I must use the RFC5077 TLS session resumption. My Client use Windows SChannel and server usually uses OpenSSL. In my test, following result.
OpenSSL 1.1.0 (or later) and SChannel: Always session reused, SChannel send previous Session…
We have a socket class that currently uses schannel via SSPI calls (This is a legacy Windows desktop application). The problem is that our application has to support the cipher suite TLS_ECDHE_ECDSA_WITH _AES_128_CCM_8 and this is not available in…
Usually Win32 API can tell what is the length of output buffer required. One need just pass 0 as buffer length and API returns error BUFFER_TOO_SMALL and number of bytes required.
But it is not the same with SslEncryptPacket. It just returns error…
I'm developing a C++/Windows TLS client.
I can build a certificate context for the server certificate in this way:
ReadFile(hFile, cert, 8192, &len, NULL);
CryptStringToBinary(cert, readLen, CRYPT_STRING_BASE64_ANY, binCert, &binLen, NULL,…
Is it possible to extract the certificate chain sent by the remote computer in TLS 1.0 Handshake?
The API QueryContextAttributes with SECPKG_ATTR_REMOTE_CERT_CONTEXT value, returns only the end certificate.
Is possible to extract all the chain…
On Windows 7Pro, I have a secure socket client app using schannel.
Connecting to a secure server with TLSV1.0, 1.1 and 1.2, without client authentication works fine.
Connecting to a secure server with TLSV1.0, 1.1, with client authentication works…
I'm trying to add SNI to my client-side program (C/C++) that uses Microsoft SDK's Schannel API for TLS.
I've searched everywhere but could not find any documentation on how Schannel supports SNI extension.
I looked up the documentation for …
I'm working to update a security library and I'm noticing some strange behavior when completing the SSL handshake and then calling querycontextattribute to obtain the header, maximum size, and trailer of the the messages. What I notice is when I…
I am trying to get SSL/TLS connections to work in windows. Right now I am using Schannel, but I am not sure this is the correct way to go about it. Here is my code. An exception is thrown at the InitializeSecurityContextA() function
#include…
I have to write an application that implements a secure connection between client and server using Microsoft API .
Google give me a lot of results, and I have a big mess -need someone to make me some order in my head:
Questions:
what is SSPI…
We have a client application on a Windows 7 SP1 VM with the appropriate hotfixes and registry settings to enable TLS 1.2 communication. We have a server application on a Windows Server 2019 Datacenter VM. The client and server establish a TLS 1.2…
I disabled TLS 1.0 and 1.1 like so:
[HKEY_LOCAL_MACHINE\SYSTEM...\SCHANNEL\Protocols\TLS 1.0\Client]
"DisabledByDefault"=dword:00000001
"Enabled"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM...\SCHANNEL\Protocols\TLS…
I'm working on a TLS client that needs to be upgraded to use TLS 1.3 on Windows-11. Has anyone successfully implemented TLS 1.3 using SChannel APIs?
As per Microsoft below link TLS 1.3 is supported in win-11 &…
At present we are using the rsyslog on Linux machine to send the message using TLS 1.2 which internally use GnuTLS library send the syslog message to one of our hosted server which accept the TLS data using the windows SCHANNEL method.
We are…
I have client certificates created with CNG keys with provider "Microsoft Platform Key Provider".
The CNG key has a password with strong key authentication using the CNG parameters NCRYPT_UI_FORCE_HIGH_PROTECTION_FLAG.
I am trying to use the…
