Add an example of usage to the WPACKET_reserve_bytes() documentation

[openssl.git] / ssl / packet_locl.h

diff --git a/ssl/packet_locl.h b/ssl/packet_locl.h
index 0e50c7ddae49bb973030d92b4868c264cf9c63d3..8d3fd37c56d6abc93245129f2ed3b388f0b1b096 100644 (file)
--- a/ssl/packet_locl.h
+++ b/ssl/packet_locl.h
@@ -707,6 +707,16 @@ int WPACKET_sub_allocate_bytes__(WPACKET *pkt, size_t len,
  * maximum size will be. If this function is used, then it should be immediately
  * followed by a WPACKET_allocate_bytes() call before any other WPACKET
  * functions are called (unless the write to the allocated bytes is abandoned).
+ * 
+ * For example: If we are generating a signature, then the size of that
+ * signature may not be known in advance. We can use WPACKET_reserve_bytes() to
+ * handle this:
+ *
+ *  if (!WPACKET_sub_reserve_bytes_u16(&pkt, EVP_PKEY_size(pkey), &sigbytes1)
+ *          || EVP_SignFinal(md_ctx, sigbytes1, &siglen, pkey) <= 0
+ *          || !WPACKET_sub_allocate_bytes_u16(&pkt, siglen, &sigbytes2)
+ *          || sigbytes1 != sigbytes2)
+ *      goto err;
  */
 int WPACKET_reserve_bytes(WPACKET *pkt, size_t len, unsigned char **allocbytes);