Adding encryption to a server built with SocketAsyncEventArgs

Question

I've looked high and low and am quite surprised to find absolutely nothing that answers this question:

How can one implement SSL/TLS (or similar) encryption when using SocketAsyncEventArgs? I did read that one could theoretically use a SslStream and "cheat" by creating a go-between to coordinate data in and out of the stream, to and from the socket. That all seems ridiculous...

I Looked into BouncyCastle but they don't seem to have support for server-side encryption. Admittedly, the source for this info is almost 10 years old, but my own research turned up nothing.

I'm not interested in changing my server architecture, so please refrain from telling me "I don't really need the performance of SocketAsyncEVentArgs and should just change to TcpListener".

I'm interested in any method of implementing reliable encryption between client and server using SocketAsyncEventArgs.

Answer 1

There is no direct way to attach SAEA to encryption. They don't share an API in common, so everything is bridges.

The easiest way to do this is - as you know - SslStream, but: that isn't usually compatible with SocketAsyncEventArgs. There are alternatives - I can think of at least 3 different ways of doing this with "pipelines", for example; but all of them would be a major architecture change from naked SAEA. So if the difference between SAEA and SslStream is too large, the difference between SAEA and IDuplexPipe is even larger. However, "pipelines" is designed for high scalable perf, so... maybe it'll suit your tastes anyway? I've blogged about pipelines a lot recently, if it would help; plus I have github examples of client/server code, including a 2.5M+ ops/second redis-like server.