Hey Ninjas! You must have wondered about the data you transfer over the internet is secured or not. Every time you log in to a website, there is an authentication process running in the backend. How are your credentials secured? Today we will be finding answers to all these questions.
In this article, we will be learning about SSL and how it works. After that, we will look into how Asio provides SSL support. Before moving on to the SSL, let’s first discuss Asio.
What is Asio?
Asio stands for asynchronous input-output; it is a C++ library that is open-source and cross-platform. It is used for I/O and networking. It was developed by Christopher M. Kohlhoff in 2003 and was released under Boost Software License. Asio provides the building blocks for C++ I/O operations, networking, and concurrency. It is supported by a huge number of platforms like Windows, macOS, Linux, etc. Nowadays, many Asio can be used without a dependency on Boost libraries or header files.
We have learned about Protocols in networking; one of the protocols is SSL. Let’s look at it.
Secure Socket Layer (SSL)
The Secure Socket Layer (SSL) is an Internet protocol that provides encryption-based Internet security. It was developed in 1995 with the purpose of providing authentication, data privacy, integrity, and security. It ensures data transfer between the server and the web browser. It provides encryption to the data link and ensures all the data is passed with security without attack.
You must be wondering how does SSL work? So let’s discuss it first.
SSL is used to ensure user privacy and encrypt the data transferred between the web server and the user.
Let’s understand the working of the SSL.
📌 To provide a greater degree of privacy, SSL encrypts all the data transferred across the internet. Therefore if anyone tries to access the data which is not allowed will get encrypted data which is very difficult to decrypt.
📌 An authentication process, also known as a handshake, is initiated by the SSL, which ensures the communication is secured and between the right devices.
📌 SSL has a feature to digitally encrypt the data to provide data security and integrity and verify the data before it reaches the receiver.
OpenSSL Installation
Asio provides SSL support. You need to first install the OpenSSL library in order to use it in Asio. Let’s see the steps you need to follow.
1️⃣Download the the OpenSSL according to your PC configuration. Avoid using the Light version as it does not contains some header files which will be required by you.
2️⃣Complete the installation of the setup. This will install the OpenSSL on your computer.
3️⃣Go to the folder where you have installed the OpenSSL and copy the path of the include folder. It will look like this:
C:\Program Files\OpenSSL-Win64\include
4️⃣Add this include path by navigating to settings in your IDE. In the case of visual studio, you will find the following option by right-clicking your file name and selecting properties. Paste this path in the field ‘additional include directories.’
The installation is complete; you can now start using SSL in Asio. Let’s now move on to understanding SSL support in Asio.
SSL Support in Asio
Asio provides the class templates and classes for basic SSL support. These provide encrypted communication between the different layers of the stream, like the TCP socket. The OpenSSL library is required if you want to use the SSL support of Asio.
To use Asio’s SSL support, you have to include an additional header:
#include <asio/ssl/impl/src.hpp>
One needs to create an SSL context object before creating a stream to encrypt the data. The object provides SSL options like certificate files, verification mode, etc. We can set them by writing the below statements.
Now let’s discuss some important classes which provide SSL support.
ssl::context
The ssl::context is used to manage the context in SSL. It is used to provide the authority for performing verification, get, and set options in an SSL context.
The requirements for this class are header file asio/ssl/context.hpp and convenience header asio/ssl.hpp. One needs to include them in their code.
Types
The types of ssl::context class are given below, along with their syntax.
ssl::host_name_verification
The SSL provides a verification mechanism which is done with the help of this class. The verification of a certificate is done according to the rules against the host_name. You need to include the header file asio/ssl/host_name_verification.hpp and convenience header asio/ssl.hpp in your program to start using this class.
Types
The types of ssl::host_name_verification class are given below, along with their syntax.
ssl::stream
The ssl::stream provides the stream-oriented functionality in SSL. It is used to perform operations like asynchronous read, write, and handshake. The stream class is used for the blocking and asynchronous functionality of streams. The shared objects are not safe, and the application should ensure the operations performed are implicit or explicit strands.
The requirements are header file asio/ssl/stream.hppand convenience header asio/ssl.hpp.
Types
The types of ssl::stream class are given below, along with their syntax
Frequently Asked Questions
What is Asio?
Asio is a cross-platform, open-source C++ library. It is an underrated C++ library for input, output, and networking purposes. Asio stands for asynchronous input-output. Christopher M. Kohlhoff developed Asio in 2003.
What is SSL?
Secure Sockets Layer or SSL is an internet protocol that is based on encryption-based internet security. It was developed in 1995 with the purpose of providing authentication, data privacy, integrity, and security. It ensures data transfer between the server and the web browser.
Are SSL and TLS the same thing?
SSL is the predecessor of the TLS (Transport Layer Security) protocol. During an update in 1999, the name of SSL was changed to TLS. However, there is not much difference and both names are used interchangeably.
What is the use of the Asio library?
Asio helps in doing network programming using C++ language. It allows the processing of data asynchronously by providing asynchronous I/O models.
Conclusion
In this article, we have discussed SSL ( Secure Sockets Layer ). We have looked at how it works and how Asio provides SSL support. We have seen some important SSL classes with their syntax and types in detail.
You can check out our other articles if you want to dive deep into other concepts related to Asio -