Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

crypto: fix public key encoding name in comment #25736

Closed
wants to merge 1 commit into from

Conversation

davidben
Copy link
Contributor

Crypto encodings can be so needlessly confusing... :-)

PKCS#8 describes an encoding for private keys, not public keys. Using
the name as a format usually refers to the PrivateKeyInfo structure it
defines. (Or sometimes the EncryptedPrivateKeyInfo variant or the
little-used OneAsymmetricKey extension defined in RFC 5958.) None of
these structures can hold public keys to begin with.

d2i_PUBKEY actually parses the public key analogous format defined in
X.509, SubjectPublicKeyInfo. This function already uses "X.509" to refer
to an entire certificate, so say SubjectPublicKeyInfo in the comment.

(The abbreviation SPKI sometimes refers to SubjectPublicKeyInfo, e.g. in
RFC 7469, but it can also an alternate S-expression-based PKI to X.509,
Simple Public Key Infrastructure. To avoid confusion, stick with the
expanded name.)

Checklist
  • make -j4 test (UNIX), or vcbuild test (Windows) passes
  • commit message follows commit guidelines

PKCS#8 describes an encoding for private keys, not public keys. Using
the name as a format usually refers to the PrivateKeyInfo structure it
defines. (Or sometimes the EncryptedPrivateKeyInfo variant or the
little-used OneAsymmetricKey extension defined in RFC 5958.) None of
these structures can hold public keys to begin with.

d2i_PUBKEY actually parses the public key analogous format defined in
X.509, SubjectPublicKeyInfo. This function already uses "X.509" to refer
to an entire certificate, so say SubjectPublicKeyInfo in the comment.

(The abbreviation SPKI sometimes refers to SubjectPublicKeyInfo, e.g. in
RFC 7469, but it can also an alternate S-expression-based PKI to X.509,
Simple Public Key Infrastructure. To avoid confusion, stick with the
expanded name.)
@nodejs-github-bot nodejs-github-bot added c++ Issues and PRs that require attention from people who are familiar with C++. crypto Issues and PRs related to the crypto subsystem. labels Jan 27, 2019
@addaleax
Copy link
Member

@addaleax addaleax added the author ready PRs that have at least one approval, no pending requests for changes, and a CI started. label Jan 29, 2019
@addaleax
Copy link
Member

@danbev
Copy link
Contributor

danbev commented Feb 1, 2019

Re-build of failing node-test-commit-aix/ (✔️)

@danbev
Copy link
Contributor

danbev commented Feb 1, 2019

Landed in 80873ec.

@danbev danbev closed this Feb 1, 2019
danbev pushed a commit that referenced this pull request Feb 1, 2019
PKCS#8 describes an encoding for private keys, not public keys. Using
the name as a format usually refers to the PrivateKeyInfo structure it
defines. (Or sometimes the EncryptedPrivateKeyInfo variant or the
little-used OneAsymmetricKey extension defined in RFC 5958.) None of
these structures can hold public keys to begin with.

d2i_PUBKEY actually parses the public key analogous format defined in
X.509, SubjectPublicKeyInfo. This function already uses "X.509" to refer
to an entire certificate, so say SubjectPublicKeyInfo in the comment.

(The abbreviation SPKI sometimes refers to SubjectPublicKeyInfo, e.g. in
RFC 7469, but it can also an alternate S-expression-based PKI to X.509,
Simple Public Key Infrastructure. To avoid confusion, stick with the
expanded name.)

PR-URL: #25736
Reviewed-By: Sam Roberts <[email protected]>
Reviewed-By: James M Snell <[email protected]>
addaleax pushed a commit that referenced this pull request Feb 1, 2019
PKCS#8 describes an encoding for private keys, not public keys. Using
the name as a format usually refers to the PrivateKeyInfo structure it
defines. (Or sometimes the EncryptedPrivateKeyInfo variant or the
little-used OneAsymmetricKey extension defined in RFC 5958.) None of
these structures can hold public keys to begin with.

d2i_PUBKEY actually parses the public key analogous format defined in
X.509, SubjectPublicKeyInfo. This function already uses "X.509" to refer
to an entire certificate, so say SubjectPublicKeyInfo in the comment.

(The abbreviation SPKI sometimes refers to SubjectPublicKeyInfo, e.g. in
RFC 7469, but it can also an alternate S-expression-based PKI to X.509,
Simple Public Key Infrastructure. To avoid confusion, stick with the
expanded name.)

PR-URL: #25736
Reviewed-By: Sam Roberts <[email protected]>
Reviewed-By: James M Snell <[email protected]>
@targos targos mentioned this pull request Feb 14, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
author ready PRs that have at least one approval, no pending requests for changes, and a CI started. c++ Issues and PRs that require attention from people who are familiar with C++. crypto Issues and PRs related to the crypto subsystem.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

6 participants