A few fixes/improvements:
- first, BN_free == BN_clear_free in our libcrypto, so we do not need to
treat CBIGNUM (crypto BN) separately from BIGNUM (regular BN).
- then, in bn_i2c(), since BN_bn2bin returns BN_num_bytes(input), take
advantage of this to avoid calling BN_num_bytes() a second time.
BN_num_bytes() is cheap, but this not a reason to perform redundant
work.
- finally, in bn_c2i, if bn_new() fails, return early. Otherwise
BN_bin2bn will try to create a BN too, and although this will probably
fail since we were already out of memory, if we are on a threaded
process and suddenly the allocation succeeds, we will leak it since it
will never be stored in *pval.
ok jsing@
projects / openbsd / commit