OpenSSL RSA_METHOD结构:app_data字段有什么用?
OpenSSL RSA_METHOD Structure: What is the use of app_data field?
关于 OpenSSL RSA_METHOD 结构,app_data 字段的建议用法是什么?这方面的文档非常少。我也在寻找以有意义的方式使用该字段的任何示例代码。
typedef struct rsa_meth_st {
const char *name;
int (*rsa_pub_enc)(int flen, unsigned char *from,
unsigned char *to, RSA *rsa, int padding);
int (*rsa_pub_dec)(int flen, unsigned char *from,
unsigned char *to, RSA *rsa, int padding);
int (*rsa_priv_enc)(int flen, unsigned char *from,
unsigned char *to, RSA *rsa, int padding);
int (*rsa_priv_dec)(int flen, unsigned char *from,
unsigned char *to, RSA *rsa, int padding);
int (*rsa_mod_exp)(BIGNUM *r0, BIGNUM *I, RSA *rsa);
int (*bn_mod_exp)(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
int (*init)(RSA *rsa);
int (*finish)(RSA *rsa);
int flags;
char *app_data; /* ?? */
int (*rsa_sign)(int type, unsigned char *m, unsigned int m_len,
unsigned char *sigret, unsigned int *siglen, RSA *rsa);//here m points to digest of type 'type'
int (*rsa_verify)(int type, unsigned char *m, unsigned int m_len,
unsigned char *sigbuf, unsigned int siglen, RSA *rsa); } RSA_METHOD;
Referring to the OpenSSL RSA_METHOD structure, what is the suggested use of the app_data field?
对于 RSA,我认为没有建议的用途。我相信它是为那些需要它的人而存在的:
include/openssl/rsa.h- /* may be needed! */
include/openssl/rsa.h: char *app_data;
我相信 app_data
通常适用于需要携带额外上下文的特定应用程序,例如 ENGINE 实现和使用密钥对。例如,这是来自 GOST 的引擎:
engines/ccgost/gost_crypt.c:192: ctx->app_data = ctx->cipher_data;
它也经常在 SSL 上下文中使用以提供额外的状态。例如:
...
ssl/d1_pkt.c:1390: s->s3->in_read_app_data = 2;
ssl/s3_lib.c:3104: s->s3->in_read_app_data = 0;
ssl/s3_lib.c:4415: s->s3->in_read_app_data = 1;
ssl/s3_lib.c:4419: if ((ret == -1) && (s->s3->in_read_app_data == 2)) {
ssl/s3_lib.c:4433: s->s3->in_read_app_data = 0;
ssl/s3_pkt.c:1623: s->s3->in_read_app_data = 2;
...
我相信它在 ssl(3)
手册页中有介绍;见 SSL_CTX_get_app_data
、SSL_CTX_set_app_data
、SSL_SESSION_get_app_data
、SSL_SESSION_set_app_data
和朋友。
至少有 59 种数据结构提供它:
openssl-1.0.2e$ grep -IR app_data * | egrep "(char*|void*)" | wc -l
59
Documentation is very scant on this.
是的。以下是我能找到的评论(省略了一些 /* ?? */
):
crypto/evp/evp.h- /* Application data */
crypto/evp/evp.h: void *app_data;
crypto/evp/evp.h: void *app_data; /* application stuff */
demos/tunala/tunala.c- /*
demos/tunala/tunala.c: * We use the SSL's "app_data" to indicate a call-back induced "kill"
关于 OpenSSL RSA_METHOD 结构,app_data 字段的建议用法是什么?这方面的文档非常少。我也在寻找以有意义的方式使用该字段的任何示例代码。
typedef struct rsa_meth_st {
const char *name;
int (*rsa_pub_enc)(int flen, unsigned char *from,
unsigned char *to, RSA *rsa, int padding);
int (*rsa_pub_dec)(int flen, unsigned char *from,
unsigned char *to, RSA *rsa, int padding);
int (*rsa_priv_enc)(int flen, unsigned char *from,
unsigned char *to, RSA *rsa, int padding);
int (*rsa_priv_dec)(int flen, unsigned char *from,
unsigned char *to, RSA *rsa, int padding);
int (*rsa_mod_exp)(BIGNUM *r0, BIGNUM *I, RSA *rsa);
int (*bn_mod_exp)(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
int (*init)(RSA *rsa);
int (*finish)(RSA *rsa);
int flags;
char *app_data; /* ?? */
int (*rsa_sign)(int type, unsigned char *m, unsigned int m_len,
unsigned char *sigret, unsigned int *siglen, RSA *rsa);//here m points to digest of type 'type'
int (*rsa_verify)(int type, unsigned char *m, unsigned int m_len,
unsigned char *sigbuf, unsigned int siglen, RSA *rsa); } RSA_METHOD;
Referring to the OpenSSL RSA_METHOD structure, what is the suggested use of the app_data field?
对于 RSA,我认为没有建议的用途。我相信它是为那些需要它的人而存在的:
include/openssl/rsa.h- /* may be needed! */
include/openssl/rsa.h: char *app_data;
我相信 app_data
通常适用于需要携带额外上下文的特定应用程序,例如 ENGINE 实现和使用密钥对。例如,这是来自 GOST 的引擎:
engines/ccgost/gost_crypt.c:192: ctx->app_data = ctx->cipher_data;
它也经常在 SSL 上下文中使用以提供额外的状态。例如:
...
ssl/d1_pkt.c:1390: s->s3->in_read_app_data = 2;
ssl/s3_lib.c:3104: s->s3->in_read_app_data = 0;
ssl/s3_lib.c:4415: s->s3->in_read_app_data = 1;
ssl/s3_lib.c:4419: if ((ret == -1) && (s->s3->in_read_app_data == 2)) {
ssl/s3_lib.c:4433: s->s3->in_read_app_data = 0;
ssl/s3_pkt.c:1623: s->s3->in_read_app_data = 2;
...
我相信它在 ssl(3)
手册页中有介绍;见 SSL_CTX_get_app_data
、SSL_CTX_set_app_data
、SSL_SESSION_get_app_data
、SSL_SESSION_set_app_data
和朋友。
至少有 59 种数据结构提供它:
openssl-1.0.2e$ grep -IR app_data * | egrep "(char*|void*)" | wc -l
59
Documentation is very scant on this.
是的。以下是我能找到的评论(省略了一些 /* ?? */
):
crypto/evp/evp.h- /* Application data */
crypto/evp/evp.h: void *app_data;
crypto/evp/evp.h: void *app_data; /* application stuff */
demos/tunala/tunala.c- /*
demos/tunala/tunala.c: * We use the SSL's "app_data" to indicate a call-back induced "kill"