diff options
| author | Adam Langley <agl@google.com> | 2016-01-14 20:32:24 +0300 |
|---|---|---|
| committer | Adam Langley <agl@google.com> | 2016-01-19 20:01:37 +0300 |
| commit | 62882187c9724ea72860e8bf00144ce589b74818 (patch) | |
| tree | 31156418793b365d2ea73d221e9d0f8971ee4cbd /include/openssl/rsa.h | |
| parent | b8ba65a73ac64c554d52a09ef4ee9d427ee764ae (diff) | |
Update comments to better document in-place semantics.
(Comment-only change; no functional difference.)
Some code was broken by the |d2i_ECDSA_SIG| change in 87897a8c. It was
passing in a pointer to an existing |ECDSA_SIG| as the first argument
and then simply assuming that the structure would be updated in place.
The comments on the function suggested that this was reasonable.
This change updates the comments that use similar wording to either note
that the function will never update in-place, or else to note that
depending on that is a bad idea for the future.
I've also audited all the uses of these functions that I can find and,
in addition to the one case with |d2i_ECDSA_SIG|, there are several
users of |d2i_PrivateKey| that could become a problem in the future.
I'll try to fix them before it does become an issue.
Change-Id: I769f7b2e0b5308d09ea07dd447e02fc161795071
Reviewed-on: https://boringssl-review.googlesource.com/6902
Reviewed-by: David Benjamin <davidben@chromium.org>
Reviewed-by: Adam Langley <agl@google.com>
Diffstat (limited to 'include/openssl/rsa.h')
| -rw-r--r-- | include/openssl/rsa.h | 16 |
1 files changed, 8 insertions, 8 deletions
diff --git a/include/openssl/rsa.h b/include/openssl/rsa.h index 304c5558..62d5935f 100644 --- a/include/openssl/rsa.h +++ b/include/openssl/rsa.h @@ -441,10 +441,10 @@ OPENSSL_EXPORT RSA *RSA_generate_key(int bits, unsigned long e, void *callback, /* d2i_RSAPublicKey parses an ASN.1, DER-encoded, RSA public key from |len| * bytes at |*inp|. If |out| is not NULL then, on exit, a pointer to the result - * is in |*out|. If |*out| is already non-NULL on entry then the result is - * written directly into |*out|, otherwise a fresh |RSA| is allocated. On - * successful exit, |*inp| is advanced past the DER structure. It returns the - * result or NULL on error. */ + * is in |*out|. Note that, even if |*out| is already non-NULL on entry, it + * will not be written to. Rather, a fresh |RSA| is allocated and the previous + * one is freed. On successful exit, |*inp| is advanced past the DER structure. + * It returns the result or NULL on error. */ OPENSSL_EXPORT RSA *d2i_RSAPublicKey(RSA **out, const uint8_t **inp, long len); /* i2d_RSAPublicKey marshals |in| to an ASN.1, DER structure. If |outp| is not @@ -455,10 +455,10 @@ OPENSSL_EXPORT int i2d_RSAPublicKey(const RSA *in, uint8_t **outp); /* d2i_RSAPrivateKey parses an ASN.1, DER-encoded, RSA private key from |len| * bytes at |*inp|. If |out| is not NULL then, on exit, a pointer to the result - * is in |*out|. If |*out| is already non-NULL on entry then the result is - * written directly into |*out|, otherwise a fresh |RSA| is allocated. On - * successful exit, |*inp| is advanced past the DER structure. It returns the - * result or NULL on error. */ + * is in |*out|. Note that, even if |*out| is already non-NULL on entry, it + * will not be written to. Rather, a fresh |RSA| is allocated and the previous + * one is freed. On successful exit, |*inp| is advanced past the DER structure. + * It returns the result or NULL on error. */ OPENSSL_EXPORT RSA *d2i_RSAPrivateKey(RSA **out, const uint8_t **inp, long len); /* i2d_RSAPrivateKey marshals |in| to an ASN.1, DER structure. If |outp| is not |