473,400 Members | 2,145 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > c / c++ > questions > openssl c++; problem with certificates

Join Bytes to post your question to a community of 473,400 software developers and data experts.

OpenSSL C++; Problem with Certificates

2
Explanation:
I wrote a simple openssl server using code from basic examples. I tried it out with several browsers like firefox, opera, ie and safari. With firefox i get the certificate and then the html site. But with the other browsers I got either no html page at all or got the site just after loading the browser twice. I dont know if the problem are the certificates or the c++ code.

Platform / OS / Version:
IDE: embeddedVisualC++
Platform: Windows CE 5.0

Key Generation
openssl genrsa -out server-key.pem 1024
openssl req -new -x509 -key server-key.pem -out cert.pem -days 365

Sourcecode
Expand|Select|Wrap|Line Numbers
  1. SSLServer::SSLServer(char *cFile, char *kFile, int port) {
  2.  
  3.   PORT = port;
  4.   SSL_library_init();
  5.   CreateCTX();
  6.   LoadCerts(cFile, kFile);
  7.  
  8.   // Get the server started.
  9.   BindPort();
  10.   CheckClients();
  11. }
  12.  
  13. void SSLServer::CheckClients() {
  14.     //Auf Verbindung warten und Client Socket zuweisen
  15.     printf ("Auf Verbindung warten........................");
  16.     clientSocket=accept(serverSocket,NULL,NULL);
  17.     if(clientSocket==INVALID_SOCKET){
  18.         printf ("FEHLER\n");
  19.     }else{
  20.         printf("OK\n");
  21.     }
  22.  
  23.     SSL *ssl;                            // Zeiger auf SSL Objekt
  24.     ssl = SSL_new(ctx);                    // Objekt erstellen mit Kontext aus CreateCTX()
  25.     SSL_set_fd(ssl, clientSocket);        // ssl objekt mit file descriptor verbinden
  26.     //int fd = SSL_get_fd(ssl);            // gibt den file descriptor zurück, welcher mit dem SSL objekt verbunden ist.
  27.  
  28.     if(SSL_accept(ssl) == -1) {
  29.         printf("Fehler ssl accept\n");
  30.     }else{
  31.         printf("Ok bei ssl accept\n");
  32.  
  33.         // Beschreibung der Verschlüsselung. Nur zu Informationszwecken.
  34.         char cipdesc[128];
  35.         SSL_CIPHER *sslciph = SSL_get_current_cipher(ssl);             
  36.         SSL_CIPHER_description(sslciph, cipdesc, sizeof(cipdesc));    
  37.         printf("Descr: %s\n", cipdesc);
  38.  
  39.         char buff[1024];
  40.         // Wait for data to be sent.
  41.         int bytes = SSL_read(ssl, buff, sizeof(buff));
  42.         buff[bytes] = '\0';
  43.  
  44.         // Show the browser request.
  45.         printf("recv: %s\n", buff);
  46.  
  47.         // Send the html reply.
  48.         SSL_write(ssl, REPLY, strlen(REPLY));
  49.  
  50.     }
  51.      // Tell the client we are closing the connection.
  52.     SSL_shutdown(ssl);
  53.  
  54.     // We do not wait for a reply, just clear everything.
  55.     SSL_free(ssl);
  56. }
  57.  
  58. void SSLServer::BindPort(void) {
  59.     //ServerSocket erstellen
  60.     printf ("Erstelle ServerSocket.......................");
  61.     serverSocket = socket(AF_INET,SOCK_STREAM,0);
  62.     if(serverSocket == INVALID_SOCKET){
  63.         printf ("FEHLER\n");
  64.     }else{
  65.         printf ("OK\n");
  66.     }
  67.  
  68.     //ServerSocket binden
  69.     printf ("Binde ServerSocket...........................");
  70.     memset(&addr,0,sizeof(SOCKADDR_IN));
  71.     addr.sin_family=AF_INET;
  72.     addr.sin_port=htons(PORT);
  73.     addr.sin_addr.s_addr=ADDR_ANY;
  74.  
  75.     long rc;
  76.     rc=bind(serverSocket,(SOCKADDR*)&addr,sizeof(SOCKADDR_IN));
  77.  
  78.     if(rc == SOCKET_ERROR){
  79.         printf ("FEHLER\n");
  80.     }else{
  81.         printf ("OK\n");
  82.     }
  83.  
  84.     //ServerSocket in listenmodus
  85.     printf ("Setze ServerSocket in listenmodus............");
  86.     rc=listen(serverSocket,backlog);
  87.     if(rc==SOCKET_ERROR){
  88.         printf ("FEHLER\n");
  89.     }else{
  90.         printf ("OK\n");
  91.     }
  92.  
  93. }
  94.  
  95. void SSLServer::CreateCTX(void) {
  96.     printf("Create CTX\n");
  97.   // The method describes which SSL protocol we will be using.
  98.   SSL_METHOD *method;
  99.  
  100.   // Load algorithms and error strings.
  101.   OpenSSL_add_all_algorithms();
  102.   SSL_load_error_strings();
  103.  
  104.   // Compatible with SSLv2, SSLv3 and TLSv1
  105.   method = SSLv23_server_method();
  106.  
  107.   // Create new context from method.
  108.   ctx = SSL_CTX_new(method);
  109.   if(ctx == NULL) {
  110.     ERR_print_errors_fp(stderr);
  111.     _exit(1);
  112.   }
  113. }
  114.  
  115. /* Load the certification files, ie the public and private keys. */
  116. void SSLServer::LoadCerts(char *cFile, char *kFile) {
  117.     printf("Load Certs\n");
  118.   if ( SSL_CTX_use_certificate_chain_file(ctx, cFile) <= 0) {
  119.     ERR_print_errors_fp(stderr);
  120.     _exit(1);
  121.   }
  122.   if ( SSL_CTX_use_PrivateKey_file(ctx, kFile, SSL_FILETYPE_PEM) <= 0) {
  123.     ERR_print_errors_fp(stderr);
  124.     _exit(1);
  125.   }
  126.  
  127.   // Verify that the two keys goto together.
  128.   if ( !SSL_CTX_check_private_key(ctx) ) {
  129.     fprintf(stderr, "Private key is invalid.\n");
  130.     _exit(1);
  131.   }
  132. }
  133.  
  134.  
Hope someone could help. Its very importand for me cause its for a school project.
Thanks
Nov 13 '07 #1
1 4912
pawnee
2
I've reduced the code to the part where the problem probably appears.

Expand|Select|Wrap|Line Numbers
  1.  
  2.  
  3. SSL *ssl;                            // Zeiger auf SSL Objekt
  4.  
  5. ssl = SSL_new(ctx);                    // Objekt erstellen mit Kontext aus CreateCTX()
  6.  
  7. SSL_set_fd(ssl, clientSocket);        // ssl objekt mit file descriptor verbinden
  8.  
  9.  
  10.  
  11.  
  12.  
  13. if(SSL_accept(ssl) == -1) {
  14.  
  15.     printf("Fehler ssl accept\n");
  16.  
  17. }else{
  18.  
  19.     printf("Ok bei ssl accept\n");
  20.  
  21.  
  22.  
  23.     char buff[1024];
  24.  
  25.     // Wait for data to be sent.
  26.  
  27.     int bytes = SSL_read(ssl, buff, sizeof(buff));
  28.  
  29.     buff[bytes] = '\0';
  30.  
  31.  
  32.  
  33.     // Send the html reply.
  34.  
  35.     SSL_write(ssl, REPLY, strlen(REPLY));
  36.  
  37.  
  38.  
  39.      // Tell the client we are closing the connection.
  40.  
  41.     SSL_shutdown(ssl);
  42.  
  43.  
  44.  
  45.     // We do not wait for a reply, just clear everything.
  46.  
  47.     SSL_free(ssl);
  48.  
  49. }
  50.  
  51.  
  52.  
The code terminates correctly, but with the internet explorer i got no content in the receive (SSL_read).
Nov 14 '07 #2

Sign in to post your reply or Sign up for a free account.

Similar topics

0
Enabling (PHP5) OpenSSL extensions when signing a certificate
by: User1001 | last post by:
I have been trying to enable/use specific OpenSSL extensions that I use in generating certificates manually, via PHP5 + php5-openssl module/extension. Filling out the "configargs" array with...
PHP
2
Two build problems - openssl and plperl on RedHat
by: Christopher Murtagh | last post by:
Greetings, I'm trying to build 7.3.4 and I've come across two problems, one during the configure and the other afterward. Problem 1) Trying to build with openssl support gives this: ...
PostgreSQL Database
17
PLEASE HELP - How do I include OpenSSL in my code?
by: cpptutor2000 | last post by:
Could some C guru please help me? I have a simple piece of code as: #include <stdio.h> #include <stdlib.h> #include <openssl/rand.h> int main(){ unsigned char temp; RAND_bytes(temp, 4);
C / C++
0
NCrypt 0.6.4 - wrapper for OpenSSL
by: K.S.Sreeram | last post by:
NCrypt 0.6.4 (http://tachyon.in/ncrypt/) NCrypt is a wrapper for OpenSSL built using Pyrex. Although this is the first public release, NCrypt has been under development for the last one year,...
Python
1
trouble configuring php with openssl
by: laredotornado | last post by:
Hello, I downloaded PHP 4.4.4 and am trying to install for Apache 2 on Fedora Core 5. However when trying to configure with openssl, I get this error, configure: error: Cannot find...
PHP
4
OpenSSL Server and Client Problems
by: Patrick | last post by:
Hello, I'm currently trying the OpenSSL Library, but I got some problems. I want to create a server and client application that communicate through the OpenSSL API, but this code doesn't work. I...
C / C++
0
OpenSSL and Outlook Certificates
by: szsoft | last post by:
Hello, I have the following problem: If I build a X.509 v3 Certificate for Using in OutlookXP (Encryption and Sign), I can only sign my messages but I can't encrypt it. OutlookXP tell me that...
Microsoft Windows
5
openssl extension not loading (need to open https stream)
by: Chuck Anderson | last post by:
I run Apache 2.0.55, and Php (both 4.4.1 and 5.2.5) on my home PC (Windows XP). One of the scripts that I run daily needs to access a secure URL (https://..............). When I am running Php4,...
PHP
4
OpenSSL projects in VC2008
by: Tan | last post by:
Hi folk, I'm trying to install latest OpenSSL version in VS2008 Express Edition on WinXP. I have downloaded and installed the redistributable for VC+ +2008 (including SP1), and also installed...
.NET Framework
0
How to turn on java script in a villaon keypad mobile phone
by: Charles Arthur | last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
Java
0
BarryA
Navigating the Data Structures and Algorithms (DSA)
by: BarryA | last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
Algorithms / Advanced Math
1
Looking to do Android software development, any suggestions? Is flutter better?
by: nemocccc | last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
General
1
Is that possible of reading the .csv file in column wise and the column have different lengths ?
by: Sonnysonu | last post by:
This is the data of csv file 1 2 3 1 2 3 1 2 3 1 2 3 2 3 2 3 3 the lengths should be different i have to store the data by column-wise with in the specific length. suppose the i have to...
C / C++
0
How to build RAID in BIOS?
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
Computer Hardware
0
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
General
0
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
C / C++
0
The easy way to turn off automatic updates for Windows 10/11
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
Windows Server
0
tracyyun
Discussion: How does Zigbee compare with other wireless protocols in smart home applications?
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
General

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!