EVP_PKEY_ASN1_METHOD(3) conflicts

Colton Jenkins jenkinscolton7 at gmail.com
Fri Jul 10 16:21:16 UTC 2020

I'm currently working on implementing EVP_PKEY_cmp for ruby's openssl

Initially, I was going by the documentation provided for EVP_PKEY_cmp, but
the maintainer discovered conflicting documentation.


States the following:
The param_cmp() method compares the parameters of keys *a* and *b*. It MUST
return 1 when the keys are equal, 0 when not equal, or a negative number on
error. It's called by EVP_PKEY_cmp_parameters(3)


States something slightly different:
The function EVP_PKEY_cmp_parameters() and EVP_PKEY_cmp() return 1 if the
keys match, 0 if they don't match, -1 if the key types are different and -2
if the operation is not supported.

At this point I'm explicitly checking the type on each and not able to
check -2 against a 'not supported' or in ruby 'not implemented' exception
given EVP_PKEY_ASN1_METHOD(3) states ANY negative number can be an error.

The current work in progress can be found here if interested.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-users/attachments/20200710/5a726909/attachment.html>

More information about the openssl-users mailing list