Filter
Top Products
Chapter 4 Using Crypto-C 121
System Considerations In Crypto-C
object. When you call B_GetAlgorithmState, you receive a buffer that contains all of
the data necessary to reconstruct the object, using the call
B_SetAlgorithmState, to
the state it was in at the time of calling the
Get routine (B_GetAlogorithmState).
This is useful in SSL, for example. The SSL protocol at one point requires the user to
finish digesting data (B_DigestFinal), yet retain the digest state so that it is possible to
continue as if the final digesting had never taken place. With these two new function
calls, you can get the state, call the
Final routine, and then create a new object with
the saved value and continue on as if the
Final routine never took place. You can use
this feature when performing message digests, RC4, or in Diffie-Hellman key
agreement.
The state value for Diffie-Hellman is actually the BER encoding following this ASN.1
definition.
When to Allocate Memory
Whenever you use Crypto-C, you will produce output. The output might be
encrypted or decrypted data, or information you are retrieving concerning keys or
algorithms. This output must go somewhere; there must be memory that is allocated
to hold it. If memory is not allocated for a particular output, the computer will still try
to put the output somewhere, possibly in a location that already contains other data
or programs. When is it the application’s responsibility to allocate memory and when
will Crypto-C do the allocating?
The application must allocate memory whenever a Crypto-C function produces
output and the prototype indicates that the output argument is a pointer (for instance,
POINTER or unsigned char *). In this situation, Crypto-C asks for a pointer and places
the output at the address indicated by the pointer. It is the application’s responsibility
to make sure that the pointer points to allocated memory.
Crypto-C allocates memory whenever a function produces output and the prototype
indicates the output argument is a pointer to a pointer (for instance,
POINTER *). Here,
Crypto-C asks for the address of a pointer. Crypto-C goes to that address and deposits
a pointer there. If the application goes to where the pointer points, it will find the
SEQUENCE {
OBJECT IDENTIFIER dhOID,
INTEGER prime,
INTEGER base,
INTEGER maxExponentBits,
INTEGER publicValue,
INTEGER privateValue }