在WIndows CE 7上安全套接字服务器 [英] Secure Socket server on WIndows CE 7
问题描述
我可以使用Winsock在Windows CE 6/7上实现安全套接字服务器吗? TLS | OpenSSL?
Can i implement Secure sockets server on Windows CE 6/7 using either Winsock | TLS | OpenSSL?
对于winsock,MSDN说在带有SSL的Windows CE上不支持接受功能。 (MSDN Link http://msdn.microsoft.com/en-us/library/ms886618.aspx)。
For winsock MSDN says accept functionality does not support on windows CE with SSL. ( MSDN Link http://msdn.microsoft.com/en-us/library/ms886618.aspx).
关心
Avadhut
推荐答案
当您的问题是关于CE 6.0时,您正在查看CE 5.0链接或WEC7。这是针对CE 6.0:
http:// msdn.microsoft.com/en-us/library/ee494299(v=winembedded.60).aspx 它告诉你:
You are looking at the CE 5.0 link when your question is about CE 6.0 or WEC7. This is for CE 6.0: http://msdn.microsoft.com/en-us/library/ee494299(v=winembedded.60).aspx and it tells you:
Windows Embedded CE支持私有通信技术协议1.0和安全套接字Layer(SSL)版本2.0和3.0安全协议。这些协议可以通过WinInet或直接从Winsock获得。使用这些Winsock扩展向应用程序添加安全基础结构
,只需对应用程序进行少量更改。一旦连接了安全套接字,应用程序就可以在该套接字上发送和接收数据,而不会意识到线路上的数据已被编码。
Windows Embedded CE supports the Private Communication Technology protocol 1.0 and Secure Sockets Layer (SSL) versions 2.0 and 3.0 security protocols. These protocols are available either through WinInet or directly from Winsock. Adding a security infrastructure to an application using these Winsock extensions requires few changes to an application. Once a secure socket is connected, the application may send and receive data on that socket unaware that the data over the wire is encoded.
SSL不支持以下Winsock功能:
SSL does not support the following Winsock functionality:
- Scatter/gather I/O: WSASend and WSARecv should be passed one buffer instead of an array of buffers.
- Overlapped I/O.
- Non-blocking I/O.
- Calls to the accept function.
一个链接进一步说明了如何实现安全套接字: http://msdn.microsoft.com/en-US/library/ee495139(v = WinEmbedded.60).aspx
One link further shows you how to implement secure sockets: http://msdn.microsoft.com/en-US/library/ee495139(v=WinEmbedded.60).aspx
以下过程描述了如何建立安全套接字连接。
The following procedure describes how to establish a secure socket connection.
-
使用 套接字 功能。
使用 setsockopt 功能。将 级别设置为SOL_SOCKET, optname 到SO_SECURE,
和 optval DWORD 设置为SO_SEC_SSL。
Set the socket in secure mode with the setsockopt function. Set level to SOL_SOCKET, optname to SO_SECURE, and optval to a DWORD set to SO_SEC_SSL.
通过调用 WSAIoctl 带有SO_SSL_SET_VALIDATE_CERT_HOOK控制代码。
Specify the certificate validation callback function by calling WSAIoctl with the SO_SSL_SET_VALIDATE_CERT_HOOK control code.
要在握手期间验证服务器的身份,请使用SO_SSL_SET_PEERNAME控制代码调用 WSAIoctl 。
To verify the server's identity during the handshake, call WSAIoctl with the SO_SSL_SET_PEERNAME control code.
成功进行SSL握手后,将根据服务器证书验证服务器名称。然后在证书验证回调中指示验证结果。如果指定的服务器名称与SSL握手的
证书链中指示的服务器名称不匹配,则在SslValidateCertHook的dwFlags参数中设置SSL_CERT_FLAG_ISSUER_UNKNOWN。
The server name is verified against the server certificate after a successful SSL handshake. The verification results are then indicated in the certificate validation callback. If the specified server name does not match the one indicated in the certificate chain of the SSL Handshake, SSL_CERT_FLAG_ISSUER_UNKNOWN is set in the dwFlags parameter of SslValidateCertHook.
If如果不执行此步骤,则不会执行验证。
If you do not perform this step, no verification is performed.
要指定特定的安全协议,请调用 WSAIoctl 使用SO_SSL_GET_PROTOCOLS控制代码来确定默认协议。然后使用SO_SSL_SET_PROTOCOLS控制代码调用 WSAIoctl 以
选择要启用的协议。否则,Windows Embedded CE将选择协议。
To specify a particular security protocol, call WSAIoctl with the SO_SSL_GET_PROTOCOLS control code to determine the default protocols. Then call WSAIoctl with the SO_SSL_SET_PROTOCOLS control code to select the protocols to be enabled. Otherwise, Windows Embedded CE selects the protocol.
与 connect function。
Make a connection with the connect function.
自动调用证书回调函数。只有当回调函数通过返回SSL_ERR_OKAY验证证书的可接受性时才能完成连接。
The certificate callback function is automatically called. The connection can be completed only if the callback function verifies the acceptability of the certificate by returning SSL_ERR_OKAY.
传输和发送。
The send and recv functions automatically encode and decode data.
完成后,使用 closesocket 关闭套接字 ;功能。
When you are finished, close the socket with the closesocket function.
这篇关于在WIndows CE 7上安全套接字服务器的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
