openssl使用+Demo
1. website
SSL(secure Socket Layer)
TLS(transport Layer Security) - SSL3.0基礎之上提出的安全通訊標準,目前版本是1.0
openssl 主頁 -> http://www.openssl.org/
openssl 中文文檔 -> http://www.chinaunix.net/jh/13/478901.htmlhtml
2. 如何編譯OpenSSL in Windows?
a) 下載openssl -> openssl-0.9.8i
b) 下載perl -> http://downloads.activestate.com/ActivePerl/Windows/5.8/ActivePerl-5.8.8.822-MSWin32-x86-280952.zip
c) 安裝perl -> ActivePerl-5.8.8.822-MSWin32-x86-280952/Installer.bat (以前先運行vcvars32.bat,須要運行perf Configure VC-WIN32來設置環境變量)
d) 使windows支持nmake -> C:\Program Files\Microsoft Visual Studio 10.0\VC\bin\vcvars32.bat
e) 進入openssl路徑 -> cd C:\devdiv\openssl-0.9.8i (工做路徑)
f) 建立Makefile文件: ms\do_ms (出現%osversion% is not defined的錯誤忽略便可)
g) 編譯動態庫: nmake -f ms\ntdll.mak
編譯靜態庫: nmake -f ms\nt.makios
測試動態庫: nmake -f ms\ntdll.mak test
測試靜態庫: nmake -f ms\nt.mak testweb
安裝動態庫: nmake -f ms\ntdll.mak install
安裝靜態庫: nmake -f ms\nt.mak installwindows
清除上次動態庫的編譯,以便從新編譯: nmake -f ms\ntdll.mak clean
清除上次靜態庫的編譯,以便從新編譯: nmake -f ms\nt.mak clean
3. 如何使用openssl?
a) library path -> C:\devdiv\openssl-0.9.8i\out32
b) include path -> C:\devdiv\openssl-0.9.8i\include
c) 庫文件 -> libeay32.lib, ssleay32.lib安全
4. 配置文件在哪裏?
C:\devdiv\openssl-0.9.8i\apps\openssl.cnf
5. 關於key:
key通常分爲public key和private key,在openssl中,private key中包含了public key的信息,因此public key不須要單首創建. 如何建立一個RSA key?
openssl.exe genrsa -des3 -out privatekey.pem 2048 (須要添加密碼保護)
openssl.exe genrsa -out privatekey.pem 2048
6. 關於certificates(證書文件), 如何建立一個證書呢?
通常流程是:
a. 建立一個private key
b. 建立一個certificate signing request(證書請求), 這個須要a#中建立的private key.由於證書中須要包含public key,
建立的priavate key中有這些信息.
(openssl.exe req -new -key privatekey.pem-out cacert.csr)
c. 把建立好的證書請求拿到CA(certificate authority)證書認證機構審批.
7. 如何作一個自簽名的證書呢?
openssl.exe req -new -x509 -key privatekey.pem -out cacert.pem -days 1095
(Note: privatekey.pem須要本身建立)
8. Demo: 來自openssl自帶的demo,略作修改.
Server:服務器
1
#include <openssl/rsa.h>
/* SSLeay stuff */
2#include <openssl/crypto.h>
3#include <openssl/x509.h>
4#include <openssl/pem.h>
5#include <openssl/ssl.h>
6#include <openssl/err.h>
7
8
9#include <iostream>
10#include <winsock2.h>
11
12#define SERVER_PORT 5003
13
14// certificate & key 的存放路徑
15// Note: 必須是全路徑, 不然SSL_CTX_use_certificate_file等函數
16// 沒法找到文件在windows平臺上.
17// How to:
18// #privatekey.pem
19// openssl.exe genrsa -out privatekey.pem 2048
20// #cacert.pem
21// openssl.exe req -new -x509 -key privatekey.pem -out cacert.pem -days 1095 -config openssl.cnf
22//
23#define SERVER_CERTIFICATE "c:\\config\\cacert.pem"
24#define SERVER_KEY "c:\\config\\privatekey.pem"
25
26#pragma comment( lib, "ws2_32.lib" )
27#pragma comment( lib, "libeay32.lib" )
28#pragma comment( lib, "ssleay32.lib" )
29
30int main( int argc, char* argv[] ) {
31 int ret;
32
33 ////////////
34 // 初始化 //
35 ////////////
36 SSL_CTX* ctx;
37 SSL_METHOD *meth;
38
39 SSL_load_error_strings();
40 SSLeay_add_ssl_algorithms();
41 meth = SSLv23_server_method();
42
43 ctx = SSL_CTX_new (meth);
44 if (!ctx) {
45 ERR_print_errors_fp(stderr);
46 std::cout<<"SSL_CTX_new error."<<std::endl;
47 return -1;
48 }
49
50 if (SSL_CTX_use_certificate_file(ctx, SERVER_CERTIFICATE, SSL_FILETYPE_PEM) <= 0) {
51 ERR_print_errors_fp(stderr);
52 std::cout<<"SSL_CTX_use_certificate_file error."<<std::endl;
53 return -1;
54 }
55 if (SSL_CTX_use_PrivateKey_file(ctx, SERVER_KEY, SSL_FILETYPE_PEM) <= 0) {
56 ERR_print_errors_fp(stderr);
57 std::cout<<"SSL_CTX_use_PrivateKey_file error."<<std::endl;
58 return -1;
59 }
60
61 if (!SSL_CTX_check_private_key(ctx)) {
62 ERR_print_errors_fp(stderr);
63 std::cout<<"SSL_CTX_check_private_key error."<<std::endl;
64 return -1;
65 }
66
67 ///////////////////////
68 // 創建原始的TCP鏈接 //
69 ///////////////////////
70 WSADATA wsaData;
71 SOCKET listen_socket;
72 SOCKET accept_socket;
73 struct sockaddr_in addr_server;
74 struct sockaddr_in addr_client;
75 int addr_client_len;
76
77 ret = WSAStartup( MAKEWORD(2, 2), &wsaData );
78 if ( ret != 0 ) {
79 std::cout<<"WSAStartup error."<<std::endl;
80 return -1;
81 }
82
83 listen_socket = socket (AF_INET, SOCK_STREAM, 0);
84 if( listen_socket == INVALID_SOCKET ) {
85 std::cout<<"socket error."<<std::endl;
86 return -1;
87 }
88
89 memset (&addr_server, 0, sizeof(addr_server));
90 addr_server.sin_family = AF_INET;
91 addr_server.sin_addr.S_un.S_addr = INADDR_ANY;
92 addr_server.sin_port = htons (SERVER_PORT);
93
94 ret = bind(listen_socket, (struct sockaddr*)&addr_server, sizeof(addr_server) );
95 if( ret == SOCKET_ERROR ) {
96 std::cout<<"bind error."<<std::endl;
97 return -1;
98 }
99
100 ret = listen (listen_socket, 5);
101 if( ret == SOCKET_ERROR ) {
102 std::cout<<"listen error."<<std::endl;
103 return -1;
104 }
105
106 addr_client_len = sizeof(addr_client);
107 accept_socket = accept (listen_socket, (struct sockaddr*) &addr_client, &addr_client_len);
108 if( accept_socket == INVALID_SOCKET ) {
109 std::cout<<"accept error."<<std::endl;
110 return -1;
111 }
112 closesocket(listen_socket);
113 std::cout<<" Connection from "<<addr_client.sin_addr.S_un.S_addr<<":"<<addr_client.sin_port<<std::endl;
114
115 /////////////////////////////////////
116 // TCP鏈接已經創建,執行Server SSL //
117 /////////////////////////////////////
118 SSL* ssl;
119 X509* client_certificate;
120 char* str;
121
122 ssl = SSL_new (ctx);
123 if( ssl == NULL ) {
124 std::cout<<"SSL_new error."<<std::endl;
125 return -1;
126 }
127 SSL_set_fd (ssl, accept_socket);
128 ret = SSL_accept (ssl);
129 if( ret == -1 ) {
130 std::cout<<"SSL_accept error."<<std::endl;
131 return -1;
132 }
133
134 // 獲取cipher
135 std::cout<<"SSL connection using: "<<SSL_get_cipher(ssl)<<std::endl;
136
137 // 獲取客戶端的證書
138 client_certificate = SSL_get_peer_certificate (ssl);
139 if (client_certificate != NULL) {
140 std::cout<<"Client certificate:"<<std::endl;
141
142 str = X509_NAME_oneline (X509_get_subject_name (client_certificate), 0, 0);
143 if( str == NULL ) {
144 std::cout<<"X509_NAME_oneline error."<<std::endl;
145 } else {
146 std::cout<<"subject: "<<str<<std::endl;
147 OPENSSL_free (str);
148 }
149
150 str = X509_NAME_oneline (X509_get_issuer_name (client_certificate), 0, 0);
151 if( str == NULL ) {
152 std::cout<<"X509_NAME_oneline error."<<std::endl;
153 } else {
154 std::cout<<"issuer: "<<str<<std::endl;
155 OPENSSL_free (str);
156 }
157
158 X509_free (client_certificate);
159 } else {
160 std::cout<<"Client does not have certificate. "<<std::endl;
161 }
162
163 ////////////////
164 // 數據交換 //
165 ////////////////
166 char buf [4096];
167
168 ret = SSL_read (ssl, buf, sizeof(buf) - 1);
169 if( ret == -1 ) {
170 std::cout<<"SSL_read error."<<std::endl;
171 return -1;
172 }
173 buf[ret] = '\0';
174 std::cout<<buf<<std::endl;
175
176 ret = SSL_write (ssl, "I hear you.", strlen("I hear you."));
177 if( ret == -1 ) {
178 std::cout<<"SSL_write error."<<std::endl;
179 return -1;
180 }
181
182 /////////////
183 // Cleanup //
184 /////////////
185 closesocket(accept_socket);
186 SSL_free (ssl);
187 SSL_CTX_free (ctx);
188 WSACleanup();
189 return 0;
190}
#include <openssl/rsa.h>
/* SSLeay stuff */2
#include <openssl/crypto.h>3
#include <openssl/x509.h>4
#include <openssl/pem.h>5
#include <openssl/ssl.h>6
#include <openssl/err.h>7
8
9
#include <iostream>10
#include <winsock2.h>11
12
#define SERVER_PORT 500313
14
// certificate & key 的存放路徑15
// Note: 必須是全路徑, 不然SSL_CTX_use_certificate_file等函數16
// 沒法找到文件在windows平臺上.17
// How to:18
// #privatekey.pem19
// openssl.exe genrsa -out privatekey.pem 204820
// #cacert.pem21
// openssl.exe req -new -x509 -key privatekey.pem -out cacert.pem -days 1095 -config openssl.cnf22
//23
#define SERVER_CERTIFICATE "c:\\config\\cacert.pem" 24
#define SERVER_KEY "c:\\config\\privatekey.pem"25
26
#pragma comment( lib, "ws2_32.lib" )27
#pragma comment( lib, "libeay32.lib" )28
#pragma comment( lib, "ssleay32.lib" )29
30
int main( int argc, char* argv[] ) {31
int ret;32
33
////////////34
// 初始化 //35
////////////36
SSL_CTX* ctx;37
SSL_METHOD *meth;38
39
SSL_load_error_strings();40
SSLeay_add_ssl_algorithms();41
meth = SSLv23_server_method(); 42
43
ctx = SSL_CTX_new (meth);44
if (!ctx) {45
ERR_print_errors_fp(stderr);46
std::cout<<"SSL_CTX_new error."<<std::endl;47
return -1;48
}49
50
if (SSL_CTX_use_certificate_file(ctx, SERVER_CERTIFICATE, SSL_FILETYPE_PEM) <= 0) {51
ERR_print_errors_fp(stderr);52
std::cout<<"SSL_CTX_use_certificate_file error."<<std::endl;53
return -1;54
}55
if (SSL_CTX_use_PrivateKey_file(ctx, SERVER_KEY, SSL_FILETYPE_PEM) <= 0) {56
ERR_print_errors_fp(stderr);57
std::cout<<"SSL_CTX_use_PrivateKey_file error."<<std::endl;58
return -1;59
}60
61
if (!SSL_CTX_check_private_key(ctx)) {62
ERR_print_errors_fp(stderr);63
std::cout<<"SSL_CTX_check_private_key error."<<std::endl;64
return -1;65
}66
67
///////////////////////68
// 創建原始的TCP鏈接 //69
///////////////////////70
WSADATA wsaData;71
SOCKET listen_socket;72
SOCKET accept_socket;73
struct sockaddr_in addr_server;74
struct sockaddr_in addr_client;75
int addr_client_len;76
77
ret = WSAStartup( MAKEWORD(2, 2), &wsaData );78
if ( ret != 0 ) {79
std::cout<<"WSAStartup error."<<std::endl;80
return -1;81
}82
83
listen_socket = socket (AF_INET, SOCK_STREAM, 0); 84
if( listen_socket == INVALID_SOCKET ) {85
std::cout<<"socket error."<<std::endl;86
return -1;87
}88
89
memset (&addr_server, 0, sizeof(addr_server));90
addr_server.sin_family = AF_INET;91
addr_server.sin_addr.S_un.S_addr = INADDR_ANY;92
addr_server.sin_port = htons (SERVER_PORT); 93
94
ret = bind(listen_socket, (struct sockaddr*)&addr_server, sizeof(addr_server) ); 95
if( ret == SOCKET_ERROR ) {96
std::cout<<"bind error."<<std::endl;97
return -1;98
}99
100
ret = listen (listen_socket, 5); 101
if( ret == SOCKET_ERROR ) {102
std::cout<<"listen error."<<std::endl;103
return -1;104
}105
106
addr_client_len = sizeof(addr_client);107
accept_socket = accept (listen_socket, (struct sockaddr*) &addr_client, &addr_client_len);108
if( accept_socket == INVALID_SOCKET ) {109
std::cout<<"accept error."<<std::endl;110
return -1;111
}112
closesocket(listen_socket);113
std::cout<<" Connection from "<<addr_client.sin_addr.S_un.S_addr<<":"<<addr_client.sin_port<<std::endl;114
115
/////////////////////////////////////116
// TCP鏈接已經創建,執行Server SSL //117
/////////////////////////////////////118
SSL* ssl;119
X509* client_certificate;120
char* str;121
122
ssl = SSL_new (ctx); 123
if( ssl == NULL ) {124
std::cout<<"SSL_new error."<<std::endl;125
return -1;126
} 127
SSL_set_fd (ssl, accept_socket);128
ret = SSL_accept (ssl); 129
if( ret == -1 ) {130
std::cout<<"SSL_accept error."<<std::endl;131
return -1;132
}133
134
// 獲取cipher135
std::cout<<"SSL connection using: "<<SSL_get_cipher(ssl)<<std::endl;136
137
// 獲取客戶端的證書138
client_certificate = SSL_get_peer_certificate (ssl);139
if (client_certificate != NULL) {140
std::cout<<"Client certificate:"<<std::endl;141
142
str = X509_NAME_oneline (X509_get_subject_name (client_certificate), 0, 0);143
if( str == NULL ) {144
std::cout<<"X509_NAME_oneline error."<<std::endl;145
} else {146
std::cout<<"subject: "<<str<<std::endl;147
OPENSSL_free (str);148
}149
150
str = X509_NAME_oneline (X509_get_issuer_name (client_certificate), 0, 0);151
if( str == NULL ) {152
std::cout<<"X509_NAME_oneline error."<<std::endl;153
} else {154
std::cout<<"issuer: "<<str<<std::endl;155
OPENSSL_free (str);156
}157
158
X509_free (client_certificate);159
} else {160
std::cout<<"Client does not have certificate. "<<std::endl;161
}162
163
////////////////164
// 數據交換 //165
////////////////166
char buf [4096];167
168
ret = SSL_read (ssl, buf, sizeof(buf) - 1); 169
if( ret == -1 ) {170
std::cout<<"SSL_read error."<<std::endl;171
return -1;172
}173
buf[ret] = '\0';174
std::cout<<buf<<std::endl;175
176
ret = SSL_write (ssl, "I hear you.", strlen("I hear you.")); 177
if( ret == -1 ) {178
std::cout<<"SSL_write error."<<std::endl;179
return -1;180
}181
182
/////////////183
// Cleanup //184
/////////////185
closesocket(accept_socket);186
SSL_free (ssl);187
SSL_CTX_free (ctx);188
WSACleanup();189
return 0;190
}
Client:app
1
#include <openssl/rsa.h>
/* SSLeay stuff */
2#include <openssl/crypto.h>
3#include <openssl/x509.h>
4#include <openssl/pem.h>
5#include <openssl/ssl.h>
6#include <openssl/err.h>
7
8
9#include <iostream>
10#include <winsock2.h>
11
12#define SERVER_IP "127.0.0.1"
13#define SERVER_PORT 5003
14
15#pragma comment( lib, "ws2_32.lib" )
16#pragma comment( lib, "libeay32.lib" )
17#pragma comment( lib, "ssleay32.lib" )
18
19
20int main( int argc, char* argv[] ) {
21 int ret;
22 ////////////
23 // 初始化 //
24 ////////////
25 SSL_CTX* ctx;
26 SSL_METHOD *meth;
27
28 SSL_load_error_strings();
29 SSLeay_add_ssl_algorithms();
30 meth = SSLv23_client_method();
31
32 ctx = SSL_CTX_new (meth);
33 if (!ctx) {
34 ERR_print_errors_fp(stderr);
35 std::cout<<"SSL_CTX_new error."<<std::endl;
36 return -1;
37 }
38
39 ///////////////////////
40 // 創建原始的TCP鏈接 //
41 ///////////////////////
42 WSADATA wsaData;
43 SOCKET client_socket;
44 struct sockaddr_in addr_server;
45
46 ret = WSAStartup( MAKEWORD(2, 2), &wsaData );
47 if ( ret != 0 ) {
48 std::cout<<"WSAStartup error."<<std::endl;
49 return -1;
50 }
51 client_socket = socket (AF_INET, SOCK_STREAM, 0);
52 if( client_socket == INVALID_SOCKET ) {
53 std::cout<<"socket error."<<std::endl;
54 return -1;
55 }
56
57 memset (&addr_server, 0, sizeof(addr_server));
58 addr_server.sin_family = AF_INET;
59 addr_server.sin_addr.S_un.S_addr = inet_addr(SERVER_IP);
60 addr_server.sin_port = htons (SERVER_PORT);
61
62 ret = connect(client_socket, (struct sockaddr*) &addr_server, sizeof(addr_server));
63 if( client_socket == SOCKET_ERROR ) {
64 std::cout<<"connect error."<<std::endl;
65 return -1;
66 }
67
68 /////////////////////////////////////
69 // TCP鏈接已經創建,執行Client SSL //
70 /////////////////////////////////////
71 SSL* ssl;
72 X509* server_certificate;
73 char* str;
74
75 ssl = SSL_new (ctx);
76 if( ssl == NULL ) {
77 std::cout<<"SSL_new error."<<std::endl;
78 return -1;
79 }
80 SSL_set_fd (ssl, client_socket);
81 ret = SSL_connect (ssl);
82 if( ret == -1 ) {
83 std::cout<<"SSL_accept error."<<std::endl;
84 return -1;
85 }
86
87 // 接下來的獲取密碼和獲取服務器端證書的兩部是可選的,不會影響數據交換
88
89 // 獲取cipher
90 std::cout<<"SSL connection using: "<<SSL_get_cipher(ssl)<<std::endl;
91
92 // 獲取服務器端的證書
93 server_certificate = SSL_get_peer_certificate (ssl);
94 if( server_certificate != NULL ) {
95 std::cout<<"Server certificate:"<<std::endl;
96
97 str = X509_NAME_oneline (X509_get_subject_name (server_certificate),0,0);
98 if( str == NULL ) {
99 std::cout<<"X509_NAME_oneline error."<<std::endl;
100 } else {
101 std::cout<<"subject: "<<str<<std::endl;
102 OPENSSL_free (str);
103 }
104
105 str = X509_NAME_oneline (X509_get_issuer_name (server_certificate),0,0);
106 if( str == NULL ) {
107 std::cout<<"X509_NAME_oneline error."<<std::endl;
108 } else {
109 std::cout<<"issuer: "<<str<<std::endl;
110 OPENSSL_free (str);
111 }
112
113 X509_free (server_certificate);
114 } else {
115 std::cout<<"Server does not have certificate. we sould Esc!"<<std::endl;
116 return -1;
117 }
118
119 ////////////////
120 // 數據交換 //
121 ////////////////
122 char buf [4096];
123
124 ret = SSL_write (ssl, "Hello World!", strlen("Hello World!"));
125 if( ret == -1 ) {
126 std::cout<<"SSL_write error."<<std::endl;
127 return -1;
128 }
129 ret = SSL_read (ssl, buf, sizeof(buf) - 1);
130 if( ret == -1 ) {
131 std::cout<<"SSL_read error."<<std::endl;
132 return -1;
133 }
134 buf[ret] = '\0';
135 std::cout<<buf<<std::endl;
136 SSL_shutdown(ssl); /* send SSL/TLS close_notify */
137
138 /////////////
139 // Cleanup //
140 /////////////
141 closesocket(client_socket);
142 SSL_free (ssl);
143 SSL_CTX_free (ctx);
144 WSACleanup();
145 return 0;
146}
#include <openssl/rsa.h>
/* SSLeay stuff */2
#include <openssl/crypto.h>3
#include <openssl/x509.h>4
#include <openssl/pem.h>5
#include <openssl/ssl.h>6
#include <openssl/err.h>7
8
9
#include <iostream>10
#include <winsock2.h>11
12
#define SERVER_IP "127.0.0.1"13
#define SERVER_PORT 500314
15
#pragma comment( lib, "ws2_32.lib" )16
#pragma comment( lib, "libeay32.lib" )17
#pragma comment( lib, "ssleay32.lib" )18
19
20
int main( int argc, char* argv[] ) {21
int ret;22
////////////23
// 初始化 //24
////////////25
SSL_CTX* ctx;26
SSL_METHOD *meth;27
28
SSL_load_error_strings();29
SSLeay_add_ssl_algorithms();30
meth = SSLv23_client_method();31
32
ctx = SSL_CTX_new (meth);33
if (!ctx) {34
ERR_print_errors_fp(stderr);35
std::cout<<"SSL_CTX_new error."<<std::endl;36
return -1;37
}38
39
///////////////////////40
// 創建原始的TCP鏈接 //41
///////////////////////42
WSADATA wsaData;43
SOCKET client_socket;44
struct sockaddr_in addr_server;45
46
ret = WSAStartup( MAKEWORD(2, 2), &wsaData );47
if ( ret != 0 ) {48
std::cout<<"WSAStartup error."<<std::endl;49
return -1;50
}51
client_socket = socket (AF_INET, SOCK_STREAM, 0); 52
if( client_socket == INVALID_SOCKET ) {53
std::cout<<"socket error."<<std::endl;54
return -1;55
}56
57
memset (&addr_server, 0, sizeof(addr_server));58
addr_server.sin_family = AF_INET;59
addr_server.sin_addr.S_un.S_addr = inet_addr(SERVER_IP);60
addr_server.sin_port = htons (SERVER_PORT);61
62
ret = connect(client_socket, (struct sockaddr*) &addr_server, sizeof(addr_server)); 63
if( client_socket == SOCKET_ERROR ) {64
std::cout<<"connect error."<<std::endl;65
return -1;66
}67
68
/////////////////////////////////////69
// TCP鏈接已經創建,執行Client SSL //70
/////////////////////////////////////71
SSL* ssl;72
X509* server_certificate;73
char* str;74
75
ssl = SSL_new (ctx); 76
if( ssl == NULL ) {77
std::cout<<"SSL_new error."<<std::endl;78
return -1;79
} 80
SSL_set_fd (ssl, client_socket);81
ret = SSL_connect (ssl); 82
if( ret == -1 ) {83
std::cout<<"SSL_accept error."<<std::endl;84
return -1;85
}86
87
// 接下來的獲取密碼和獲取服務器端證書的兩部是可選的,不會影響數據交換88
89
// 獲取cipher90
std::cout<<"SSL connection using: "<<SSL_get_cipher(ssl)<<std::endl;91
92
// 獲取服務器端的證書93
server_certificate = SSL_get_peer_certificate (ssl); 94
if( server_certificate != NULL ) {95
std::cout<<"Server certificate:"<<std::endl;96
97
str = X509_NAME_oneline (X509_get_subject_name (server_certificate),0,0);98
if( str == NULL ) {99
std::cout<<"X509_NAME_oneline error."<<std::endl;100
} else {101
std::cout<<"subject: "<<str<<std::endl;102
OPENSSL_free (str);103
}104
105
str = X509_NAME_oneline (X509_get_issuer_name (server_certificate),0,0);106
if( str == NULL ) {107
std::cout<<"X509_NAME_oneline error."<<std::endl;108
} else {109
std::cout<<"issuer: "<<str<<std::endl;110
OPENSSL_free (str);111
}112
113
X509_free (server_certificate);114
} else {115
std::cout<<"Server does not have certificate. we sould Esc!"<<std::endl;116
return -1;117
}118
119
////////////////120
// 數據交換 //121
////////////////122
char buf [4096];123
124
ret = SSL_write (ssl, "Hello World!", strlen("Hello World!")); 125
if( ret == -1 ) {126
std::cout<<"SSL_write error."<<std::endl;127
return -1;128
}129
ret = SSL_read (ssl, buf, sizeof(buf) - 1); 130
if( ret == -1 ) {131
std::cout<<"SSL_read error."<<std::endl;132
return -1;133
}134
buf[ret] = '\0';135
std::cout<<buf<<std::endl;136
SSL_shutdown(ssl); /* send SSL/TLS close_notify */137
138
/////////////139
// Cleanup //140
/////////////141
closesocket(client_socket);142
SSL_free (ssl);143
SSL_CTX_free (ctx);144
WSACleanup();145
return 0;146
}
最後的輸出結果:
Server-Console:
Connection from 16777343:20314
SSL connection using: AES256-SHA
Client does not have certificate.
Hello World!
Client-Console:
SSL connection using: AES256-SHA
Server certificate:
subject: /C=cn/ST=shanghai/L=shanghai/O=shanghai/OU=shanghai/CN=shanghai/emailAd
dress=ysong.lee@gmail.com
issuer: /C=cn/ST=shanghai/L=shanghai/O=shanghai/OU=shanghai/CN=shanghai/emailAdd
ress=ysong.lee@gmail.com
I hear you.socket
相關文章
- 1. openssl編程easy demo
- 2. Openssl使用
- 3. OpenSSL 使用 RSA
- 4. OpenSSL的使用
- 5. python:使用OpenSSL
- 6. SSL及OpenSSL使用
- 7. 轉 C# 使用openssl
- 8. openssl命令使用
- 9. OpenSSL使用小結
- 10. OpenSSL使用指南
- 更多相關文章...
- • TortoiseSVN 使用教程 - SVN 教程
- • Docker 容器使用 - Docker教程
- • Composer 安裝與使用
- • 使用Rxjava計算圓周率
相關標籤/搜索
每日一句
-
每一个你不满意的现在,都有一个你没有努力的曾经。
最新文章
- 1. 字節跳動21屆秋招運營兩輪面試經驗分享
- 2. Java 3 年,25K 多嗎?
- 3. mysql安裝部署
- 4. web前端開發中父鏈和子鏈方式實現通信
- 5. 3.1.6 spark體系之分佈式計算-scala編程-scala中trait特性
- 6. dataframe2
- 7. ThinkFree在線
- 8. 在線畫圖
- 9. devtools熱部署
- 10. 編譯和鏈接
歡迎關注本站公眾號,獲取更多信息
相關文章
- 1. openssl編程easy demo
- 2. Openssl使用
- 3. OpenSSL 使用 RSA
- 4. OpenSSL的使用
- 5. python:使用OpenSSL
- 6. SSL及OpenSSL使用
- 7. 轉 C# 使用openssl
- 8. openssl命令使用
- 9. OpenSSL使用小結
- 10. OpenSSL使用指南