(sendcallback),null);
send = dd;
sslStream.BeginRead(_recieveBuffer, 0, _recieveBuffer.Length, new AsyncCallback(ReceiveCallback), null);
}
}
private void sendcallback(IAsyncResult ar)
{
}// end of send data
请问是vs生成的证书文件的问题还是windows的选项?
我在互联网上搜索了一些,我认为我用于我的证书文件的算法不匹配的可能性应该与 windows 8.1 可以理解的算法不匹配。我真的不知道....
让我为我的证书制作的算法是 "sha256RSA" 和 "sha1RSA" 感谢您的帮助
i made the .pfx testfile in my project
这是一个大红旗。在对您使用的工具一无所知的情况下,最好的猜测是您创建了一个 signing 证书。它不适用于密钥交换。 blog post.
涵盖的故障模式在不了解您的 OS 的情况下,我不得不猜测您使用 Linux。在这种情况下 this question 应该会有帮助。如果这是一个错误的猜测,那么通过谷歌搜索“创建自签名 ssl 证书,将适当的关键字添加到 select 您的 OS and/or 工具链来帮助自己。
谢谢我的朋友们,我终于找到了我的问题。
代码需要稍作修改,但主要问题不是代码。
问题出在证书文件的工作方式上。我刚刚生成了一个 pfx 文件并将其地址提供给以下代码:
sslStream.AuthenticateAsServer(server);
但现在我在 Internet 选项中制作了 pfx 格式并将其导入到个人部分,然后将其导出到受信任的根部分,因此将生成该 pfx 文件的 cer 格式,它只包含 public该 pfx 文件的密钥。
所以现在代码运行得很好。