Secure Communication Module User’s Guide : PART II Secure Sockets Package : Chapter 4 Using Secure Sockets : Developing Secure Applications
Developing Secure Applications
This section explains how to write new applications and how to port existing applications.
Writing New Secure Sockets Applications
In general, to write new secure applications, you must:
1. Obtain certificates and keys for your application. See “Obtaining Certificates.”
2. Initialize the Winsock library, if you are using Windows, by calling the RWWinSockInfo constructor (see the ../sourceproref:index.htmlSourcePro C++ API Reference Guide).
3. Initialize the Secure Sockets package and seed the random number generator (if necessary). See “Initializing the Secure Sockets Package.”
4. Create an instance of class RWSecureSocketContext. See “Creating the Secure Socket Context.” Initialize the context using the setIdentity() function for a server, or the prepareToAuthenticate() function for a client.
To use both client and server authentication, call both functions. See “Initializing the Context to Perform Both Client and Server Authentication.”
5. Construct a certificate, if you are writing a server application. See “Constructing a Certificate” and “Checking the Validity of a Certificate.”
6. Create an RWInetAddr to bind or connect to.
7. Construct an RWSecureSocket, RWSecureSocketPortal, or RWSecureSocketListener using the context and address created in step 6. See “Using RWSecureSocket, RWSecureSocketPortal, and RWSecureSocketListener.”
8. Write an application that sends and receives secure messages.
Porting Existing Networking Package Applications to the Secure Sockets Package
NOTE >> SSL/TLS is defined to work only over TCP/IP sockets. UDP sockets cannot be used with SSL/TLS.
To port existing Networking package applications to the Secure Sockets package, follow these steps:
1. Obtain certificates and keys for your application. See “Obtaining Certificates.”
2. Initialize the Secure Sockets package and seed the random number generator (if necessary). See “Initializing the Secure Sockets Package.”
3. Create an RWSecureSocketContext. See “Creating the Secure Socket Context.” Initialize the context using the setIdentity() function for a server, or the prepareToAuthenticate() function for a client.
To use both client and server authentication, call both functions. See “Initializing the Context to Perform Both Client and Server Authentication.”
4. Construct a certificate, if you are writing a server application. See “Constructing a Certificate” and “Checking the Validity of a Certificate.”
5. Modify class names:
RWSocket to RWSecureSocket
RWSocketPortal to RWSecureSocketPortal
RWSocketListener to RWSecureSocketListener
NOTE >> Some RWSocket methods are not supported by RWSecureSocket.
6. Associate the RWSecureSocketContext with a socket, a portal, or a listener. Use either the constructor, the connect() method, the bind() method, the accept() method, or the setContext() method.