Untitled

Initialize OpenSSL
void init_openssl()
{
SSL_load_error_strings();
OpenSSL_add_ssl_algorithms();
}
Copyright @ 2017 School of MCIT, Nile University, Cairo, Egypt (ksobh@nu.edu.eg)
Create SSL Context
SSL_CTX * create_ssl_context ()
{
SSL_METHOD * method = TLSv1_2_server_method ();
SSL_CTX * ctx = SSL_CTX_new(method);
if (!ctx)
{
// Error and exit
}
return ctx;
}
Copyright @ 2017 School of MCIT, Nile University, Cairo, Egypt (ksobh@nu.edu.eg)
Configure SSL Context
void configure_context (SSL_CTX * ctx)
{
If (SSL_CTX_use_certificate_file
(ctx,”cert.pem”,SSL_FILETYPE_PEM) < 0 )
{
// Error and exit
}
SSL_CTX_set_default_password_cb(ctx,passwd_cb);
// passwd_cb is a callback function that return the password
If (SSL_CTX_use_PrivateKey_file
(ctx,”key.pem”,SSL_FILETYPE_PEM) < 0 )
{
// Error and exit
}
}
Copyright @ 2017 School of MCIT, Nile University, Cairo, Egypt (ksobh@nu.edu.eg)
Accept Socket Connection
struct sockaddr_in clientAddr;
socklen_t sin_size = sizeof(clientAddr);
int client_sock =
accept (server_sock,
(struct sockaddr *) &clientAddr,
& sin_size);
Copyright @ 2017 School of MCIT, Nile University, Cairo, Egypt (ksobh@nu.edu.eg)
Bind Client Socket to SSL Context
SSL * ssl = SSL_new(ctx);
const long flags = SSL_OP_NO_SSLv2 |
SSL_OP_NO_SSLv3 |
SSL_OP_NO_COMPRESSION;
SSL_CTX_set_options(ctx,flags);
SSL_set_fd(ssl,client_sock);
Copyright @ 2017 School of MCIT, Nile University, Cairo, Egypt (ksobh@nu.edu.eg)
TSL Handshaking
int maxBytes=1024;
char buffer [maxBytes+1];s
If ( SSL_accept (ssl) > 0 )
{
//Do read and write with SSL routines
SSL_read(ssl,buffer,maxBytes);
.
.
.
SSL_write(ssl,buffer,maxBytes);
}
Copyright @ 2017 School of MCIT, Nile University, Cairo, Egypt (ksobh@nu.edu.eg)
TSL Handshaking
void cleanup_ssl()
{
EVP_cleanup();
}