本文发表在 rolia.net 枫下论坛关于SSL programming,Eric Rescola 的SSL and TLS: Designing and Building Secure Systems [1] 有一些关于SSL programming 的介绍我觉得不错,虽然是基于 OpenSSL 的,但我想对其他的 SSL Toolkit 也应该适用。我有这本书的 hard copy,但对于 SSL 编程的部分只是粗略地看了一下,好像是 SSL 的 API 是对 Socket API 进行了一些修改,这样使得普通的网络应用程序能够比较容易地改写为基于 SSL 的网络应用程序。(我的书放在公司了,所以现在没法给你查对。)
SSL programming 涉及到网络编程及加密编程,所以对这两方面也应该比较熟悉才对。关于网络编程,我认为最好的书是 W. Richard Stevens 的 UNIX Network Programming, Volume 1: Networking APIs - Sockets and XTI [2]。关于加密的书,我觉得 Alfred J. Menezes 等人写的 Handbook of Applied Cryptography [3] 不错。
许多 Open Source 的 software projects 都是基于 OpenSSL 的,比如说:
stunnel (http://www.stunnel.org)
sslwrap (similar to stunnel, http://www.quiltaholic.com/rickk/sslwrap/)
mod_ssl (http://www.modssl.org)
OpenSSH (http://www.openssh.com)
and various networking software's ssl/tls part: sendmail, postfix, openldap, curl, etc.
阅读这些软件的源程序应该对掌握 SSL 编程有所帮助。
关于sercurity programming,我觉得这个命题有点儿太大,应该把它分为若干类才好归纳。有个 website 叫做 Security Bible [4] 我觉得不错,涵盖内容非常广泛,有兴趣可以去看看。
----
[1] About Eric Rescola's book SSL and TLS, See:
(a) http://cseng.aw.com/book/0,3828,0201615983,00.html
(b) http://www.amazon.com/exec/obidos/ASIN/0201615983/
[2] About W. Richard Stevens' book UNIX Network Programming, Volume 1, See:
http://www.amazon.com/exec/obidos/ASIN/013490012X/
[3] For Alfred J. Menezes et al's book Handbook of Applied Cryptography, you can get a free online copy at:
http://www.cacr.math.uwaterloo.ca/hac/
[4] SecurityFlaw's Information Security Bible:
http://www.securityflaw.com/bible/更多精彩文章及讨论,请光临枫下论坛 rolia.net
SSL programming 涉及到网络编程及加密编程,所以对这两方面也应该比较熟悉才对。关于网络编程,我认为最好的书是 W. Richard Stevens 的 UNIX Network Programming, Volume 1: Networking APIs - Sockets and XTI [2]。关于加密的书,我觉得 Alfred J. Menezes 等人写的 Handbook of Applied Cryptography [3] 不错。
许多 Open Source 的 software projects 都是基于 OpenSSL 的,比如说:
stunnel (http://www.stunnel.org)
sslwrap (similar to stunnel, http://www.quiltaholic.com/rickk/sslwrap/)
mod_ssl (http://www.modssl.org)
OpenSSH (http://www.openssh.com)
and various networking software's ssl/tls part: sendmail, postfix, openldap, curl, etc.
阅读这些软件的源程序应该对掌握 SSL 编程有所帮助。
关于sercurity programming,我觉得这个命题有点儿太大,应该把它分为若干类才好归纳。有个 website 叫做 Security Bible [4] 我觉得不错,涵盖内容非常广泛,有兴趣可以去看看。
----
[1] About Eric Rescola's book SSL and TLS, See:
(a) http://cseng.aw.com/book/0,3828,0201615983,00.html
(b) http://www.amazon.com/exec/obidos/ASIN/0201615983/
[2] About W. Richard Stevens' book UNIX Network Programming, Volume 1, See:
http://www.amazon.com/exec/obidos/ASIN/013490012X/
[3] For Alfred J. Menezes et al's book Handbook of Applied Cryptography, you can get a free online copy at:
http://www.cacr.math.uwaterloo.ca/hac/
[4] SecurityFlaw's Information Security Bible:
http://www.securityflaw.com/bible/更多精彩文章及讨论,请光临枫下论坛 rolia.net