Encrypt packet

[Vladimir Sabanov]

Hi! I have some transport which based on winsock. Client(FTPS) send to
me some data over SSL, and i receive it with (for example):

...
if (WSARecv(AcceptSocket, &DataBuf, 1, &RecvBytes, &Flags, 
&AcceptOverlapped, NULL) == SOCKET_ERROR){
 if (WSAGetLastError() != WSA_IO_PENDING)
  printf("Error occured at WSARecv()\n");
}
...

DataBuf is complete packet.Question:
how can i decrypt received data in DataBuf, if i have certificate, puclic 
and private keys?

NOTE: i cannot use SSL_read and SSL_write in this task...:(

Thanks for support!

Problems with stream decryption

[Vladimir Sabanov]

Hi! I have some transport which based on winsock. Client(FTPS) send to me some 
data over SSL, and i receive it with (for example):

...
   if (WSARecv(AcceptSocket, &DataBuf, 1, &RecvBytes, &Flags, 
&AcceptOverlapped, NULL) == SOCKET_ERROR){
  if (WSAGetLastError() != WSA_IO_PENDING)
 printf("Error occured at WSARecv()\n");
  }
...
 
DataBuf is complete packet.
Question:
how can i decrypt received data in DataBuf, if i have certificate, puclic and 
private keys?
 
NOTE: i cannot use SSL_read and SSL_write in this task...:(

--
Best regards, 
Vladimir Sabanov mailto:[EMAIL PROTECTED]
Software Developer of ApriorIT - A PriorITy choice!

__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   [EMAIL PROTECTED]

problems with BIO pairs and SSL handshake

[Vladimir Sabanov]

Hi!

I have some server and async. transport on WINSOCK. Send and receive do with 
next
operations:

DWORD CSSLTLSLayer::Receive(IN OVERLAPPED *pOverlapped,
IN WSABUF *pBuffer, 
OUT PDWORD pdwWasRecv)
{
DWORD dwRet = __super::Receive(pOverlapped, pBuffer, pdwWasRecv);

BIO_write(m_pNetworkBIO, pBuffer->buf, *pdwWasRecv);
BIO_flush(m_pNetworkBIO);

size_t iBuffered = BIO_ctrl_pending(m_pSSLBIO);

if (iBuffered <= 0){
return(WSA_IO_PENDING);
}

m_vcLayeredBuffer.clear();
m_vcLayeredBuffer.resize(iBuffered);
iBuffered = BIO_read(m_pSSLBIO, &m_vcLayeredBuffer.front(), 
(int)iBuffered);

pBuffer->buf = &m_vcLayeredBuffer.front();
pBuffer->len = (u_long)m_vcLayeredBuffer.size();

return(dwRet);
}

DWORD CSSLTLSLayer::Send(IN OVERLAPPED *pOverlapped, 
 IN WSABUF *pBuffer, 
 OUT PDWORD pdwWasSend)
{
size_t iBuffered = BIO_write(m_pSSLBIO, pBuffer->buf, pBuffer->len);

BIO_flush(m_pSSLBIO);
iBuffered = (int)BIO_ctrl_pending(m_pNetworkBIO);

if (iBuffered <= 0){
return(WSA_IO_PENDING);
}

m_vcLayeredBuffer.clear();
m_vcLayeredBuffer.resize(iBuffered);

iBuffered = BIO_read(m_pNetworkBIO, 
 &m_vcLayeredBuffer.front(), 
 (int)iBuffered);

pBuffer->buf = &m_vcLayeredBuffer.front();
pBuffer->len = (u_long)m_vcLayeredBuffer.size();

return(__super::Send(pOverlapped, pBuffer, pdwWasSend));
}

But i have a problem with handshake. How can i do SSL handshake using
BIO and without SSL_accept or SSL_set_accept_state()+SSL_do_handshake.

Thanks for support!;)

--
Best regards, 
Vladimir Sabanov mailto:[EMAIL PROTECTED]
Software Developer of ApriorIT - A PriorITy choice!

__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   [EMAIL PROTECTED]

Handshake and BIO

[Vladimir Sabanov]

Hi, all!

How can i do handshake before using BIO pairs for encrypt/decrypt, if as 
transport i use Winsock(WSASend and WSARecv)?

Thanks for support!

Best regards, Vladimir Sabanov.

__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   [EMAIL PROTECTED]

Handshake before BIO pairs using

[Vladimir Sabanov]

Hi, all!



How can i do handshake before using BIO pairs for encrypt/decrypt, if as 

transport i use Winsock(WSASend and WSARecv)?



some example



this is send function:
DWORD CSSLTLSLayer::Send(IN OVERLAPPED *pOverlapped, 
 IN WSABUF *pBuffer, 
 OUT PDWORD pdwWasSend)
{
size_t iBuffered = BIO_write(m_pSSLBIO, pBuffer->buf, pBuffer->len);

BIO_flush(m_pSSLBIO);
iBuffered = (int)BIO_ctrl_pending(m_pNetworkBIO);

if (iBuffered <= 0){
return(WSA_IO_PENDING);
}

m_vcLayeredBuffer.clear();
m_vcLayeredBuffer.resize(iBuffered);

iBuffered = BIO_read(m_pNetworkBIO, 
 &m_vcLayeredBuffer.front(), 
 (int)iBuffered);

pBuffer->buf = &m_vcLayeredBuffer.front();
pBuffer->len = (u_long)m_vcLayeredBuffer.size();

//Method of parent class which only send message as WSASend()
DWORD dwStatus = __super::Send(pOverlapped, pBuffer, pdwWasSend); 

return(dwStatus);
} 
DWORD CSSLTLSLayer::Send(IN OVERLAPPED *pOverlapped, 
 IN WSABUF *pBuffer, 
 OUT PDWORD pdwWasSend)
{
size_t iBuffered = BIO_write(m_pSSLBIO, pBuffer->buf, pBuffer->len);

BIO_flush(m_pSSLBIO);
iBuffered = (int)BIO_ctrl_pending(m_pNetworkBIO);

if (iBuffered <= 0){
return(WSA_IO_PENDING);
}

m_vcLayeredBuffer.clear();
m_vcLayeredBuffer.resize(iBuffered);

iBuffered = BIO_read(m_pNetworkBIO, 
 &m_vcLayeredBuffer.front(), 
 (int)iBuffered);

pBuffer->buf = &m_vcLayeredBuffer.front();
pBuffer->len = (u_long)m_vcLayeredBuffer.size();

//Method of parent class which only send message as WSASend()
DWORD dwStatus = __super::Send(pOverlapped, pBuffer, pdwWasSend); 

return(dwStatus);
} 


this is receive function (common problem, because DWORD Send() work 
correctly):


DWORD CSSLTLSLayer::Receive(IN OVERLAPPED *pOverlapped, 
IN WSABUF *pBuffer, 
OUT PDWORD pdwWasRecv)
{
if (!m_bKEXed){
this->Handshake();
this->InitBIOAbstractions();
return 0;
}

//Receive method in parent class only do WSARecv()
DWORD dwRet = __super::Receive(pOverlapped, pBuffer, pdwWasRecv);

BIO_write(m_pNetworkBIO, pBuffer->buf, *pdwWasRecv);
BIO_flush(m_pNetworkBIO);

size_t iBuffered = BIO_ctrl_pending(m_pSSLBIO);

if (iBuffered <= 0){
return(WSA_IO_PENDING);
}

m_vcLayeredBuffer.clear();
m_vcLayeredBuffer.resize(iBuffered);
iBuffered = BIO_read(m_pSSLBIO, &m_vcLayeredBuffer.front(), 
(int)iBuffered);

pBuffer->buf = &m_vcLayeredBuffer.front();
pBuffer->len = (u_long)m_vcLayeredBuffer.size();

return(dwRet);
} 
DWORD CSSLTLSLayer::Receive(IN OVERLAPPED *pOverlapped, 
IN WSABUF *pBuffer, 
OUT PDWORD pdwWasRecv)
{
if (!m_bKEXed){
this->Handshake();
this->InitBIOAbstractions();
return 0;
}

//Receive method in parent class only do WSARecv()
DWORD dwRet = __super::Receive(pOverlapped, pBuffer, pdwWasRecv);

BIO_write(m_pNetworkBIO, pBuffer->buf, *pdwWasRecv);
BIO_flush(m_pNetworkBIO);

size_t iBuffered = BIO_ctrl_pending(m_pSSLBIO);

if (iBuffered <= 0){
return(WSA_IO_PENDING);
}

m_vcLayeredBuffer.clear();
m_vcLayeredBuffer.resize(iBuffered);
iBuffered = BIO_read(m_pSSLBIO, &m_vcLayeredBuffer.front(), 
(int)iBuffered);

pBuffer->buf = &m_vcLayeredBuffer.front();
pBuffer->len = (u_long)m_vcLayeredBuffer.size();

return(dwRet);
} 


and Handshake() method:


void CSSLTLSLayer::Handshake(void){

if (!m_bKEXed && m_pSSL){
SSL_set_fd(m_pSSL, (int)m_Socket);
SSL_set_accept_state(m_pSSL);
SSL_do_handshake(m_pSSL);
m_bKEXed = true;
}

return;
} 
void CSSLTLSLayer::Handshake(void){

if (!m_bKEXed && m_pSSL){
SSL_set_fd(m_pSSL, (int)m_Socket);
SSL_set_accept_state(m_pSSL);
SSL_do_handshake(m_pSSL);
m_bKEXed = true;
}

return;
} 


after Handshake() calling in Receive() i always request 0 bytes and empty 
buffer... why?

maybe i can do handshake without using SSL_set_fd(), SSL_set_accept_state() 
and SSL_do_handshake()?

Thanks for support!