I have a simple stream_t
type in C with your basic read/write operations, and support for multiple underlying implementations using function pointers. So a stream could be backed by a file, a char buffer, etc.
One stream type is a standard POSIX socket, and I would like to code a wrapper stream that will add SSL support to an existing stream, similar to .NET's SslStream. So I could write something like this:
stream_t *socket = something(); // wrap existing stream and perform handshake as client stream_t *ssl_stream = ssl_stream_create(socket); ssl_stream_authenticate_as_user(ssl_stream); // now all read/writes are encrypted and passed through to the wrapped stream
I have written some SSL socket code before using OpenSSL's BIO_new_connect(...)
etc. but this is a higher level API than what I need. Does OpenSSL expose the functions I would need to manually perform the handshake and encryption? Or is there some other library I can use?