4.2 Developing Secure Applications
This section explains how to write new applications and how to port existing applications.
4.2.1 Writing New Secure Sockets Applications
In general, to write new secure applications, you must:
1. Obtain certificates and keys for your application. See Section 4.3, “Obtaining Certificates.”
2. Initialize the Winsock library, if you are using Windows, by calling the RWWinSockInfo constructor (see the SourcePro C++ API Reference Guide).
3. Initialize the Secure Sockets package and seed the random number generator (if necessary). See Section 4.4, “Initializing the Secure Sockets Package.”
4. Create an instance of class RWSecureSocketContext. See Section 4.5, “Creating the Secure Socket Context.” Initialize the context using the setIdentity() function for a server, or the prepareToAuthenticate() function for a client.
To use both client and server authentication, call both functions. See Section 4.5.2, “Initializing the Context to Perform Both Client and Server Authentication.”
5. Construct a certificate, if you are writing a server application. See Section 4.6, “Constructing a Certificate,” and Section 4.7, “Checking the Validity of a Certificate.”
6. Create an RWInetAddr to bind or connect to.
7. Construct an RWSecureSocket, RWSecureSocketPortal, or RWSecureSocketListener using the context and address created in step 6. See Section 4.8, “Using RWSecureSocket, RWSecureSocketPortal, and RWSecureSocketListener.”
8. Write an application that sends and receives secure messages.
4.2.2 Porting Existing Networking Package Applications to the Secure Sockets Package
SSL/TLS is defined to work only over TCP/IP sockets. UDP sockets cannot be used with SSL/TLS.
To port existing Networking package applications to the Secure Sockets package, follow these steps:
1. Obtain certificates and keys for your application. See Section 4.3, “Obtaining Certificates.”
2. Initialize the Secure Sockets package and seed the random number generator (if necessary). See Section 4.4, “Initializing the Secure Sockets Package.”
3. Create an RWSecureSocketContext. See Section 4.5, “Creating the Secure Socket Context.” Initialize the context using the setIdentity() function for a server, or the prepareToAuthenticate() function for a client.
To use both client and server authentication, call both functions. See Section 4.5.2, “Initializing the Context to Perform Both Client and Server Authentication.”
4. Construct a certificate, if you are writing a server application. See Section 4.6, “Constructing a Certificate,” and Section 4.7, “Checking the Validity of a Certificate.”
5. Modify class names:
* RWSocket to RWSecureSocket
*RWSocketPortal to RWSecureSocketPortal
*RWSocketListener to RWSecureSocketListener
Some RWSocket methods are not supported by RWSecureSocket.
6. Associate the RWSecureSocketContext with a socket, a portal, or a listener. Use either the constructor, the connect() method, the bind() method, the accept() method, or the setContext() method.