2

I've had a design where one Socket has two NetworkStream opened: one for reads and one for writes.

When updating the code to start using SslStreams a call to sslStream.AuthenticateAsClientAsync yields an error for the second stream (order is not relevant).

Win32Exception: The token supplied to the function is invalid

Q: Is there a way to have two active and authenticated SslStream against one Socket?

Sample code:

NetworkStream readStream = socket.CreateReadWriteStream();
NetworkStream writeStream = socket.CreateReadWriteStream();

var sslR = new SslStream(readStream, false, RemoteCertificateValidationCallback, null, EncryptionPolicy.RequireEncryption);
var sslW = new SslStream(writeStream, false, RemoteCertificateValidationCallback, null, EncryptionPolicy.RequireEncryption);

var clientAuthOptions = new SslClientAuthenticationOptions
{
    RemoteCertificateValidationCallback = RemoteCertificateValidationCallback,
    AllowRenegotiation = true,
    CertificateRevocationCheckMode = X509RevocationMode.Online,
    ClientCertificates = connectionInfo.ClientCertificates,
    EnabledSslProtocols = SslProtocols.Tls12,
    EncryptionPolicy = EncryptionPolicy.RequireEncryption,
    TargetHost = host.Address
};

//Suceeds
await sslR.AuthenticateAsClientAsync(clientAuthOptions, cancellationToken).ConfigureAwait(false);

//Fails
await sslW.AuthenticateAsClientAsync(clientAuthOptions, cancellationToken).ConfigureAwait(false);
Uwe Keim
  • 39,551
  • 56
  • 175
  • 291
Daniel
  • 8,133
  • 5
  • 36
  • 51
  • Authentication requires bidirectional communication, so the stream wrapped by `SslStream` would need to be both a readable and writeable stream. – Stephen Cleary Dec 17 '19 at 22:40
  • @StephenCleary yes, but that's not what I'm asking about. I'm wondering if there's a way to have two SslStreams open against one Socket somehow where both have ReadWrite capabilities. – Daniel Dec 21 '19 at 12:03
  • No, that's not possible. I don't know what you're trying to do; what you're asking to do doesn't make sense. – Stephen Cleary Dec 21 '19 at 12:08
  • Converting an old flow that ensured reads was done separately in one background thread and writes one multiple threads (synchronized). Then it made sense. – Daniel Dec 21 '19 at 18:32
  • You'd just need one `SslStream` and serialize the writes yourself. – Stephen Cleary Dec 23 '19 at 04:31

0 Answers0