On 29/08/16 14:27, lilulo wrote: > Hi All, > > I need to use TLS on the top of our collection of low-level transport > classes. It looks like the standard choice is to create a BIO Pair and > to manage data transfer between transport layer and the TLS through it. > This looks fine but actual implementation of a socket's BIO in > openssl\crypto\bio\bss_sock.c looks much cleaner then the code which is > using BIO Pairs and I think I can create a custom BIO which is talking > to our layer, instead of socket, based on this as an example. > > Is it considered a normal practice to create a custom BIO? The actual > structure for BIO is hidden in openssl\include\internal\bio.h and it > doesn't look like it is really encouraged to use it. It is perfectly Ok to create a custom BIO. There are a set of functions for creating them. See: https://www.openssl.org/docs/man1.1.0/crypto/BIO_meth_new.html Note that in OpenSSL versions prior to 1.1.0 these functions did not exist, but the BIO structure was in a public header file. Matt
