10

Does anyone know a good implementation for encrypted C++ streams using OpenSSL ? Something that extends or wraps std::istream and std::ostream ?

I know this could be done with boost (filtering stream) but I don't want to include boost just for that. Any non boost suggestions ?

  • 2
    If you're adding a dependency anyway, what's wrong with boost? – rhashimoto Mar 08 '13 at 23:53
  • Yeah, this seems odd. You want to add OpenSSL as a dependency, *as well as* some other unspecified dependency which wraps the former in a C++ stream. So... why can't this unspecified dependency be a Boost library? – jalf Mar 10 '13 at 13:56
  • @jalf: OpenSSL is already added as a dependency. I want to avoid using boost because of the already huge compiling time. Should I choose to use boost I will still have to wrap it and implement the actual filters. This can be done, but I would like something better. –  Mar 10 '13 at 17:00
  • Boost is rather modular package, so adding it as dependency shouldn't increase compile times much - you don't need to compile entire boost, but just the part you need - usually just a few header files. – j_kubik Mar 11 '13 at 06:25

3 Answers3

3

Boost library provides ssl stream:

http://www.boost.org/doc/libs/1_47_0/boost/asio/ssl/stream.hpp

SO ref : HTTPS request with Boost.Asio and OpenSSL

Community
  • 1
  • 1
philippe lhardy
  • 3,096
  • 29
  • 36
1

I came across following implementations using std::istream and std::ostream.

  1. AES CTR-mode encryption/decryption

http://openssl.6102.n7.nabble.com/EVP-Decrypt-Final-ex-fails-on-larger-files-td2434.html

  1. Blowfish

http://openssl.6102.n7.nabble.com/EVP-Decrypt-Final-ex-fails-on-larger-files-td2434.html

Additionally, you can also look here:

http://www.appinf.com/docs/poco/Poco.Crypto.RSAKeyImpl.html

and here:

https://dev.marc.waeckerlin.org/projects/libpcscxx/browser/trunk/src/openssl.hxx?rev=60

Yasir Malik
  • 441
  • 2
  • 9
  • unfortunately your links don't show how to wrap std::istream and std::ostream, they only show how to use them as input and output for the encrypt-decrypt method. –  Mar 14 '13 at 19:01
  • I want to wrap the streams so that decryption/encryption can be done transparently by my application without having to use a temporary file or a temporary memory chunk. –  Mar 14 '13 at 19:02
1

If you want to do it yourself:

Subclass std::streambuf for use with TCP or SSL (they basically work the same once the socket is open. Then you can make std::istream and std::ostream using that streambuf. If you don't want std::iostream, you could make two streambufs, one for input and one for output.

std::streambuf docs (mostly just focus on overflow and underflow): http://www.cplusplus.com/reference/streambuf/streambuf/

And a small tutorial on how to use libssl directly.

http://www.ibm.com/developerworks/linux/library/l-openssl/index.html

john.pavan
  • 910
  • 4
  • 6
  • +1 Because this is close to what I want to achieve. This seems to dangerous to me, I haven't implemented something like this before, and many of the virtual methods that I would have to implement, not just overflow and underflow, are a bit cryptic to me. –  Mar 14 '13 at 19:08
  • It's worth doing at least once. Mainly so you can learn how stdlib's stream functions work. The documentation is relatively straight forward. – john.pavan Mar 16 '13 at 12:17