On 09/16/2009 12:43 PM, Nelson B Bolyard wrote:
On 2009-09-15 11:08 PDT, Robert Relyea wrote:
On 09/15/2009 08:51 AM, Andreev Konstantin wrote:
[snip]
I would propose to unify *hash*_End() semantics for (maxDigestLen<
REAL_HASH_LENGTH) as follows:
1) return only maxDigestLen of digest
2) always set digestLen to the real hash length.
3) do *not* kill application (this is unfriendly), do not
SetError(). The caller can always detect digest buffer shortage from
the fact (digestLen> maxDigestLen), and caller now knows required
buffer length from digestLen.
You are assuming applications have access to these functions. If the
caller passes something less than REAL_HASH_LENGTH for maxDigestLen,
then it's a bug in the internals of NSS. If this were to change we would
also update the remaining hash functions.
Bob, I'm surprised at your response. Let me ask you this question.
If Konstantin submitted a patch that did the things he proposed above,
and asked you for review, would you reject it?
No, but I also wouldn't reject a patch, that asserted if the length
wasn't correct.
Speaking for myself, I do think the hash functions in freebl should have
some uniformity of behavior. I was surprised by the extent of the variation
among the hash functions' behaviors which Konstantin documented, and my
first thought was "we should fix that". But you seem to be opposing that.
I wonder why.
Because the extra behaviour is effectively dead code. If I were to fix
it I'd probably make all the code assert.
bob
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
