mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-26 05:45:38 +01:00
Improve documentation in pkparse.c
State explicitly that `pk_parse_pkcs8_undencrypted_der` and `pk_parse_key_pkcs8_encrypted_der` are not responsible for zeroizing and freeing the provided key buffer.
This commit is contained in:
parent
f04111f5c5
commit
b4274210a4
@ -844,6 +844,16 @@ static int pk_parse_key_sec1_der( mbedtls_ecp_keypair *eck,
|
||||
|
||||
/*
|
||||
* Parse an unencrypted PKCS#8 encoded private key
|
||||
*
|
||||
* Notes:
|
||||
*
|
||||
* - This function does not own the key buffer. It is the
|
||||
* responsibility of the caller to take care of zeroizing
|
||||
* and freeing it after use.
|
||||
*
|
||||
* - The function is responsible for freeing the provided
|
||||
* PK context on failure.
|
||||
*
|
||||
*/
|
||||
static int pk_parse_key_pkcs8_unencrypted_der(
|
||||
mbedtls_pk_context *pk,
|
||||
@ -932,6 +942,12 @@ static int pk_parse_key_pkcs8_unencrypted_der(
|
||||
|
||||
/*
|
||||
* Parse an encrypted PKCS#8 encoded private key
|
||||
*
|
||||
* To save space, the decryption happens in-place on the given key buffer.
|
||||
* Also, while this function may modify the keybuffer, it doesn't own it,
|
||||
* and instead it is the responsibility of the caller to zeroize and properly
|
||||
* free it after use.
|
||||
*
|
||||
*/
|
||||
#if defined(MBEDTLS_PKCS12_C) || defined(MBEDTLS_PKCS5_C)
|
||||
static int pk_parse_key_pkcs8_encrypted_der(
|
||||
@ -969,7 +985,6 @@ static int pk_parse_key_pkcs8_encrypted_der(
|
||||
*
|
||||
* The EncryptedData OCTET STRING is a PKCS#8 PrivateKeyInfo
|
||||
*
|
||||
* To save space, the decryption happens in-place on the given key buffer.
|
||||
*/
|
||||
if( ( ret = mbedtls_asn1_get_tag( &p, end, &len,
|
||||
MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE ) ) != 0 )
|
||||
|
Loading…
Reference in New Issue
Block a user