OpenSSL programming (including complete examples)

Opensslprogramming examples (including example examples)

 

OpenSSL programming (including complete examples)

See

1. Writing Purpose

It is not easy to run the OpenSSL example for the first time. The purpose of this article is to make this process very simple. Before starting, I would like to thank Zhou lifang for sharing his example. This document fixes a small error in his shared example and provides a one-stop script of "compile-generate-key run" (for details about the methods, see the README file in the compressed package ), it makes it easy to run the first OpenSSL program.

2. Sample package

Ssl_test.zip

Ssl_test.tar.gzis the sample code package, and openssl-0.9.8h-suse10.tar.gz is the OpenSSL Binary Package (because it exceeds 2 MB, it cannot be downloaded as an attachment. Please download it from the official website). It is installed in/usr/local.

The example in ssl_test.tar.gz passed the test in suse10 using a openssl-0.9.8h that includes the following files:

-RW-r -- 1 Root 1346 Dec 5 18:11 cacert. pem
-Rwxr-XR-x 1 Root 114 Dec 5 18:11 make_key.sh
-Rwxr-XR-x 1 Root 172 Dec 5 18:37 mk_client.sh
-Rwxr-XR-x 1 Root 172 Dec 5 18:37 mk_server.sh
-RW-r -- 1 Root 1679 Dec 5 18:11 privkey. pem
-RW-r -- 1 Root 167 Dec 5 18:39 readme
-Rwxr-XR-x 1 Root 38 Dec 5 18:38 run_client.sh
-Rwxr-XR-x 1 Root 64 Dec 5 18:38 run_server.sh
-Rwxr-XR-x 1 Root 1140142 Dec 5 18:38 ssl_client
-RW-r -- 1 Root 3928 Dec 5 17:31 ssl_client.cpp
-Rwxr-XR-x 1 Root 1139667 Dec 5 18:38 ssl_server
-RW-r -- 1 Root 4882 Dec 5 17:31 ssl_server.cpp

Readme is the package content description. run_server.sh is used to run the server, run_client.sh is used to run the client, mk_server.sh is used to compile the server, mk_client.sh is used to compile the client, and make_key.sh is used to generate.

3. What is SSL?

Before learning OpenSSL programming, let's take a look at what SSL is, which will help you learn later. SSL stands for the Secure Sockets Layer. It is a standard that supports secure communication over the Internet and integrates data cryptography into the Protocol. Data is encrypted before it leaves your computer and decrypted only after it reaches its intended destination. Certificates and cryptographic algorithms support all these operations. With OpenSSL, you will have the opportunity to understand them.

Theoretically, if the encrypted data is intercepted or eavesdropped before it reaches the target, the data cannot be cracked. However, since the computer changes faster than a year ago and the password translation method has developed, the possibility of cracking the encryption protocol used in SSL is also increasing. SSL and secure connections can be used for any type of protocol on the internet, whether HTTP, POP3, or FTP. You can also use SSL to protect Telnet sessions. Although SSL can be used to protect any connection, SSL is not required for each type of connection. If the connection transmits sensitive information, use SSL.

4. What is OpenSSL?

OpenSSL is not just SSL. It can implement message digest, file encryption and decryption, digital certificates, digital signatures and random numbers. There are a lot of content about the OpenSSL library, which is far from an article.

OpenSSL is not just an API, but also a command line tool. The command line tool can do the same work as the API, and further test the SSL server and client.

5. Sample program

For more information about the examples, see the following weekly sharing article.

Encryptor agreement sslprogramming proposal

6. Server writing steps

7. Client writing steps

8. Related header files 8.1. Socket header files

# Include <sys/types. h>

# Include <ARPA/inet. h>

# Include <netinet/in. h>

# Include <sys/socket. h>

8.2. SSL header file

# Include <OpenSSL/SSL. h>

# Include <OpenSSL/err. h>

9. End

The following figure shows how to compare ssl_test.tar.gzand the ssl_test.tar.gzand sslprogramming languages.