Improve the description of ASN1_OCTET_STRING_cmp(3),

ASN1_OCTET_STRING_dup(3), and ASN1_OCTET_STRING_set(3). Explicitly say that they do not provide any type safety and explain what that means.
author: schwarze <> 2021-11-20 11:49:08 +0000
committer: schwarze <> 2021-11-20 11:49:08 +0000
commit: 4b108bfbfda44e8f98286b5d9745118b1d989f59 (patch)
tree: 3a404c4e7498b8c59d241043b36791e6dabb9044 /src/lib
parent: 945f084e2204432f02dc67409d640c082c7d12b1 (diff)
download: openbsd-4b108bfbfda44e8f98286b5d9745118b1d989f59.tar.gz
openbsd-4b108bfbfda44e8f98286b5d9745118b1d989f59.tar.bz2
openbsd-4b108bfbfda44e8f98286b5d9745118b1d989f59.zip
1 files changed, 37 insertions, 12 deletions
diff --git a/src/lib/libcrypto/man/ASN1_STRING_length.3 b/src/lib/libcrypto/man/ASN1_STRING_length.3
index da0d7468c3..83b6ffdd2f 100644
--- a/src/lib/libcrypto/man/ASN1_STRING_length.3
+++ b/src/lib/libcrypto/man/ASN1_STRING_length.3
@@ -1,4 +1,4 @@
-.\" $OpenBSD: ASN1_STRING_length.3,v 1.26 2021/11/15 16:18:36 schwarze Exp $
+.\" $OpenBSD: ASN1_STRING_length.3,v 1.27 2021/11/20 11:49:08 schwarze Exp $
 .\" full merge up to: OpenSSL 24a535ea Sep 22 13:14:20 2020 +0100
 .\"
 .\" This file is a derived work.
@@ -66,7 +66,7 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 .\" OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: November 15 2021 $
+.Dd $Mdocdate: November 20 2021 $
 .Dt ASN1_STRING_LENGTH 3
 .Os
 .Sh NAME
@@ -160,13 +160,16 @@ These functions manipulate
 structures.
 .Pp
 .Fn ASN1_STRING_cmp
-and
+compares the type, the length, and the content of
-.Fn ASN1_OCTET_STRING_cmp
-compare the type, the length, and the content of
 .Fa a
 and
 .Fa b .
 .Pp
+.Fn ASN1_OCTET_STRING_cmp
+does exactly the same as
+.Fn ASN1_STRING_cmp
+without providing any type safety.
+.Pp
 .Fn ASN1_STRING_data
 is similar to
 .Fn ASN1_STRING_get0_data
@@ -177,10 +180,16 @@ Applications should use
 instead.
 .Pp
 .Fn ASN1_STRING_dup
-and
+allocates a new
+.Vt ASN1_STRING
+object and copies the type, length, data, and flags from
+.Fa a
+into it.
+.Pp
 .Fn ASN1_OCTET_STRING_dup
-copy
+does exactly the same as
-.Fa a .
+.Fn ASN1_STRING_dup
+without providing any type safety.
 .Pp
 .Fn ASN1_STRING_get0_data
 returns an internal pointer to the data of
@@ -211,13 +220,11 @@ bytes, and sets the data attribute to
 transferring ownership, without doing any validation.
 .Pp
 .Fn ASN1_STRING_set
-and
+sets the length attribute of
-.Fn ASN1_OCTET_STRING_set
-set the length attribute of
 .Fa str
 to
 .Fa len
-and copy that number of bytes from
+and copies that number of bytes from
 .Fa data
 into
 .Fa str ,
@@ -238,6 +245,11 @@ remains uninitialized; that is not considered an error unless
 .Fa len
 is negative.
 .Pp
+.Fn ASN1_OCTET_STRING_set
+does exactly the same as
+.Fn ASN1_STRING_set
+without providing any type safety.
+.Pp
 .Fn ASN1_STRING_copy
 copies the length and data of
 .Fa src
@@ -422,3 +434,16 @@ first appeared in OpenSSL 1.0.0 and has been available since
 .Fn ASN1_STRING_get0_data
 first appeared in OpenSSL 1.1.0 and has been available since
 .Ox 6.3 .
+.Sh BUGS
+.Fn ASN1_OCTET_STRING_cmp ,
+.Fn ASN1_OCTET_STRING_dup ,
+and
+.Fn ASN1_OCTET_STRING_set
+do not check whether their arguments are really of the type
+.Dv V_ASN1_OCTET_STRING .
+They may report success even if their arguments are of a wrong type.
+Consequently, even in case of success, the return value of
+.Fn ASN1_OCTET_STRING_dup
+is not guaranteed to be of the type
+.Dv V_ASN1_OCTET_STRING
+either.
author	schwarze <>	2021-11-20 11:49:08 +0000
committer	schwarze <>	2021-11-20 11:49:08 +0000
commit	4b108bfbfda44e8f98286b5d9745118b1d989f59 (patch)
tree	3a404c4e7498b8c59d241043b36791e6dabb9044 /src/lib
parent	945f084e2204432f02dc67409d640c082c7d12b1 (diff)
download	openbsd-4b108bfbfda44e8f98286b5d9745118b1d989f59.tar.gz openbsd-4b108bfbfda44e8f98286b5d9745118b1d989f59.tar.bz2 openbsd-4b108bfbfda44e8f98286b5d9745118b1d989f59.zip

diff --git a/src/lib/libcrypto/man/ASN1_STRING_length.3 b/src/lib/libcrypto/man/ASN1_STRING_length.3 index da0d7468c3..83b6ffdd2f 100644 --- a/src/lib/libcrypto/man/ASN1_STRING_length.3 +++ b/src/lib/libcrypto/man/ASN1_STRING_length.3
@@ -1,4 +1,4 @@
1	.\" $OpenBSD: ASN1_STRING_length.3,v 1.26 2021/11/15 16:18:36 schwarze Exp $	1	.\" $OpenBSD: ASN1_STRING_length.3,v 1.27 2021/11/20 11:49:08 schwarze Exp $
2	.\" full merge up to: OpenSSL 24a535ea Sep 22 13:14:20 2020 +0100	2	.\" full merge up to: OpenSSL 24a535ea Sep 22 13:14:20 2020 +0100
3	.\"	3	.\"
4	.\" This file is a derived work.	4	.\" This file is a derived work.
@@ -66,7 +66,7 @@
66	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED	66	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
67	.\" OF THE POSSIBILITY OF SUCH DAMAGE.	67	.\" OF THE POSSIBILITY OF SUCH DAMAGE.
68	.\"	68	.\"
69	.Dd $Mdocdate: November 15 2021 $	69	.Dd $Mdocdate: November 20 2021 $
70	.Dt ASN1_STRING_LENGTH 3	70	.Dt ASN1_STRING_LENGTH 3
71	.Os	71	.Os
72	.Sh NAME	72	.Sh NAME
@@ -160,13 +160,16 @@ These functions manipulate
160	structures.	160	structures.
161	.Pp	161	.Pp
162	.Fn ASN1_STRING_cmp	162	.Fn ASN1_STRING_cmp
163	and	163	compares the type, the length, and the content of
164	.Fn ASN1_OCTET_STRING_cmp
165	compare the type, the length, and the content of
166	.Fa a	164	.Fa a
167	and	165	and
168	.Fa b .	166	.Fa b .
169	.Pp	167	.Pp
		168	.Fn ASN1_OCTET_STRING_cmp
		169	does exactly the same as
		170	.Fn ASN1_STRING_cmp
		171	without providing any type safety.
		172	.Pp
170	.Fn ASN1_STRING_data	173	.Fn ASN1_STRING_data
171	is similar to	174	is similar to
172	.Fn ASN1_STRING_get0_data	175	.Fn ASN1_STRING_get0_data
@@ -177,10 +180,16 @@ Applications should use
177	instead.	180	instead.
178	.Pp	181	.Pp
179	.Fn ASN1_STRING_dup	182	.Fn ASN1_STRING_dup
180	and	183	allocates a new
		184	.Vt ASN1_STRING
		185	object and copies the type, length, data, and flags from
		186	.Fa a
		187	into it.
		188	.Pp
181	.Fn ASN1_OCTET_STRING_dup	189	.Fn ASN1_OCTET_STRING_dup
182	copy	190	does exactly the same as
183	.Fa a .	191	.Fn ASN1_STRING_dup
		192	without providing any type safety.
184	.Pp	193	.Pp
185	.Fn ASN1_STRING_get0_data	194	.Fn ASN1_STRING_get0_data
186	returns an internal pointer to the data of	195	returns an internal pointer to the data of
@@ -211,13 +220,11 @@ bytes, and sets the data attribute to
211	transferring ownership, without doing any validation.	220	transferring ownership, without doing any validation.
212	.Pp	221	.Pp
213	.Fn ASN1_STRING_set	222	.Fn ASN1_STRING_set
214	and	223	sets the length attribute of
215	.Fn ASN1_OCTET_STRING_set
216	set the length attribute of
217	.Fa str	224	.Fa str
218	to	225	to
219	.Fa len	226	.Fa len
220	and copy that number of bytes from	227	and copies that number of bytes from
221	.Fa data	228	.Fa data
222	into	229	into
223	.Fa str ,	230	.Fa str ,
@@ -238,6 +245,11 @@ remains uninitialized; that is not considered an error unless
238	.Fa len	245	.Fa len
239	is negative.	246	is negative.
240	.Pp	247	.Pp
		248	.Fn ASN1_OCTET_STRING_set
		249	does exactly the same as
		250	.Fn ASN1_STRING_set
		251	without providing any type safety.
		252	.Pp
241	.Fn ASN1_STRING_copy	253	.Fn ASN1_STRING_copy
242	copies the length and data of	254	copies the length and data of
243	.Fa src	255	.Fa src
@@ -422,3 +434,16 @@ first appeared in OpenSSL 1.0.0 and has been available since
422	.Fn ASN1_STRING_get0_data	434	.Fn ASN1_STRING_get0_data
423	first appeared in OpenSSL 1.1.0 and has been available since	435	first appeared in OpenSSL 1.1.0 and has been available since
424	.Ox 6.3 .	436	.Ox 6.3 .
		437	.Sh BUGS
		438	.Fn ASN1_OCTET_STRING_cmp ,
		439	.Fn ASN1_OCTET_STRING_dup ,
		440	and
		441	.Fn ASN1_OCTET_STRING_set
		442	do not check whether their arguments are really of the type
		443	.Dv V_ASN1_OCTET_STRING .
		444	They may report success even if their arguments are of a wrong type.
		445	Consequently, even in case of success, the return value of
		446	.Fn ASN1_OCTET_STRING_dup
		447	is not guaranteed to be of the type
		448	.Dv V_ASN1_OCTET_STRING
		449	either.