Re: EAP-TLS
Raghu wrote: Questions: 1. Is BIO interface suitable for the above scenario and can it be used to handle both handshaking data. 2. What are the different TLS/SSL APIs that can provide the following functionality A. Plain text message to TLS-message. B. TLS-message to Plain text message. C. TLS Handshaking APIs. Please provide any sort of information in this regard. Look at demos/state_machine and demos/tunala. Thankyou for the information. I was seeing Openssl 0.9.6b. It doesnot contain the above demos. I have been looking ssl source code, tunala mail archives for the past one week and still have some questions. 1. In state_machine_churn(), we loop twice because there might be some incomplete data in any one of the i/p buffers. Is this is right? If not, please help me in understanding this. ( I did read all the mails related to churn() with subject GSS-API Interface ) 2. Since EAP server can have multiple SSL connections, how can I associate the received data with/belongs to a specific SSL connection. 3. How to identify, if data contained handshake message or the actual data ? 4. I am thinking that SSL_read() SSL_write() handles even handshakes, please correct me if I am wrong. Please help me. From sockets perspective these are really simple questions, Since EAP handles every basic data transfer, there are no sockets/file descriptors involved. I am really finding hard to get the answers. I request someone to answer my questions. -Raghu __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: EAP-TLS
Questions: 1. Is BIO interface suitable for the above scenario and can it be used to handle both handshaking data. 2. What are the different TLS/SSL APIs that can provide the following functionality A. Plain text message to TLS-message. B. TLS-message to Plain text message. C. TLS Handshaking APIs. Please provide any sort of information in this regard. Look at demos/state_machine and demos/tunala. Thankyou for the information. I was seeing Openssl 0.9.6b. It doesnot contain the above demos. I have been looking ssl source code, tunala mail archives for the past one week and still have some questions. 1. In state_machine_churn(), we loop twice because there might be some incomplete data in any one of the i/p buffers. Is this is right? If not, please help me in understanding this. ( I did read all the mails related to churn() with subject GSS-API Interface ) 2. Since EAP server can have multiple SSL connections, how can I associate the received data with/belongs to a specific SSL connection. 3. How to identify, if data contained handshake message or the actual data ? 4. I am thinking that SSL_read() SSL_write() handles even handshakes, please correct me if I am wrong. Please help me. -Raghu __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
EAP-TLS
Hi, Repost(from users list) with slight enhancements. I thought, probably, it is a developer question. I just recently joined the OpenSSL world to implement EAP-TLS, rfc2716, using OpenSSL libraries. I could not make any significant progress for the last one week due to lack of documentation on ssl libraries and request your help. EAP Background: EAP-server handles all the transformation of TLS-messages (including handshaking messages). EAP-Server provides plain text message to SSL library for encryption, Similarly, it provides all the cipher text message to SSL library for decryption. To start with, lets say, 1. EAP-Server provides the complete cipher text message with all the (TLS/SSL) records to SSL library for decryption. 2. It is the responsibility of ssl library to handle all the handshaking, encryption decryption of a message and EAP-Server's responsibility to transfer all the messages to EAP-Client. (Please let me know if this is not possible with the existing ssl library) Questions: 1. Is BIO interface suitable for the above scenario and can it be used to handle both handshaking data. 2. What are the different TLS/SSL APIs that can provide the following functionality A. Plain text message to TLS-message. B. TLS-message to Plain text message. C. TLS Handshaking APIs. Please provide any sort of information in this regard. -Raghu __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]