Reputation: 1
Turning Http server written in C into HTTPS using RSA
I have built a server in C from sratch using sockets and I was wandering if it is possible for me to add an extra layer of security by adding RSA encryption to make sure that the client and the server have a encrypted communication.
I am quite familiar with the theory behind RSA, and I have built the encryption tool before and succesfully was able to encrypt keys. I was just wondering I could include this in my C server.
Upvotes: 0
Views: 39
Answers (1)
Reputation:
I'm afraid there's a lot more to TLS -- that is, Transport-Level Security, which is used to implement HTTPS -- than RSA encryption.
Your best bet will be to integrate the OpenSSL library, which implements TLS. Otherwise, you will have a number of major hurdles to overcome, including:
- Parsing the TLS message format
- Parsing X.509 certificates and validating the certificate chain
- Performing a TLS handshake, which requires:
- Implementing one or more key exchange algorithms (like RSA-DSS)
- Implementing one or more encryption suites (like AES-CBC)
- Implementing one or more data integrity suites (like SHA256)
- Implementing workarounds for known errata of other TLS implementations
Upvotes: 2
Related Questions
- Turn a simple socket into an SSL socket
- SSL/HTTPS client in C
- How to implement RSA Encryption in C?
- C to perform HTTPS requests with openssl
- Make an https request using sockets on linux
- C written HTTP server resets connection after repling
- SSL Cipher help in C
- Web server with OpenSSL
- Any HTTP library in C that allows direct communication with the server?
- HTTPS with Linux sockets?