SSL with client authentification using perl

Marcel Pantigny Mon, 20 Mar 2000 05:37:38 -0800
Hello,

We intend to use SSL with client authentification using perl.

We try it with the following code:

******************************
#!/usr/local/bin/perl
use Socket;
use Net::SSLeay qw(die_now die_if_ssl_error CTX_use_RSAPrivateKey_file
CTX_use_certificate_file use_RSAPrivateKey_file use_certificate_file) ;

Net::SSLeay::load_error_strings();
Net::SSLeay::ERR_load_crypto_strings();
Net::SSLeay::SSLeay_add_ssl_algorithms();
Net::SSLeay::randomize();
$Net::SSLeay::trace =4 ;

($dest_serv, $port, $msg) = @ARGV;      # Read command line

$port = getservbyname ($port, 'tcp') unless $port =~ /^\d+$/;
$dest_ip = gethostbyname ($dest_serv);
$dest_serv_params  = sockaddr_in($port, $dest_ip);

socket  (S, &AF_INET, &SOCK_STREAM, 0)  or die "socket: $!";
connect (S, $dest_serv_params)          or die "connect: $!";
select  (S); $| = 1; select (STDOUT);   # Eliminate STDIO buffering

# The network connection is now open, lets fire up SSL

$ctx = Net::SSLeay::CTX_new() or die_now("Failed to create SSL_CTX $!");
Net::SSLeay::CTX_set_options($ctx, &Net::SSLeay::OP_ALL)
     and die_if_ssl_error("ssl ctx set options");

$ssl = Net::SSLeay::new($ctx) or die_now("Failed to create SSL $!");
Net::SSLeay::set_fd($ssl, fileno(S));   # Must use fileno

## Following will ask password unless private key is not encrypted
Net::SSLeay::CTX_use_RSAPrivateKey_file ($ctx, 'oper-xyz4.rsa',
&Net::SSLeay::FILETYPE_PEM);
die_if_ssl_error("private key");
Net::SSLeay::CTX_use_certificate_file ($ctx, 'oper-xyz4.pem',
&Net::SSLeay::FILETYPE_PEM);
die_if_ssl_error("certificate");

Net::SSLeay::use_RSAPrivateKey_file ($ssl, 'oper-xyz4.rsa',
&Net::SSLeay::FILETYPE_PEM);
die_if_ssl_error("private key");
Net::SSLeay::use_certificate_file ($ssl, 'oper-xyz4.pem',
&Net::SSLeay::FILETYPE_PEM);
die_if_ssl_error("certificate");


$Net::SSLeay::trace = 4 ;
$res = Net::SSLeay::connect($ssl) and die_if_ssl_error("ssl connect");
print "Cipher `" . Net::SSLeay::get_cipher($ssl) . "'\n";

# Exchange data

$res = Net::SSLeay::write($ssl, $msg) or die_if_ssl_error("ssl write $!");
# Perl knows how long $msg is

print "SSL: $ssl\n";
print "REQUEST: $res\n";

shutdown S, 1;  # Half close --> No more output, sends EOF to server
$got = Net::SSLeay::read($ssl) or die_if_ssl_error("ssl read");         #
Perl returns undef on failure

print $got;

Net::SSLeay::free ($ssl);               # Tear down connection
Net::SSLeay::CTX_free ($ctx);
close S;
******************************

The output data with this Perl-Code is:

******************************
Cipher `EXP-RC4-MD5'
SSL : 1023752
REQUEST: 39
******************************

Is there is anybody, who can help us ???

best regards,


Marcel C. Pantigny

------------------------------------------
media transfer GmbH
Dipl.-Ing. Marcel C. Pantigny

Kleyerstra�e 8
D-64295 Darmstadt
Germany

Phone: (+49) 61 51   81 93 36
Fax: (+49) 61 51   81 93 41
eMail: [EMAIL PROTECTED]
WWW: http://www.mtgnet.de
smime.p7s
SSL with client authentification using perl

Reply via email to
