| <html> |
| <head> |
| <meta http-equiv="Content-Type" content="text/html; charset=US-ASCII"> |
| <title>SSL</title> |
| <link rel="stylesheet" href="../../../../doc/src/boostbook.css" type="text/css"> |
| <meta name="generator" content="DocBook XSL Stylesheets V1.75.2"> |
| <link rel="home" href="../../boost_asio.html" title="Boost.Asio"> |
| <link rel="up" href="../overview.html" title="Overview"> |
| <link rel="prev" href="windows/random_access_handle.html" title="Random-Access HANDLEs"> |
| <link rel="next" href="implementation.html" title="Platform-Specific Implementation Notes"> |
| </head> |
| <body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"> |
| <table cellpadding="2" width="100%"><tr> |
| <td valign="top"><img alt="Boost C++ Libraries" width="277" height="86" src="../../../../boost.png"></td> |
| <td align="center"><a href="../../../../index.html">Home</a></td> |
| <td align="center"><a href="../../../../libs/libraries.htm">Libraries</a></td> |
| <td align="center"><a href="http://www.boost.org/users/people.html">People</a></td> |
| <td align="center"><a href="http://www.boost.org/users/faq.html">FAQ</a></td> |
| <td align="center"><a href="../../../../more/index.htm">More</a></td> |
| </tr></table> |
| <hr> |
| <div class="spirit-nav"> |
| <a accesskey="p" href="windows/random_access_handle.html"><img src="../../../../doc/src/images/prev.png" alt="Prev"></a><a accesskey="u" href="../overview.html"><img src="../../../../doc/src/images/up.png" alt="Up"></a><a accesskey="h" href="../../boost_asio.html"><img src="../../../../doc/src/images/home.png" alt="Home"></a><a accesskey="n" href="implementation.html"><img src="../../../../doc/src/images/next.png" alt="Next"></a> |
| </div> |
| <div class="section"> |
| <div class="titlepage"><div><div><h3 class="title"> |
| <a name="boost_asio.overview.ssl"></a><a class="link" href="ssl.html" title="SSL">SSL</a> |
| </h3></div></div></div> |
| <p> |
| Boost.Asio contains classes and class templates for basic SSL support. These |
| classes allow encrypted communication to be layered on top of an existing |
| stream, such as a TCP socket. |
| </p> |
| <p> |
| Before creating an encrypted stream, an application must construct an SSL |
| context object. This object is used to set SSL options such as verification |
| mode, certificate files, and so on. As an illustration, client-side initialisation |
| may look something like: |
| </p> |
| <pre class="programlisting"><span class="identifier">ssl</span><span class="special">::</span><span class="identifier">context</span> <span class="identifier">ctx</span><span class="special">(</span><span class="identifier">my_io_service</span><span class="special">,</span> <span class="identifier">ssl</span><span class="special">::</span><span class="identifier">context</span><span class="special">::</span><span class="identifier">sslv23</span><span class="special">);</span> |
| <span class="identifier">ctx</span><span class="special">.</span><span class="identifier">set_verify_mode</span><span class="special">(</span><span class="identifier">ssl</span><span class="special">::</span><span class="identifier">context</span><span class="special">::</span><span class="identifier">verify_peer</span><span class="special">);</span> |
| <span class="identifier">ctx</span><span class="special">.</span><span class="identifier">load_verify_file</span><span class="special">(</span><span class="string">"ca.pem"</span><span class="special">);</span> |
| </pre> |
| <p> |
| To use SSL with a TCP socket, one may write: |
| </p> |
| <pre class="programlisting"><span class="identifier">ssl</span><span class="special">::</span><span class="identifier">stream</span><span class="special"><</span><span class="identifier">ip</span><span class="special">::</span><span class="identifier">tcp</span><span class="special">::</span><span class="identifier">socket</span><span class="special">></span> <span class="identifier">ssl_sock</span><span class="special">(</span><span class="identifier">my_io_service</span><span class="special">,</span> <span class="identifier">ctx</span><span class="special">);</span> |
| </pre> |
| <p> |
| To perform socket-specific operations, such as establishing an outbound connection |
| or accepting an incoming one, the underlying socket must first be obtained |
| using the <code class="computeroutput"><span class="identifier">ssl</span><span class="special">::</span><span class="identifier">stream</span></code> template's <a class="link" href="../reference/ssl__stream/lowest_layer.html" title="ssl::stream::lowest_layer"><code class="computeroutput"><span class="identifier">lowest_layer</span><span class="special">()</span></code></a> |
| member function: |
| </p> |
| <pre class="programlisting"><span class="identifier">ip</span><span class="special">::</span><span class="identifier">tcp</span><span class="special">::</span><span class="identifier">socket</span><span class="special">::</span><span class="identifier">lowest_layer_type</span><span class="special">&</span> <span class="identifier">sock</span> <span class="special">=</span> <span class="identifier">ssl_sock</span><span class="special">.</span><span class="identifier">lowest_layer</span><span class="special">();</span> |
| <span class="identifier">sock</span><span class="special">.</span><span class="identifier">connect</span><span class="special">(</span><span class="identifier">my_endpoint</span><span class="special">);</span> |
| </pre> |
| <p> |
| In some use cases the underlying stream object will need to have a longer |
| lifetime than the SSL stream, in which case the template parameter should |
| be a reference to the stream type: |
| </p> |
| <pre class="programlisting"><span class="identifier">ip</span><span class="special">::</span><span class="identifier">tcp</span><span class="special">::</span><span class="identifier">socket</span> <span class="identifier">sock</span><span class="special">(</span><span class="identifier">my_io_service</span><span class="special">);</span> |
| <span class="identifier">ssl</span><span class="special">::</span><span class="identifier">stream</span><span class="special"><</span><span class="identifier">ip</span><span class="special">::</span><span class="identifier">tcp</span><span class="special">::</span><span class="identifier">socket</span><span class="special">&></span> <span class="identifier">ssl_sock</span><span class="special">(</span><span class="identifier">sock</span><span class="special">,</span> <span class="identifier">ctx</span><span class="special">);</span> |
| </pre> |
| <p> |
| SSL handshaking must be performed prior to transmitting or receiving data |
| over an encrypted connection. This is accomplished using the <code class="computeroutput"><span class="identifier">ssl</span><span class="special">::</span><span class="identifier">stream</span></code> |
| template's <a class="link" href="../reference/ssl__stream/handshake.html" title="ssl::stream::handshake">handshake()</a> |
| or <a class="link" href="../reference/ssl__stream/async_handshake.html" title="ssl::stream::async_handshake">async_handshake()</a> |
| member functions. |
| </p> |
| <p> |
| Once connected, SSL stream objects are used as synchronous or asynchronous |
| read and write streams. This means the objects can be used with any of the |
| <a class="link" href="../reference/read.html" title="read">read()</a>, <a class="link" href="../reference/async_read.html" title="async_read">async_read()</a>, |
| <a class="link" href="../reference/write.html" title="write">write()</a>, <a class="link" href="../reference/async_write.html" title="async_write">async_write()</a>, |
| <a class="link" href="../reference/read_until.html" title="read_until">read_until()</a> or <a class="link" href="../reference/async_read_until.html" title="async_read_until">async_read_until()</a> |
| free functions. |
| </p> |
| <a name="boost_asio.overview.ssl.see_also"></a><h5> |
| <a name="id774962"></a> |
| <a class="link" href="ssl.html#boost_asio.overview.ssl.see_also">See Also</a> |
| </h5> |
| <p> |
| <a class="link" href="../reference/ssl__basic_context.html" title="ssl::basic_context">ssl::basic_context</a>, |
| <a class="link" href="../reference/ssl__context.html" title="ssl::context">ssl::context</a>, <a class="link" href="../reference/ssl__context_base.html" title="ssl::context_base">ssl::context_base</a>, |
| <a class="link" href="../reference/ssl__context_service.html" title="ssl::context_service">ssl::context_service</a>, |
| <a class="link" href="../reference/ssl__stream.html" title="ssl::stream">ssl::stream</a>, <a class="link" href="../reference/ssl__stream_base.html" title="ssl::stream_base">ssl::stream_base</a>, |
| <a class="link" href="../reference/ssl__stream_service.html" title="ssl::stream_service">ssl::stream_service</a>, |
| <a class="link" href="../examples.html#boost_asio.examples.ssl">SSL example</a>. |
| </p> |
| <a name="boost_asio.overview.ssl.notes"></a><h5> |
| <a name="id775059"></a> |
| <a class="link" href="ssl.html#boost_asio.overview.ssl.notes">Notes</a> |
| </h5> |
| <p> |
| <a href="http://www.openssl.org" target="_top">OpenSSL</a> is required to make use |
| of Boost.Asio's SSL support. When an application needs to use OpenSSL functionality |
| that is not wrapped by Boost.Asio, the underlying OpenSSL types may be obtained |
| by calling <a class="link" href="../reference/ssl__basic_context/impl.html" title="ssl::basic_context::impl"><code class="computeroutput"><span class="identifier">ssl</span><span class="special">::</span><span class="identifier">context</span><span class="special">::</span><span class="identifier">impl</span><span class="special">()</span></code></a> or <a class="link" href="../reference/ssl__stream/impl.html" title="ssl::stream::impl"><code class="computeroutput"><span class="identifier">ssl</span><span class="special">::</span><span class="identifier">stream</span><span class="special">::</span><span class="identifier">impl</span><span class="special">()</span></code></a>. |
| </p> |
| </div> |
| <table xmlns:rev="http://www.cs.rpi.edu/~gregod/boost/tools/doc/revision" width="100%"><tr> |
| <td align="left"></td> |
| <td align="right"><div class="copyright-footer">Copyright © 2003 - 2010 Christopher M. Kohlhoff<p> |
| Distributed under the Boost Software License, Version 1.0. (See accompanying |
| file LICENSE_1_0.txt or copy at <a href="http://www.boost.org/LICENSE_1_0.txt" target="_top">http://www.boost.org/LICENSE_1_0.txt</a>) |
| </p> |
| </div></td> |
| </tr></table> |
| <hr> |
| <div class="spirit-nav"> |
| <a accesskey="p" href="windows/random_access_handle.html"><img src="../../../../doc/src/images/prev.png" alt="Prev"></a><a accesskey="u" href="../overview.html"><img src="../../../../doc/src/images/up.png" alt="Up"></a><a accesskey="h" href="../../boost_asio.html"><img src="../../../../doc/src/images/home.png" alt="Home"></a><a accesskey="n" href="implementation.html"><img src="../../../../doc/src/images/next.png" alt="Next"></a> |
| </div> |
| </body> |
| </html> |