简单的客户端/服务器、TCP/IP 加密消息流、SSL (C++)
基本上我的问题与此完全相同:
不同之处在于我需要它用于纯 C++,而不是 .NET。我无法使用第 3 方库,因此除非它是 Windows 系统组件(如上面的),否则我需要一些带有源代码的东西,以便我可以获得一般想法并自己构建它。
谢谢:)
引用另一个问题供参考:
“编写一个小 TCP/IP 客户端服务器 应用程序。基本上它创建了一个服务器, 然后你可以创建几个 不同的客户端并设置一些 聊天会话。我想知道的是 有什么方法可以合并,使用 标准.net库某种形式 加密?
m_mainSocket = 新 套接字(AddressFamily.InterNetwork, SocketType.Stream、ProtocolType.Tcp);
有没有办法指定tcp 使用RSA?
或者你(即我)必须 编写一些自定义库来执行关键操作 交换然后加密 随后的聊天消息?我已经做了 以前是大学的,但那是在 java,但我知道这并不难 转换它们。只是试图不拥有 重新发明轮子...
或者使用 ssl 怎么样?
谢谢,罗恩。”
Basically my question is the exact same one as this:
Simple client/server, TCP/IP encrypting the message stream, SSL
The difference is that I need this for pure C++, not .NET. I cannot use 3rd party libraries, so unless it's a Windows system component (like the above) I need something with source so I can get the generel idea and build it myself.
Thanks :)
Quoting the other question for reference:
"Writing a little TCP/IP client server
app. Basically it creates a server,
and then you can create several
different clients and set up a bit of
a chat session. What I am wondering is
there is any way to incorporate, using
standard .net libraries some form of
encryption?m_mainSocket = new
Socket(AddressFamily.InterNetwork,
SocketType.Stream, ProtocolType.Tcp);Is there any way of speficying tcp
using rsa?Or would you (me that is) have to
write some custom libaries to do key
exchange and then encrypt the
subsequent chat messages? I have done
that before for uni but that was in
java but I know it would'nt be hard to
convert them. Just trying not to have
to reinvent the wheel...Or what about utilising a ssl?
Thanks, Ron."
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
您考虑过使用 ASIO 库吗? think-async dot com/Asio/
有一个专门针对基于 SSL 的客户端/服务器的示例。 http://think- async.com/Asio/asio-1.4.1/doc/asio/examples.html#asio.examples.ssl
它是你所能得到的“纯C++”。
Have you considered using the ASIO library? think-async dot com/Asio/
There is an example specifically for an SSL based client/server. http://think-async.com/Asio/asio-1.4.1/doc/asio/examples.html#asio.examples.ssl
Its as "pure c++" as you can get.
您始终可以查看 OpenSSL,它是开源的,但这就像您自己实现 SSL 一样。我建议包装 OpenSSL 并使用它。或者使用 OpenSSL 中提供的 SSL 隧道应用程序。
You can always look at OpenSSL which is open source, but that would be like implement SSL yourself. I would suggest wrapping OpenSSL and use it. Or use the SSL tunnel application available in OpenSSL.
“不建议”编写自己的加密代码。使用这些库之一时很容易犯一个简单的错误,更不用说当您尝试自己编写一个库时。
您真正想要使用的是 OpenSSL 以及其上的 Boost.ASIO。如果您无法做到这一点,那么您的下一个最佳选择是使用 Internet Explorer COM 对象。这不太灵活,但根据您的具体需求可能会很好。您还可以探索 Win32 API。最后我发现没有足够的加密 API 广泛可用来做到这一点。处理此问题的最后一种方法是包装 .NET API,以便您可以从本机 C++ 中使用它们。
只有当这些都不适合你时,你才应该考虑自己写这个。您会犯错误,从而导致您的应用程序的安全性降低。因此,在开始尝试编写自己的加密代码之前,您还可以尝试查看通过 SSH 建立隧道的 SOCKS 并使用其他人的 SSH 实现。我接下来要考虑的是购买代码而不是自己编写。该代码不会像开源产品那样好,因为它使用较少,因此会出现更多安全问题,但它仍然比您第一次这样做时编写的任何内容都要好。
只有当您用尽所有这些选项时,您才应该考虑自己编写此内容。一旦你考虑清楚,你应该再次尝试所有其他选项,以确保你不会错过其中一个第一次为你工作的机会。
如果您仍然编写自己的实现,那么在将其投入生产使用之前将其丢弃并使用其他选项之一,因为会出现一些损害安全性的错误,而您可能也不必担心。
很抱歉对所有这些声音轻描淡写,但是把这些事情做好确实很难,而且不是通过快速查看其他人的实现就能做到的。
Writing your own encryption code is "not recommended". It's easy enough to make a simple mistake when using one of these libraries, let alone when you try to write one yourself.
What you really want to use is OpenSSL with Boost.ASIO on top of it. If you can't do that then your next best alternative is to use the Internet Explorer COM object. This isn't quite as flexible, but might work out fine depending on what your exact needs are. You can also explore the Win32 API. Last I looked there weren't enough crypto APIs widely available to do this. The final way of dealing with this is to wrap the .NET APIs so that you can make use of them from native C++.
Only if none of that works out for you should you even consider writing this yourself. You will make mistakes and your application will be less secure as a result. So, before you start trying to write your own crypto code you could also try to look at tunnelling SOCKS over SSH and use somebody else's SSH implementation. The next thing I would look at is to buy in the code rather than write it yourself. The code won't be as good as open source offerings as it will be less used so will have more security problems, but it will still be better than anything you would write on your first outing doing this.
Only if you've exhausted all of these options should you think about writing this yourself. Once you think about it you should try all of the other options again to make sure that you didn't miss getting one of them to work for you the first time around.
If you do still write your own implementation then throw it away and use one of the other options before putting it into production use as there will be mistakes that compromise the security to the extent where you probably may as well not have bothered.
Sorry to sound down on all of this, but getting these things right is really hard and not something you can do by just taking a quick look at somebody else's implementation.