Home > Back-end >  Does boost.asio's ssl::stream encrypt messages?
Does boost.asio's ssl::stream encrypt messages?

Time:10-03

I'm connecting a server and client using boost.asio's ssl facilities. I create a boost::asio::ssl::stream, load up a self-signed certificate on the server and client, load the certificate's private key on the server, and successfully perform the handshake().

I believe now that boost::asio::ssl::stream::write_some() (and its async and read variants) will automatically encrypt and decrypt messages for me. However, the documentation doesn't confirm this.

If there is encryption, is this asymmetric encryption with the server's public key, or symmetric encryption with a session key?

CodePudding user response:

Yes. It encrypts the messages but only in transit. That's what transport encryption means.

It wouldn't be in the documentation, because it's a property of SSL/TLS which does document it.

In fact the stream's read/write operations are invalid to use before handshake or after shutdown.

To learn more about SSL: https://en.wikipedia.org/wiki/Transport_Layer_Security

  • Related