Overview

This library implements TLS stream functionality for boost::asio using native Windows SSPI/Schannel implementation.

To the extend possible it provides the same functionality as the OpenSSL implementation used by boost::asio and provides some helper functions for converting and managing certificates and keys in standard formats used by OpenSSL.

Released under the Boost Software License. Source code available on GitHub.

Motivation

boost::asio uses OpenSSL for TLS encryption which has a few downsides when used on Windows:

• Requires maintaining a separate copy of trusted certificate authorities although the operating system already ships with and maintains a store of trusted certificates.

• When used as a server, OpenSSL requires access to the private key as a file readable by the running process which could potentially lead to security issues if measures are not taken to ensure the private key is properly protected.

• Installing third party libraries and software in general on Windows is often a complicated process since no central packaging system exists, so any security updates to OpenSSL would have to be maintained by the software using the boost::asio library.

This library avoids these issues by using the native Windows TLS implementation (SSPI/SChannel) which uses the methods for storing certificates and keys provided by the Windows operating system itself.

Contents

• Usage
  • Setting up a context
    • Client usage
    • Server usage
  • Initializing a stream
  • Handshaking
  • Using the stream
• Examples
  • HTTPS Client
  • Asynchronous HTTPS Client
  • Echo Client
  • Echo Server
• API
  • Classes
    • context
    • stream
  • Enumerations
    • handshake_type
    • method
    • file_format
  • Functions
    • x509_to_cert_context
    • import_private_key
    • delete_private_key
    • assign_private_key
  • Type aliases
    • cert_context_ptr