Re: network connection encrypted/secure using ssl and sockets ?!

Wed, 03 Sep 2008 15:05:29 -0700 

Manuel Sahm escribió:

Hello,
thanks for reply,... Maybe you could help me. Is it possible to use a password instead of a Certification file and a Certification Key File to make the tcp connection secure via openssl ? Thank you 

>>> Sergio <[EMAIL PROTECTED]> 03.09.2008 16:44 >>>
Manuel Sahm escribió:
> Hello,

> 
> I want to make my network connection encrypted/secure using ssh.
> 
> At the moment I open a socket in my embedded device, so that an client

> (PC) is able to connect to it:

> 
> //initialization of the socket

> handle = socket(AF_INET, SOCK_STREAM, 0);
> serv_addr.sin_family = AF_INET;
> serv_addr.sin_add.s_addr = htonl(INADDR_ANY);
> serv_addr.sin_port = htons(10001);

> 
> bind(handle, &serv_adr, size_of(serv_adr));

> listen(handle, 0);

> 
> In my communication thread I have the functions

> - accept
> - read
> - write
> - close

> 
> How is it possible to make my network secure via ssl and the sockets

> used in the sample code...

> 
> Thank you very very much
> 
> Manuel Sahm

> <http://www.eset.com>
Hi,

i have never used SSL api directly, only command line but, i suposse you
want to encrypt the communication under your TCP socket. You need to
establish a TLS session and, i think your question is too ambiguous
because i suspect you need to use many functions and data structures
from ssl implementation. What you want is to establish a complete ssl
environment and my only advice (a recommendation from a newbie) is to
read and to study SSL api doc to see your needs more clear.
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           [EMAIL PROTECTED]


I think you have a conflict with your ideas. A and B want to secure its 
communication. They need to be agree about which key to use. I suppose 
you can encrypt the information at the origin using a symmetric key 
(aes, des, idea etc) and decrypt ir at destination with the same key. A 
and B must know the key. But also i suppose you can establish a ssl 
connection to perform a key exchange (key negotiation) using 
certificates or public keys (asymmetric keys) without certificates. In 
this situation neither A and B need to know about a previous secret. 
This is the normal situation of a client-server environment.
If your socket is a TCP socket i think is better for you to establish a 
ssl session, more than using a symmetric key. I think symmetric keys are 
more suitable for UDP but i'm not an expert and i don't assure anything.

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           [EMAIL PROTECTED]






















					Reply via email to