Update documentation about ASN.1 BIT STRING lengths ASN1_BIT_STRING_num_bytes is deprecated now. Change-Id: I03df8255c86cabcb49482f162de7f94c6a6a6964 Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/96807 Auto-Submit: Lily Chen <chlily@google.com> Presubmit-BoringSSL-Verified: boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com <boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: David Benjamin <davidben@google.com> Commit-Queue: David Benjamin <davidben@google.com>
diff --git a/include/openssl/asn1.h b/include/openssl/asn1.h index 04d026b..e599b54 100644 --- a/include/openssl/asn1.h +++ b/include/openssl/asn1.h
@@ -854,8 +854,9 @@ // AlgorithmIdentifier. While some unknown algorithm could choose to store // arbitrary bit strings, all supported algorithms use a byte string, with bit // order matching the DER encoding. Callers interpreting a BIT STRING as a byte -// string should use `ASN1_BIT_STRING_num_bytes` instead of `ASN1_STRING_length` -// and reject bit strings that are not a whole number of bytes. +// string should reject bit strings that are not a whole number of bytes by +// requiring that `ASN1_BIT_STRING_unused_bits` returns zero; the byte length is +// returned by `ASN1_STRING_length`. // // This library represents BIT STRINGs as `ASN1_STRING`s with type // `V_ASN1_BIT_STRING`. The data contains the encoded form of the BIT STRING,