1

I have to write an application that implements a secure connection between client and server using Microsoft API . Google give me a lot of results, and I have a big mess -need someone to make me some order in my head:

Questions:

  1. what is SSPI interface? what is Schannel.dll library? what are the diffrents? (I see that I can include "SSPI.h" and "Schannel.h" and "security32.h" - which header file do I really need?)

  2. How can I find a real simple sample that explains me how to create secure sockets?

  3. Do you have some guidelines that I have to know before I start?

I would appreciate very much if you can help.

RRR
  • 3,937
  • 13
  • 51
  • 75

1 Answers1

3

SSPI allows an application to use various security models available on a computer or network without changing the interface to the security system.

To paraphrase, it allows you to use a single set of API with different authentication or verification mechanisms, thus hiding complexity.

For your second question, have a look at this: Creating a Secure Connection Using Schannel with related sample code here.

user1055604
  • 1,624
  • 11
  • 28
  • Thank you!, so it is better for me to use SSPI instead of schannel? the SSPI interface wraps the schanel interface? if so, do you have an example for me showing how to implement TLS connection using sspi interface? thank you very much! – RRR Mar 20 '12 at 09:23
  • ok - I saw that the links above show also SSPI implementation. so that I only need additional explantation about the differences between schannel and sspi - thanks. – RRR Mar 20 '12 at 10:18
  • SSPI provides the interface that SChannel implements for setting up a SSL/TLS connection between two endpoints. Further, read the explanation given in [this](http://www.codeproject.com/Articles/2642/SSL-TLS-client-server-for-NET-and-SSL-tunnelling) article. Hope this answers your question. – user1055604 Mar 20 '12 at 12:12
  • thanks!, one more question: - and sspi provides also other security intrfaces such as interface for kerberos authentication?, in other words sspi provids interfaces to many secures models, but implements them by using other low-level libraries? (do I find include to Schannel.h header file in the sspi.h header file ?) - thanks again! – RRR Mar 20 '12 at 18:04
  • yes... they are each [SSP](http://msdn.microsoft.com/en-us/library/ms721625.aspx#_security_security_support_provider_gly)s – user1055604 Mar 20 '12 at 18:38
  • @RRR can you please help me in my problem, it is similar to your question: https://stackoverflow.com/questions/64620878/how-to-send-data-from-cpp-application-in-windows-to-rsyslog-in-centos-tls-over – aromahola Oct 31 '20 at 10:49