74924dcb38
Add secure heap for storage of private keys (when possible). Add BIO_s_secmem(), CBIGNUM, etc. Add BIO_CTX_secure_new so all BIGNUM's in the context are secure. Contributed by Akamai Technologies under the Corporate CLA. Reviewed-by: Richard Levitte <levitte@openssl.org>
69 lines
1.9 KiB
Text
69 lines
1.9 KiB
Text
=pod
|
|
|
|
=head1 NAME
|
|
|
|
BN_CTX_new, BN_CTX_secure_new, BN_CTX_init, BN_CTX_free - allocate and free BN_CTX structures
|
|
|
|
=head1 SYNOPSIS
|
|
|
|
#include <openssl/bn.h>
|
|
|
|
BN_CTX *BN_CTX_new(void);
|
|
|
|
BN_CTX *BN_CTX_secure_new(void);
|
|
|
|
void BN_CTX_free(BN_CTX *c);
|
|
|
|
=head1 DESCRIPTION
|
|
|
|
A B<BN_CTX> is a structure that holds B<BIGNUM> temporary variables used by
|
|
library functions. Since dynamic memory allocation to create B<BIGNUM>s
|
|
is rather expensive when used in conjunction with repeated subroutine
|
|
calls, the B<BN_CTX> structure is used.
|
|
|
|
BN_CTX_new() allocates and initializes a B<BN_CTX> structure.
|
|
BN_CTX_secure_new() allocates and initializes a B<BN_CTX> structure
|
|
but uses the secure heap (see L<CRYPTO_secure_malloc(3)>) to hold the
|
|
B<BIGNUM>s.
|
|
|
|
BN_CTX_free() frees the components of the B<BN_CTX>, and if it was
|
|
created by BN_CTX_new(), also the structure itself.
|
|
If L<BN_CTX_start(3)|BN_CTX_start(3)> has been used on the B<BN_CTX>,
|
|
L<BN_CTX_end(3)|BN_CTX_end(3)> must be called before the B<BN_CTX>
|
|
may be freed by BN_CTX_free().
|
|
If B<c> is NULL, nothing is done.
|
|
|
|
=head1 RETURN VALUES
|
|
|
|
BN_CTX_new() and BN_CTX_secure_new() return a pointer to the B<BN_CTX>.
|
|
If the allocation fails,
|
|
they return B<NULL> and sets an error code that can be obtained by
|
|
L<ERR_get_error(3)|ERR_get_error(3)>.
|
|
|
|
BN_CTX_free() has no return values.
|
|
|
|
=head1 REMOVED FUNCTIONALITY
|
|
|
|
void BN_CTX_init(BN_CTX *c);
|
|
|
|
BN_CTX_init() is no longer available as of OpenSSL 1.1.0. Applications should
|
|
replace use of BN_CTX_init with BN_CTX_new instead:
|
|
|
|
BN_CTX *ctx;
|
|
ctx = BN_CTX_new();
|
|
if(!ctx) /* Handle error */
|
|
...
|
|
BN_CTX_free(ctx);
|
|
|
|
=head1 SEE ALSO
|
|
|
|
L<bn(3)|bn(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<BN_add(3)|BN_add(3)>,
|
|
L<BN_CTX_start(3)|BN_CTX_start(3)>
|
|
|
|
=head1 HISTORY
|
|
|
|
BN_CTX_new() and BN_CTX_free() are available in all versions on SSLeay
|
|
and OpenSSL. BN_CTX_init() was added in SSLeay 0.9.1b and removed in OpenSSL
|
|
1.1.0.
|
|
|
|
=cut
|