Linux安全體系學習筆記之四:OpenSSL源代碼分析(3) .

火星人 @ 2014-03-03 , reply:0
←手機掃碼閱讀

Linux安全體系學習筆記之四:OpenSSL源代碼分析(3) .

Linux安全體系學習筆記之四:OpenSSL源代碼分析(3) .



BIO是對IO操作的封裝,OpenSSL的BIO抽象介面不僅可以對SSL連接的I/O使用,也可以對非加密的網路連接和文件的I/O使用。BIO的相關源代碼在crypto/bio文件夾下。

BIO的相關數據結構列出如下。

BIO結構:


view plaincopy to clipboardprint?01.struct bio_st  
02.    {  
03.    BIO_METHOD *method;  
04.    /* bio, mode, argp, argi, argl, ret */  
05.    long (*callback)(struct bio_st *,int,const char *,int, long,long);  
06.    char *cb_arg; /* first argument for the callback */  
07.  
08.    int init;  
09.    int shutdown;  
10.    int flags;  /* extra storage */  
11.    int retry_reason;  
12.    int num;  
13.    void *ptr;  
14.    struct bio_st *next_bio;    /* used by filter BIOs */  
15.    struct bio_st *prev_bio;    /* used by filter BIOs */  
16.    int references;  
17.    unsigned long num_read;  
18.    unsigned long num_write;  
19.  
20.    CRYPTO_EX_DATA ex_data;  
21.    };  
struct bio_st
        {
        BIO_METHOD *method;
        /* bio, mode, argp, argi, argl, ret */
        long (*callback)(struct bio_st *,int,const char *,int, long,long);
        char *cb_arg; /* first argument for the callback */

        int init;
        int shutdown;
        int flags;        /* extra storage */
        int retry_reason;
        int num;
        void *ptr;
        struct bio_st *next_bio;        /* used by filter BIOs */
        struct bio_st *prev_bio;        /* used by filter BIOs */
        int references;
        unsigned long num_read;
        unsigned long num_write;

        CRYPTO_EX_DATA ex_data;
        };BIO操作的結構:


view plaincopy to clipboardprint?01.typedef struct bio_method_st  
02.    {  
03.    int type;  
04.    const char *name;  
05.    int (*bwrite)(BIO *, const char *, int);  
06.    int (*bread)(BIO *, char *, int);  
07.    int (*bputs)(BIO *, const char *);  
08.    int (*bgets)(BIO *, char *, int);  
09.    long (*ctrl)(BIO *, int, long, void *);  
10.    int (*create)(BIO *);  
11.    int (*destroy)(BIO *);  
12.        long (*callback_ctrl)(BIO *, int, bio_info_cb *);  
13.    } BIO_METHOD;  
typedef struct bio_method_st
        {
        int type;
        const char *name;
        int (*bwrite)(BIO *, const char *, int);
        int (*bread)(BIO *, char *, int);
        int (*bputs)(BIO *, const char *);
        int (*bgets)(BIO *, char *, int);
        long (*ctrl)(BIO *, int, long, void *);
        int (*create)(BIO *);
        int (*destroy)(BIO *);
        long (*callback_ctrl)(BIO *, int, bio_info_cb *);
        } BIO_METHOD;BIO介面類型分為源/接收類型和過濾類型兩種。

view plaincopy to clipboardprint?01.#define BIO_TYPE_DESCRIPTOR0x0100 /* socket, fd, connect or accept */   
02.#define BIO_TYPE_FILTER 0x0200   
03.#define BIO_TYPE_SOURCE_SINK 0x0400  
#define BIO_TYPE_DESCRIPTOR0x0100 /* socket, fd, connect or accept */
#define BIO_TYPE_FILTER 0x0200
#define BIO_TYPE_SOURCE_SINK 0x04001、源/接收類型

view plaincopy to clipboardprint?01.#define BIO_TYPE_MEM(1|0x0400)   
02.#define BIO_TYPE_FILE (2|0x0400)   
03.#define BIO_TYPE_FD (4|0x0400|0x0100)   
04.#define BIO_TYPE_SOCKET (5|0x0400|0x0100)   
05.#define BIO_TYPE_NULL (6|0x0400)   
06.#define BIO_TYPE_CONNECT(12|0x0400|0x0100)/* socket - connect */   
07.#define BIO_TYPE_ACCEPT(13|0x0400|0x0100)/* socket for accept */   
08.#define BIO_TYPE_BIO(19|0x0400)/* (half a) BIO pair */   
09.#define BIO_TYPE_DGRAM(21|0x0400|0x0100)  
#define BIO_TYPE_MEM(1|0x0400)
#define BIO_TYPE_FILE (2|0x0400)
#define BIO_TYPE_FD (4|0x0400|0x0100)
#define BIO_TYPE_SOCKET (5|0x0400|0x0100)
#define BIO_TYPE_NULL (6|0x0400)
#define BIO_TYPE_CONNECT(12|0x0400|0x0100)/* socket - connect */
#define BIO_TYPE_ACCEPT(13|0x0400|0x0100)/* socket for accept */
#define BIO_TYPE_BIO(19|0x0400)/* (half a) BIO pair */
#define BIO_TYPE_DGRAM(21|0x0400|0x0100)2、過濾類型

view plaincopy to clipboardprint?01.#define BIO_TYPE_SSL(7|0x0200)   
02.#define BIO_TYPE_MD(8|0x0200) /* passive filter */   
03.#define BIO_TYPE_BUFFER (9|0x0200)/* filter */   
04.#define BIO_TYPE_CIPHER (10|0x0200)/* filter */   
05.#define BIO_TYPE_BASE64 (11|0x0200)/* filter */   
06.#define BIO_TYPE_PROXY_CLIENT (14|0x0200)/* client proxy BIO */   
07.#define BIO_TYPE_PROXY_SERVER (15|0x0200)/* server proxy BIO */   
08.#define BIO_TYPE_NBIO_TEST (16|0x0200)/* server proxy BIO */   
09.#define BIO_TYPE_NULL_FILTER (17|0x0200)   
10.#define BIO_TYPE_BER (18|0x0200)/* BER -> bin filter */   
11.#define BIO_TYPE_LINEBUFFER (20|0x0200)/* filter */   
12.#define BIO_TYPE_ASN1 (22|0x0200)/* filter */   
13.#define BIO_TYPE_COMP (23|0x0200)/* filter */  
#define BIO_TYPE_SSL(7|0x0200)
#define BIO_TYPE_MD(8|0x0200) /* passive filter */
#define BIO_TYPE_BUFFER (9|0x0200)/* filter */
#define BIO_TYPE_CIPHER (10|0x0200)/* filter */
#define BIO_TYPE_BASE64 (11|0x0200)/* filter */
#define BIO_TYPE_PROXY_CLIENT (14|0x0200)/* client proxy BIO */
#define BIO_TYPE_PROXY_SERVER (15|0x0200)/* server proxy BIO */
#define BIO_TYPE_NBIO_TEST (16|0x0200)/* server proxy BIO */
#define BIO_TYPE_NULL_FILTER (17|0x0200)
#define BIO_TYPE_BER (18|0x0200)/* BER -> bin filter */
#define BIO_TYPE_LINEBUFFER (20|0x0200)/* filter */
#define BIO_TYPE_ASN1 (22|0x0200)/* filter */
#define BIO_TYPE_COMP (23|0x0200)/* filter */BIO過濾緩衝結構:


view plaincopy to clipboardprint?01.typedef struct bio_f_buffer_ctx_struct  
02.    {  
03.    /* BIO *bio; */ /* this is now in the BIO struct */  
04.    int ibuf_size;  /* how big is the input buffer */  
05.    int obuf_size;  /* how big is the output buffer */  
06.  
07.    char *ibuf;     /* the char array */  
08.    int ibuf_len;       /* how many bytes are in it */  
09.    int ibuf_off;       /* write/read offset */  
10.  
11.    char *obuf;     /* the char array */  
12.    int obuf_len;       /* how many bytes are in it */  
13.    int obuf_off;       /* write/read offset */  
14.    } BIO_F_BUFFER_CTX;
《解決方案》

謝謝分享




[火星人 via ] Linux安全體系學習筆記之四:OpenSSL源代碼分析(3) .已經有430次圍觀

http://www.coctec.com/docs/service/show-post-1318.html