RE: Declare BN_CTX on stack (not BN_CTX*)
[Sorry for top-post - Outlook Web Client] I would say that BN_CTX_init() is deprecated and you should be using BN_CTX * ctx = BN_CTX_new(); Indeed, https://www.openssl.org/docs/crypto/BN_CTX_new.html says BN_CTX_init() (deprecated) initializes an existing uninitialized BN_CTX. This should not be used for new programs. Use BN_CTX_new() instead. Regards, Carl From: owner-openssl-us...@openssl.org [owner-openssl-us...@openssl.org] on behalf of Jeffrey Walton [noloa...@gmail.com] Sent: 16 January 2014 20:28 To: OpenSSL Users List Subject: Declare BN_CTX on stack (not BN_CTX*) I'm trying to declare a BN_CTX on the stack (with a subsequent call to BN_CTX_init) to stay out of the memory manager. When I do, I get an error: aggregate ‘BN_CTX’ has incomplete type and cannot be defined I've included openssl/bn.h, so I'm kind of surprised I can't compile. (openssl/bn.h has some typedefs and comments about definitions in ossl_typ.h). Grepping sources: $ grep -R BN_CTX_init * ... crypto/bn/exp.c:BN_CTX_init(ctx); does not show me anything interesting because it looks like I'm doing what exp.c is doing: BN_CTX ctx; BIGNUM a,b,c,r,rr,t,l; ... BN_CTX_init(ctx); How do I declare a BN_CTX on the stack? Thanks in advance. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Declare BN_CTX on stack (not BN_CTX*)
On Fri, Jan 17, 2014 at 4:38 AM, Carl Young carlyo...@keycomm.co.uk wrote: ... I would say that BN_CTX_init() is deprecated and you should be using BN_CTX * ctx = BN_CTX_new(); Yeah, it works with BN_CTX *. I was hoping to keep out of the memory manager since it seems like a waste when it can be placed on the stack. Indeed, https://www.openssl.org/docs/crypto/BN_CTX_new.html says BN_CTX_init() (deprecated) initializes an existing uninitialized BN_CTX. This should not be used for new programs. Use BN_CTX_new() instead. Odd its still being used in the source code. Jeff From: owner-openssl-us...@openssl.org [owner-openssl-us...@openssl.org] on behalf of Jeffrey Walton [noloa...@gmail.com] Sent: 16 January 2014 20:28 To: OpenSSL Users List Subject: Declare BN_CTX on stack (not BN_CTX*) I'm trying to declare a BN_CTX on the stack (with a subsequent call to BN_CTX_init) to stay out of the memory manager. When I do, I get an error: aggregate ‘BN_CTX’ has incomplete type and cannot be defined I've included openssl/bn.h, so I'm kind of surprised I can't compile. (openssl/bn.h has some typedefs and comments about definitions in ossl_typ.h). Grepping sources: $ grep -R BN_CTX_init * ... crypto/bn/exp.c:BN_CTX_init(ctx); does not show me anything interesting because it looks like I'm doing what exp.c is doing: BN_CTX ctx; BIGNUM a,b,c,r,rr,t,l; ... BN_CTX_init(ctx); How do I declare a BN_CTX on the stack? Thanks in advance. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Declare BN_CTX on stack (not BN_CTX*)
On Fri, Jan 17, 2014 at 09:57:00AM -0500, Jeffrey Walton wrote: BN_CTX_init() (deprecated) initializes an existing uninitialized BN_CTX. This should not be used for new programs. Use BN_CTX_new() instead. Odd its still being used in the source code. Not that odd. Libraries are free to make use of their own opaque data types, but applications are not. When the data type internals change, applications don't break. -- Viktor. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Declare BN_CTX on stack (not BN_CTX*)
On Fri, Jan 17, 2014 at 11:16 AM, Viktor Dukhovni openssl-us...@dukhovni.org wrote: On Fri, Jan 17, 2014 at 09:57:00AM -0500, Jeffrey Walton wrote: BN_CTX_init() (deprecated) initializes an existing uninitialized BN_CTX. This should not be used for new programs. Use BN_CTX_new() instead. Odd its still being used in the source code. Not that odd. Libraries are free to make use of their own opaque data types, but applications are not. When the data type internals change, applications don't break. I have no problem with them having their private structures. I have no problems with opaque structures. If I have to have it, I'd like to put it on the stack minimize the cost of using it. Its hard to claim safe harbor in its private when an application is forced to use it (the application crashes in the BN_* routine if its absent). Jeff __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
