> Hi! I have some transport which based on winsock. Client(FTPS)
> send to me some data over SSL, and i receive it with (for example):
>
> ...
> if (WSARecv(AcceptSocket, &DataBuf, 1, &RecvBytes, &Flags,
> &AcceptOverlapped, NULL) == SOCKET_ERROR){
> if (WSAGetLastError() != WSA_IO_PENDING)
> printf("Error occured at WSARecv()\n");
> }
> ...
>
> DataBuf is complete packet.
There are no packets at TCP application layer. Unless you mean that you
somehow know that this is a complete SSL protocol data unit that corresponds
to application data, there is no way to know whether you have enough data to
decrypt and if so whether it will be application data rather than protocol
data.
Only the SSL layer can know that.
> Question:
> how can i decrypt received data in DataBuf, if i have
> certificate, puclic and private keys?
With an SSL implementation. There are no shortcuts.
> NOTE: i cannot use SSL_read and SSL_write in this task...:(
What does that mean? Would it help if you renamed those function to
SSL_read_getaroundstupidrequirement and
SSL_write_getaroundstupidrequirement? Or is there something SSL_read and
SSL_write do that you don't want? Or what?
If this your way of saying you don't want OpenSSL to do the socket I/O, then
don't let OpenSSL do the socket I/O. The SSL_read and SSL_write functions
operate on generic I/O mechanisms, not just sockets. (Google for "bio
pairs".)
DS
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
