[OT] Secure socket connections?


#1

Can someone point me in the right direction to make a secure connection, by which I mean a locked connection that will only work between my app and my app? (using Juce classes, obviously)

I will be using SSL, so it’s not snooping per se I’m worried about, but it’s what happens as the two devices start to talk I’m not sure about. The flow needs to be:

Device A connects to Device B with a socket connection

Device A authenticates with Device B. Device B authenticates with Device A, and then it’s all normal comms.

It’s the authentication that’s new to me. I need to use keys and send one to the other?

Bruce

(or am I over thinking, and SSL has the ability to do what I need?)


#2

Basically what you describe is called Diffie Hellman key exchange.
SSL does that for you if you use Public key crypto system.
Beware that SSL (from OpenSSL) is very very poorly documented, so getting something to work from scratch is almost impossible. You should refer to existing code for implementing yours.


#3

Thanks, I’m seeing that poor documentation thing. I believe I found some functions that can use strings from the app, not certificates on file, so I just need to get my head around all the certificates, keys, signings etc. that seem to be involved. Yuck.

Do you have a link at hand to a good example to borrow from?

Bruce


#4

Send me your email as PM.