BorlandTalk.com Borland discussion newsgroups   Archives   FAQ   Search   Memberlist   Usergroups   Register   Profile   Log in to check your private messages   Log in  TIdTCPClient - securing the connection          BorlandTalk.com Forum Index -> Delphi Internet Winsock View previous topic :: View next topic   Author Message Adrien Reboisson Guest Posted: Sun Dec 05, 2004 9:18 pm    Post subject: TIdTCPClient - securing the connection Hi ! I've designed a protocol to backup files over the network using Indy 10. It works fine, this library is really powerful :-) However I've some questions about how to secure the connection. I mean by "to secure" to apply an algorithm capable of making the content of the "dialog" between the client and the server not understandable by another person between the two entities. Currently, files are written "as is" on the connection. I mean that streams are sent without any encryption. I see currently two way to encrypt connection's datas : 1. Encrypt before the sending, decrypt after the receiving It's a very basic solution, which uses a symetrical algorithm. Not very complex, furthermore. 2. Encrypt all the communications by using a custom TIdIOHandler I think it's the best solution since all the work is done by Indy, I don't have to remember "I have to call EncryptStream before sending this stream..." and so on. To do that I suppose I have to create a custom TIdIOHandler to intercept, encrypt and decrypt all the data sent and received by the component. I saw some posts about Indy & SSL. I also read a good article on secureBlackbox about the SSL protocol, how it works, and so on. All the posts I read on the newsgroups spoke about SLL & TIdHTTP, but I use TIdTCPClient/TIdTCPServer... Is it possible to use SLL features just with a TIdTCPClient and TIdSSLIOHandlerSocketOpenSSL ? Same thing with a TIdTCPServer and a TIdServerIOHandlerSSLOpenSSL... Thank you. Regards, A.R. Back to top Ciaran Costelloe Guest Posted: Sun Dec 05, 2004 10:04 pm    Post subject: Re: TIdTCPClient - securing the connection "Adrien Reboisson" <rabusier.no.spam.please._ (AT) free (DOT) fr> wrote Quote: Hi ! I've designed a protocol to backup files over the network using Indy 10. It works fine, this library is really powerful :-) However I've some questions about how to secure the connection. I mean by "to secure" to apply an algorithm capable of making the content of the "dialog" between the client and the server not understandable by another person between the two entities. Currently, files are written "as is" on the connection. I mean that streams are sent without any encryption. I see currently two way to encrypt connection's datas : 1. Encrypt before the sending, decrypt after the receiving It's a very basic solution, which uses a symetrical algorithm. Not very complex, furthermore. 2. Encrypt all the communications by using a custom TIdIOHandler I think it's the best solution since all the work is done by Indy, I don't have to remember "I have to call EncryptStream before sending this stream..." and so on. To do that I suppose I have to create a custom TIdIOHandler to intercept, encrypt and decrypt all the data sent and received by the component. I saw some posts about Indy & SSL. I also read a good article on secureBlackbox about the SSL protocol, how it works, and so on. All the posts I read on the newsgroups spoke about SLL & TIdHTTP, but I use TIdTCPClient/TIdTCPServer... Is it possible to use SLL features just with a TIdTCPClient and TIdSSLIOHandlerSocketOpenSSL ? Same thing with a TIdTCPServer and a TIdServerIOHandlerSSLOpenSSL... SSL is very commonly used with HTTP, but TIdSSLIOHandlerSocketOpenSSL is not limited to TIdHTTP. Ciaran Back to top Thomas Wegner Guest Posted: Sun Dec 05, 2004 10:42 pm    Post subject: Re: TIdTCPClient - securing the connection Hello, in hidden equipment like communication between to apps over tcp i use your first method, it was the easiest and your are free with used encrypting method. Over second method i never think. Third method i use in public scenario like webservers, that communicate with a browser, so the user can see, that the communication was secure and the browser also not understand any other method ! Sorry for my english, i hope you understand. --------------------------------------------- Thomas Wegner Cabrio Meter - The Weather Plugin for Trillian http://www.wegner24.de "Adrien Reboisson" <rabusier.no.spam.please._ (AT) free (DOT) fr> schrieb im Newsbeitrag news:41b37b2f$1 (AT) newsgroups (DOT) borland.com... Quote: Hi ! I've designed a protocol to backup files over the network using Indy 10. It works fine, this library is really powerful :-) However I've some questions about how to secure the connection. I mean by "to secure" to apply an algorithm capable of making the content of the "dialog" between the client and the server not understandable by another person between the two entities. Currently, files are written "as is" on the connection. I mean that streams are sent without any encryption. I see currently two way to encrypt connection's datas : 1. Encrypt before the sending, decrypt after the receiving It's a very basic solution, which uses a symetrical algorithm. Not very complex, furthermore. 2. Encrypt all the communications by using a custom TIdIOHandler I think it's the best solution since all the work is done by Indy, I don't have to remember "I have to call EncryptStream before sending this stream..." and so on. To do that I suppose I have to create a custom TIdIOHandler to intercept, encrypt and decrypt all the data sent and received by the component. I saw some posts about Indy & SSL. I also read a good article on secureBlackbox about the SSL protocol, how it works, and so on. All the posts I read on the newsgroups spoke about SLL & TIdHTTP, but I use TIdTCPClient/TIdTCPServer... Is it possible to use SLL features just with a TIdTCPClient and TIdSSLIOHandlerSocketOpenSSL ? Same thing with a TIdTCPServer and a TIdServerIOHandlerSSLOpenSSL... Thank you. Regards, A.R. Back to top Adrien Reboisson Guest Posted: Tue Dec 07, 2004 12:28 pm    Post subject: Re: TIdTCPClient - securing the connection Okay. First, I have to generate the certificates and all the files needed to identify the entities. But after that ?... On the client side, I seems to be not too difficult. I just have to put a TIdSSLIOHandlerSocketOpenSSL as custom IOHandler for my TIdTCPClient. For the server, it seems to be more difficult. I'm a bit lost. What sould I do (except to assign a TIdSSLIOHandlerSocketOpenSSL to the connection's IOHandler)... Indy's SSL DLL seems required on the server side. Why ? Currently my server is designed to work under Kylix. Is there any .so library build for this IDE ?... I hope that my questions aren't too stupid but I'm a big SSL beginner :-) Thanks. A.R. Back to top Eugene Mayevski Guest Posted: Tue Dec 07, 2004 12:34 pm    Post subject: Re: TIdTCPClient - securing the connection Hello! You wrote on 7 Dec 2004 04:28:23 -0800: AR> Okay. First, I have to generate the certificates and all the files AR> needed to identify the entities. But after that ?... On the client AR> side, I seems to be not too difficult. I just have to put a AR> TIdSSLIOHandlerSocketOpenSSL as custom IOHandler for my TIdTCPClient. AR> For the server, it seems to be more difficult. Why does it seem so? What you need to have on the server side is a certificate (see my answer to Thomas Wegner on Dec 4 in this newsgroup), that's all. AR> I'm a bit lost. What sould I do (except to assign a AR> TIdSSLIOHandlerSocketOpenSSL to the connection's IOHandler)... Indy's AR> SSL DLL seems required on the server side. Why ? Currently my server is AR> designed to work under Kylix. Is there any .so library build for this AR> IDE ?... I hope that my questions aren't too stupid but I'm a big SSL AR> beginner :-) You can use SecureBlackbox and avoid any troubles with DLLs and all that stuff. See http://www.secureblackbox.com/delphi-ssl.html for details. Also, you will get individual support. With best regards, Eugene Mayevski Back to top Display posts from previous: All Posts1 Day7 Days2 Weeks1 Month3 Months6 Months1 Year Oldest FirstNewest First         BorlandTalk.com Forum Index -> Delphi Internet Winsock All times are GMT Page 1 of 1   Jump to: Select a forum C++ Builder Newsgroups----------------C++ BuilderC++ Builder (ActiveX)C++ Builder (Announcements)C++ Builder (Command Line Tools)C++ Builder DatabasesC++ Builder Databases (ADO)C++ Builder Databases (Desktop)C++ Builder Databases (InterBase Express)C++ Builder Databases (Multi-Tier)C++ Builder Databases (SQL Servers)C++ Builder (Graphics)C++ Builder (IDE)C++ Builder (Internet)C++ Builder (Internet Socket)C++ Builder (Internet Web)C++ Builder (Jobs)C++ Builder (Language)C++ Builder (Language C++)C++ Builder (Compatibility with MFC)C++ Builder (Native API)C++ Builder (Non-Technical)C++ Builder (Students)C++ Builder (Third Party Tools)C++ Builder (Upgrade)C++ Builder (VCL)C++ Builder (VCL Components Usage)C++ Builder (VCL Components Development)C++ Builder (VCL Usage)C++ Builder (WinAPI)C++ Builder Installation Delphi Newsgroups----------------Delphi (General)Delphi ActiveX Controls UsageDelphi ActiveX Controls DevelopmentDelphi As400Delphi DatabasesDelphi Databases (ADO)Delphi Databases (dbExpress)Delphi Databases (Desktop)Delphi Databases (InterBase Express)Delphi Databases (Multi-Tier)Delphi Databases (SQL Servers)Delphi DeploymentDelphi GraphicsDelphi IDEDelphi InternationalizationDelphi InternetDelphi Internet Isapi-WebBrokerDelphi Internet WebSnapDelphi Internet WinsockDelphi JobsDelphi Language BASMDelphi Language ObjectPascalDelphi Model Driven Architecture (General)Delphi Model Driven Architecture (Third Party)Delphi MultimediaDelphi Native APIDelphi Non-TechnicalDelphi ObjectPascalDelphi OLE AutomationDelphi OO designDelphi OpenToolsAPIDelphi Reporting-ChartingDelphi RTLDelphi StudentsDelphi TeamSourceDelphi Thirdparty ToolsDelphi Thirdparty Tools (General)Delphi Thirdparty Tools (IntraWeb)Delphi Thirdparty Tools (RaveReports)Delphi UpgradeDelphi VCLDelphi VCL ComponentsDelphi VCL Components UsingDelphi VCL Components WritingDelphi WebServices SOAPDelphi WinAPIDelphi XMLDelphi Installationcomp.lang.pascal.delphi.components.misccomp.lang.pascal.delphi.components.usagecomp.lang.pascal.delphi.components.writingcomp.lang.pascal.delphi.databasescomp.lang.pascal.delphi.misccomp.sources.delphi JBuilder Newsgroups----------------JBuilderJBuilder AnnouncementsJBuilder Applet IssuesJBuilder As400JBuilder CompilerJBuilder CORBA/RMIJBuilder DatabasesJBuilder DB SwingJBuilder DebuggerJBuilder DeploymentJBuilder DocumentationJBuilder EnterpriseJBuilder HandheldJBuilder IDEJBuilder JavaJBuilder JavaAPIJBuilder Java LanguageJBuilder Java SwingJBuilder Java BeansJBuilder Java Beans UsageJBuilder Java Beans DevelopmentJBuilder JBCLJBuilder JDataStoreJBuilder JobsJBuilder LinuxJBuilder MacintoshJBuilder & MobileSetJBuilder MultiLingual AppsJBuilder Non-TechnicalJBuilder OpenToolsJBuilder Servlets (JSP)JBuilder StudentsJBuilder Team DevelopmentJBuilder Thirdparty ToolsJBuilder UpgradeJBuilder Installation InterBase Newsgroups----------------InterBaseInterBase Bug DiscussionInterBase GeneralInterBase IBConsoleInterBase OpenSourceInterBase ReplicationInterBase SQLInterBase ThirdpartyInterBase Installation Miscellaneous Borland Newsgroups----------------AppCenterAppServerEnteraVisiBroker  You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum Powered by phpBB © 2001, 2006 phpBB Group SEO toolkit © 2004-2006 webmedic.