Support constant BN for DH parameters
authorDr. Stephen Henson <steve@openssl.org>
Sun, 8 Oct 2017 20:04:05 +0000 (21:04 +0100)
committerDr. Stephen Henson <steve@openssl.org>
Thu, 12 Oct 2017 01:40:30 +0000 (02:40 +0100)
commit5f2d9c4d26c923ece6ee04616a2d32a1afc124c8
treec8904723a53c13363430c40099ff37cfebd52dd6
parent8e826a339f8cda20a4311fa88a1de782972cf40d
Support constant BN for DH parameters

If BN_FLG_STATIC_DATA is set don't cleanse a->d as it will reside
in read only memory. If BN_FLG_MALLOCED is not set don't modify the
BIGNUM at all.

This change applies to BN_clear_free() and BN_free(). Now the BIGNUM
structure is opaque applications cannot create a BIGNUM structure
without BN_FLG_MALLOCED being set so they are unaffected.

Update internal DH routines so they only copy pointers for read only
parameters.

Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4485)
crypto/bn/bn_lib.c
crypto/dh/dh_ameth.c