Update comments to better document in-place semantics.
(Comment-only change; no functional difference.)
Some code was broken by the |d2i_ECDSA_SIG| change in 87897a8c. It was
passing in a pointer to an existing |ECDSA_SIG| as the first argument
and then simply assuming that the structure would be updated in place.
The comments on the function suggested that this was reasonable.
This change updates the comments that use similar wording to either note
that the function will never update in-place, or else to note that
depending on that is a bad idea for the future.
I've also audited all the uses of these functions that I can find and,
in addition to the one case with |d2i_ECDSA_SIG|, there are several
users of |d2i_PrivateKey| that could become a problem in the future.
I'll try to fix them before it does become an issue.
Change-Id: I769f7b2e0b5308d09ea07dd447e02fc161795071
Reviewed-on: https://boringssl-review.googlesource.com/6902
Reviewed-by: David Benjamin <davidben@chromium.org>
Reviewed-by: Adam Langley <agl@google.com>
diff --git a/crypto/evp/evp_asn1.c b/crypto/evp/evp_asn1.c
index c57f411..da25b99 100644
--- a/crypto/evp/evp_asn1.c
+++ b/crypto/evp/evp_asn1.c
@@ -84,6 +84,9 @@
}
const uint8_t *in = *inp;
+ /* If trying to remove |old_priv_decode|, note that some code depends on this
+ * function writing into |*out| and the |priv_decode| path doesn't support
+ * that. */
if (!ret->ameth->old_priv_decode ||
!ret->ameth->old_priv_decode(ret, &in, len)) {
if (ret->ameth->priv_decode) {
diff --git a/include/openssl/dh.h b/include/openssl/dh.h
index 2c49fc8..b7c07b9 100644
--- a/include/openssl/dh.h
+++ b/include/openssl/dh.h
@@ -177,7 +177,10 @@
* structure from |len| bytes at |*inp|. If |ret| is not NULL then, on exit, a
* pointer to the result is in |*ret|. If |*ret| is already non-NULL on entry
* then the result is written directly into |*ret|, otherwise a fresh |DH| is
- * allocated. On successful exit, |*inp| is advanced past the DER structure. It
+ * allocated. However, one should not depend on writing into |*ret| because
+ * this behaviour is likely to change in the future.
+ *
+ * On successful exit, |*inp| is advanced past the DER structure. It
* returns the result or NULL on error. */
OPENSSL_EXPORT DH *d2i_DHparams(DH **ret, const unsigned char **inp, long len);
diff --git a/include/openssl/dsa.h b/include/openssl/dsa.h
index 2045fe7..af439bd 100644
--- a/include/openssl/dsa.h
+++ b/include/openssl/dsa.h
@@ -222,8 +222,9 @@
* |*inp|. If |out_sig| is not NULL then, on exit, a pointer to the result is
* in |*out_sig|. If |*out_sig| is already non-NULL on entry then the result is
* written directly into |*out_sig|, otherwise a fresh |DSA_SIG| is allocated.
- * On successful exit, |*inp| is advanced past the DER structure. It returns
- * the result or NULL on error. */
+ * However, one should not depend on writing into |*out_sig| because this
+ * behaviour is likely to change in the future. On successful exit, |*inp| is
+ * advanced past the DER structure. It returns the result or NULL on error. */
OPENSSL_EXPORT DSA_SIG *d2i_DSA_SIG(DSA_SIG **out_sig, const uint8_t **inp,
long len);
@@ -236,9 +237,10 @@
/* d2i_DSAPublicKey parses an ASN.1, DER-encoded, DSA public key from |len|
* bytes at |*inp|. If |out| is not NULL then, on exit, a pointer to the result
* is in |*out|. If |*out| is already non-NULL on entry then the result is
- * written directly into |*out|, otherwise a fresh |DSA| is allocated. On
- * successful exit, |*inp| is advanced past the DER structure. It returns the
- * result or NULL on error. */
+ * written directly into |*out|, otherwise a fresh |DSA| is allocated.
+ * However, one should not depend on writing into |*out| because this behaviour
+ * is likely to change in the future. On successful exit, |*inp| is advanced
+ * past the DER structure. It returns the result or NULL on error. */
OPENSSL_EXPORT DSA *d2i_DSAPublicKey(DSA **out, const uint8_t **inp, long len);
/* i2d_DSAPublicKey marshals a public key from |in| to an ASN.1, DER structure.
@@ -250,9 +252,10 @@
/* d2i_DSAPrivateKey parses an ASN.1, DER-encoded, DSA private key from |len|
* bytes at |*inp|. If |out| is not NULL then, on exit, a pointer to the result
* is in |*out|. If |*out| is already non-NULL on entry then the result is
- * written directly into |*out|, otherwise a fresh |DSA| is allocated. On
- * successful exit, |*inp| is advanced past the DER structure. It returns the
- * result or NULL on error. */
+ * written directly into |*out|, otherwise a fresh |DSA| is allocated. However,
+ * one should not depend on writing into |*out| because this behaviour is
+ * likely to change in the future. On successful exit, |*inp| is advanced past
+ * the DER structure. It returns the result or NULL on error. */
OPENSSL_EXPORT DSA *d2i_DSAPrivateKey(DSA **out, const uint8_t **inp, long len);
/* i2d_DSAPrivateKey marshals a private key from |in| to an ASN.1, DER structure.
@@ -264,9 +267,10 @@
/* d2i_DSAparams parses ASN.1, DER-encoded, DSA parameters from |len| bytes at
* |*inp|. If |out| is not NULL then, on exit, a pointer to the result is in
* |*out|. If |*out| is already non-NULL on entry then the result is written
- * directly into |*out|, otherwise a fresh |DSA| is allocated. On successful
- * exit, |*inp| is advanced past the DER structure. It returns the result or
- * NULL on error. */
+ * directly into |*out|, otherwise a fresh |DSA| is allocated. However, one
+ * should not depend on writing into |*out| because this behaviour is likely to
+ * change in the future. On successful exit, |*inp| is advanced past the DER
+ * structure. It returns the result or NULL on error. */
OPENSSL_EXPORT DSA *d2i_DSAparams(DSA **out, const uint8_t **inp, long len);
/* i2d_DSAparams marshals DSA parameters from |in| to an ASN.1, DER structure.
diff --git a/include/openssl/ec_key.h b/include/openssl/ec_key.h
index afd95d6..da96508 100644
--- a/include/openssl/ec_key.h
+++ b/include/openssl/ec_key.h
@@ -181,8 +181,10 @@
* at |*inp|. If |out_key| is not NULL then, on exit, a pointer to the result
* is in |*out_key|. If |*out_key| is already non-NULL on entry then the result
* is written directly into |*out_key|, otherwise a fresh |EC_KEY| is
- * allocated. On successful exit, |*inp| is advanced past the DER structure. It
- * returns the result or NULL on error. */
+ * allocated. However, one should not depend on writing into |*out_key| because
+ * this behaviour is likely to change in the future. On successful exit, |*inp|
+ * is advanced past the DER structure. It returns the result or NULL on
+ * error. */
OPENSSL_EXPORT EC_KEY *d2i_ECPrivateKey(EC_KEY **out_key, const uint8_t **inp,
long len);
@@ -196,8 +198,10 @@
* |len| bytes at |*inp|. If |out_key| is not NULL then, on exit, a pointer to
* the result is in |*out_key|. If |*out_key| is already non-NULL on entry then
* the result is written directly into |*out_key|, otherwise a fresh |EC_KEY|
- * is allocated. On successful exit, |*inp| is advanced past the DER structure.
- * It returns the result or NULL on error. */
+ * is allocated. However, one should not depend on writing into |*out_key|
+ * because this behaviour is likely to change in the future. On successful
+ * exit, |*inp| is advanced past the DER structure. It returns the result or
+ * NULL on error. */
OPENSSL_EXPORT EC_KEY *d2i_ECParameters(EC_KEY **out_key, const uint8_t **inp,
long len);
diff --git a/include/openssl/ecdsa.h b/include/openssl/ecdsa.h
index f3f68eb..a060eab 100644
--- a/include/openssl/ecdsa.h
+++ b/include/openssl/ecdsa.h
@@ -178,10 +178,10 @@
/* d2i_ECDSA_SIG parses an ASN.1, DER-encoded, signature from |len| bytes at
* |*inp|. If |out| is not NULL then, on exit, a pointer to the result is in
- * |*out|. If |*out| is already non-NULL on entry then the result is written
- * directly into |*out|, otherwise a fresh |ECDSA_SIG| is allocated. On
- * successful exit, |*inp| is advanced past the DER structure. It returns the
- * result or NULL on error. */
+ * |*out|. Note that, even if |*out| is already non-NULL on entry, it will not
+ * be written to. Rather, a fresh |ECDSA_SIG| is allocated and the previous one
+ * is freed. On successful exit, |*inp| is advanced past the DER structure. It
+ * returns the result or NULL on error. */
OPENSSL_EXPORT ECDSA_SIG *d2i_ECDSA_SIG(ECDSA_SIG **out, const uint8_t **inp,
long len);
diff --git a/include/openssl/evp.h b/include/openssl/evp.h
index be2ea33..948353a 100644
--- a/include/openssl/evp.h
+++ b/include/openssl/evp.h
@@ -192,9 +192,10 @@
/* d2i_PrivateKey parses an ASN.1, DER-encoded, private key from |len| bytes at
* |*inp|. If |out| is not NULL then, on exit, a pointer to the result is in
* |*out|. If |*out| is already non-NULL on entry then the result is written
- * directly into |*out|, otherwise a fresh |EVP_PKEY| is allocated. On
- * successful exit, |*inp| is advanced past the DER structure. It returns the
- * result or NULL on error. */
+ * directly into |*out|, otherwise a fresh |EVP_PKEY| is allocated. However,
+ * one should not depend on writing into |*out| because this behaviour is
+ * likely to change in the future. On successful exit, |*inp| is advanced past
+ * the DER structure. It returns the result or NULL on error. */
OPENSSL_EXPORT EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **out,
const uint8_t **inp, long len);
diff --git a/include/openssl/rsa.h b/include/openssl/rsa.h
index 304c555..62d5935 100644
--- a/include/openssl/rsa.h
+++ b/include/openssl/rsa.h
@@ -441,10 +441,10 @@
/* d2i_RSAPublicKey parses an ASN.1, DER-encoded, RSA public key from |len|
* bytes at |*inp|. If |out| is not NULL then, on exit, a pointer to the result
- * is in |*out|. If |*out| is already non-NULL on entry then the result is
- * written directly into |*out|, otherwise a fresh |RSA| is allocated. On
- * successful exit, |*inp| is advanced past the DER structure. It returns the
- * result or NULL on error. */
+ * is in |*out|. Note that, even if |*out| is already non-NULL on entry, it
+ * will not be written to. Rather, a fresh |RSA| is allocated and the previous
+ * one is freed. On successful exit, |*inp| is advanced past the DER structure.
+ * It returns the result or NULL on error. */
OPENSSL_EXPORT RSA *d2i_RSAPublicKey(RSA **out, const uint8_t **inp, long len);
/* i2d_RSAPublicKey marshals |in| to an ASN.1, DER structure. If |outp| is not
@@ -455,10 +455,10 @@
/* d2i_RSAPrivateKey parses an ASN.1, DER-encoded, RSA private key from |len|
* bytes at |*inp|. If |out| is not NULL then, on exit, a pointer to the result
- * is in |*out|. If |*out| is already non-NULL on entry then the result is
- * written directly into |*out|, otherwise a fresh |RSA| is allocated. On
- * successful exit, |*inp| is advanced past the DER structure. It returns the
- * result or NULL on error. */
+ * is in |*out|. Note that, even if |*out| is already non-NULL on entry, it
+ * will not be written to. Rather, a fresh |RSA| is allocated and the previous
+ * one is freed. On successful exit, |*inp| is advanced past the DER structure.
+ * It returns the result or NULL on error. */
OPENSSL_EXPORT RSA *d2i_RSAPrivateKey(RSA **out, const uint8_t **inp, long len);
/* i2d_RSAPrivateKey marshals |in| to an ASN.1, DER structure. If |outp| is not
