Google Git
Sign in
flutter / third_party / openssl / e9224c717711eefb30038c9b37c69795dda93c9a^! / . / CHANGES
commite9224c717711eefb30038c9b37c69795dda93c9a[log] [tgz]
authorGeoff Thorpe <geoff@openssl.org>Sun Dec 08 05:24:31 2002 +0000
committerGeoff Thorpe <geoff@openssl.org>Sun Dec 08 05:24:31 2002 +0000
treecdb7a95f6ef21a6434008c494c38d530b629def0
parente90e7197398ce87786e92468e946d50f3c6728b7 [diff] [blame]
This is a first-cut at improving the callback mechanisms used in
key-generation and prime-checking functions. Rather than explicitly passing
callback functions and caller-defined context data for the callbacks, a new
structure BN_GENCB is defined that encapsulates this; a pointer to the
structure is passed to all such functions instead.

This wrapper structure allows the encapsulation of "old" and "new" style
callbacks - "new" callbacks return a boolean result on the understanding
that returning FALSE should terminate keygen/primality processing.  The
BN_GENCB abstraction will allow future callback modifications without
needing to break binary compatibility nor change the API function
prototypes. The new API functions have been given names ending in "_ex" and
the old functions are implemented as wrappers to the new ones.  The
OPENSSL_NO_DEPRECATED symbol has been introduced so that, if defined,
declaration of the older functions will be skipped. NB: Some
openssl-internal code will stick with the older callbacks for now, so
appropriate "#undef" logic will be put in place - this is in case the user
is *building* openssl (rather than *including* its headers) with this
symbol defined.

There is another change in the new _ex functions; the key-generation
functions do not return key structures but operate on structures passed by
the caller, the return value is a boolean. This will allow for a smoother
transition to having key-generation as "virtual function" in the various
***_METHOD tables.

diff --git a/CHANGES b/CHANGES
index 8d47c0e..f0fd7ac 100644
--- a/CHANGES
+++ b/CHANGES

@@ -4,6 +4,18 @@
 
  Changes between 0.9.7 and 0.9.8  [xx XXX 2002]
 
+  *) Change the "progress" mechanism used in key-generation and
+     primality testing to functions that take a new BN_GENCB pointer in
+     place of callback/argument pairs. The new API functions have "_ex"
+     postfixes and the older functions are reimplemented as wrappers for
+     the new ones. The OPENSSL_NO_DEPRECATED symbol can be used to hide
+     declarations of the old functions to help (graceful) attempts to
+     migrate to the new functions. Also, the new key-generation API
+     functions operate on a caller-supplied key-structure and return
+     success/failure rather than returning a key or NULL - this is to
+     help make "keygen" another member function of RSA_METHOD etc.
+     [Geoff Thorpe]
+
   *) Add the ASN.1 structures and functions for CertificatePair, which
      is defined as follows (according to X.509_4thEditionDraftV6.pdf):