| 일 | 월 | 화 | 수 | 목 | 금 | 토 |
|---|---|---|---|---|---|---|
| 1 | 2 | 3 | 4 | |||
| 5 | 6 | 7 | 8 | 9 | 10 | 11 |
| 12 | 13 | 14 | 15 | 16 | 17 | 18 |
| 19 | 20 | 21 | 22 | 23 | 24 | 25 |
| 26 | 27 | 28 | 29 | 30 | 31 |
Tags
- FIDO2
- Xcode
- 인증
- 앨범북
- MFA
- Nodejs
- openssl
- WebAuthn
- albumbook
- SSH
- OTP
- 안드로이드
- kmip
- 애플
- 앱스토어
- MSYS2
- git
- otpkey
- SWIFT
- Android
- OSX
- MYSQL
- 앱리소스
- css
- fido
- apple
- SSL
- 2FA
- SwiftUI
- appres
Archives
- Today
- Total
인디노트
OpenSSL Client/Server 본문
Client
#include <netdb.h>
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <arpa/inet.h>
#include <openssl/ssl.h>
#include <openssl/err.h>
#include <openssl/x509v3.h>
int create_socket(int port) {
/* returns a valid socket fd */
}
int main(int argc, char **argv) {
int sock;
SSL *ssl;
SSL_CTX *ctx;
const SSL_METHOD *method;
X509_VERIFY_PARAM *param;
/* init */
SSL_load_error_strings();
OpenSSL_add_ssl_algorithms();
/* create context */
method = TLSv1_2_client_method();
if (!(ctx = SSL_CTX_new(method))) {
exit(1);
}
/* configure context */
SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, NULL);
SSL_CTX_set_verify_depth(ctx, 4);
SSL_CTX_load_verify_locations(ctx, "/path/to/cert.pem", NULL);
SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1 | SSL_OP_NO_TLSv1_1 | SSL_OP_NO_COMPRESSION);
/* open a socket */
sock = create_socket(1337);
/* create ssl instance from context */
ssl = SSL_new(ctx);
param = SSL_get0_param(ssl);
X509_VERIFY_PARAM_set_hostflags(param, X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS);
X509_VERIFY_PARAM_set1_host(param, "localhost", 0);
/* assign socket to ssl intance */
SSL_set_fd(ssl, sock);
/* perform ssl handshake & connection */
SSL_connect(ssl);
/* perform ssl reads / writes */
// SSL_read(ssl, buff, 255);
/* cleanup */
close(sock);
SSL_free(ssl);
SSL_CTX_free(ctx);
EVP_cleanup();
}Server
#include <stdio.h>
#include <unistd.h>
#include <sys/socket.h>
#include <arpa/inet.h>
#include <openssl/ssl.h>
#include <openssl/err.h>
#include <openssl/x509v3.h>
int create_socket(int port) {
/* returns a valid socket fd */
}
int main(int argc, char **argv) {
int sock;
SSL_CTX *ctx;
/* init */
SSL_load_error_strings();
OpenSSL_add_ssl_algorithms();
/* create context */
method = TLSv1_2_server_method();
if (!(ctx = SSL_CTX_new(method))) {
exit(1);
}
/* configure context */
SSL_CTX_set_ecdh_auto(ctx, 1);
/* Set the key and cert */
if (SSL_CTX_use_certificate_file(ctx, "cert.pem", SSL_FILETYPE_PEM) <= 0) {
exit(1);
}
if (SSL_CTX_use_PrivateKey_file(ctx, "key.pem", SSL_FILETYPE_PEM) <= 0) {
exit(1);
}
/* open a socket */
sock = create_socket(5555);
/* Handle connections */
while(1) {
int nsock;
SSL *ssl;
/* accept client connections
if there are any */
nsock = accept_connection(sock);
/* create ssl instance from context */
ssl = SSL_new(ctx);
/* assign socket to ssl intance */
SSL_set_fd(ssl, client);
/* perform ssl handshake & connection */
SSL_accept(ssl);
/* perform ssl reads / writes */
SSL_write(ssl, buff, sizeof(buff));
/* free ssl instance */
SSL_free(ssl);
/* close client connection */
close(client);
}
}반응형
'인증기술 > OpenSSL' 카테고리의 다른 글
| ssl_client.c (0) | 2018.11.11 |
|---|---|
| Openssl을 이용한 암호화 통신 (0) | 2018.11.11 |
| SSL_CTX_use_certificate (0) | 2018.11.03 |
| Example of secure server-client program using OpenSSL in C (0) | 2018.11.03 |
| OS X 에서 64 비트 OpenSSL 컴파일 옵션 (0) | 2018.11.03 |
Comments