The problem that I see is that there's a set of parameters (such as OSSL_PKEY_PARAM_EC_COFACTOR), not described in the man pages, with under-specified type.
E.g., how is one to know where's "normal" ~~sloppiness~~ imperfection in writing, and where "unsigned integer" truly means 'NOT C type "unsigned int"', especially since it's all in a C API description (so one tends to expect C types, unless CLEARLY stated otherwise)?
Beneficial - would be a man page that lists these parameters, their types, and the appropriate method for retrieving them (e.g., EVP_PKEY_get_int_param() or EVP_PKEY_get_bn_param()).
I support specifying the type in the comments as "unsigned BIGNUM" over "just adding a note".
--
Regards,
Uri
There are two ways to design a system. One is to make it so simple there are obviously no deficiencies.
The other is to make it so complex there are no obvious deficiencies.
- C. A. R. Hoare
On 1/5/22, 18:17, "openssl-users on behalf of Dr Paul Dale" <openssl-users-bounces@xxxxxxxxxxx on behalf of pauli@xxxxxxxxxxx> wrote:
Better might be just adding a note to the parameters unlikely to fit
into a machine integer rather than confounding things with an additional
type which isn't really a separate type.
Pauli
> "unsigned BIGNUM" instead of "unsigned integer" would be short and
> much clearer
> in the description and naming of parameters unlikely to fit in a C
> int/long.
>
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
