diff options
| author | Tomas Mraz <tomas@openssl.org> | 2021-02-26 18:28:48 +0100 |
|---|---|---|
| committer | Pauli <ppzgs1@gmail.com> | 2021-03-03 10:00:21 +1000 |
| commit | 8d05a65256294f70a3bc34b7d13cc38e41a17402 (patch) | |
| tree | 536216022d9298c0767b063aa8b0dda76345cbff /providers | |
| parent | f378755d62e1646b36683de37408dd98549bef69 (diff) | |
Resolve TODOs in signature implementations.
The DER writing errors can be ignored safely.
Document that the EVP_MAX_MD_SIZE is a hardcoded limit
for digest sizes.
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14367)
Diffstat (limited to 'providers')
| -rw-r--r-- | providers/implementations/signature/dsa.c | 6 | ||||
| -rw-r--r-- | providers/implementations/signature/eddsa.c | 2 | ||||
| -rw-r--r-- | providers/implementations/signature/sm2sig.c | 2 |
3 files changed, 5 insertions, 5 deletions
diff --git a/providers/implementations/signature/dsa.c b/providers/implementations/signature/dsa.c index 81e435c419..eadf62361a 100644 --- a/providers/implementations/signature/dsa.c +++ b/providers/implementations/signature/dsa.c @@ -148,7 +148,7 @@ static int dsa_setup_md(PROV_DSA_CTX *ctx, EVP_MD_free(ctx->md); /* - * TODO(3.0) Should we care about DER writing errors? + * We do not care about DER writing errors. * All it really means is that for some reason, there's no * AlgorithmIdentifier to be had, but the operation itself is * still valid, just as long as it's not used to construct @@ -313,7 +313,7 @@ int dsa_digest_sign_final(void *vpdsactx, unsigned char *sig, size_t *siglen, */ if (sig != NULL) { /* - * TODO(3.0): There is the possibility that some externally provided + * There is the possibility that some externally provided * digests exceed EVP_MAX_MD_SIZE. We should probably handle that somehow - * but that problem is much larger than just in DSA. */ @@ -338,7 +338,7 @@ int dsa_digest_verify_final(void *vpdsactx, const unsigned char *sig, return 0; /* - * TODO(3.0): There is the possibility that some externally provided + * There is the possibility that some externally provided * digests exceed EVP_MAX_MD_SIZE. We should probably handle that somehow - * but that problem is much larger than just in DSA. */ diff --git a/providers/implementations/signature/eddsa.c b/providers/implementations/signature/eddsa.c index 71b57d70ea..93b98dbbbc 100644 --- a/providers/implementations/signature/eddsa.c +++ b/providers/implementations/signature/eddsa.c @@ -105,7 +105,7 @@ static int eddsa_digest_signverify_init(void *vpeddsactx, const char *mdname, } /* - * TODO(3.0) Should we care about DER writing errors? + * We do not care about DER writing errors. * All it really means is that for some reason, there's no * AlgorithmIdentifier to be had, but the operation itself is * still valid, just as long as it's not used to construct diff --git a/providers/implementations/signature/sm2sig.c b/providers/implementations/signature/sm2sig.c index d12c7191fb..18fdf62487 100644 --- a/providers/implementations/signature/sm2sig.c +++ b/providers/implementations/signature/sm2sig.c @@ -192,7 +192,7 @@ static int sm2sig_digest_signverify_init(void *vpsm2ctx, const char *mdname, goto error; /* - * TODO(3.0) Should we care about DER writing errors? + * We do not care about DER writing errors. * All it really means is that for some reason, there's no * AlgorithmIdentifier to be had, but the operation itself is * still valid, just as long as it's not used to construct |