Implementing WinSock Secure Sockets

Hello Experts:

How do I implement Winsock Secure Sockets? Basically I want to add ssl header on my connections established using winsock on windows OS.

Precise code would be highly appreciated.

Thanks,
Chirag
LVL 1
cmandanAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

sitbonCommented:
From MSDN:

"Secure Sockets Layer (SSL) is not natively supported in Windows Sockets 2. Microsoft makes available the Security Support Provider Interface (SSPI) to enable application programmers to provide security-enabled communications. See Security Support Provider Interface, for more information."

If you have VS.NET 2003 (7.1), you can follow this link:

ms-help://MS.VSCC.2003/MS.MSDNQTR.2003FEB.1033/rpc/rpc/security_support_provider_interface_sspi_.htm

In order to learn more about SSPI.
0
cmandanAuthor Commented:
yes, but could there be a wrapper that I could use or something??? I looked at SSPI and I guess, that is not the correct solution and as such, Microsoft has not come up with the library it claims.

so basically, lets say that I have 2 files, a client and a server written using winsock. Is there any way that I could include ssl header into the packets....lets say that the encryption part is not available right, but if by some means, I could just add ssl header into the packets, that would be more than enough for me. Also, openssl stuff...like can that be used with winsock?



0
bookiCommented:
cmandan,

You can use OpenSSL. Documentation can be found:
http://www.openssl.org/docs/

An article with source:
http://www.jetbyte.com/portfolio-showarticle.asp?articleId=48&catId=1&subcatId=2

Another tutorial/example:
http://www.rtfm.com/openssl-examples/

A SSL/TLS protocol analyzer:
http://www.rtfm.com/ssldump/

A book w/"Extremely detailed coverage of SSL/TLS":
SSL and TLS: Designing and Building Secure Systems, Addison-Wesley, 2001 ISBN 0-201-61598-3

b.
0
Python 3 Fundamentals

This course will teach participants about installing and configuring Python, syntax, importing, statements, types, strings, booleans, files, lists, tuples, comprehensions, functions, and classes.

sitbonCommented:
Whatever you use, it's not going to be as easy as including a cpp file in your project... SSL is annoyingly complex in how/when it uses certain certificates, keys, algorithms, etc.

For a simple striaght-forward C-based solution, check out Ankit Fadia's book "The Unofficial Guide to Ethical Hacking" in which he describes a good way to make simple SSL cmmunications with sockets. I wouldn't buy the book just yet though, since it should also be on the website (hackingtruths.box.sk)... which is down at the moment, and I don't know when/if it'll be up.


Good Luck!
0
cmandanAuthor Commented:
well, i need a sample client/server code that uses openssl...
0
bookiCommented:
*ahem* did you look at the links?  specifically:

http://www.rtfm.com/openssl-examples/

It has "sample client/server code that uses openssl".

b.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
C++

From novice to tech pro — start learning today.