any information regarding adding DTLS using OpenSSL

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

any information regarding adding DTLS using OpenSSL

Pjothi
Dear all,
 
I am a student and am trying to setup a demonstration with TLS and DTLS support between a SIP client and a Proxy.
 
Has anyone some information regarding adding DTLS support for a SIP client/Proxy or a more generic one using OpenSSL. I just need it for demonstration purposes and so error handling's if any need not be complete. Just a simple support and a demonstration of both would do fine. If anyone has any information regarding this, may be a how to start or any introductory article would be of great help, kindly let me know. This would be of great help. Any suggestions regarding the same are most welcome.
 
kindly let me know and thank you very much.
 
regards,
Pjothi
Reply | Threaded
Open this post in threaded view
|

Re: any information regarding adding DTLS using OpenSSL

Girish Venkatachalam
Dear Pjothi,

Making an application TLS aware/TLS enabled is not
much trouble once you have access to the source code.
You have to set up the SSL/TLS server with proper
X.509 certificate and corresponding private key,
specify which protocol(in your case TLS v1) you want
to use and then call SSL_accept() at the server side.

In the client side you would have to call an
SSL_connect() which would take care of the SSL/TLS
handshake.

After that all you have to do is replace all
send/write with SSL_write() and all read/recv with
SSL_read().

There are a few examples for you to get started. For
generating X.509 certificates you can use the openssl
command line tool or get a readymade keypair.

Here are links that will help you in this endeavor.

http://www.rtfm.com/sslbook/examples/c-examples.tar.gz
http://www.opensslbook.com/NSwO-1.3.tar.gz

I have no idea about DTLS. This website seems to give
some info.

http://crypto.stanford.edu/~nagendra/projects/dtls/dtls.html

Once you get familiarised with TLS DTLS should not be
much different I guess.

All the best!

regards,
Girish

--- Pjothi <[hidden email]> wrote:

> Dear all,
>
> I am a student and am trying to setup a
> demonstration with TLS and DTLS
> support between a SIP client and a Proxy.
>
> Has anyone some information regarding adding DTLS
> support for a SIP
> client/Proxy or a more generic one using OpenSSL. I
> just need it for
> demonstration purposes and so error handling's if
> any need not be complete.
> Just a simple support and a demonstration of both
> would do fine. If anyone
> has any information regarding this, may be a how to
> start or any
> introductory article would be of great help, kindly
> let me know. This would
> be of great help. Any suggestions regarding the same
> are most welcome.
>
> kindly let me know and thank you very much.
>
> regards,
> Pjothi
>


__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around
http://mail.yahoo.com 
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

OpenSSL on OpenBSD - complexities?

Wes Kussmaul
Hello,

We are planning on using OpenSSL on an OpenBSD 3.8 platform to generate
RSA key pairs, sign them with our own CA and embed them in hard tokens.

I notice a question in the FAQ:

''Why does OpenBSD-i386 build fail on des-586.s with 'Unimplemented
segment type'?'' The answer makes me wonder: are there complexities to
this combination (OpenBSD/OpenSSL) that we should know about?

Thanks in advance.

--
Wes Kussmaul
CIO
The Village Group
738 Main Street
Waltham, MA 02451

781-647-7178


My uncle likes to say that the world’s biggest troubles started when the serpent said, “Try this fruit, and by the way if a bunch of people collectively calling themselves Arthur Andersen signs something it’s the same as if a person named Arthur Andersen signed it.” I don’t get the serpent and fruit part. Must be some Swiss mythology thing. He can be a bit obscure.

                         P.K. Iggy
                         _How I Like Fixed The Internet_
                           (Tales from the Great Infodepression of 2009
                           and the prosperity that followed)



______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: any information regarding adding DTLS using OpenSSL

Kyle Hamilton
In reply to this post by Girish Venkatachalam
The problem is this: DTLS code exists in OpenSSL somewhere, but it's
not documented.

-Kyle H

On 1/31/06, Girish Venkatachalam <[hidden email]> wrote:

> Dear Pjothi,
>
> Making an application TLS aware/TLS enabled is not
> much trouble once you have access to the source code.
> You have to set up the SSL/TLS server with proper
> X.509 certificate and corresponding private key,
> specify which protocol(in your case TLS v1) you want
> to use and then call SSL_accept() at the server side.
>
> In the client side you would have to call an
> SSL_connect() which would take care of the SSL/TLS
> handshake.
>
> After that all you have to do is replace all
> send/write with SSL_write() and all read/recv with
> SSL_read().
>
> There are a few examples for you to get started. For
> generating X.509 certificates you can use the openssl
> command line tool or get a readymade keypair.
>
> Here are links that will help you in this endeavor.
>
> http://www.rtfm.com/sslbook/examples/c-examples.tar.gz
> http://www.opensslbook.com/NSwO-1.3.tar.gz
>
> I have no idea about DTLS. This website seems to give
> some info.
>
> http://crypto.stanford.edu/~nagendra/projects/dtls/dtls.html
>
> Once you get familiarised with TLS DTLS should not be
> much different I guess.
>
> All the best!
>
> regards,
> Girish
>
> --- Pjothi <[hidden email]> wrote:
>
> > Dear all,
> >
> > I am a student and am trying to setup a
> > demonstration with TLS and DTLS
> > support between a SIP client and a Proxy.
> >
> > Has anyone some information regarding adding DTLS
> > support for a SIP
> > client/Proxy or a more generic one using OpenSSL. I
> > just need it for
> > demonstration purposes and so error handling's if
> > any need not be complete.
> > Just a simple support and a demonstration of both
> > would do fine. If anyone
> > has any information regarding this, may be a how to
> > start or any
> > introductory article would be of great help, kindly
> > let me know. This would
> > be of great help. Any suggestions regarding the same
> > are most welcome.
> >
> > kindly let me know and thank you very much.
> >
> > regards,
> > Pjothi
> >
>
>
> __________________________________________________
> Do You Yahoo!?
> Tired of spam?  Yahoo! Mail has the best spam protection around
> http://mail.yahoo.com
> ______________________________________________________________________
> OpenSSL Project                                 http://www.openssl.org
> User Support Mailing List                    [hidden email]
> Automated List Manager                           [hidden email]
>
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]