[openssl-users] openssl 1.1.1 opaque structures

Richard Levitte levitte at openssl.org
Fri Nov 23 11:29:11 UTC 2018

In message <mailman.6072.1542969228.21411.openssl-users at openssl.org> on Fri, 23 Nov 2018 10:33:48 +0000, openssl-users-request at openssl.org said:

> Hi,
> In this snippet,
>        DH *dh;
>               if ((dh->g = BN_new()) == NULL)-------------> 1
>                      goto end;
>              if (!BN_set_word(dh->g, g)) -----------------------> 2
>                       goto end;

    DH *dh;
    BIGNUM *bn_g;

    if ((bn_g= BN_new()) == NULL)
        goto end;
    if (!BN_set_word(bn_g, g))
        goto end;
    if (!DH_set0_pqg(dh, NULL, NULL, bn_g))
        goto end;

Note that if the p parameter hasn't been set in dh, you must give that
one too, so essentially, this is safer:

    if (!DH_set0_pqg(dh, bn_p, NULL, bn_g))
        goto end;

See the manual pages for DH_set0_pqg and DH_get0_pqg


Richard Levitte         levitte at openssl.org
OpenSSL Project         http://www.openssl.org/~levitte/

More information about the openssl-users mailing list