mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-03-29 22:20:30 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

pk: fix description of mbedtls_pk_setup_opaque()

Browse Source 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
This commit is contained in:
Valerio Setti 2024-03-20 15:58:54 +01:00
parent 18702d980f
commit 80cd479fe0
1 changed files with 13 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
include/mbedtls/pk.h
View File

@ -362,33 +362,28 @@ int mbedtls_pk_setup(mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info);
* \brief Initialize a PK context to wrap a PSA key. * \brief Initialize a PK context to wrap a PSA key.
* *
* This function helps creating a PK context which wraps a * This function helps creating a PK context which wraps a
* PSA key. The PSA wrapped key must: * PSA key. The PSA wrapped key must be an EC or RSA key pair
* * remain valid as long as the wrapping PK context is in use, * (DH is not suported in PK module).
* that is at least between the point this function is
* called and the point mbedtls_pk_free() is called on this
* context;
* * be a key pair;
* * be an EC or RSA type (DH is not suported in PK module).
* *
* Under the hood PSA functions are used to perform the required * Under the hood PSA functions are used to perform the required
* operations and, based on the key type, used algorithms will be: * operations and, based on the key type, used algorithms will be:
* * EC: * * EC:
* * verify, verify_ext: #PSA_ALG_ECDSA_ANY; * * verify, verify_ext, sign, sign_ext: ECDSA.
* * sign, sign_ext: try #PSA_ALG_DETERMINISTIC_ECDSA()
* first and, in case it fails, try with #PSA_ALG_ECDSA().
* * RSA: * * RSA:
* * sign, sign_ext: use the algorithm associated with the * * sign, sign_ext, decrypt: use the primary algorithm in
* wrapped PSA key; * the wrapped PSA key;
* * verify: not supported; * * verify, verify_ext, encrypt: not supported.
* * verify_ext: not supported; *
* * decrypt: #PSA_ALG_RSA_PKCS1V15_CRYPT;
* * encrypt: not supported.
* In order for the above operations to succeed, the policy of * In order for the above operations to succeed, the policy of
* the wrapped PSA key must allow the specified algorithm. * the wrapped PSA key must allow the specified algorithm.
* *
* \warning The PSA wrapped key must remain valid as long as the wrapping
* PK context is in use, that is at least between the point this
* function is called and the point mbedtls_pk_free() is called
* on this context.
*
* \param ctx The context to initialize. It must be empty (type NONE). * \param ctx The context to initialize. It must be empty (type NONE).
* \param key The PSA key to wrap, which must hold an ECC or RSA key * \param key The PSA key to wrap, which must hold an ECC or RSA key pair.
* pair (see notes below).
* *
* \return \c 0 on success. * \return \c 0 on success.
* \return #MBEDTLS_ERR_PK_BAD_INPUT_DATA on invalid input * \return #MBEDTLS_ERR_PK_BAD_INPUT_DATA on invalid input