SSL?

General FreeBASIC programming questions.
sigmason
Posts: 22
Joined: Sep 21, 2006 2:18

SSL?

Postby sigmason » Oct 17, 2006 20:07

Okay, I've got something I'm hacking out right now.
It's not pretty not at all, but it's necessary.

So here's my question...

SDL_net doesn't seem to support SSL, so far as I can see (there was some talk of a patch over there, but I don't see this patch anywhere.)

I am looking for a library, for FreeBASIC that is crossplatform like SDL_net but also that supports SSL.

I'm not having any luck so far finding this.

Anyone got a suggestion?

sigmason
sigmason
Posts: 22
Joined: Sep 21, 2006 2:18

Postby sigmason » Oct 17, 2006 20:13

Amending my original post, I don't care if the library uses OpenSSL on the Microsoft platform as well as the *nix platforms it supports.

There are some aspects of Microsoft's SSL providing API's that I don't much like so I wouldn't mind using OpenSSL on Windows as well.

If possible I'd like to avoid having to involve cygwin in the picture.

sigmason
sigmason
Posts: 22
Joined: Sep 21, 2006 2:18

Postby sigmason » Oct 18, 2006 1:10

Also, I'd like this library to not need polling on a grand scale if possible.

For instance, if one reviews the cryptlib documentation carefully, their very respectable SSL/TLS implementation is done with polling.

In short, you keep asking if data is recieved until it is.

Im hoping someone has something more elegant.

In VB6 or .NET I'd use the SocketWrench Secure product from Catalyst.

I guess it could be ported here, the license is about $200 per developer.

sigmason
Oz
Posts: 585
Joined: Jul 02, 2005 14:21
Location: Waterloo, Ontario, Canada
Contact:

Postby Oz » Oct 18, 2006 18:32

You'd be better off using a low-level lib and implementing ssl yourself, as I don't know off hand about any network libs that use ssl without extrnal libs

Oz~
v1ctor
Site Admin
Posts: 3799
Joined: May 27, 2005 8:08
Location: SP / Bra[s]il
Contact:

Postby v1ctor » Oct 18, 2006 18:42

Maybe OpenSSL: http://gnuwin32.sourceforge.net/packages/openssl.htm.

If somebody is up to translate the headers: http://www.freebasic.net/temp/swig_fb.zip. There are 1MB of them, what couldn't be simple to translate, there's always some hand-edition in the end.
sigmason
Posts: 22
Joined: Sep 21, 2006 2:18

Postby sigmason » Oct 18, 2006 19:29

Well, I'm still looking, LOL

OpenSSL was my first idea, but it poses a few issues.

First, OpenSSL is thread based but thread safe so it's a little ugly in Windows with more then a few users (over threading makes the Windows GUI do odd things)

Second, Catalyst uses the Microsoft Cryptographic API so it doesn't support AES and it won't ever unless Microsoft releases XP SP3.

Third, cryptlib, supports almost everything I want, except, it doesn't by default (understandably) let you use IO Completion ports, though it gives hints to make it happen in the docs.

Forth, if you read the very last page of the cryptlib manual, the contrib to OpenSSL had a hand in the code in cryptlib. So does it matter which one I use, with cryptlib I might get more alternate implementations.

So at this point, to get an easy to use all encompasing add-on for current (meaning AES enabled, non-MSCAPI (as Microsoft is killing CAPI in favor of CNS)) it looks like I might just need to gobble up either crpyptlib or openssl into C and then export my own IO completion mode variants.

This I think means (my head hurts) that I could use cryptlib as is, until I have some time to make that happen (it can be used, but it will get ugly with lots of sockets), assuming the declares I've seen are complete (something I haven't looked at.)

Course, I would be an utter lunatic (not that I'm not) and use a third party library with AES encryption to spin my own 'SSL' minus the overhead of public key encryption. That has some appeal, but then I look at Bigspeed.net and wonder if I'm just reinventing the wheel.

Ugh...I know...I'll just not use the Internet, LOL

sigmason
sigmason
Posts: 22
Joined: Sep 21, 2006 2:18

Postby sigmason » Oct 18, 2006 20:28

Whoops, guess crypt lib is out, at least for SSL with key exchange.

It seems Peter doesn't like PKCS#12 so you can't swap keys with Windows without a hole in the head.

Not that I think PKCS#12 is any better, but there's a headache I choose to sidestep.

Though I really wouldn't matter unless someone was swapping keys with Microsoft's cryptography.

sigmason
sigmason
Posts: 22
Joined: Sep 21, 2006 2:18

Postby sigmason » Oct 19, 2006 0:30

Actually, if you work hard enough there's a way to get the keys into and out of cryptlib.

It appears that openSSL can convert a PKCS12 key to a PKCS7 key.
That would then be importable.

Not very direct, but then again neither were some of the certificate handling methods I've used.

sigmason
sigmason
Posts: 22
Joined: Sep 21, 2006 2:18

Postby sigmason » Jun 06, 2007 5:56

After a lot of tinkering I found a utility called PEMTrans that could convert PEM files from OpenSSL to Cryptlib's preferred PKCS#15. So basically, one could also import from Windows into OpenSSL and then to a PEM to get to Cryptlib, I figured I should post that to this thread for completeness.

Sigmason
Mihail_B
Posts: 271
Joined: Jan 29, 2008 11:20
Location: Romania
Contact:

Re: SSL?

Postby Mihail_B » Dec 14, 2012 5:31

A SLL library for freebasic ?
Any news ?

Thx.
TJF
Posts: 3502
Joined: Dec 06, 2009 22:27
Location: N47°, E15°
Contact:

Re: SSL?

Postby TJF » Dec 14, 2012 7:42

Cross-platform SSL (TLS) is available in GIO (GLib):

    #INCLUDE ONCE "gio/gio.bi"
dkl
Site Admin
Posts: 3210
Joined: Jul 28, 2005 14:45
Location: Germany

Re: SSL?

Postby dkl » Dec 14, 2012 10:16

libcurl may also be useful, it can use OpenSSL or GnuTLS (or others) for HTTPS.
TJF
Posts: 3502
Joined: Dec 06, 2009 22:27
Location: N47°, E15°
Contact:

Re: SSL?

Postby TJF » Dec 14, 2012 10:51

@ dkl

What about adding GLib to the list? (But where? It's networking, XML, regular expressions, ...)

Mayby best place is 'Development Helpers'

    GLib - universal cross-platform software utility library
dkl
Site Admin
Posts: 3210
Joined: Jul 28, 2005 14:45
Location: Germany

Re: SSL?

Postby dkl » Dec 14, 2012 11:05

Let's put it under "System API", that fits well since it's generic purpose, comparable to CRT or Win32 API.
TJF
Posts: 3502
Joined: Dec 06, 2009 22:27
Location: N47°, E15°
Contact:

Re: SSL?

Postby TJF » Dec 14, 2012 11:20

dkl wrote:Let's put it under "System API", that fits well since it's generic purpose, comparable to CRT or Win32 API.

... and change the headline to

    'Systems API'

because CRT or GLib are multi-platform. But does GLibs lexical scanner or hash tables fit well under this topic?

Return to “General”

Who is online

Users browsing this forum: No registered users and 2 guests