Solved

Implementing WinSock Secure Sockets

Posted on 2004-04-16
7
525 Views
Last Modified: 2008-02-01
Hello Experts:

How do I implement Winsock Secure Sockets? Basically I want to add ssl header on my connections established using winsock on windows OS.

Precise code would be highly appreciated.

Thanks,
Chirag
0
Comment
Question by:cmandan
  • 2
  • 2
  • 2
7 Comments
 
LVL 2

Expert Comment

by:sitbon
ID: 10845549
From MSDN:

"Secure Sockets Layer (SSL) is not natively supported in Windows Sockets 2. Microsoft makes available the Security Support Provider Interface (SSPI) to enable application programmers to provide security-enabled communications. See Security Support Provider Interface, for more information."

If you have VS.NET 2003 (7.1), you can follow this link:

ms-help://MS.VSCC.2003/MS.MSDNQTR.2003FEB.1033/rpc/rpc/security_support_provider_interface_sspi_.htm

In order to learn more about SSPI.
0
 
LVL 1

Author Comment

by:cmandan
ID: 10845821
yes, but could there be a wrapper that I could use or something??? I looked at SSPI and I guess, that is not the correct solution and as such, Microsoft has not come up with the library it claims.

so basically, lets say that I have 2 files, a client and a server written using winsock. Is there any way that I could include ssl header into the packets....lets say that the encryption part is not available right, but if by some means, I could just add ssl header into the packets, that would be more than enough for me. Also, openssl stuff...like can that be used with winsock?



0
 
LVL 4

Expert Comment

by:booki
ID: 10846147
cmandan,

You can use OpenSSL. Documentation can be found:
http://www.openssl.org/docs/

An article with source:
http://www.jetbyte.com/portfolio-showarticle.asp?articleId=48&catId=1&subcatId=2

Another tutorial/example:
http://www.rtfm.com/openssl-examples/

A SSL/TLS protocol analyzer:
http://www.rtfm.com/ssldump/

A book w/"Extremely detailed coverage of SSL/TLS":
SSL and TLS: Designing and Building Secure Systems, Addison-Wesley, 2001 ISBN 0-201-61598-3

b.
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 
LVL 2

Expert Comment

by:sitbon
ID: 10850389
Whatever you use, it's not going to be as easy as including a cpp file in your project... SSL is annoyingly complex in how/when it uses certain certificates, keys, algorithms, etc.

For a simple striaght-forward C-based solution, check out Ankit Fadia's book "The Unofficial Guide to Ethical Hacking" in which he describes a good way to make simple SSL cmmunications with sockets. I wouldn't buy the book just yet though, since it should also be on the website (hackingtruths.box.sk)... which is down at the moment, and I don't know when/if it'll be up.


Good Luck!
0
 
LVL 1

Author Comment

by:cmandan
ID: 10864613
well, i need a sample client/server code that uses openssl...
0
 
LVL 4

Accepted Solution

by:
booki earned 50 total points
ID: 10866201
*ahem* did you look at the links?  specifically:

http://www.rtfm.com/openssl-examples/

It has "sample client/server code that uses openssl".

b.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Article by: SunnyDark
This article's goal is to present you with an easy to use XML wrapper for C++ and also present some interesting techniques that you might use with MS C++. The reason I built this class is to ease the pain of using XML files with C++, since there is…
Go is an acronym of golang, is a programming language developed Google in 2007. Go is a new language that is mostly in the C family, with significant input from Pascal/Modula/Oberon family. Hence Go arisen as low-level language with fast compilation…
The viewer will learn how to use the return statement in functions in C++. The video will also teach the user how to pass data to a function and have the function return data back for further processing.
The viewer will learn how to clear a vector as well as how to detect empty vectors in C++.

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now