commit 0aef1686dea574045984bb2adf9bc0e3d905ad75
author Adam Langley <agl@google.com> Wed Apr 05 15:47:27 2017 -0700
committer David Benjamin <davidben@google.com> Thu Apr 06 02:54:50 2017 +0000
tree 1529470b6ba1ce0bca6624ad707ca8f49b047ca8
parent d69d94e7e3fc1caaf9b785ca8a62494c3ea23164

Comment typo fix: 1024 bits is too small, not too large.

(No semantic effect.)

Change-Id: Iaeddaab3a8cb8b942979dea6e934bf4a8a465841
Reviewed-on: https://boringssl-review.googlesource.com/14724
Reviewed-by: David Benjamin <davidben@google.com>

ssl/ssl_privkey.c

diff --git a/ssl/ssl_privkey.c b/ssl/ssl_privkey.c
index 7bb8b0a..8b05730 100644
--- a/ssl/ssl_privkey.c
+++ b/ssl/ssl_privkey.c
@@ -478,9 +478,9 @@
     /* Ensure the RSA key is large enough for the hash. RSASSA-PSS requires that
      * emLen be at least hLen + sLen + 2. Both hLen and sLen are the size of the
      * hash in TLS. Reasonable RSA key sizes are large enough for the largest
-     * defined RSASSA-PSS algorithm, but 1024-bit RSA is slightly too large for
+     * defined RSASSA-PSS algorithm, but 1024-bit RSA is slightly too small for
      * SHA-512. 1024-bit RSA is sometimes used for test credentials, so check
-     * the size to fall back to another algorithm. */
+     * the size so that we can fall back to another algorithm in that case. */
     if ((size_t)EVP_PKEY_size(hs->local_pubkey) <
         2 * EVP_MD_size(alg->digest_func()) + 2) {
       return 0;