Correct way to secure a connection between two program usiang a tcp socket

D.Rek Source

Basically I've got this the program. One acting as former client and the other as a server.

Currently they exchange their data in plain text. I need to add a layer to this process to encrypt and decrypt the messages sent over the socket.

To get things simple I want to use a symmetrical encryption.

I thought about using AES-128 via OpenSSL, but I didn't find any simple and correct (secure) way of doing this.

I can imagine there will be a function for initializing openssl, with encryption mode, maybe the key and an IV. Then there should be two function, one for encryption and the other for decryption which takes an arbitrary length array of char and returns another arbitrary length array of char.

Is it possible to keep things this simple? What is the correct way of doing this? Is there any other better/faster way to reach a good level of integrity and confidentiality on a C socket?



comments powered by Disqus