使用.NET SslStream进行SSL安全重新协商

Question

我正在尝试与.NET SslStream进行安全的重新协商,但我不确定如何实现它,或者它是否可能.我的目标是使用服务器的相同证书更新共享密钥.

我使用OpenSSL设置了一个服务器:

s_server -accept 443 -key privkey.pem

这是我的客户端代码:

public static void RunClient()
{
    TcpClient client = new TcpClient("localhost", 443);
    Console.WriteLine("Client connected.");
    SslStream sslStream = new SslStream(innerStream: client.GetStream(), leaveInnerStreamOpen: true, userCertificateValidationCallback: (a,b,c,d) => true, userCertificateSelectionCallback: null);
    sslStream.AuthenticateAsClient("localhost");
    byte[] message = Encoding.UTF8.GetBytes("Hello from the client.");
    sslStream.Write(message);
    sslStream.Dispose();
    // if code below is commented, there's no error.
    sslStream = new SslStream(innerStream: client.GetStream(), leaveInnerStreamOpen: true, userCertificateValidationCallback: (a, b, c, d) => true, userCertificateSelectionCallback: null);
    message = Encoding.UTF8.GetBytes("Hello from the client again, renegotiated.");
    sslStream.AuthenticateAsClient("localhost");
    sslStream.Write(message);
    //
    client.Close();
    Console.WriteLine("Client closed.");
}

public static int Main(string[] args)
{
    RunClient();
    return 0;
}

第二次调用AuthenticateAsClient,在新的SslStream上失败,"对SSPI的调用失败,请参阅内部异常.".内部异常是"Win32Exception:收到的消息是意外的或格式错误".

在服务器端,我也收到了错误:

CIPHER is ECDHE-RSA-AES256-GCM-SHA384
Secure Renegotiation IS supported
Hello from the client.ERROR
8404:error:1408F119:SSL routines:ssl3_get_record:decryption failed or bad record mac:ssl\record\ssl3_record.c:469:
shutting down SSL
CONNECTION CLOSED
ACCEPT

你知道这里有什么问题,或者我的用例是否支持SslStream？