Re: Secure Sockets
- From: "Alun Jones" <alun@xxxxxxxxxxxxx>
- Date: Thu, 5 Jul 2007 14:15:56 -0700
"Michael Bauers" <MichaelBauers@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:644A59B3-779C-47BF-8616-3DB5D592B840@xxxxxxxxxxxxxxxx
I have been trying to figure out how I can write umanaged C/C++ code to
implement some sort of secure socket communication.
I have spent quite a lot of time reading through MSDN documentation,
without
getting anywhere. I need code which runs on Windows Server 2003 and later
(XP etc.)
I was able to get some SSPI sample code to work. MSDN's sample code would
not even compile. I spent a fair amount of time figuring out how to make
it
compile and run correctly. The code was rather lengthy with lot's of
required handshaking calls. It was not ideal.
Sorry, but that's really what it takes.
Ideally I would write code where data sent across the socket was
automatically encrypted and decrypted.
You have to find a way to deal with crypto problems as opposed to networking
problems. That's one big reason why you won't find many class libraries
designed to make secure sockets look "just like" regular sockets. There are
a number of functions that you will need to do that have no socket
equivalent (for instance, closing the SSL session without closing the TCP
connection).
I looked into Open SSL, but I am not allowed to use it.
I was also frustrated by not being able to locate specific information on
SSL(TLS). According to the MSDN documentation, Secure Channel allows for
TLS
(http://msdn2.microsoft.com/en-us/library/aa380516.aspx.) But I could not
locate any coherent documentation on how to implement TLS using Secure
Channel routines.
The documentation isn't the best. Probably better is to read the webclient
and webserver samples in the SDK - these give you everything you need in
order to implement SSL / TLS support.
Someone helped me last week with this, and while their help was
appreciated,
it has not led me to a coherent solution I can field.
In summary:
I am looking for a non third party way (secure channel?) of implementing a
secure socket. Ideally the data is automatically encrypted. I need to be
able to code it in umanaged C/C++ and it needs to run on Windows 2003
server
and later. I am looking for concrete documentation I can use to code a
solution. I am willing to buy any book which covers this topic.
I would definitely suggest reading Eric Rescorla's book on SSL / TLS, so
that you don't screw up the security.
Then, the process is just as described in
http://msdn2.microsoft.com/en-us/library/aa374781.aspx (Creating the
SChannel Security Context), and in
http://msdn2.microsoft.com/en-us/library/aa380138.aspx (Shutting down an
SChannel Connection).
It's all described at
http://msdn2.microsoft.com/en-us/library/aa374782.aspx, in a whole lot more
detail than it was when I started writing SChannel code :)
Alun.
~~~~
.
- Follow-Ups:
- Re: Secure Sockets
- From: Chris Becke
- Re: Secure Sockets
- Prev by Date: IMPORTANT: acl chaos !!!!
- Next by Date: Re: acquiring access token for "LocalService" from application started by the admin for SHGetFolderPath()
- Previous by thread: IMPORTANT: acl chaos !!!!
- Next by thread: Re: Secure Sockets
- Index(es):
