openssl 调用实例
来源:互联网 发布:如何建立二维码数据库 编辑:程序博客网 时间:2024/06/13 06:05
openssl C/C++ SSL安全套接层SOCKET示例,各个API功能详见OPENSSL官方文档。
客户端:
/* g++ -o client ssl_client.cpp -lssl -lcrypt */#include <stdio.h>#include <string.h>#include <sys/socket.h>#include <sys/types.h>#include <netinet/in.h>#include <arpa/inet.h>#include <unistd.h>// openssl header file#include <openssl/x509.h>#include <openssl/ssl.h>//#include <openssl/srtp.h>#define CA_CERT"cacert.pem"#define CLIENT_KEY"clientkey.pem"#define CLIENT_CERT"clientcert.pem"#define SERVER_IP"127.0.0.1"#define SERVER_PORT12345#define RET_IF_EQ(key,val,ret,msg){\ if(key == val){\ fprintf(stderr,"%s failed.\n",msg);\return ret;\ }else{\fprintf(stderr,"%s success.\n",msg);\ }\}#define RET_IF_LT(key,val,ret,msg){\ if(key < val){\ fprintf(stderr,"%s failed.\n",msg);\ return ret;\ }else{\ fprintf(stderr,"%s success.\n",msg);\ }\}int ssl_init(SSL_CTX **ctx,char *pass){ int ret = 0; OpenSSL_add_ssl_algorithms(); const SSL_METHOD *meth = SSLv23_client_method(); *ctx = SSL_CTX_new(meth); RET_IF_EQ(*ctx,NULL,-1,"SSL_CTX_new()"); SSL_CTX_set_verify(*ctx,SSL_VERIFY_PEER,NULL);// set verify SSL_CTX_load_verify_locations(*ctx,CA_CERT,NULL); //load ca cert ret = SSL_CTX_use_certificate_file(*ctx,CLIENT_CERT,SSL_FILETYPE_PEM); RET_IF_LT(ret,1,-1,"SSL_CTX_use_certificate_file()"); (*ctx)->default_passwd_callback_userdata = pass; ret = SSL_CTX_use_PrivateKey_file(*ctx,CLIENT_KEY,SSL_FILETYPE_PEM); RET_IF_LT(ret,1,-1,"SSL_CTX_use_PrivateKey_file()"); ret = SSL_CTX_check_private_key(*ctx); RET_IF_EQ(ret,0,-1,"SSL_CTX_check_private_key()"); return 0; }int ssl_destroy(SSL_CTX **ctx){ int ret = 0; SSL_CTX_free(*ctx); *ctx = NULL; return ret;}int ssl_connect(char *ip,int port,int *fd,SSL **ssl,SSL_CTX *ctx){ int ret = 0; *fd = socket(AF_INET,SOCK_STREAM,0); RET_IF_LT(*fd,0,-1,"init_socket()"); struct sockaddr_in sa; memset(&sa,0,sizeof(sa)); sa.sin_family = AF_INET; sa.sin_addr.s_addr = inet_addr(ip); sa.sin_port = htons(port); ret = connect(*fd,(struct sockaddr*)&sa,sizeof(sa)); RET_IF_LT(ret,0,-1,"connect()"); *ssl = SSL_new(ctx); RET_IF_EQ(*ssl,NULL,-1,"SSL_new"); SSL_set_fd(*ssl,*fd); ret = SSL_connect(*ssl); RET_IF_LT(ret,0,-1,"SSL_connect()"); X509 *server_cert = SSL_get_peer_certificate(*ssl); RET_IF_EQ(server_cert,NULL,-1,"SSL_get_peer_certificate()"); char *str = X509_NAME_oneline(X509_get_subject_name(server_cert),0,0); fprintf(stderr,"subject:[%s]\n",str); free(str); str = X509_NAME_oneline(X509_get_issuer_name(server_cert),0,0); fprintf(stderr,"issuer:[%s]\n",str); free(str); X509_free(server_cert); return 0;}int ssl_disconnect(SSL *ssl,int fd){ SSL_shutdown(ssl); close(fd); SSL_free(ssl); return 0;}int main(){ int ret = 0; SSL_CTX *ctx = NULL; SSL_METHOD *meth = NULL; SSL *ssl = NULL; int fd = 0; char ip[] = "127.0.0.1"; int port = 12345; char pass[] = "abc123"; ssl_init(&ctx,pass); ssl_connect(ip,port,&fd,&ssl,ctx); int i = 0; char buf[1025]; for(i=0;i<10;i++){memset(buf,0,1025);snprintf(buf,1024,"ssl test send message index:[%d]",i);ret = SSL_write(ssl,buf,strlen(buf));fprintf(stderr,"send ret:[%d] msg:[%s]\n",ret,buf);memset(buf,0,1025);ret = SSL_read(ssl,buf,1024);if(ret < 1){ break;}fprintf(stderr,"recv ret:[%d] msg:[%s]\n",ret,buf); } ssl_disconnect(ssl,fd); ssl_destroy(&ctx); return ret;}
服务端:
/* g++ -o server ssl_server.cpp -lssl -lcrypt */#include <stdio.h>#include <string.h>#include <sys/socket.h>#include <sys/types.h>#include <netinet/in.h>#include <arpa/inet.h>#include <unistd.h>// openssl header file#include <openssl/x509.h>#include <openssl/ssl.h>#define CA_CERT"cacert.pem"#define CLIENT_KEY"serverkey.pem"#define CLIENT_CERT"servercert.pem"#define SERVER_IP"127.0.0.1"#define SERVER_PORT12345#define RET_IF_EQ(key,val,ret,msg){\ if(key == val){\ fprintf(stderr,"%s failed.\n",msg);\return ret;\ }else{\fprintf(stderr,"%s success.\n",msg);\ }\}#define RET_IF_LT(key,val,ret,msg){\ if(key < val){\ fprintf(stderr,"%s failed.\n",msg);\ return ret;\ }else{\ fprintf(stderr,"%s success.\n",msg);\ }\}int ssl_init(SSL_CTX **ctx,char *pass){ int ret = 0; OpenSSL_add_ssl_algorithms(); const SSL_METHOD *meth = SSLv23_server_method(); *ctx = SSL_CTX_new(meth); RET_IF_EQ(*ctx,NULL,-1,"SSL_CTX_new()"); SSL_CTX_set_verify(*ctx,SSL_VERIFY_PEER,NULL);// set verify SSL_CTX_load_verify_locations(*ctx,CA_CERT,NULL); //load ca cert ret = SSL_CTX_use_certificate_file(*ctx,CLIENT_CERT,SSL_FILETYPE_PEM); RET_IF_LT(ret,1,-1,"SSL_CTX_use_certificate_file()"); (*ctx)->default_passwd_callback_userdata = pass; ret = SSL_CTX_use_PrivateKey_file(*ctx,CLIENT_KEY,SSL_FILETYPE_PEM); RET_IF_LT(ret,1,-1,"SSL_CTX_use_PrivateKey_file()"); ret = SSL_CTX_check_private_key(*ctx); RET_IF_EQ(ret,0,-1,"SSL_CTX_check_private_key()"); return 0; }int ssl_destroy(SSL_CTX **ctx){ int ret = 0; SSL_CTX_free(*ctx); *ctx = NULL; return ret;}int server_init(char *ip,int port,int *fd){ int ret = 0; *fd = socket(AF_INET,SOCK_STREAM,0); RET_IF_LT(*fd,0,-1,"init_sock()"); struct sockaddr_in serv_sa; memset(&serv_sa,0,sizeof(serv_sa)); serv_sa.sin_family = AF_INET; serv_sa.sin_addr.s_addr = INADDR_ANY; serv_sa.sin_port = htons(port); ret = bind(*fd,(struct sockaddr*)&serv_sa,sizeof(serv_sa)); RET_IF_LT(ret,0,-1,"bind()"); ret = listen(*fd,5); RET_IF_LT(ret,0,-1,"listen()"); return ret;}int server_destroy(int fd){ close(fd); return 0;}int ssl_accept(int listen_fd,int *fd,SSL **ssl,SSL_CTX *ctx){ int ret = 0; struct sockaddr_in sa; memset(&sa,0,sizeof(sa)); socklen_t cli_len = sizeof(sa); *fd = accept(listen_fd,(struct sockaddr*)&sa,&cli_len); RET_IF_LT(*fd,0,-1,"accept()"); //fprintf(stderr,"accept client fd:[%d] ip:[%s] port:[%d]\n",*fd,sa.sin_addr.s_addr,sa.sin_port); *ssl = SSL_new(ctx); RET_IF_EQ(*ssl,NULL,-1,"SSL_new"); SSL_set_fd(*ssl,*fd); ret = SSL_accept(*ssl); RET_IF_LT(ret,0,-1,"SSL_connect()"); X509 *server_cert = SSL_get_peer_certificate(*ssl); RET_IF_EQ(server_cert,NULL,-1,"SSL_get_peer_certificate()"); char *str = X509_NAME_oneline(X509_get_subject_name(server_cert),0,0); fprintf(stderr,"subject:[%s]\n",str); free(str); str = X509_NAME_oneline(X509_get_issuer_name(server_cert),0,0); fprintf(stderr,"issuer:[%s]\n",str); free(str); X509_free(server_cert); return 0;}int ssl_disconnect(SSL *ssl,int fd){ SSL_shutdown(ssl); close(fd); SSL_free(ssl); return 0;}int main(){ int ret = 0; SSL_CTX *ctx = NULL; SSL *ssl = NULL; int listen_fd=0,fd = 0; char ip[] = "127.0.0.1"; int port = 12345; char pass[] = "abc123"; ssl_init(&ctx,pass); server_init(ip,port,&listen_fd); int i =0; while(1){ssl_accept(listen_fd,&fd,&ssl,ctx);i=0; while(1){ char buf[1025]; memset(buf,0,1025); ret = SSL_read(ssl,buf,1024); fprintf(stderr,"recv ret:[%d] msg:[%s]\n",ret,buf); if(ret < 1) break; memset(buf,0,1025); snprintf(buf,1024,"server ssl test send message index:[%d]",i); ret = SSL_write(ssl,buf,strlen(buf)); fprintf(stderr,"send ret:[%d] msg:[%s]\n",ret,buf); i++;}ssl_disconnect(ssl,fd); } ssl_destroy(&ctx); server_destroy(listen_fd); return ret;}
0 0
- openssl 调用实例
- openssl实例
- openssl多线程实例
- openssl多线程实例
- openssl多线程实例
- openssl多线程实例
- openssl使用实例
- openssl调用静态库
- windows 命令行调用openssl
- Android OpenSSL分析及实例
- OpenSSL证书制作及实例
- 调用Openssl中的MD5库
- 调用Openssl中的SHA1库
- Windows下使用java调用OpenSSL(无需安装OpenSSL)
- 用openssl编写ssl,tls程序实例
- [网络编程]Win32 Socket+OpenSSL实例
- 用openssl编写ssl,tls程序实例
- openssl AES 加密算法及代码实例
- Cocos3.4 横版游戏制作-《KillBear》-边缘检测 地图滚动
- 使用jsPlumb制作流程图设计器
- 杂谈---NO.1
- 利用Nginx做反向代理的负载均衡配置
- [LeetCode] Evaluate Reverse Polish Notation
- openssl 调用实例
- quartz定时器导致内存溢出
- Super Parsing——基于Super Pixel 的非参数图像理解
- appcompat_v7文件无法自动创建出来
- epoll在LT和ET模式下的读写方式
- 将win7电脑变身WiFi热点,让手机、笔记本共享上网
- CSDN百度百科简介
- [LUA]几个简单的luajava使用例子
- Application类的详细介绍