SWI-Prolog -- Introduction

Documentation
- Reference manual
- Packages
  - SWI-Prolog SSL Interface

1 Introduction

Raw TCP/IP networking is dangerous for two reasons:

It is hard to tell whether the party you think you are talking to is indeed the right one.
Anyone with access to a subnet through which your data flows can‘tap’the wire and listen for sensitive information such as passwords, credit card numbers, etc.

Transport Layer Security~(TLS) and its predecessor Secure Socket Layer~(SSL), which are both often collectively called SSL, solve both problems. SSL uses:

certificates to establish the identity of the peer
encryption to make it useless to tap into the wire.

SSL allows agents to talk in private and create secure web services.

The SWI-Prolog library(ssl) library provides an API to turn a pair of arbitrary Prolog wire streams into SSL powered encrypted streams. Note that secure protocols such as secure HTTP simply run the plain protocol over (SSL) encrypted streams.

The library(crypto) library provides additional predicates related to cryptography and authentication, secure hashes and elliptic curves.

Cryptography is a difficult topic. If you just want to download documents from an HTTPS server without worrying much about security, http_open/3 will do the job for you. As soon as you have higher security demands we strongly recommend you to read enough background material to understand what you are doing. See section 5 for some remarks regarding this implementation. This The Linux Documentation Project page provides some additional background and tips for managing certificates and keys.