Starting to use OpenSSL

I want to use SSL in my cross platform program. I decided to use OpenSSL.

I have OpenSSL installed, and at this point I am looking through the code and documentation trying to figure out how to use the library.

Do you开发者_Go百科 have any resources or simple programs or tutorials that will walk me through integrating OpenSSL with my program?

The very rough guide is:

• Create a new SSL_CTX with SSL_CTX_new();
• (server only) Load the certificate with SSL_CTX_use_certificate_file();
• (server only) Load the private key with SSL_CTX_use_PrivateKey_file();
• Establish the network connection;
• Create a new SSL with SSL_new();
• Set the file descriptor of the SSL to that of your network connection with SSL_set_fd();
• (client only) Call SSL_connect();
• (server only) Call SSL_accept().

Thereafter use SSL_read() and SSL_write() to read and write from the connection, and finish with SSL_shutdown(). The SSL_CTX can be re-used to create SSL objects for many simultaneous sessions.

You can find some useful OpenSSL commands on this page:

http://www.networking4all.com/en/support/ssl+certificates/manuals/openssl/openssl+commands/

from the "very rough guide" you mentioned, i managed to reach till successful SSL handshake, between mozilla web browser and my server(coded in c).But after SSL_accept, when am trying to use SSL_read to get the browser header details, am getting junk values and the bytes read are shown to be zero. below is the code, the SSL_accept call is successful but SSL_read is not..

    if(SSL_set_fd(ssl, client_s)<0)
        printf("\n error in assigning socket to SSL:");
    else
        printf("\n The socket has been assigned to SSL Structure");

    /* Perform SSL Handshake on the SSL server */
    err = SSL_accept(ssl);
    printf("\n Value of err is %d",err);
    RETURN_ERR(err,"SSL_accept");
    if(err==1)
        printf("\n The ssl connection/Handshake has been successful");
    else
        printf("\n The ssl connection was not successful");

    /* Informational output (optional) */
        printf("\n SSL connection using %s\n", SSL_get_cipher (ssl));


    /*receive the data from the client*/
    //err = SSL_accept(ssl);
    while(i<5)
    {
        err = SSL_read(ssl, in_buf, strlen(in_buf));
        printf("\n value of err is %d",err);
        RETURN_ERR(err,"SSL_read");

        printf("\n The details from the server is\n: %s,\n Bytes Read : %d",in_buf,err);
        if(err<0)
        printf("\n Not Successfully received clients information");
        i++;
     }
     err = SSL_shutdown(ssl);
    /* Terminate communication on a socket */
    err = close(server_s);
    /* Free the SSL structure */
    SSL_free(ssl);
    /* Free the SSL_CTX structure */
    SSL_CTX_free(ctx);

    return(0);
    }