Getting Started with HTTPS

Secure Communication Module User's Guide
Rogue Wave web site: Home Page | Main Documentation Page

7.1 Getting Started with HTTPS

The following examples show how to retrieve documents using HTTPS.

This chapter describes only new information about the use of HTTP over a secure channel. It assumes that you understand the HTTP package (Rogue Wave Internet Protocols Module) and the Secure Sockets package.

7.1.1 Using RWHttpAgent to Retrieve a Document Securely

This example uses the HTTP agent class on https:// URIs. An agent class uses its respective client class to perform common protocol requests.

This example uses utility functions provided in util.h.

Example 10: Using a Secure Agent

// File: examples\https\manual\RWHttpSecureAgentExample.cpp 

#include <rw/itc/RWTIOUResult.h>
#include <rw/internet/RWURL.h>
#include <rw/network/RWWinSockInfo.h>
#include <rw/secsock/RWSecureSocketPackageInit.h>
#include <rw/secsock/RWSecureSocketContext.h>
#include <rw/http/RWHttpAgent.h>
#include <rw/http/RWHttpReply.h>
#include <rw/https/RWHttpsSecurityManager.h>

#if defined(RW_NO_IOSTD)
#  include <iostream.h>
#else
#  include <iostream>
   using std::cout;
   using std::cerr;
   using std::endl;
   using std::flush;
#endif

#include "args.h"

// This data is used to seed the RNG
   const unsigned char seed[] = "123456789012345678901234567890"
                                "123456789012345678901234567890"
                                "123456789012345678901234567890"
                                "123456789012345678901234567890"
                                "123456789012345678901234567890";

int main(int argc, char** argv) 
{
  RWWinSockInfo info;                                             //1
  RWSecureSocketPackageInit secsockInit;                          //2

  RWSecureSocketPackageInit::seedRNGFromMemory(seed,sizeof(seed)) //3

RWTValSlist<RWCString> args = processArgs(argc, argv);

if (args.entries() < 1)
{
  cout << "Usage: " << argv[0] << " <URL>" << endl;
  return 1;
}

RWURL (url(args[0]);                                              //4

RWSecureSocketContext context;                                    //5
// context.prepareToAuthenticate("<certificate file>");           //6

RWHttpsSecurityManager::setAgentContext(context);                 //7

RWHttpAgent agent;                                                //8

RWTIOUResult<RWHttpReply> replyIOU;                               //9

try {
    replyIOU = agent.executeGet(url);                             //10

    RWHttpReply reply = replyIOU.redeem();                        //11

    cout << reply.asString() << endl;

    if(reply.is2XX()) { 
      cout << reply.getBody() << endl;                            //12
    }
  } catch(const RWxmsg& msg) { 
    cerr << "An unexpected exception occurred: " 
         << msg.why() << endl;
    return 1;
  }

  return 0;
}

`//1`	Initialize Windows Sockets (does nothing on UNIX).
`//2`	Initialize the Secure Sockets package.
`//3`	Seed the Random Number Generator in the Secure Sockets package. (Note: Seeding the random number generator from a `const` string is not secure and not recommended in production applications, but is sufficient for this example.)
`//4`	Create a *RWSecureSocketContext* instance.
`//5`	Initialize the context. This call instructs the context to prepare to authenticate the server we will connect to. The `TRUSTED_CERTS_FILE` is a text file that contains the root certificates of the certificate authorities we trust. (For simplicity, we do not perform authentication in this example.)
`//6`	Instruct the HTTPS package to use this context whenever we use an agent on an "https://" URI.
`//7`	Create an agent.
`//8`	Create the URL of the resource we want to get.
`//9`	Create an IOU to store the result.
`//10`	Instruct the agent to use the HTTP `GET` method on the URL supplied.
`//11`	Redeem the IOU to get the reply from the agent. This call may block until the agent fully acquires the result.
`//12`	If the `GET` request was successful, display the body of the document on the screen.

7.1.2 Using RWHttpsSecureSocketClient to Retrieve a Document

This example uses the HTTPS client class. A client class allows low-level access to and encapsulates the details of the protocol.

This example uses utility functions provided in util.h.

Example 11: Using a Secure Client

// File: examples\https\manual\RWHttpSecureClientExample.cpp

#include <rw/network/RWWinSockInfo.h>
#include <rw/network/RWInetAddr.h>
#include <rw/secsock/RWSecureSocketPackageInit.h>
#include <rw/secsock/RWSecureSocketContext.h>
#include <rw/http/RWHttpClient.h>
#include <rw/http/RWHttpRequest.h>
#include <rw/https/RWHttpsSecureSocketClient.h>
#include <rw/internet/RWURL.h>

#if defined(RW_NO_IOSTD)
#  include <iostream.h>
#else
#  include <iostream>
   using std::cout;
   using std::cerr;
   using std::endl;
#endif

#include "args.h"

// This data is used to seed the RNG
const unsigned char seed[] = "123456789012345678901234567890"
                             "123456789012345678901234567890"
                             "123456789012345678901234567890"
                             "123456789012345678901234567890"
                             "123456789012345678901234567890";

int main(int argc, char* argv[]) 
{
  RWWinSockInfo info;                                           //1
  RWSecureSocketPackageInit secsockInit;                        //2

  RWSecureSocketPackageInit::seedRNGFromMemory(SEED_DATA_FILE); //3

  RWTValSlist<RWCString> args = processArgs(argc, argv);
   
  if (args.entries() < 1)
  {
    cout << "Usage: " << argv[0] << " <url>" << endl;
    return 1;
  }
   
  RWURL url(args[0]);
   
  RWCString host = url.getHost();
  RWCString portStr = url.getPort();
     
  int port = atoi(portStr.data());
  
  RWSecureSocketContext context;                                //4
  // context.prepareToAuthenticate("<certificate file>");       //5

  RWHttpClient client;                                          //6
  client = RWHttpsSecureSocketClient::make(context);            //7

  RWHttpRequest request(RWHttpRequest::Get, "/");               //8

  try {
    client.connect(host, port);                                 //9
    client.submit(request);
    RWHttpReply reply = client.getReply();                      //10

    cout << reply.asString() << endl;

    if(reply.is2XX()) { 
      cout << reply.getBody() << endl;                          //11
    }
  } catch(const RWxmsg& msg) {
    cerr << "An unexpected exception occurred: " 
         << msg.why() << endl;
    return 1;
  }
  return 0;
}

`//1`	Initialize Windows Sockets (does nothing on UNIX).
`//2`	Initialize the Secure Sockets package.
`//3`	Seed the Random Number Generator in the Secure Sockets package (Note: Seedin the random number generator from a `const` string is not secure and not recommended in production applications, but is sufficient for this example).
`//4`	Create a *RWSecureSocketContext* instance.
`//5`	Initialize the context. This call instructs the context to prepare to authenticate the server we will connect to. The `<certificate_file>` is a text file that contains the root certificates of the certificate authorities we trust. (For example, we do not perform authentication in this example.)
`//6`	Create a HTTP client handle.
`//7`	Create an *RWHttpsSecureSocketClient* and associate the context with it. Connect this body with the handle created in `//6`.
`//8`	Create a request for the root document.
`//9`	Connect the client to the host and submit the request created in `//8`.
`//10`	Get the reply from the server. This function blocks until a reply is available.
`//11`	If the request was successful, write the body of the document to standard output.

The Rogue Wave name and logo, and SourcePro, are registered trademarks of Rogue Wave Software. All other trademarks are the property of their respective owners.
Provide feedback to Rogue Wave about its documentation.