可编译的C ++代码，用于使用MS SSPI实现安全的SLL / TLS客户端 [英] Compilable C++ code to implement a secure SLL/TLS client using MS SSPI

问题描述

如此处所述
http://www.ddj.com/cpp/184401688

我没有时间从头开始写。

提出并未回答
http://stackoverflow.com/questions/434961/implementing-ssl

问题是：

我正在寻找一些可编译的工作源代码，实现MS SSPI

我在这里查看了代码项目示例：

http://www.codeproject.com/KB/IP/sslclasses.aspx p>

但是这是C＃OOP。

SChannel调用遵循以下步骤： GSS API标准。当然，有一些替代品 - 例如OpenSSL。这个包是一个完整和彻底的协议实现，对于那些对UNIX来说太熟悉的人，无疑是最好的选择。该软件包最初面向UNIX社区，并且依赖于Perl运行时，因此对于从未使用UNIX类型系统的Windows开发人员来说，需要一些学习曲线。

除此之外，OpenSLL做了一些非常不规范的事情。

Nikolai，
持续了很多COMPILABLE源代码
（www.coastrd。

解决方案

这个SSPI SChannel SMTPS示例应该编译并在Visual Studio 2008中运行，

http：// www .coastrd.com / c-schannel-smtp

SChannel是包含SSL / TLS协议的GSS API的Microsoft实现。

使用SChannel的优点：

• 无需额外设置即可运行最终应用程序：


• SChannel是操作系统的一个组成部分


• 在Windows ME / 2000 / XP / ...平台上，SChannel默认安装并配置


• SChannel调用遵循GSS API标准。


• 您不需要创建/安装任何证书


• 不需要第三方dll（1MB或更大）发货和安装

代码应该产生如下所示的会话：

----- SSPI初始化

----- WinSock初始化

-----初始化凭据

-----连接到服务器

70个字节的握手数据发送

接收到974字节的握手数据

发送了182字节的握手数据

接收到43个握手数据字节

握手成功

-----执行的客户端握手

-----服务器凭据已验证

服务器主题：C =美国，S =加利福尼亚州，L = Mountain View，O = Google Inc，CN = smtp.gmail.com

服务器发布者：C = ZA，S =西开普，L =开普敦，O =咨询cc，OU =认证服务部，CN = Thawte Premium Server CA，E=premium-server@thawte.com

-----证书链显示

-----已验证服务器证书

-----发布服务器证书上下文

协议：TLS1

密码：RC4

密码强度：128

哈希：MD5

哈希强度：128

密钥交换：RSA

密钥交换强度：1024

-----安全连接信息

接收到64字节的加密应用程序数据

解密数据：43个字节

220 mx.google.com ESMTP 6sm17740567yxg.66

发送7个字节的纯文本：

EHLO

发送加密数据的28字节

接收到加密的应用程序数据的169字节

解密数据：148字节

250-mx.google.com您的服务，[22.33.111.222]

250-SIZE 35651584

250-8BITMIME

250-AUTH登录平台

250-ENHANCEDSTATUSCODES

250 PIPELINING

发送7个字节的明文：

QUIT

发送加密数据的28个字节

接收到加密应用程序数据的69个字节

解密数据：48字节

221 2.0.0关闭连接6sm17740567yxg.66

----- SMTP会话完成

发送关闭通知

发送了23个字节的握手数据

-----从服务器断开连接

-----开始清理

-----全部完成-----

As described here http://www.ddj.com/cpp/184401688

I do not have time to write this from scratch.

Asked and not answered http://stackoverflow.com/questions/434961/implementing-ssl

THE QUESTION IS:

I am looking for some compilable working source code that implements MS SSPI (as alluded to in the thread above), procedural not OOP preferred.

I have looked at the code projects sample here:

http://www.codeproject.com/KB/IP/sslclasses.aspx

But this is C# OOP. Converting this to C++ code is not trivial.

OpenSSL

SChannel calls follow GSS API standards. There are, of course, some alternatives -- OpenSSL for example. This package is a complete and thorough implementation of the protocol and for someone all too familiar with UNIX is undoubtedly the best choice. The package originally targeted the UNIX community and to compile it relies on the Perl runtime, so some learning curve is required for Windows developers who never worked with UNIX-type systems.

Apart from that, OpenSLL does some very non-standard things

Nikolai, Having contibuted a lot of COMPILABLE source code (www.coastrd.com) I was hoping to find someone willing to do the same.

解决方案

This SSPI SChannel SMTPS example should compile and run in Visual Studio 2008 as is

http://www.coastrd.com/c-schannel-smtp

SChannel is the Microsoft implementation of the GSS API that wraps the SSL/TLS protocol.

Advantages of utilizing SChannel:

• gory details are shielded from the developer by the SSPI.
• No extra setup is required to run the final application:
• SChannel is an integral part of the operating system
• On Windows ME/2000/XP/... platforms, SChannel is installed and configured by default
• SChannel calls follow GSS API standards.
• You do not need to create/install any certificates
• no third party dll's (1MB or larger) to ship and install

The code should produce a session that looks like this:

----- SSPI Initialized
----- WinSock Initialized
----- Credentials Initialized
----- Connectd To Server
70 bytes of handshake data sent
974 bytes of handshake data received
182 bytes of handshake data sent
43 bytes of handshake data received
Handshake was successful
----- Client Handshake Performed
----- Server Credentials Authenticated

Server subject: C=US, S=California, L=Mountain View, O=Google Inc, CN=smtp.gmail.com
Server issuer: C=ZA, S=Western Cape, L=Cape Town, O=Thawte Consulting cc, OU=Certification Services Division, CN=Thawte Premium Server CA, E=premium-server@thawte.com

----- Certificate Chain Displayed
----- Server Certificate Verified
----- Server certificate context released

Protocol: TLS1
Cipher: RC4
Cipher strength: 128
Hash: MD5
Hash strength: 128
Key exchange: RSA
Key exchange strength: 1024
----- Secure Connection Info
64 bytes of (encrypted) application data received
Decrypted data: 43 bytes
220 mx.google.com ESMTP 6sm17740567yxg.66

Sending 7 bytes of plaintext:
EHLO

28 bytes of encrypted data sent
169 bytes of (encrypted) application data received
Decrypted data: 148 bytes
250-mx.google.com at your service, [22.33.111.222]
250-SIZE 35651584
250-8BITMIME
250-AUTH LOGIN PLAIN
250-ENHANCEDSTATUSCODES
250 PIPELINING

Sending 7 bytes of plaintext:
QUIT

28 bytes of encrypted data sent
69 bytes of (encrypted) application data received
Decrypted data: 48 bytes
221 2.0.0 closing connection 6sm17740567yxg.66

----- SMTP session Complete
Sending Close Notify
23 bytes of handshake data sent
----- Disconnected From Server
----- Begin Cleanup
----- All Done -----

这篇关于可编译的C ++代码，用于使用MS SSPI实现安全的SLL / TLS客户端的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！