How to start? - Openssl

This is a discussion on How to start? - Openssl ; Hi group, I am starting a project that will require using SSL to transmit data in an encrypted mode. I would like to find some simple code that I could use as a model for my program. The program will ...

+ Reply to Thread
Results 1 to 3 of 3

Thread: How to start?

  1. How to start?

    Hi group,

    I am starting a project that will require using SSL to transmit data
    in an encrypted mode. I would like
    to find some simple code that I could use as a model for my program. The
    program will be a peer to peer
    communication using the same code at each end, an SSL Agent. I want to
    use "One Time" RSA
    authentication method, That means that for each connection, generate an
    RSA key before starting the
    connection and use it just once. I have the "Socket" code already, I
    just need the SSL calls/protocol.

    From what I have gathered, the calls would something like this:

    Generate RSA Key (call rsa_generate_key?)
    Request authentication from other side
    Return my key
    Loop:

    Encrypt packet
    Send packet
    Get response packet
    Decrypt packet
    Process Packet
    Goto Loop

    Does this look right?

    Any pointers (URLs)?

    --
    William Estrada
    MrUmunhum@popdial.com
    Mt-Umunhum-Wireless.net ( http://Mt-Umunhum-Wireless.net )
    Ymessenger: MrUmunhum


    __________________________________________________ ____________________
    OpenSSL Project http://www.openssl.org
    User Support Mailing List openssl-users@openssl.org
    Automated List Manager majordomo@openssl.org


  2. Re: How to start?

    Hi!

    > I am starting a project that will require using SSL to transmit data in an
    > encrypted mode. I would like
    > to find some simple code that I could use as a model for my program. The
    > program will be a peer to peer
    > communication using the same code at each end, an SSL Agent. I want to use
    > "One Time" RSA
    > authentication method, That means that for each connection, generate an RSA
    > key before starting the
    > connection and use it just once. I have the "Socket" code already, I just
    > need the SSL calls/protocol.


    I too developed something similar to this. I used the Network
    Security with OpenSSL book pretty extensively to develop a p2p app
    that uses ssl for securing communications. The book has code examples
    and simple client/servers that served as the basis for my own code.

    > From what I have gathered, the calls would something like this:
    >
    > Generate RSA Key (call rsa_generate_key?)
    > Request authentication from other side
    > Return my key
    > Loop:
    >
    > Encrypt packet
    > Send packet
    > Get response packet
    > Decrypt packet
    > Process Packet
    > Goto Loop


    You'll basically do the following:

    1) generate your key pairs first time and stash them away
    2) connect to other side via SSL primitives or hand a connection to
    the SSL library
    3) exchange data
    4) tear down the session

    OpenSSL will handle the rest. It really wasnt that complicated. I
    retrofitted my unsecure app with SSL and the number of modules and
    files I had to monkey with were pretty small.

    Bobby


    __________________________________________________ ____________________
    OpenSSL Project http://www.openssl.org
    User Support Mailing List openssl-users@openssl.org
    Automated List Manager majordomo@openssl.org


  3. Re: How to start?

    On Tue, Jul 15, 2008 at 10:53 PM, William Estrada wrote:
    > Hi group,
    >
    > I am starting a project that will require using SSL to transmit data in an
    > encrypted mode. I would like
    > to find some simple code that I could use as a model for my program. The
    > program will be a peer to peer
    > communication using the same code at each end, an SSL Agent. I want to use
    > "One Time" RSA


    Have a look at the ./apps/ directory that comes with the OpenSSL
    source distro; in particular the s_client and s_server source code are
    significant.

    Start with that, then progress to see how you can tweak the code to
    [only] use RSA.
    The applications provided in the apps directory are also useful to see
    how you should go about generating keys, etc.


    Next to that:
    Indulge yourself and only obtain the O'reilly 'OpenSSL' book by John
    Viega et al, which is a quite useful addition to the available on-line
    documentation. It has been worth it to me; given your question(s), I
    am sure it will serve you well too.


    On the crypto/SSL coding side: since you appear to want to use one
    time keys, try to get a full 'anonymous' (Diffie Hellman) SSL
    connection going first, just so you have something that works after
    just a few minor tweaks (always nice to see the bytes pop out the
    other end like you expect them to); meanwhile read up on the subject
    in the OpenSSL book so you get a more detailed view of what you want
    and how to go about it.


    --
    Met vriendelijke groeten / Best regards,

    Ger Hobbelt

    --------------------------------------------------
    web: http://www.hobbelt.com/
    http://www.hebbut.net/
    mail: ger@hobbelt.com
    mobile: +31-6-11 120 978
    --------------------------------------------------
    __________________________________________________ ____________________
    OpenSSL Project http://www.openssl.org
    User Support Mailing List openssl-users@openssl.org
    Automated List Manager majordomo@openssl.org


+ Reply to Thread