diff options
| author | tb <> | 2025-05-18 20:44:30 +0000 |
|---|---|---|
| committer | tb <> | 2025-05-18 20:44:30 +0000 |
| commit | acc0eedcf426632ede939ed94b1e1299e1ae3e05 (patch) | |
| tree | 2a5910f234ff6154c309f0ab93d9f58303e53f45 /src/lib/libcrypto/man/EC_POINT_new.3 | |
| parent | 9749f5d267e2479a7ebfa9125aef49e8f397c825 (diff) | |
| download | openbsd-acc0eedcf426632ede939ed94b1e1299e1ae3e05.tar.gz openbsd-acc0eedcf426632ede939ed94b1e1299e1ae3e05.tar.bz2 openbsd-acc0eedcf426632ede939ed94b1e1299e1ae3e05.zip | |
EC_POINT_new: wording tweaks in the BUGS section
Diffstat (limited to '')
| -rw-r--r-- | src/lib/libcrypto/man/EC_POINT_new.3 | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/src/lib/libcrypto/man/EC_POINT_new.3 b/src/lib/libcrypto/man/EC_POINT_new.3 index cfc988f294..243b84464b 100644 --- a/src/lib/libcrypto/man/EC_POINT_new.3 +++ b/src/lib/libcrypto/man/EC_POINT_new.3 | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | .\" $OpenBSD: EC_POINT_new.3,v 1.18 2025/04/25 19:57:12 tb Exp $ | 1 | .\" $OpenBSD: EC_POINT_new.3,v 1.19 2025/05/18 20:44:30 tb Exp $ |
| 2 | .\" | 2 | .\" |
| 3 | .\" Copyright (c) 2025 Theo Buehler <tb@openbsd.org> | 3 | .\" Copyright (c) 2025 Theo Buehler <tb@openbsd.org> |
| 4 | .\" | 4 | .\" |
| @@ -14,7 +14,7 @@ | |||
| 14 | .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF | 14 | .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF |
| 15 | .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | 15 | .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. |
| 16 | .\" | 16 | .\" |
| 17 | .Dd $Mdocdate: April 25 2025 $ | 17 | .Dd $Mdocdate: May 18 2025 $ |
| 18 | .Dt EC_POINT_NEW 3 | 18 | .Dt EC_POINT_NEW 3 |
| 19 | .Os | 19 | .Os |
| 20 | .Sh NAME | 20 | .Sh NAME |
| @@ -178,7 +178,7 @@ A fundamental flaw in the OpenSSL API toolkit is that | |||
| 178 | .Fn *_new | 178 | .Fn *_new |
| 179 | functions usually create invalid objects that are tricky to | 179 | functions usually create invalid objects that are tricky to |
| 180 | turn into valid objects. | 180 | turn into valid objects. |
| 181 | A fundamental flaw in the EC library is that | 181 | One specific flaw in the EC library internals is that |
| 182 | .Vt EC_POINT | 182 | .Vt EC_POINT |
| 183 | objects do not hold a reference to the group they live on | 183 | objects do not hold a reference to the group they live on |
| 184 | despite the fact that | 184 | despite the fact that |
| @@ -191,12 +191,12 @@ This is difficult to fix because | |||
| 191 | objects are not reference counted and | 191 | objects are not reference counted and |
| 192 | because of const qualifiers in the API. | 192 | because of const qualifiers in the API. |
| 193 | This is the root cause for various contortions in the EC library | 193 | This is the root cause for various contortions in the EC library |
| 194 | and API. | 194 | and API and |
| 195 | This has security implications because not | 195 | there are security implications because not |
| 196 | only does the library not know whether an | 196 | only does the library not know whether an |
| 197 | .Fa EC_POINT | 197 | .Fa EC_POINT |
| 198 | object represents a valid point, | 198 | object represents a valid point, |
| 199 | even if it did know that it would not know on what curve. | 199 | even if it did know that it would still not know on what curve. |
| 200 | .Pp | 200 | .Pp |
| 201 | The signature of | 201 | The signature of |
| 202 | .Fn EC_GROUP_dup | 202 | .Fn EC_GROUP_dup |