dotnet/Doc/UpgradeLog/Sers2.1.1.txt

@@ -113,4 +113,8 @@ ServiceCenter
 
 [tag]Sers2.1.1.351
 ------------------------------------------------------------------------------------------------------------------
+CL通信层 加原始数据库加密层（StreamSecurity）
+
+[tag]Sers2.1.1.354
+------------------------------------------------------------------------------------------------------------------
 

dotnet/Sers/Sers.CL/Ipc/Sers.CL.Ipc.NamedPipe/DeliveryConnection.cs

@@ -22,6 +22,9 @@ namespace Sers.CL.Ipc.NamedPipe
             Close();
         }
 
+        public Sers.Core.Util.StreamSecurity.SecurityManager securityManager { set => _securityManager = value; }
+        Sers.Core.Util.StreamSecurity.SecurityManager _securityManager;
+
         /// <summary>
         /// 连接状态(0:waitForCertify; 2:certified; 4:waitForClose; 8:closed;)
         /// </summary>
@@ -42,15 +45,16 @@ namespace Sers.CL.Ipc.NamedPipe
 
             if (!stream.IsConnected) 
             {
-                Task.Run(Close);
+                Task.Run((Action)Close);
                 return;
             }
             try
             {
                 Int32 len = data.ByteDataCount();
-                data.Insert(0, len.Int32ToArraySegmentByte());
+                data.Insert(0, len.Int32ToArraySegmentByte());               
 
                 var bytes = data.ByteDataToBytes();
+                _securityManager?.Encryption(new ArraySegment<byte>(bytes,4, bytes.Length-4));
 
                 stream.WriteAsync(bytes, 0, bytes.Length);
                 stream.FlushAsync();
@@ -58,7 +62,7 @@ namespace Sers.CL.Ipc.NamedPipe
             catch (Exception ex) when (!(ex.GetBaseException() is ThreadInterruptedException))
             {
                 Logger.Error(ex);
-                Task.Run(Close);
+                Task.Run((Action)Close);
             }
         }
 
@@ -187,6 +191,7 @@ namespace Sers.CL.Ipc.NamedPipe
 
             while (pipe.TryRead_SersFile(out var msgFrame))
             {
+                _securityManager?.Decryption(msgFrame);
                 OnGetFrame.Invoke(this, msgFrame);
             }
         }

dotnet/Sers/Sers.CL/Ipc/Sers.CL.Ipc.NamedPipe/DeliveryServer.cs

@@ -14,6 +14,7 @@ namespace Sers.CL.Ipc.NamedPipe
 {
     public class DeliveryServer: IDeliveryServer
     {
+        public Sers.Core.Util.StreamSecurity.SecurityManager securityManager;
 
         /// <summary>
         /// 如： "Sers.CL.Ipc"
@@ -160,10 +161,12 @@ namespace Sers.CL.Ipc.NamedPipe
         private DeliveryConnection Delivery_OnConnected(PipeStream client)
         {
             var conn = new DeliveryConnection();
+            conn.securityManager = securityManager?.Clone();
             conn.Init(client);
         
             conn.Conn_OnDisconnected = Delivery_OnDisconnected; 
             connMap[conn.GetHashCode()] = conn;
+
             try
             {
                 Conn_OnConnected?.Invoke(conn);

dotnet/Sers/Sers.CL/Ipc/Sers.CL.Ipc.NamedPipe/OrganizeClientBuilder.cs

@@ -12,6 +12,15 @@ namespace Sers.CL.Ipc.NamedPipe
         {
             var delivery = new DeliveryClient();
 
+            #region security        
+            if (config["security"] is JArray securityConfigs)
+            {
+                var securityManager = Sers.Core.Util.StreamSecurity.SecurityManager.BuildSecurityManager(securityConfigs);
+                ((DeliveryConnection)delivery.conn).securityManager = securityManager;
+            }
+            #endregion
+
+
             delivery.serverName = config["serverName"].ConvertToString();
             delivery.pipeName = config["pipeName"].ConvertToString();      
 

dotnet/Sers/Sers.CL/Ipc/Sers.CL.Ipc.NamedPipe/OrganizeServerBuilder.cs

@@ -8,13 +8,21 @@ namespace Sers.CL.Ipc.NamedPipe
 {
     public class OrganizeServerBuilder : IOrganizeServerBuilder
     {
-        public void Build(List<IOrganizeServer> organizeList,JObject config)
+        public void Build(List<IOrganizeServer> organizeList, JObject config)
         {
             var delivery = new DeliveryServer();
- 
+
+            #region security
+            if (config["security"] is JArray securityConfigs)
+            {
+                var securityManager = Sers.Core.Util.StreamSecurity.SecurityManager.BuildSecurityManager(securityConfigs);
+                delivery.securityManager = securityManager;
+            }
+            #endregion
+
             delivery.pipeName = config["pipeName"].ConvertToString();
 
-            organizeList.Add(new OrganizeServer(delivery, config)); 
+            organizeList.Add(new OrganizeServer(delivery, config));
         }
     }
 }

dotnet/Sers/Sers.CL/Ipc/Sers.CL.Ipc.SharedMemory/DeliveryConnection.cs

@@ -17,13 +17,28 @@ namespace Sers.CL.Ipc.SharedMemory
         }
 
 
+        public Sers.Core.Util.StreamSecurity.SecurityManager securityManager { set => _securityManager = value; }
+        Sers.Core.Util.StreamSecurity.SecurityManager _securityManager;
+
         /// <summary>
         /// 连接状态(0:waitForCertify; 2:certified; 4:waitForClose; 8:closed;)
         /// </summary>
         public byte state { get; set; } = DeliveryConnState.waitForCertify;
 
 
-        public Action<IDeliveryConnection, ArraySegment<byte>> OnGetFrame { set => readStream.OnReceiveMessage = value; }
+        public Action<IDeliveryConnection, ArraySegment<byte>> OnGetFrame {
+            set
+            {
+                if (_securityManager != null)
+                {
+                    value =
+                        (conn, data) => { _securityManager.Decryption(data); }
+                    + value;
+                }
+
+                readStream.OnReceiveMessage = value;
+            }
+        }
 
 
         public Action<IDeliveryConnection> OnDisconnected { set => readStream.OnDisconnected = value; }
@@ -103,7 +118,10 @@ namespace Sers.CL.Ipc.SharedMemory
 
         public void SendFrameAsync(List<ArraySegment<byte>> data)
         {
-            writeStream.SendMessageAsync(data.ByteDataToBytes());
+            var bytes = data.ByteDataToBytes();
+            _securityManager?.Encryption(bytes.BytesToArraySegmentByte());
+
+            writeStream.SendMessageAsync(bytes);
         }
     }
 }

dotnet/Sers/Sers.CL/Ipc/Sers.CL.Ipc.SharedMemory/DeliveryServer.cs

@@ -7,6 +7,8 @@ namespace Sers.CL.Ipc.SharedMemory
 {
     public class DeliveryServer :  IDeliveryServer
     {
+        public Sers.Core.Util.StreamSecurity.SecurityManager securityManager { set => _conn.securityManager = value; }
+
         public DeliveryServer()
         {
             _conn = new DeliveryConnection();

dotnet/Sers/Sers.CL/Ipc/Sers.CL.Ipc.SharedMemory/OrganizeClientBuilder.cs

@@ -15,6 +15,14 @@ namespace Sers.CL.Ipc.SharedMemory
 
             var delivery = new DeliveryClient();
 
+            #region security        
+            if (config["security"] is JArray securityConfigs)
+            {
+                var securityManager = Sers.Core.Util.StreamSecurity.SecurityManager.BuildSecurityManager(securityConfigs);
+                ((DeliveryConnection)delivery.conn).securityManager = securityManager;
+            }
+            #endregion
+
             delivery.name = connConfig.name;
 
             organizeList.Add(new OrganizeClient(delivery, config));

dotnet/Sers/Sers.CL/Ipc/Sers.CL.Ipc.SharedMemory/OrganizeServerBuilder.cs

@@ -14,6 +14,14 @@ namespace Sers.CL.Ipc.SharedMemory
 
             var delivery = new DeliveryServer();
 
+            #region security        
+            if (config["security"] is JArray securityConfigs)
+            {
+                var securityManager = Sers.Core.Util.StreamSecurity.SecurityManager.BuildSecurityManager(securityConfigs);
+                delivery.securityManager = securityManager;
+            }
+            #endregion
+
             delivery.name = connConfig.name;
             delivery.nodeCount = connConfig.nodeCount;
             delivery.nodeBufferSize = connConfig.nodeBufferSize;

dotnet/Sers/Sers.CL/Socket/Sers.CL.Socket.Iocp/DeliveryConnection.cs

@@ -12,7 +12,10 @@ namespace Sers.CL.Socket.Iocp
     {
 
         public SocketAsyncEventArgs receiveEventArgs;
- 
+
+
+        public Sers.Core.Util.StreamSecurity.SecurityManager securityManager { set => _securityManager = value; }
+        Sers.Core.Util.StreamSecurity.SecurityManager _securityManager;
 
         /// <summary>
         /// 连接状态(0:waitForCertify; 2:certified; 4:waitForClose; 8:closed;)
@@ -35,9 +38,12 @@ namespace Sers.CL.Socket.Iocp
             try
             {
                 Int32 len = data.ByteDataCount();
-                data.Insert(0, len.Int32ToArraySegmentByte());
+                data.Insert(0, len.Int32ToArraySegmentByte());     
 
-                socket.SendAsync(data, SocketFlags.None);
+                var bytes = data.ByteDataToBytes();
+                _securityManager?.Encryption(new ArraySegment<byte>(bytes,4,bytes.Length-4));
+                socket.SendAsync(bytes.BytesToArraySegmentByte(), SocketFlags.None);
+                //socket.SendAsync(data, SocketFlags.None);
             }
             catch (Exception ex)
             {
@@ -108,6 +114,7 @@ namespace Sers.CL.Socket.Iocp
 
             while (pipe.TryRead_SersFile(out var msgFrame))
             {
+                _securityManager?.Decryption(msgFrame);
                 OnGetFrame.Invoke(this, msgFrame);
             }
         }

dotnet/Sers/Sers.CL/Socket/Sers.CL.Socket.Iocp/DeliveryServer.cs

@@ -16,6 +16,8 @@ namespace Sers.CL.Socket.Iocp
 {
     public class DeliveryServer: IDeliveryServer
     {
+        public Sers.Core.Util.StreamSecurity.SecurityManager securityManager;
+
         /// <summary>
         /// 服务端 监听地址。若不指定则监听所有网卡。例如： "127.0.0.1"、"sersms.com"。
         /// </summary>
@@ -285,7 +287,9 @@ namespace Sers.CL.Socket.Iocp
         private DeliveryConnection Delivery_OnConnected(global::System.Net.Sockets.Socket socket)
         {
             var conn = new DeliveryConnection();
+            conn.securityManager = securityManager?.Clone();
             conn.Init(socket);           
+
             conn.Conn_OnDisconnected = Delivery_OnDisconnected;
 
             connMap[conn.GetHashCode()] = conn;

dotnet/Sers/Sers.CL/Socket/Sers.CL.Socket.Iocp/OrganizeClientBuilder.cs

@@ -12,6 +12,14 @@ namespace Sers.CL.Socket.Iocp
         {
             var delivery = new DeliveryClient();
 
+            #region security        
+            if (config["security"] is JArray securityConfigs)
+            {
+                var securityManager = Sers.Core.Util.StreamSecurity.SecurityManager.BuildSecurityManager(securityConfigs);
+                ((DeliveryConnection)delivery.conn).securityManager = securityManager;
+            }
+            #endregion
+
             delivery.host = config["host"].ConvertToString();
             delivery.port = config["port"].Convert<int>();
                 

dotnet/Sers/Sers.CL/Socket/Sers.CL.Socket.Iocp/OrganizeServerBuilder.cs

@@ -12,6 +12,14 @@ namespace Sers.CL.Socket.Iocp
         {
             var delivery = new DeliveryServer();
 
+            #region security        
+            if (config["security"] is JArray securityConfigs)
+            {
+                var securityManager = Sers.Core.Util.StreamSecurity.SecurityManager.BuildSecurityManager(securityConfigs);
+                delivery.securityManager = securityManager;
+            }
+            #endregion
+
             delivery.host = config["host"].ConvertToString();
             delivery.port = config["port"].Convert<int>();
 

dotnet/Sers/Sers.CL/Socket/Sers.CL.Socket.ThreadWait/DeliveryConnection.cs

@@ -19,6 +19,9 @@ namespace Sers.CL.Socket.ThreadWait
             Close();
         }
 
+        public Sers.Core.Util.StreamSecurity.SecurityManager securityManager { set => _securityManager = value; }
+        Sers.Core.Util.StreamSecurity.SecurityManager _securityManager;
+
         /// <summary>
         /// 连接状态(0:waitForCertify; 2:certified; 4:waitForClose; 8:closed;)
         /// </summary>
@@ -40,7 +43,13 @@ namespace Sers.CL.Socket.ThreadWait
             {          
                 Int32 len = data.ByteDataCount();
                 data.Insert(0, len.Int32ToArraySegmentByte());
-                socket.SendAsync(data, SocketFlags.None);
+
+                var bytes = data.ByteDataToBytes();
+
+                _securityManager?.Encryption(new ArraySegment<byte>(bytes, 4, bytes.Length - 4));       
+
+                socket.SendAsync(bytes.BytesToArraySegmentByte(), SocketFlags.None);
+                //socket.SendAsync(data, SocketFlags.None);
             }
             catch (Exception ex)
             {               
@@ -196,7 +205,7 @@ namespace Sers.CL.Socket.ThreadWait
                     //t.Wait();
                     //readedCount += t.Result;
 
-                } while (readedCount < data.Count);
+                } while (readedCount < data.Count);               
             }
 
             #endregion
@@ -223,6 +232,7 @@ namespace Sers.CL.Socket.ThreadWait
                 }
                 var data = DataPool.ArraySegmentByteGet(len);
                 Receive(data);
+                _securityManager?.Decryption(data);
                 return data;
             }
             catch (Exception ex) when (!(ex.GetBaseException() is ThreadInterruptedException))

dotnet/Sers/Sers.CL/Socket/Sers.CL.Socket.ThreadWait/DeliveryServer.cs

@@ -15,6 +15,8 @@ namespace Sers.CL.Socket.ThreadWait
 {
     public class DeliveryServer: IDeliveryServer
     {
+        public Sers.Core.Util.StreamSecurity.SecurityManager securityManager;
+
         /// <summary>
         /// 服务端 监听地址。若不指定则监听所有网卡。例如： "127.0.0.1"、"sersms.com"。
         /// </summary>
@@ -162,6 +164,7 @@ namespace Sers.CL.Socket.ThreadWait
         private DeliveryConnection Delivery_OnConnected(TcpClient client)
         {
             var conn = new DeliveryConnection();
+            conn.securityManager = securityManager?.Clone();
             conn.Init(client);
         
             conn.Conn_OnDisconnected = Delivery_OnDisconnected; 

dotnet/Sers/Sers.CL/Socket/Sers.CL.Socket.ThreadWait/OrganizeClientBuilder.cs

@@ -13,6 +13,14 @@ namespace Sers.CL.Socket.ThreadWait
 
             var delivery = new DeliveryClient();
 
+            #region security        
+            if (config["security"] is JArray securityConfigs)
+            {
+                var securityManager = Sers.Core.Util.StreamSecurity.SecurityManager.BuildSecurityManager(securityConfigs);
+                ((DeliveryConnection)delivery.conn).securityManager = securityManager;
+            }
+            #endregion
+
             delivery.host = config["host"].ConvertToString();
             delivery.port = config["port"].Convert<int>();
 

dotnet/Sers/Sers.CL/Socket/Sers.CL.Socket.ThreadWait/OrganizeServerBuilder.cs

@@ -12,6 +12,14 @@ namespace Sers.CL.Socket.ThreadWait
         {
             var delivery = new DeliveryServer();
 
+            #region security        
+            if (config["security"] is JArray securityConfigs)
+            {
+                var securityManager = Sers.Core.Util.StreamSecurity.SecurityManager.BuildSecurityManager(securityConfigs);
+                delivery.securityManager = securityManager;
+            }
+            #endregion
+
             delivery.host = config["host"].ConvertToString();
             delivery.port = config["port"].Convert<int>();
 

dotnet/Sers/Sers.CL/WebSocket/Sers.CL.WebSocket/DeliveryClient_Connection.cs

@@ -12,6 +12,9 @@ namespace Sers.CL.WebSocket
 {
     public class DeliveryClient_Connection : IDeliveryConnection
     {
+        public Sers.Core.Util.StreamSecurity.SecurityManager securityManager { set => _securityManager = value; }
+        Sers.Core.Util.StreamSecurity.SecurityManager _securityManager;
+
         /// <summary>
         /// 连接状态(0:waitForCertify; 2:certified; 4:waitForClose; 8:closed;)
         /// </summary>
@@ -36,7 +39,13 @@ namespace Sers.CL.WebSocket
                 Int32 len = data.ByteDataCount();
                 data.Insert(0, len.Int32ToArraySegmentByte());
 
-                socket.SendAsync(data.ByteDataToArraySegment(), WebSocketMessageType.Binary, true, _cancellation).GetAwaiter().GetResult(); //发送数据     
+                var bytes = data.ByteDataToBytes();
+
+                _securityManager?.Encryption(new ArraySegment<byte>(bytes, 4, bytes.Length - 4));
+
+                socket.SendAsync(bytes.BytesToArraySegmentByte(), WebSocketMessageType.Binary, true, _cancellation)
+                    .GetAwaiter().GetResult()
+                    ; //发送数据     
             }
             catch (Exception ex)
             {
@@ -57,8 +66,6 @@ namespace Sers.CL.WebSocket
             var socket_ = socket;
             socket = null;
 
-          
-
             try
             {
                 socket_.CloseAsync(WebSocketCloseStatus.NormalClosure,"", _cancellation).GetAwaiter().GetResult();
@@ -101,6 +108,8 @@ namespace Sers.CL.WebSocket
 
             while (pipe.TryRead_SersFile(out var msgFrame))
             {
+                _securityManager?.Decryption(msgFrame);
+
                 OnGetFrame.Invoke(this, msgFrame);
             }
         }

dotnet/Sers/Sers.CL/WebSocket/Sers.CL.WebSocket/DeliveryServer.cs

@@ -14,20 +14,16 @@ namespace Sers.CL.WebSocket
 {
     public class DeliveryServer: IDeliveryServer
     {
+        public Sers.Core.Util.StreamSecurity.SecurityManager securityManager;
+
         /// <summary>
         /// 服务端地址(默认为 "ws://0.0.0.0:4503")
         /// </summary>
         public string host="ws://0.0.0.0:4503";
 
 
-
-
-
         public Action<IDeliveryConnection> Conn_OnDisconnected { private get; set; }
         public Action<IDeliveryConnection> Conn_OnConnected { private get; set; }
-
-
- 
  
  
     
@@ -54,6 +50,7 @@ namespace Sers.CL.WebSocket
                     //string clientUrl = socket.ConnectionInfo.ClientIpAddress + ":" + socket.ConnectionInfo.ClientPort;   
 
                     var conn = new DeliveryServer_Connection();
+                    conn.securityManager = securityManager?.Clone();
                     conn.Init(socket);
 
                     socket.OnError = (ex) => 

dotnet/Sers/Sers.CL/WebSocket/Sers.CL.WebSocket/DeliveryServer_Connection.cs

@@ -9,8 +9,9 @@ using Vit.Extensions;
 namespace Sers.CL.WebSocket
 {
     public class DeliveryServer_Connection : IDeliveryConnection
-    {      
- 
+    {
+        public Sers.Core.Util.StreamSecurity.SecurityManager securityManager { set => _securityManager = value; }
+        Sers.Core.Util.StreamSecurity.SecurityManager _securityManager;
 
         /// <summary>
         /// 连接状态(0:waitForCertify; 2:certified; 4:waitForClose; 8:closed;)
@@ -36,7 +37,11 @@ namespace Sers.CL.WebSocket
                 Int32 len = data.ByteDataCount();
                 data.Insert(0, len.Int32ToArraySegmentByte());
 
-                socket.Send(data.ByteDataToBytes());
+                var bytes = data.ByteDataToBytes();
+
+                _securityManager?.Encryption(new ArraySegment<byte>(bytes, 4, bytes.Length - 4));
+
+                socket.Send(bytes);
             }
             catch (Exception ex)
             {
@@ -94,6 +99,8 @@ namespace Sers.CL.WebSocket
 
             while (pipe.TryRead_SersFile(out var msgFrame))
             {
+                _securityManager?.Decryption(msgFrame);
+
                 OnGetFrame.Invoke(this, msgFrame);
             }
         }

dotnet/Sers/Sers.CL/WebSocket/Sers.CL.WebSocket/OrganizeClientBuilder.cs

@@ -12,8 +12,15 @@ namespace Sers.CL.WebSocket
         {
             var delivery = new DeliveryClient();
 
-            delivery.host = config["host"].ConvertToString() ?? delivery.host;
+            #region security        
+            if (config["security"] is JArray securityConfigs)
+            {
+                var securityManager = Sers.Core.Util.StreamSecurity.SecurityManager.BuildSecurityManager(securityConfigs);
+                ((DeliveryClient_Connection)delivery.conn).securityManager = securityManager;
+            }
+            #endregion
 
+            delivery.host = config["host"].ConvertToString() ?? delivery.host;
 
 
             organizeList.Add(new OrganizeClient(delivery, config));

dotnet/Sers/Sers.CL/WebSocket/Sers.CL.WebSocket/OrganizeServerBuilder.cs

@@ -12,10 +12,18 @@ namespace Sers.CL.WebSocket
         {
             var delivery = new DeliveryServer();
 
+            #region security
+            if (config["security"] is JArray securityConfigs)
+            {
+                var securityManager = Sers.Core.Util.StreamSecurity.SecurityManager.BuildSecurityManager(securityConfigs);
+                delivery.securityManager = securityManager;
+            }
+            #endregion
+
             delivery.host = config["host"].ConvertToString() ?? delivery.host;
 
             organizeList.Add(new OrganizeServer(delivery, config));
         }
-       
+
     }
 }

dotnet/Sers/Sers.CL/Zmq/FullDuplex/Sers.CL.Zmq.FullDuplex/DeliveryClient.cs

@@ -114,9 +114,9 @@ namespace Sers.CL.Zmq.FullDuplex
             _conn.OnGetFrame(_conn, msgFrame.BytesToArraySegmentByte());
         }
 
-        void SendMessageAsync(DeliveryConnection conn, List<ArraySegment<byte>> data)
+        void SendMessageAsync(DeliveryConnection conn, byte[] data)
         {
-            stream.SendMessageAsync(data.ByteDataToBytes());
+            stream.SendMessageAsync(data);
         }
 
         private void SendCloseSignal()

dotnet/Sers/Sers.CL/Zmq/FullDuplex/Sers.CL.Zmq.FullDuplex/DeliveryConnection.cs

@@ -13,6 +13,9 @@ namespace Sers.CL.Zmq.FullDuplex
             Close();
         }
 
+        public Sers.Core.Util.StreamSecurity.SecurityManager securityManager { set => _securityManager = value; }
+        Sers.Core.Util.StreamSecurity.SecurityManager _securityManager;
+
         /// <summary>
         /// 连接状态(0:waitForCertify; 2:certified; 4:waitForClose; 8:closed;)
         /// </summary>
@@ -29,14 +32,32 @@ namespace Sers.CL.Zmq.FullDuplex
         internal byte[] identityOfReader { get; set; }
         internal byte[] identityOfWriter { get; set; }
 
+ 
+        Action<IDeliveryConnection, ArraySegment<byte>> _OnGetFrame;
+        public Action<IDeliveryConnection, ArraySegment<byte>> OnGetFrame
+        {
+            internal get => _OnGetFrame;
+            set
+            {
 
-        public Action<IDeliveryConnection, ArraySegment<byte>> OnGetFrame { internal get; set; }
-
+                if (_securityManager != null)
+                {
+                    value =
+                        (conn, data) => { _securityManager.Decryption(data); }
+                    + value;
+                }
+                _OnGetFrame = value;
+            }
+        }
 
-        public Action<DeliveryConnection, List<ArraySegment<byte>>> OnSendFrameAsync { private get; set; }
+        public Action<DeliveryConnection, byte[]> OnSendFrameAsync { private get; set; }
         public void SendFrameAsync(List<ArraySegment<byte>> data)
         {
-            OnSendFrameAsync(this,data);
+            var bytes = data.ByteDataToBytes();
+
+            _securityManager?.Encryption(bytes.BytesToArraySegmentByte()); 
+
+            OnSendFrameAsync(this, bytes);
         }
         
 

dotnet/Sers/Sers.CL/Zmq/FullDuplex/Sers.CL.Zmq.FullDuplex/DeliveryServer.cs

@@ -3,18 +3,18 @@ using System.Collections.Concurrent;
 using System.Collections.Generic;
 using System.Linq;
 using System.Threading;
-using System.Threading.Tasks;
 using Sers.CL.Zmq.FullDuplex.Zmq;
 using Sers.Core.CL.MessageDelivery;
 using Vit.Core.Module.Log;
-using Vit.Core.Util.Threading;
 using Vit.Extensions;
- 
+
 namespace Sers.CL.Zmq.FullDuplex
 {
     public class DeliveryServer : IDeliveryServer
     {
 
+        public Sers.Core.Util.StreamSecurity.SecurityManager securityManager;
+
         public Action<IDeliveryConnection> Conn_OnDisconnected { private get; set; }
         public Action<IDeliveryConnection> Conn_OnConnected { private get; set; } 
 
@@ -125,19 +125,7 @@ namespace Sers.CL.Zmq.FullDuplex
                 if (!connMap.TryGetValue(identityOfWriter, out var conn))
                 {
                     //新连接
-                    conn = new DeliveryConnection();
-                    conn.SetIdentity(identityOfWriter>>1);
-                    conn.OnSendFrameAsync = SendMessageAsync;
-                    conn.Conn_OnDisconnected = Delivery_OnDisconnected;
-                    try
-                    {
-                        if (connMap.TryAdd(identityOfWriter, conn))
-                            Conn_OnConnected?.Invoke(conn);
-                    }
-                    catch (Exception ex)
-                    {
-                        Logger.Error(ex);
-                    }
+                    conn = Delivery_OnConnected(identityOfWriter);
                 }
                 #endregion
 
@@ -157,9 +145,9 @@ namespace Sers.CL.Zmq.FullDuplex
 
         }
 
-        void SendMessageAsync(DeliveryConnection conn, List<ArraySegment<byte>> data)
+        void SendMessageAsync(DeliveryConnection conn,byte[] data)
         {
-            stream.SendMessageAsync( conn.identityOfReader, data.ByteDataToBytes()  );
+            stream.SendMessageAsync( conn.identityOfReader, data  );
         }
 
         void SendCloseSignal(DeliveryConnection conn)
@@ -184,7 +172,31 @@ namespace Sers.CL.Zmq.FullDuplex
         #endregion
 
 
-        #region Delivery_OnDisconnected
+        #region Delivery_Event
+
+
+        private DeliveryConnection Delivery_OnConnected(long identityOfWriter)
+        {
+            var conn = new DeliveryConnection();
+            conn.securityManager = securityManager?.Clone();
+
+            conn.SetIdentity(identityOfWriter >> 1);
+
+            conn.OnSendFrameAsync = SendMessageAsync;
+            conn.Conn_OnDisconnected = Delivery_OnDisconnected;
+
+            try
+            {
+                if (connMap.TryAdd(identityOfWriter, conn))
+                    Conn_OnConnected?.Invoke(conn);
+            }
+            catch (Exception ex)
+            {
+                Logger.Error(ex);
+            }
+            return conn;
+        }
+
 
         private void Delivery_OnDisconnected(IDeliveryConnection _conn)
         {

dotnet/Sers/Sers.CL/Zmq/FullDuplex/Sers.CL.Zmq.FullDuplex/OrganizeClientBuilder.cs

@@ -12,6 +12,14 @@ namespace Sers.CL.Zmq.FullDuplex
         {
             var delivery = new DeliveryClient();
 
+            #region security        
+            if (config["security"] is JArray securityConfigs)
+            {
+                var securityManager = Sers.Core.Util.StreamSecurity.SecurityManager.BuildSecurityManager(securityConfigs);
+                ((DeliveryConnection)delivery.conn).securityManager = securityManager;
+            }
+            #endregion
+
             delivery.endpoint = config["endpoint"].ConvertToString();
 
             organizeList.Add(new OrganizeClient(delivery, config));

dotnet/Sers/Sers.CL/Zmq/FullDuplex/Sers.CL.Zmq.FullDuplex/OrganizeServerBuilder.cs

@@ -12,6 +12,14 @@ namespace Sers.CL.Zmq.FullDuplex
         {
             var delivery = new DeliveryServer();
 
+            #region security
+            if (config["security"] is JArray securityConfigs)
+            {
+                var securityManager = Sers.Core.Util.StreamSecurity.SecurityManager.BuildSecurityManager(securityConfigs);
+                delivery.securityManager = securityManager;
+            }
+            #endregion
+
             delivery.endpoint = config["endpoint"].ConvertToString();
 
             organizeList.Add(new OrganizeServer(delivery, config));

dotnet/Sers/Sers.CL/Zmq/ThreadWait/Sers.CL.ClrZmq.ThreadWait/DeliveryClient.cs

@@ -104,9 +104,9 @@ namespace Sers.CL.ClrZmq.ThreadWait
             _conn.OnGetFrame(_conn, msgFrame.BytesToArraySegmentByte());
         }
 
-        void Zmq_SendMessageAsync(DeliveryConnection conn,List<ArraySegment<byte>> data)
+        void Zmq_SendMessageAsync(DeliveryConnection conn,byte[] data)
         {
-            poller.SendMessageAsync(new ZMessage() { new ZFrame(data.ByteDataToBytes()) });            
+            poller.SendMessageAsync(new ZMessage() { new ZFrame(data) });            
         }
 
        

dotnet/Sers/Sers.CL/Zmq/ThreadWait/Sers.CL.ClrZmq.ThreadWait/DeliveryConnection.cs

@@ -2,6 +2,7 @@
 using System.Collections.Generic;
 using Sers.Core.CL.MessageDelivery;
 using Vit.Core.Module.Log;
+using Vit.Extensions;
 
 namespace Sers.CL.ClrZmq.ThreadWait
 {
@@ -12,6 +13,9 @@ namespace Sers.CL.ClrZmq.ThreadWait
             Close();
         }
 
+        public Sers.Core.Util.StreamSecurity.SecurityManager securityManager { set => _securityManager = value; }
+        Sers.Core.Util.StreamSecurity.SecurityManager _securityManager;
+
         /// <summary>
         /// 连接状态(0:waitForCertify; 2:certified; 4:waitForClose; 8:closed;)
         /// </summary>
@@ -21,13 +25,32 @@ namespace Sers.CL.ClrZmq.ThreadWait
         internal byte[] zmqIdentity { get; set; }
 
 
-        public Action<IDeliveryConnection, ArraySegment<byte>> OnGetFrame { internal get; set; }
+        Action<IDeliveryConnection, ArraySegment<byte>> _OnGetFrame;
+        public Action<IDeliveryConnection, ArraySegment<byte>> OnGetFrame
+        {
+            internal get=> _OnGetFrame;
+            set
+            {
+              
+                if (_securityManager != null)
+                {
+                    value =
+                        (conn, data) => { _securityManager.Decryption(data); }
+                    + value;
+                }
+                _OnGetFrame = value;
+            }
+        }
 
 
-        public Action<DeliveryConnection, List<ArraySegment<byte>>> OnSendFrameAsync { private get; set; }
+        public Action<DeliveryConnection, byte[]> OnSendFrameAsync { private get; set; }
         public void SendFrameAsync(List<ArraySegment<byte>> data)
         {
-            OnSendFrameAsync(this,data);
+            var bytes = data.ByteDataToBytes();
+
+            _securityManager?.Encryption(bytes.BytesToArraySegmentByte());
+         
+            OnSendFrameAsync(this, bytes);
         }
         
 

dotnet/Sers/Sers.CL/Zmq/ThreadWait/Sers.CL.ClrZmq.ThreadWait/DeliveryServer.cs

@@ -2,7 +2,6 @@
 using System.Collections.Concurrent;
 using System.Collections.Generic;
 using System.Linq;
-using System.Threading;
 using Sers.Core.CL.MessageDelivery;
 using Vit.Core.Module.Log;
 using Vit.Extensions;
@@ -12,10 +11,10 @@ namespace Sers.CL.ClrZmq.ThreadWait
 {
     public class DeliveryServer : IDeliveryServer
     {
+        public Sers.Core.Util.StreamSecurity.SecurityManager securityManager;
 
         public Action<IDeliveryConnection> Conn_OnDisconnected { private get; set; }
         public Action<IDeliveryConnection> Conn_OnConnected { private get; set; }
-               
  
 
         /// <summary>
@@ -115,18 +114,7 @@ namespace Sers.CL.ClrZmq.ThreadWait
             if (!connMap.TryGetValue(connGuid, out var conn))
             {
                 //新连接
-                conn = new DeliveryConnection() { zmqIdentity = connGuid.Int64ToBytes() };
-                conn.OnSendFrameAsync = Zmq_SendFrameAsync;
-                conn.Conn_OnDisconnected = Delivery_OnDisconnected;              
-                try
-                {
-                    if (connMap.TryAdd(connGuid, conn))
-                        Conn_OnConnected?.Invoke(conn);
-                }
-                catch (Exception ex)
-                {
-                    Logger.Error(ex);
-                }
+                conn=Delivery_OnConnected(connGuid);
             }
             #endregion
 
@@ -136,9 +124,9 @@ namespace Sers.CL.ClrZmq.ThreadWait
 
         }
 
-        void Zmq_SendFrameAsync(DeliveryConnection conn, List<ArraySegment<byte>> data)
+        void Zmq_SendFrameAsync(DeliveryConnection conn, byte[] data)
         {
-            poller.SendMessageAsync(new ZMessage() { new ZFrame(conn.zmqIdentity), new ZFrame(data.ByteDataToBytes()) });
+            poller.SendMessageAsync(new ZMessage() { new ZFrame(conn.zmqIdentity), new ZFrame(data) });
         }
 
         #endregion
@@ -166,7 +154,29 @@ namespace Sers.CL.ClrZmq.ThreadWait
         #endregion
 
 
-        #region Delivery_OnDisconnected
+        #region Delivery_Event
+
+        private DeliveryConnection Delivery_OnConnected(long connGuid)
+        {
+            var conn = new DeliveryConnection() { zmqIdentity = connGuid.Int64ToBytes() };
+
+            conn.securityManager = securityManager?.Clone();
+
+            conn.OnSendFrameAsync = Zmq_SendFrameAsync;
+            conn.Conn_OnDisconnected = Delivery_OnDisconnected;
+            try
+            {
+                if (connMap.TryAdd(connGuid, conn))
+                    Conn_OnConnected?.Invoke(conn);
+            }
+            catch (Exception ex)
+            {
+                Logger.Error(ex);
+            }
+            return conn;
+        }
+
+
 
         private void Delivery_OnDisconnected(IDeliveryConnection _conn)
         {

dotnet/Sers/Sers.CL/Zmq/ThreadWait/Sers.CL.ClrZmq.ThreadWait/OrganizeClientBuilder.cs

@@ -12,6 +12,14 @@ namespace Sers.CL.ClrZmq.ThreadWait
         {
             var delivery = new DeliveryClient();
 
+            #region security        
+            if (config["security"] is JArray securityConfigs)
+            {
+                var securityManager = Sers.Core.Util.StreamSecurity.SecurityManager.BuildSecurityManager(securityConfigs);
+                ((DeliveryConnection)delivery.conn).securityManager = securityManager;
+            }
+            #endregion
+
             delivery.endpoint = config["endpoint"].ConvertToString();
 
             organizeList.Add(new OrganizeClient(delivery, config));

dotnet/Sers/Sers.CL/Zmq/ThreadWait/Sers.CL.ClrZmq.ThreadWait/OrganizeServerBuilder.cs

@@ -12,6 +12,14 @@ namespace Sers.CL.ClrZmq.ThreadWait
         {
             var delivery = new DeliveryServer();
 
+            #region security
+            if (config["security"] is JArray securityConfigs)
+            {
+                var securityManager = Sers.Core.Util.StreamSecurity.SecurityManager.BuildSecurityManager(securityConfigs);
+                delivery.securityManager = securityManager;
+            }
+            #endregion
+
             delivery.endpoint = config["endpoint"].ConvertToString();
 
             organizeList.Add(new OrganizeServer(delivery, config));

dotnet/Sers/Sers.Core/Sers.Core/Sers.Core.csproj

@@ -1,4 +1,4 @@
-<Project Sdk="Microsoft.NET.Sdk">
+<Project Sdk="Microsoft.NET.Sdk">
 
   <PropertyGroup>
     <TargetFramework>netstandard2.0</TargetFramework>
@@ -10,6 +10,12 @@
     <DocumentationFile>bin\Debug\netstandard2.0\Sers.Core.xml</DocumentationFile>
   </PropertyGroup>
 
+
+
+  <PropertyGroup>
+    <AllowUnsafeBlocks>true</AllowUnsafeBlocks>
+  </PropertyGroup>
+
   <ItemGroup>
     <Compile Remove="SersLoader\ApiDesc\Attribute\Valid\delete\**" />
     <Compile Remove="SersLoader\ApiDesc\Attribute\Valid\delete\**" />

dotnet/Sers/Sers.Core/Sers.Core/Util/StreamSecurity/ISecurity.cs

@@ -0,0 +1,15 @@
+using Newtonsoft.Json.Linq;
+using System;
+
+namespace Sers.Core.Util.StreamSecurity
+{
+    public interface ISecurity
+    {
+        ISecurity Clone();
+        void Init(JObject config);
+
+        void Encryption(ArraySegment<byte> data);  
+
+        void Decryption(ArraySegment<byte> data);     
+    }
+}

dotnet/Sers/Sers.Core/Sers.Core/Util/StreamSecurity/Security/SampleSecurity.cs

@@ -0,0 +1,121 @@
+using Newtonsoft.Json.Linq;
+using System;
+using Vit.Core.Module.Log;
+using Vit.Extensions;
+
+namespace Sers.Core.Util.StreamSecurity.Security
+{
+    public unsafe class SampleSecurity : ISecurity
+    {
+        public ISecurity Clone()
+        {
+            return new SampleSecurity { secretKey= secretKey };
+        }
+
+
+        public void Init(JObject config)
+        {
+            secretKey = config["secret"].ConvertToString();
+ 
+            Logger.Info("[CL.SecurityManager] loaded security : SampleSecurity");
+        }
+
+
+
+        /*
+         
+             data0 secret temp0  
+             加密            data1 = data0  ^ secret ^ temp0 
+                             temp1 = data0  ^ temp0             
+
+
+             data1 secret temp0  
+             解密            data0 = data1  ^ secret ^ temp0 
+                             temp1 = data0  ^ temp0
+             */
+
+
+        string _secretKey;
+        public string secretKey
+        {
+            get => _secretKey;
+            set
+            {
+                _secretKey = value;
+
+                if (string.IsNullOrEmpty(value) || value.Length < 20)
+                {
+                    value +=  "YouMakeTheWorldBetter";
+                }
+                secretBytes = value.StringToBytes();
+                secretLength = secretBytes.Length;
+            }
+        }
+
+
+        byte[] secretBytes;
+        int secretLength;
+      
+
+        public void Decryption(ArraySegment<byte> data)
+        {
+            
+            unsafe
+            {
+                fixed (byte* p = data.Array)
+                {
+                    byte* bytes = p + data.Offset;
+
+                    byte data0;                 
+                    byte temp = 0;
+                    int curSecretIndex = secretLength - 1;
+
+                    for (int curIndex = 0; curIndex < data.Count; curIndex++)
+                    {
+                        //bytes[curIndex] ^= 10;
+
+                        data0 = bytes[curIndex] = (byte)( bytes[curIndex]^ secretBytes[curSecretIndex] ^ temp);
+
+                        temp ^= data0;                       
+
+                        if ((--curSecretIndex) < 0) curSecretIndex = secretLength - 1;
+                    }
+                }
+            }
+        }
+
+
+
+     
+        public void Encryption(ArraySegment<byte> data)
+        {
+           
+            unsafe
+            {
+                fixed (byte* p = data.Array)
+                {
+                    byte* bytes = p + data.Offset;
+              
+                    byte data0;
+           
+                    byte temp = 0;
+                    int curSecretIndex = secretLength - 1;
+
+                    for (int curIndex = 0; curIndex < data.Count; curIndex++)
+                    {
+                        //bytes[curIndex] ^= 10;
+
+                        data0 =  bytes[curIndex];
+                        bytes[curIndex] = (byte)(data0 ^ secretBytes[curSecretIndex] ^ temp);
+                      
+                        temp ^= data0;
+
+                        if ((--curSecretIndex) < 0) curSecretIndex = secretLength - 1;
+                    }
+                }
+            }
+        }
+
+
+    }
+}

dotnet/Sers/Sers.Core/Sers.Core/Util/StreamSecurity/SecurityManager.cs

@@ -0,0 +1,79 @@
+using Newtonsoft.Json.Linq;
+using Sers.Core.Module.Reflection;
+using Sers.Core.Util.StreamSecurity.Security;
+using System;
+using System.Linq;
+using Vit.Core.Module.Log;
+using Vit.Extensions;
+
+namespace Sers.Core.Util.StreamSecurity
+{
+    public class SecurityManager
+    {
+
+        public static SecurityManager BuildSecurityManager(JArray configs = null)
+        {          
+            if (configs == null || configs.Count == 0) return null;
+
+
+            Logger.Info("[CL.SecurityManager] init... ");
+
+            //(x.1) Build security
+            var securitys =configs.Select(config =>
+            {
+                //(x.x.1) get assemblyFile className    
+                var className = config["className"].ConvertToString();
+                if (string.IsNullOrEmpty(className)) className=typeof(SampleSecurity).FullName;
+                var assemblyFile = config["assemblyFile"].ConvertToString();
+
+                #region (x.x.2) CreateInstance
+                var security = ObjectLoader.CreateInstance(assemblyFile, className) as ISecurity;
+                if (security == null)
+                {
+                    var msg = "[CL.SecurityManager] className not exists(" + className + ").";
+                    msg += Environment.NewLine + "  config:  " + config;
+                    Logger.Error(msg);
+                    throw new ArgumentException(msg);
+                }
+                #endregion
+
+
+                //(x.x.3) Init
+                security.Init(config as JObject);
+                return security;
+            }).ToArray();
+
+
+            Logger.Info("[CL.SecurityManager] inited.");
+            return new SecurityManager { securitys= securitys };
+        }
+
+
+        public void Encryption(ArraySegment<byte> data)
+        {
+            foreach (var security in securitys)
+            {
+                security.Encryption(data);
+            }
+        }
+ 
+        public void Decryption(ArraySegment<byte> data)
+        {
+            for(int t= securitys.Length-1;t>=0;t--)
+            {
+                securitys[t].Decryption(data);
+            }
+        }
+
+        public SecurityManager Clone()
+        {
+            return new SecurityManager { securitys= securitys.Select(s=>s.Clone()).ToArray()  };
+        }
+
+        ISecurity[] securitys;
+
+        
+
+
+    }
+}

dotnet/StationDemo/SersLoader/Did.SersLoader.Demo/appsettings.json

@@ -19,6 +19,28 @@
         "heartBeatTimeoutMs": 30000,
         /* 心跳检测失败重试次数（单位次，默认10） */
         "heartBeatRetryCount": 10,
+        
+
+        /* 数据传输 加密协议，可多个，可不指定 */
+        "//security": [
+          {
+            // SampleSecurity
+            /* 在此Assembly中查找security */
+            "assemblyFile": "Sers.Core.dll",
+            /* the class of security in assemblyFile. 必须继承接口 Sers.Core.Util.StreamSecurity.ISecurity  */
+            "className": "Sers.Core.Util.StreamSecurity.Security.SampleSecurity",
+
+            /* (x.2) config */
+            /* 加密密钥 */
+            "secret": "security"
+          },
+          {
+            // SampleSecurity
+            /* 若不指定assemblyFile和className 则默认为Sers.Core.Util.StreamSecurity.Security.SampleSecurity */
+            "secret": "Two layer encryption"
+          }
+        ],
+
 
         /* 连接秘钥，用以验证连接安全性。服务端和客户端必须一致 */
         "secretKey": "SersCL"

dotnet/Vit/Vit.Core/Vit.Core/Util/Pipelines/PipeFrame.cs

@@ -5,6 +5,9 @@ using Vit.Extensions;
 
 namespace Vit.Core.Util.Pipelines
 {
+    /// <summary>
+    /// 线程不安全
+    /// </summary>
     public class PipeFrame
     {
 
@@ -21,7 +24,9 @@ namespace Vit.Core.Util.Pipelines
 
         public void Write(ArraySegment<byte> data)
         {
-            Interlocked.Add(ref buffLen, data.Count);
+            //Interlocked.Add(ref buffLen, data.Count);
+            buffLen += data.Count;
+
             queueBuff.Enqueue(data);
         }
 
@@ -38,7 +43,8 @@ namespace Vit.Core.Util.Pipelines
 
 
 
-            Interlocked.Add(ref buffLen, -lenToPop);
+            //Interlocked.Add(ref buffLen, -lenToPop);
+            buffLen -= lenToPop;
 
             int copyedIndex = 0;
 

dotnet/netcore/ServiceCenter/App.ServiceCenter/appsettings.json

@@ -12,16 +12,39 @@
         /* 后台处理消息的线程个数（单位个，默认2） */
         "workThreadCount": 8,
 
-        //HeartBeat  
+        //HeartBeat
         /* 心跳检测时间间隔（单位ms，默认10000,若指定为0则不进行心跳检测） */
         "heartBeatIntervalMs": 10000,
         /* 心跳检测超时时间（单位ms，默认30000） */
         "heartBeatTimeoutMs": 30000,
         /* 心跳检测失败重试次数（单位次，默认10） */
         "heartBeatRetryCount": 10,
+     
+
+        /* 数据传输 加密协议，可多个，可不指定 */
+        "//security": [
+          {
+            // SampleSecurity
+            /* 在此Assembly中查找security */
+            "assemblyFile": "Sers.Core.dll",
+            /* the class of security in assemblyFile. 必须继承接口 Sers.Core.Util.StreamSecurity.ISecurity  */
+            "className": "Sers.Core.Util.StreamSecurity.Security.SampleSecurity",
+
+            /* (x.2) config */
+            /* 加密密钥 */
+            "secret": "security"
+          },
+          {
+            // SampleSecurity
+            /* 若不指定assemblyFile和className 则默认为Sers.Core.Util.StreamSecurity.Security.SampleSecurity */
+            "secret": "Two layer encryption"
+          }
+        ],
+
 
         /* 连接秘钥，用以验证连接安全性。服务端和客户端必须一致 */
         "secretKey": "SersCL"
+
       },
       /* one conn is one channel.can be multiable */
       "Server": [
@@ -45,7 +68,7 @@
           "className": "Sers.CL.Socket.Iocp.OrganizeServerBuilder",
 
 
-          /* (x.2) conn config */
+          /* (x.2) config */
           /* 服务端 监听地址。若不指定则监听所有网卡。例如： "127.0.0.1"、"sersms.com"。*/
           //"host": "127.0.0.1",
           /* 服务端 监听端口号。例如： 4501 */
@@ -85,9 +108,9 @@
           /* 在此Assembly中查找builder */
           "assemblyFile": "Sers.CL.WebSocket.dll",
           /* the class of builder in assemblyFile  */
-          "className": "Sers.CL.WebSocket.OrganizeServerBuilder",
+          //"className": "Sers.CL.WebSocket.OrganizeServerBuilder",
 
-          /* (x.2) conn config */
+          /* (x.2) config */
           /* 服务端地址(默认为 "ws://0.0.0.0:4503") */
           "host": "ws://0.0.0.0:4503"
         },
@@ -130,7 +153,7 @@
           /* the class of Builder in assemblyFile  */
           //"className": "Sers.CL.Ipc.SharedMemory.OrganizeServerBuilder",
 
-          /* (x.2)config */
+          /* (x.2) config */
           /* 共享内存名称。例如： "ipcTest" */
           "name": "ipcForRobot",
           /* 共享内存节点个数。例如： 64 */

dotnet/netcore/Station/App.Robot.Station/appsettings.json

@@ -10,6 +10,25 @@
         /* 请求超时时间（单位ms，默认60000） */
         "requestTimeoutMs": 60000,
 
+        /* 数据传输 加密协议，可多个，可不指定 */
+        "//security": [
+          {
+            // SampleSecurity
+            /* 在此Assembly中查找security */
+            "assemblyFile": "Sers.Core.dll",
+            /* the class of security in assemblyFile. 必须继承接口 Sers.Core.Util.StreamSecurity.ISecurity  */
+            "className": "Sers.Core.Util.StreamSecurity.Security.SampleSecurity",
+
+            /* (x.2) config */
+            /* 加密密钥 */
+            "secret": "security"
+          },
+          {
+            // SampleSecurity
+            /* 若不指定assemblyFile和className 则默认为Sers.Core.Util.StreamSecurity.Security.SampleSecurity */
+            "secret": "Two layer encryption"
+          }
+        ],
 
         /* 连接秘钥，用以验证连接安全性。服务端和客户端必须一致 */
         "secretKey": "SersCL"