Fix documentation for crypto_pk_cmp_keys

Now that crypto_pk_cmp_keys might return the result of tor_memcmp, there
is no guarantee that it will only return -1, 0, or 1.  (It currently does
only return -1, 0, or 1, but that's a lucky accident due to details of the
current implementation of tor_memcmp and the particular input given to it.)

Fortunately, none of crypto_pk_cmp_keys's callers rely on this behaviour,
so changing its documentation is sufficient.

diff --git a/src/common/crypto.c b/src/common/crypto.c
index 283b00575dd94d73a2057a4cb26fac6b8695d392..5cab058436568c388b72858e3cfdfc1e5997b756 100644 (file)
--- a/src/common/crypto.c
+++ b/src/common/crypto.c
@@ -748,9 +748,9 @@ crypto_pk_public_exponent_ok(crypto_pk_t *env)
   return BN_is_word(env->key->e, 65537);
 }
 
-/** Compare the public-key components of a and b.  Return -1 if a\<b,
- * 0 if a==b, and 1 if a\>b.  A NULL key is considered to be less than
- * all non-NULL keys, and equal to itself.
+/** Compare the public-key components of a and b.  Return less than 0
+ * if a\<b, 0 if a==b, and greater than 0 if a\>b.  A NULL key is
+ * considered to be less than all non-NULL keys, and equal to itself.
  *
  * Note that this may leak information about the keys through timing.
  */