> I can live with it. > The only solution without some type of change was : > > RSA_set0_key(rsa, n, e, NULL); > /* other stuff done, such as calculating d */ > n_new = BN_dup(n); > e_new = BN_dup(e); > RSA_set0_key(rsa, n_new, e_new, d); > > It is really gross, and is not intuitive.
Do the dup calls before the RSA_set0_key call. Once that function returns, you have lost all rights to use n and e :) Or perhaps do this: RSA_set0_key(rsa, BN_dup(n), BN_dup(e), NULL); > Since you all appear to not want to support individual calls to set0 and get0 > for each BIGNUM, a developer of other code is faced with a major rewrite of > existing code just to work with OpenSSL-1.1.0-pre5. I understand your frustration about having to change code. But I think major rewrite is a bit of an overstatement. > [S]o to maintain a code base that can be compiled with OpenSSL version > 0.9.7 through 1.1.0 with only a few #if OPENSSL_VERSION_NUMBER we are > taking an approach to convert the code to the 1.1.0 API and create defines > and macros for the older versions of OpenSSL in a header file The > introduction of these *_get0_* *_set0_* have complicated the process even > more, requiring us to inline versions of them for the older versions of > OpenSSL. We would love to see such a compatibility "get ready for 1.1" facility, and if there were a git repo we could point to, we would gladly do so. "Our code builds with every version of OpenSSL for the past 20 years" is kind of a neat thing to say, but outside of bragging rights, I'm not sure it's worth the effort. But it's your code, not ours, so do what you want :) -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4518 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev