Adding OpenSSL to an existing Visual C++ Socket Program in C++

Your boss comes into your office and says she wants to support encrypted communications over your HTTP server. She wants your company web site to use HTTPS instead of HTTP. Among other things, they need to handle credit card transactions and the encrypted transmission of user information across the internet. And she wants it written in-house and integrated into the current C++ code base.

If you have been assigned such a task, I am writing for you.

In the next series of articles, I am going to show you how I started with scant knowledge of OpenSSL and wrote a C++ object that allows one to slap SSL (a Secure Sockets Layer) on top of any existing Visual C++ socket code. By the end of this series, I am going to give you the source code.


About OpenSSL

As you may know, when a user goes to a web site, they can attach to a “secure” server by using HTTPS instead of HTTP. HTTPS is used to send encrypted and secure data over a communication line.

If you write software that handles internet communication, you may want to add cryptography communication by making your code HTTPS compatible. And OpenSSL is free code written in ANSI C that allows for just that: with it, one can put the “S” into “HTTPS”.

By downloading OpenSSL and linking their libraries into your product, you can HTTPS-enable your software. That is, you will enjoy all the benefits of private key cryptography and DES and other such technologies without needing to know those technologies.

The problem is that OpenSSL itself takes a noticeable investment to learn. The literature and the concepts are not trivial. So even though a free SSL solution exists, using it in your own product requires an up-front cost. I want to minimize that cost. Instead of learning OpenSSL, it would be nice if there were reusable C++ objects that allow developers to just use it.

C++ Objects

My goal is to release a free OpenSSL C++ class that developers can quickly and easily integrate into existing code. By the end of this series, I will point you to the files that do just that.

In case you are wondering… I am not writing these articles as I learn OpenSSL myself. I have already written the code and now I am writing in retrospect. What I want to do now is re-trace the minimal steps needed to implement my object into your software. A series of articles will be instructive for showing the nuances of creating, managing and distributing certificates (I will be explaining SSL certificates in due time). With that in mind, it will be important for me to give away some generic command-line scripts that allow for the creation of certificates, and other scripts that build the OpneSSL libraries in the Windows environment. In the end, I want to provide a useful black-box solution that facilitates quick and easy implementation of OpenSSL within a Visual C++ environment.

The Problem Stated More Simply

When one wants to add S to an existing HTTP server, one must have an existing HTTP server. If you don’t have an HTTP server written in C++, then I suggest you download and start with the free one from Power Admin. My work begins there.

Power Admin gives away this wonderfully small little server that is a complete web server written in C++. I modified that code with minimal intrusion, and made it serve up web sites over an SSL session. I added the S to HTTP and now Power Admin has an HTTPS server in C++.

Stay Tuned

In the next installments, I will show the API for my object, then we’ll see how easily it hooked into Power Admin’s HTTP server. After that, I will tell you how to use my scripts for creating and distributing certificates. Generic is the name of the game. A reusable solution is what I desire to give away as a small contribution to the development community.

Please be patient, as I am writing this blog series in the midst of many projects. Comments and emails may encourage me to speed along!  

Part two of this series available.

Steve Rives
Kansas City

This entry was posted in OpenSSL, Programming and tagged , , , , , . Bookmark the permalink.

Comments are closed.