Skip to content
  • Geoff Thorpe's avatar
    This is a first-cut at improving the callback mechanisms used in · e9224c71
    Geoff Thorpe authored
    key-generation and prime-checking functions. Rather than explicitly passing
    callback functions and caller-defined context data for the callbacks, a new
    structure BN_GENCB is defined that encapsulates this; a pointer to the
    structure is passed to all such functions instead.
    
    This wrapper structure allows the encapsulation of "old" and "new" style
    callbacks - "new" callbacks return a boolean result on the understanding
    that returning FALSE should terminate keygen/primality processing.  The
    BN_GENCB abstraction will allow future callback modifications without
    needing to break binary compatibility nor change the API function
    prototypes. The new API functions have been given names ending in "_ex" and
    the old functions are implemented as wrappers to the new ones.  The
    OPENSSL_NO_DEPRECATED symbol has been introduced so that, if defined,
    declaration of the older functions will be skipped. NB: Some
    openssl-internal code will stick with the older callbacks for now, so
    appropriate "#undef" logic will be put in place - this is in case the user
    is *building* openssl (rather than *including* its headers) with this
    symbol defined.
    
    There is another change in the new _ex functions; the key-generation
    functions do not return key structures but operate on structures passed by
    the caller, the return value is a boolean. This will allow for a smoother
    transition to having key-generation as "virtual function" in the various
    ***_METHOD tables.
    e9224c71
To find the state of this project's repository at the time of any of these versions, check out the tags.