HP Open Source Security for OpenVMS Volume 2: HP SSL for OpenVMS > CRYPTO Application
Programming Interface (API) Reference
Several OpenSSL structures can have application specific data attached to them. This has several potential uses, it can be used to cache data associated with a structure (for example the hash of some part of the structure) or some additional data (for example a handle to the data in an external library).
Since the application data can be anything at all it is passed and retrieved as a void * type.
The RSA_get_ex_new_index() function is initially called to "register" some new application specific data. It takes three optional function pointers which are called when the parent structure (in this case an RSA structure) is initially created, when it is copied and when it is freed up. If any or all of these function pointer arguments are not used they should be set to NULL. The precise manner in which these function pointers are called is described in more detail below. RSA_get_ex_new_index() also takes additional long and pointer parameters which will be passed to the supplied functions but which otherwise have no special meaning. It returns an index which should be stored (typically in a static variable) and passed used in the idx parameter in the remaining functions. Each successful call to RSA_get_ex_new_index() will return an index greater than any previously returned, this is important because the optional functions are called in order of increasing index value.
RSA_set_ex_data() is used to set application specific data, the data is supplied in the arg parameter and its precise meaning is up to the application.
RSA_get_ex_data() is used to retrieve application specific data. The data is returned to the application, this will be the same value as supplied to a previous RSA_set_ex_data() call.
new_func() is called when a structure is initially allocated (for example with RSA_new(). The parent structure members will not have any meaningful values at this point. This function will typically be used to allocate any application specific structure.
free_func() is called when a structure is being freed up. The dynamic parent structure members should not be accessed because they will be freed up when this function is called.
new_func() and free_func() take the same parameters. parent is a pointer to the parent RSA structure. ptr is a the application specific data (this wont be of much use in new_func(). ad is a pointer to the CRYPTO_EX_DATA structure from the parent RSA structure: the functions CRYPTO_get_ex_data() and CRYPTO_set_ex_data() can be called to manipulate it. The idx parameter is the index: this will be the same value returned by RSA_get_ex_new_index() when the functions were initially registered. Finally the argl and argp parameters are the values originally passed to the same corresponding parameters when RSA_get_ex_new_index() was called.
dup_func() is called when a structure is being copied. Pointers to the destination and source CRYPTO_EX_DATA structures are passed in the to and from parameters respectively. The from_d parameter is passed a pointer to the source application data when the function is called, when the function returns the value is copied to the destination: the application can thus modify the data pointed to by from_d and have different values in the source and destination. The idx, argl and argp parameters are the same as those in new_func() and free_func().
RSA_get_ex_new_index() returns a new index or -1 on failure (note 0 is a valid index value).
RSA_set_ex_data() returns 1 on success or 0 on failure.
RSA_get_ex_data() returns the application data or 0 on failure. 0 may also be valid application data but currently it can only fail if given an invalid idx parameter.
new_func() and dup_func() should return 0 for failure and 1 for success.
On failure an error code can be obtained from ERR_get_error(3).
dup_func() is currently never called.
The return value of new_func() is ignored.
The new_func() function isn't very useful because no meaningful values are present in the parent RSA structure when it is called.