> I am new to the OpenSSL environment. I would like to know from > the experts here about the BIO_read and BIO_write and the > SSL_read and SSL_write.
The BIO_read and BIO_write functions read from or write to a BIO, which is an abstraction for a buffered I/O object. The SSL_read and SSL_write functions read from or write to an SSL connection. While there is some overlap between their capabilities, generally you should choose the function that best reflects which of these things you're trying to do. > After a BIO object is created and associated with the i/o, > only BIO_read and BIO_write may be used. Once you associate a BIO object that represents a network connection with an SSL session, you wouldn't want to read or write from that BIO object directly. That would mess up the SSL connection. > However why is that the SSL_read and SSL_write are still used even > after the creation of BIO and after it is associated with a socket? To read and write to the SSL connection. You don't want to read from the socket, that would screw up the SSL connection that's trying to do exactly that. > Actually my intention is to replace the socket dependent calls > totally from the OpenSSL and replace them with the buffer based > calls. Is this possible? It's not clear what you mean. An SSL connection has two halves. There's the "application<-> SSLengine" part and the "SSLEngine <-> Socket" part. Which part are you talking about? If the "SSL Engine <-> Socket" part, then BIO pairs is probably what you want. > I understand here that socket dependent calls are the > SSL_read and SSL_write. No. SSL_read and SSL_write churn the SSL engine. This may or may not cause the SSL engine to make calls to BIO_read and BIO_write the underlying socket BIOs. > And BIO_read and BIO_write are buffer based calls? Yes. > How the BIO_read and SSL_read are related? They both read from a stream-like thing. DS ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
