[openssl-users] OpenSSL Release Strategy and Blog
Jeffrey Walton
noloader at gmail.com
Wed Dec 24 22:46:46 UTC 2014
On Wed, Dec 24, 2014 at 4:55 PM, Dr. Stephen Henson <steve at openssl.org> wrote:
> On Wed, Dec 24, 2014, Ken Goldman wrote:
>
>> >Version 1.1.0 will (moderately) break source compatibility (for example we will make most structures opaque etc).
>>
>> I as a user, I have two points of concern"
>>
>> 1 - Will the RSA structure be opaque? I have a continuing need to
>> construct an RSA structure from binary arrays of public and private
>> key parts and vice versa.
>>
>> Will I lose that?
>>
>
> RSA is something which most probably will be opaque along with DSA, DH and
> the associated methods.
Here's another counterpoint: when those structures are made opaque,
that means we have to go to the memory manager for a struct that could
otherwise be stack based. And we have to free it. That can slow things
down considerably.
I don't mind the extra cycles spent on parameter validation and return
value checking. Crypto software is high integrity software, so little
details like the CompSci 101 stuff needs to be done. But I despise
having to go to the memory manager for something like a BN_CTX that
could live on the stack.
Jeff
More information about the openssl-users
mailing list