locked
Why i am not been able to use all the header files (eg->ssl.h) under open source openssl library ?

    Question

  • I have build opensll 1.0.1.c using visualstudio 2012 x86 command prompt

    i have been able  to use the opensll library under follwing header files (i have been able to use them both in desktop and metro app).

    md5.h  ( key genaration)

    hmac.h ( generating hash code)

    random.h (genrating random number)

    But  i cant use the following header in metro style app (although i have been able to use it in desktop app)

    ssl.h (for secure socket connection)

    i get build error when i include this header in metro app.it gives me following error.

    Error	1	error C2079: 'dtls1_state_st::next_timeout' uses undefined struct 'timeval'

    I have some question,

    Are libraries under ssl.h uses any restricted APIs for metro app?

    Can i get all the functionality of openssl(under ssl.h) (third party library) using windows.networking.sockets ?

    How to secure socket connections with TLS/SSL

    Can i use  third party library to extend some features of windows.networking.sockets?

    Thursday, September 13, 2012 6:09 AM

Answers

  • timeval struct is defined at winsock which is a desktop api and not supported in metro.

    To get SSL/TLS connection you can use SocketProtectionLevel enum class under streamsocket->connectAsync() instead of Openssl. This give you almost similar cryptographic encryption of Openssl.

    streamsocket->ConnectAsync(hostname, serviceName, SocketProtectionLevel::PlainSocket); 
    //0	A plain socket with no encryption.
    streamsocket->ConnectAsync(hostname, serviceName, SocketProtectionLevel::Ssl); 
    //1	A socket that must use the SSL for encryption. This value requires encryption and never allows a NULL cipher.
    streamsocket->ConnectAsync(hostname, serviceName,SocketProtectionLevel::SslAllowNullEncryption); 
    //2	A socket that prefers to use the SSL for encryption. This value prefers that full encryption be used, but allows a NULL cipher (no encryption) based on the server configuration.


    Thursday, September 13, 2012 2:23 PM