David Benjamin
David Benjamin
For refcounts and allocation bits, ASan (with leak-checking enabled) should be sufficient. But MSan is also generally a good idea. I'm not familiar with Miri, but given that it instruments...
The headers should already document the thread-safety rules. They contain text like: > A given object may be used concurrently on multiple threads by non-mutating functions, provided no other thread...
Seems plausible. I don't know enough about Rust to evaluate the Send, Sync, and Clone proposal, so I'll leave that to you. On the subject of ref-counting or copying keys...
Seems reasonable. For completeness, the built-in ref-counting would avoid an extra allocation and layer of indirection. For C++ code, I think we usually encourage folks to use `bssl::UniquePtr` directly and...
Agreed that this is a nicer model. Hopefully no one's relying on weird edge cases around back/forward like that, but I guess we'd have to try it to find out.
@jpmedley Have you completed your review of the documentation?
PEM has a type header, but DER does not. Two ASN.1 structures whose top-level tag is SEQUENCE will have the same set of initial headers. You have to continue parsing...
Can you give an example of when the caller would not know?
DER is not a single format. There are DER SubjectPublicKeyInfos, DER RSAPublicKeys, etc., each of which need separate parsing entrypoints because DER structures are not, a priori, distinguishable. Treating PEM...
> @davidben, I agree with many of your points, but one big downside of the enumeration of formats of interest approach is that it requires knowing all the possible formats...