Tuesday, September 26, 2006

SSL password callbacks

On the weekend I made some changes to asio to support password callbacks for SSL. There is a new function on the asio::ssl::context class called set_password_callback(), which takes a function object with the following signature:
std::string password_callback(
std::size_t max_length,
ssl::context::password_purpose purpose);
The callback must return the password as a string. The max_length argument indicates the maximum allowable length of the password, and if the returned string is longer it will be truncated. The context::password_purpose type is an enum with values for_reading and for_writing. In most cases you won't need to use the max_length or purpose arguments, and if you use boost::bind() to create the function object you can just leave them off. For example, the SSL server sample included with asio now has the following:
context_.set_password_callback(
boost::bind(&server::get_password, this));

...

std::string get_password() const
{
return "test";
}
The final thing to note is that the password callback needs to be set before calling any ssl::context functions that load keys, such as use_private_key_file().

What's this all about?

Greetings, reader. I have a blog. Now what? Well, the plan is to post ideas, tips and tricks, design thoughts, and anything else related to C++, Boost.Asio and programming that happens to take my interest.