Google Git
Sign in
boringssl / boringssl.git / cfafcd454fd01ebc40f1a7f43537dd306b7b64c3^! / . / include / openssl / ecdsa.h
commitcfafcd454fd01ebc40f1a7f43537dd306b7b64c3[log] [tgz]
authorDavid Benjamin <davidben@google.com>Thu Oct 14 17:22:23 2021 -0400
committerAdam Langley <agl@google.com>Fri Oct 15 20:35:42 2021 +0000
treeedac01afe40951a93a8df47bf0fbc56ed3495b94
parentf6ef1c560ae5af51e2df5d8d2175bed207b28b8f [diff] [blame]
Deduplicate d2i and i2d documentation.

There are a lot of d2i and i2d functions, and there will be even more
once asn1.h and x509.h are properly documented. We currently replicate
the text in each, but as a result a miss a few points:

- The i2d outp != NULL, *outp == NULL case isn't documented at all.

- We should call out what to do with *inp after d2i.

- Unlike our rewritten functions, object reuse is still quite rampant
  with the asn1.h functions. I hope we can get rid of that but, until we
  can, it would be nice to describe it in one place.

While I'm here, update a few references to the latest PKCS#1 RFC, and
try to align how we reference ASN.1 structures a bit. The d2i/i2d
functions say "ASN.1, DER-encoded RSA private key" while the CBS/CBB
functions say "DER-encoded RSAPrivateKey structure".

Bug: 426
Change-Id: I8d9a7b0aef3d6d9c8240136053c3b1704b09fd41
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/49906
Reviewed-by: Adam Langley <agl@google.com>

diff --git a/include/openssl/ecdsa.h b/include/openssl/ecdsa.h
index 5443ef5..bc0dba5 100644
--- a/include/openssl/ecdsa.h
+++ b/include/openssl/ecdsa.h

@@ -197,19 +197,17 @@
 
 // Deprecated functions.
 
-// d2i_ECDSA_SIG parses an ASN.1, DER-encoded, signature from |len| bytes at
-// |*inp|. If |out| is not NULL then, on exit, a pointer to the result is in
-// |*out|. Note that, even if |*out| is already non-NULL on entry, it will not
-// be written to. Rather, a fresh |ECDSA_SIG| is allocated and the previous one
-// is freed. On successful exit, |*inp| is advanced past the DER structure. It
-// returns the result or NULL on error.
+// d2i_ECDSA_SIG parses aa DER-encoded ECDSA-Sig-Value structure from |len|
+// bytes at |*inp|, as described in |d2i_SAMPLE|.
+//
+// Use |ECDSA_SIG_parse| instead.
 OPENSSL_EXPORT ECDSA_SIG *d2i_ECDSA_SIG(ECDSA_SIG **out, const uint8_t **inp,
                                         long len);
 
-// i2d_ECDSA_SIG marshals a signature from |sig| to an ASN.1, DER
-// structure. If |outp| is not NULL then the result is written to |*outp| and
-// |*outp| is advanced just past the output. It returns the number of bytes in
-// the result, whether written or not, or a negative value on error.
+// i2d_ECDSA_SIG marshals |sig| as a DER-encoded ECDSA-Sig-Value, as described
+// in |i2d_SAMPLE|.
+//
+// Use |ECDSA_SIG_marshal| instead.
 OPENSSL_EXPORT int i2d_ECDSA_SIG(const ECDSA_SIG *sig, uint8_t **outp);