[openssl-users] BIO Pair vs Custom BIO for non standard transport

Matt Caswell matt at openssl.org
Mon Aug 29 13:38:56 UTC 2016

On 29/08/16 14:27, lilulo wrote:
> Hi All,
> I need to use TLS on the top of our collection of low-level transport
> classes. It looks like the standard choice is to create a BIO Pair and
> to manage data transfer between transport layer and the TLS through it.
> This looks fine but actual implementation of a socket's BIO in
> openssl\crypto\bio\bss_sock.c looks much cleaner then the code which is
> using BIO Pairs and I think I can create a custom BIO which is talking
> to our layer, instead of socket, based on this as an example.
> Is it considered a normal practice to create a custom BIO? The actual
> structure for BIO is hidden in openssl\include\internal\bio.h and it
> doesn't look like it is really encouraged to use it.

It is perfectly Ok to create a custom BIO. There are a set of functions
for creating them. See:


Note that in OpenSSL versions prior to 1.1.0 these functions did not
exist, but the BIO structure was in a public header file.


More information about the openssl-users mailing list