9 replies to this topic

[RhetoricalRuvim]

I want to make an application that could check my gmail for me and tell me if I have any messages in my inbox. I know that gmail's protocol is https, and I don't exactly know if there are any differences between http and https, in sending and receiving data (does it have to be encoded before being sent and after being received?). I know https has something to do with SSL. I have a little bit of experience in making win32 programs that use windows socket programming.

[WingedPanther]

Why not use Thunderbird? HTTPS is very different from HTTP, it uses dual key encryption.

[Ewe Loon]

Firstly, Gmail supports POP3, This would be a better way than trying to use HTTP since every time they change their display formatting your program would have to adapt to it
Secondly you need to decide what language you will write the program in then go to that section for specific details

also note there are many programs that will do this, in fact i believe gmail have a notifier for this purpose
try googling Gmail Notifier

[RhetoricalRuvim]

I use win32 assembly language. It's nice to already have tools like Thunderbird and Gmail Notifier, but I want to be able to do those things with my own programming; or at least I want to make some functions that could deal with https.

[WingedPanther]

You'll need an encryption library, or to roll your own, as a start. This can get fairly messy.

[RhetoricalRuvim]

Do you know any recourse on the web for https?

[RhetoricalRuvim]

I meant resources...

[WingedPanther]

It's going to depend a LOT on the language you want to do this in.

[RhetoricalRuvim]

So what if I'm using win32 asm?

[LuthfiHakim]

If you are going to do it with asm, then I believe you can try to read the binaries of applications that support SSL (https). I practically have no experience in that area, so I don't know whether it's actually doable/feasible.

SSL (as used in https) uses two levels of encryption/decryption. Initially when starting a session SSL uses asymetric encryption (those using private-public key) to exchange what password (randomly generated) to use in next level. After that, throughout the session both parties will use symetric encryption using the exchanged password. This scheme is needed since asymetric encryption is very secure and allowed publication of "password" but require much longer time to encrypt and decrypt compared to symetric one.

I don't know resources of SLL for asm, but I think from my brief description above you can grasp the complexity of SSL. If not, let me break down some important factors.

• You have to implement asymetric encryption. For this you can study OpenSSL (search sourceforge.net).
  
• You have to implement symetric encryption, I believe AES/Rijndael in the one you may want the most.
  
• You have to implement several hashing algorithm (although MD5, perhaps, could cover all).
  
• You have to develop library to allow you to work with large number of bits as a single entity. Because nowadays 1024 bit encryption is not a rare thing. 128bit is a must.
  
• You may want to learn/implement of how to retrieve public keys from public repositories.

Note that if you can read C, you can learn everything from OpenSSL project.