?
Solved

Implementing WinSock Secure Sockets

Posted on 2004-04-16
7
Medium Priority
?
537 Views
Last Modified: 2008-02-01
Hello Experts:

How do I implement Winsock Secure Sockets? Basically I want to add ssl header on my connections established using winsock on windows OS.

Precise code would be highly appreciated.

Thanks,
Chirag
0
Comment
Question by:cmandan
  • 2
  • 2
  • 2
6 Comments
 
LVL 2

Expert Comment

by:sitbon
ID: 10845549
From MSDN:

"Secure Sockets Layer (SSL) is not natively supported in Windows Sockets 2. Microsoft makes available the Security Support Provider Interface (SSPI) to enable application programmers to provide security-enabled communications. See Security Support Provider Interface, for more information."

If you have VS.NET 2003 (7.1), you can follow this link:

ms-help://MS.VSCC.2003/MS.MSDNQTR.2003FEB.1033/rpc/rpc/security_support_provider_interface_sspi_.htm

In order to learn more about SSPI.
0
 
LVL 1

Author Comment

by:cmandan
ID: 10845821
yes, but could there be a wrapper that I could use or something??? I looked at SSPI and I guess, that is not the correct solution and as such, Microsoft has not come up with the library it claims.

so basically, lets say that I have 2 files, a client and a server written using winsock. Is there any way that I could include ssl header into the packets....lets say that the encryption part is not available right, but if by some means, I could just add ssl header into the packets, that would be more than enough for me. Also, openssl stuff...like can that be used with winsock?



0
 
LVL 4

Expert Comment

by:booki
ID: 10846147
cmandan,

You can use OpenSSL. Documentation can be found:
http://www.openssl.org/docs/

An article with source:
http://www.jetbyte.com/portfolio-showarticle.asp?articleId=48&catId=1&subcatId=2

Another tutorial/example:
http://www.rtfm.com/openssl-examples/

A SSL/TLS protocol analyzer:
http://www.rtfm.com/ssldump/

A book w/"Extremely detailed coverage of SSL/TLS":
SSL and TLS: Designing and Building Secure Systems, Addison-Wesley, 2001 ISBN 0-201-61598-3

b.
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 
LVL 2

Expert Comment

by:sitbon
ID: 10850389
Whatever you use, it's not going to be as easy as including a cpp file in your project... SSL is annoyingly complex in how/when it uses certain certificates, keys, algorithms, etc.

For a simple striaght-forward C-based solution, check out Ankit Fadia's book "The Unofficial Guide to Ethical Hacking" in which he describes a good way to make simple SSL cmmunications with sockets. I wouldn't buy the book just yet though, since it should also be on the website (hackingtruths.box.sk)... which is down at the moment, and I don't know when/if it'll be up.


Good Luck!
0
 
LVL 1

Author Comment

by:cmandan
ID: 10864613
well, i need a sample client/server code that uses openssl...
0
 
LVL 4

Accepted Solution

by:
booki earned 200 total points
ID: 10866201
*ahem* did you look at the links?  specifically:

http://www.rtfm.com/openssl-examples/

It has "sample client/server code that uses openssl".

b.
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When writing generic code, using template meta-programming techniques, it is sometimes useful to know if a type is convertible to another type. A good example of when this might be is if you are writing diagnostic instrumentation for code to generat…
Introduction This article is the first in a series of articles about the C/C++ Visual Studio Express debugger.  It provides a quick start guide in using the debugger. Part 2 focuses on additional topics in breakpoints.  Lastly, Part 3 focuses on th…
The viewer will learn how to use the return statement in functions in C++. The video will also teach the user how to pass data to a function and have the function return data back for further processing.
The viewer will learn how to clear a vector as well as how to detect empty vectors in C++.

615 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question