WINSOCK更接近底层,应用程序在正常情况下通过WinSock接口可以直接访问网络栈。
而WinINET API只不过提供了对Internet浏览协议的一些支持。
另付一段英文如下:
Using Secure Sockets: WinINet or Winsock
Probably the simplest way to implement secure communications is to create a secure socket connection.
After a secure socket connection is established, you simply communicate as usual, while Winsock
automatically handles encryption and decryption. Three security protocols are available: SSL 2.0,
SSL 3.0, and PCT 1.0.
There are two ways to use secure sockets:
Use the WinInet API. For encrypted FTP or HTTP communication, this is the simplest approach. Set the
appropriate security flags when opening a connection and making a request. WinInet handles the details
of setting up the secure socket connection. The remainder of the session is handled in exactly the same
way as with a non-secure connection. Encryption and decryption are automatic.
Use the Windows Sockets API. You use setsockopt to specify a secure connection, and WSAIoctl to specify
the protocol. Once a secure connection is established, your application simply uses send and recv as it
would for a normal socket connection. You must also implement a callback function to receive authentication
information. The procedure for creating secure connections is very similar to the procedure for creating
non-secure sockets.
WinInet gives you relatively little flexibility in how the connection is set up. For instance, you cannot
select the security protocol that will be used. For more control over the process, you can use Winsock to
make the connection and handle communication. You can invoke the security protocols when you establish the
socket connection, or you can wait until you need to use them. Once the protocols are invoked, Winsock
automatically handles encryption and decryption of the data.
