I am designing an application that requires the support of SSL/TLS layer socket transfer. I would like to know what is the most extensible solution.

- OpenSSL
- Win32 SSL API

The Win32 SSL API is quicker in terms of implementation. OpenSSL requires the use and in-depth knowledge of how the library handles I/O.

My primary concern is with non-blocking I/O model. Part of the design includes an OVERLAPPED I/O model via winsock. I have no problem blending Win32 SSL API with the current OVERLAPPED I/O. However, OpenSSL is somewhat different. Here is what OpenSSL design could end up.

- Winsock connect
- Associate socket to OpenSSL layer (global context)
- OpenSSL connect
- sent/recv via OpenSSL API

OpenSSL does support an event callback interface. However, is its send and receive API blocking or non-blocking? How will it affect the winsock OVERLAPPED layer? In other words, if there is incoming data, will OpenSSL handles the callback or will winsock handle the callback?