SSL(四)
来源:互联网 发布:ios 判断网络是否可用 编辑:程序博客网 时间:2024/04/30 01:24
客户端代码如下:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
#include <stdio.h>
#include <errno.h>
#include <unistd.h>
#include <malloc.h>
#include <string.h>
#include <sys/socket.h>
#include <resolv.h>
#include <netdb.h>
#include <openssl/ssl.h>
#include <openssl/err.h>
#define FAIL -1
int
OpenConnection(
const
char
*hostname,
int
port)
{
int
sd;
struct
hostent *host;
struct
sockaddr_in addr;
if
( (host = gethostbyname(hostname)) == NULL )
{
printf
(
'Eroor: %s\n'
,hostname);
perror
(hostname);
abort
();
}
sd = socket(PF_INET, SOCK_STREAM, 0);
bzero(&addr,
sizeof
(addr));
addr.sin_family = AF_INET;
addr.sin_port = htons(port);
addr.sin_addr.s_addr = *(
long
*)(host->h_addr);
if
( connect(sd, (
struct
sockaddr*)&addr,
sizeof
(addr)) != 0 )
{
close(sd);
perror
(hostname);
abort
();
}
return
sd;
}
SSL_CTX* InitCTX(
void
)
{ SSL_METHOD *method;
SSL_CTX *ctx;
OpenSSL_add_all_algorithms();
/* Load cryptos, et.al. */
SSL_load_error_strings();
/* Bring in and register error messages */
method = SSLv2_client_method();
/* Create new client-method instance */
ctx = SSL_CTX_new(method);
/* Create new context */
if
( ctx == NULL )
{
ERR_print_errors_fp(stderr);
printf
(
'Eroor: %s\n'
,stderr);
abort
();
}
return
ctx;
}
void
ShowCerts(SSL* ssl)
{ X509 *cert;
char
*line;
cert = SSL_get_peer_certificate(ssl);
/* get the server's certificate */
if
( cert != NULL )
{
printf
(
"Server certificates:\n"
);
line = X509_NAME_oneline(X509_get_subject_name(cert), 0, 0);
printf
(
"Subject: %s\n"
, line);
free
(line);
/* free the malloc'ed string */
line = X509_NAME_oneline(X509_get_issuer_name(cert), 0, 0);
printf
(
"Issuer: %s\n"
, line);
free
(line);
/* free the malloc'ed string */
X509_free(cert);
/* free the malloc'ed certificate copy */
}
else
printf
(
"No certificates.\n"
);
}
int
main(
int
count,
char
*strings[])
{ SSL_CTX *ctx;
int
server;
SSL *ssl;
char
buf[1024];
int
bytes;
char
*hostname, *portnum;
if
( count != 3 )
{
printf
(
"usage: %s <hostname> <portnum>\n"
, strings[0]);
exit
(0);
}
SSL_library_init();
hostname=strings[1];
portnum=strings[2];
ctx = InitCTX();
server = OpenConnection(hostname,
atoi
(portnum));
ssl = SSL_new(ctx);
/* create new SSL connection state */
SSL_set_fd(ssl, server);
/* attach the socket descriptor */
if
( SSL_connect(ssl) == FAIL )
/* perform the connection */
{
printf
(
'Eroor: %s\n'
,stderr);
ERR_print_errors_fp(stderr);
}
else
{
char
*msg =
"HelloWorld"
;
printf
(
"Connected with %s encryption\n"
, SSL_get_cipher(ssl));
ShowCerts(ssl);
/* get any certs */
SSL_write(ssl, msg,
strlen
(msg));
/* encrypt & send message */
bytes = SSL_read(ssl, buf,
sizeof
(buf));
/* get reply & decrypt */
buf[bytes] = 0;
printf
(
"Received: \"%s\"\n"
, buf);
SSL_free(ssl);
/* release connection state */
}
close(server);
/* close socket */
SSL_CTX_free(ctx);
/* release context */
return
0;
}
服务端代码如下:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
#include <errno.h>
#include <unistd.h>
#include <malloc.h>
#include <string.h>
#include <arpa/inet.h>
#include <sys/socket.h>
#include <sys/types.h>
#include <netinet/in.h>
#include <resolv.h>
#include "openssl/ssl.h"
#include "openssl/err.h"
#define FAIL -1
using
namespace
std;
int
OpenListener(
int
port)
{
int
sd;
struct
sockaddr_in addr;
sd = socket(PF_INET, SOCK_STREAM, 0);
bzero(&addr,
sizeof
(addr));
addr.sin_family = AF_INET;
addr.sin_port = htons(port);
addr.sin_addr.s_addr = INADDR_ANY;
if
( bind(sd, (
struct
sockaddr*)&addr,
sizeof
(addr)) != 0 )
{
perror
(
"can't bind port"
);
abort
();
}
if
( listen(sd, 10) != 0 )
{
perror
(
"Can't configure listening port"
);
abort
();
}
return
sd;
}
SSL_CTX* InitServerCTX(
void
)
{
SSL_CTX *ctx = NULL;
#if OPENSSL_VERSION_NUMBER >= 0x10000000L
const
SSL_METHOD *method;
#else
SSL_METHOD *method;
#endif
SSL_library_init();
OpenSSL_add_all_algorithms();
/* load & register all cryptos, etc. */
SSL_load_error_strings();
/* load all error messages */
method = SSLv23_client_method();
/* create new server-method instance */
ctx = SSL_CTX_new(method);
/* create new context from method */
if
( ctx == NULL )
{
ERR_print_errors_fp(stderr);
abort
();
}
return
ctx;
}
void
LoadCertificates(SSL_CTX* ctx,
char
* CertFile,
char
* KeyFile)
{
//New lines
if
(SSL_CTX_load_verify_locations(ctx, CertFile, KeyFile) != 1)
ERR_print_errors_fp(stderr);
if
(SSL_CTX_set_default_verify_paths(ctx) != 1)
ERR_print_errors_fp(stderr);
//End new lines
/* set the local certificate from CertFile */
if
( SSL_CTX_use_certificate_file(ctx, CertFile, SSL_FILETYPE_PEM) <= 0 )
{
ERR_print_errors_fp(stderr);
abort
();
}
/* set the private key from KeyFile (may be the same as CertFile) */
if
( SSL_CTX_use_PrivateKey_file(ctx, KeyFile, SSL_FILETYPE_PEM) <= 0 )
{
ERR_print_errors_fp(stderr);
abort
();
}
/* verify private key */
if
( !SSL_CTX_check_private_key(ctx) )
{
fprintf
(stderr,
"Private key does not match the public certificate\n"
);
abort
();
}
printf
(
"LoadCertificates Compleate Successfully.....\n"
);
}
void
ShowCerts(SSL* ssl)
{ X509 *cert;
char
*line;
cert = SSL_get_peer_certificate(ssl);
/* Get certificates (if available) */
if
( cert != NULL )
{
printf
(
"Server certificates:\n"
);
line = X509_NAME_oneline(X509_get_subject_name(cert), 0, 0);
printf
(
"Subject: %s\n"
, line);
free
(line);
line = X509_NAME_oneline(X509_get_issuer_name(cert), 0, 0);
printf
(
"Issuer: %s\n"
, line);
free
(line);
X509_free(cert);
}
else
printf
(
"No certificates.\n"
);
}
void
Servlet(SSL* ssl)
/* Serve the connection -- threadable */
{
char
buf[1024];
char
reply[1024];
int
sd, bytes;
const
char
* HTMLecho=
"<html><body><pre>%s</pre></body></html>\n\n"
;
if
( SSL_accept(ssl) == FAIL )
/* do SSL-protocol accept */
ERR_print_errors_fp(stderr);
else
{
ShowCerts(ssl);
/* get any certificates */
bytes = SSL_read(ssl, buf,
sizeof
(buf));
/* get request */
if
( bytes > 0 )
{
buf[bytes] = 0;
printf
(
"Client msg: \"%s\"\n"
, buf);
sprintf
(reply, HTMLecho, buf);
/* construct reply */
SSL_write(ssl, reply,
strlen
(reply));
/* send reply */
}
else
ERR_print_errors_fp(stderr);
}
sd = SSL_get_fd(ssl);
/* get socket connection */
SSL_free(ssl);
/* release SSL state */
close(sd);
/* close connection */
}
int
main(
int
count,
char
*strings[])
{ SSL_CTX *ctx;
int
server;
char
*portnum;
if
( count != 2 )
{
printf
(
"Usage: %s <portnum>\n"
, strings[0]);
exit
(0);
}
else
{
printf
(
"Usage: %s <portnum>\n"
, strings[1]);
}
SSL_library_init();
portnum = strings[1];
ctx = InitServerCTX();
/* initialize SSL */
LoadCertificates(ctx,
"/home/stud/kawsar/mycert.pem"
,
"/home/stud/kawsar/mycert.pem"
);
/* load certs */
server = OpenListener(
atoi
(portnum));
/* create server socket */
while
(1)
{
struct
sockaddr_in addr;
socklen_t len =
sizeof
(addr);
SSL *ssl;
int
client = accept(server, (
struct
sockaddr*)&addr, &len);
/* accept connection as usual */
printf
(
"Connection: %s:%d\n"
,inet_ntoa(addr.sin_addr), ntohs(addr.sin_port));
ssl = SSL_new(ctx);
/* get new SSL state with context */
SSL_set_fd(ssl, client);
/* set connection socket to SSL state */
Servlet(ssl);
/* service connection */
}
close(server);
/* close server socket */
SSL_CTX_free(ctx);
/* release context */
}
0 0
- SSL(四)
- SSL TLS 学习之四:图解SSL/TLS协议
- java线程之四 SSL加密传输
- 嵌入式 建立ssl连接过程分析四
- SSL通关之代码示例(四)
- 四塔问题 ssl 2632 规律题
- SSL P2647 线段树练习四
- 从零开始部署个人网站(四)--ssl证书
- SSL
- SSL
- ssl
- SSL
- ssl
- ssl
- SSL
- SSL
- SSL
- ssl
- Ubuntu下的常用编辑命令
- WEB漏洞扫描软件:Uniscan
- 黑马程序员——JAVA 基础
- 张正友摄像机标定的研究(MATLAB+OpenCV)
- 49. PHP continue
- SSL(四)
- 开闭原则与接口编程学习笔记
- Android全屏设置的三种方式
- CSU 1216 异或最大值
- 2.1散点图
- nested exception is java.lang.NoClassDefFoundError: org/aspectj/lang/annotation/Around
- LeetCode #Palindrome Number#
- android项目出现红色感叹号、调用API出错的几种解决办法
- 华农校赛E题