mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-04-24 06:02:44 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

pk: fixed documentation of mbedtls_pk_copy_from_psa()

Browse Source 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
This commit is contained in:
Valerio Setti 2024-02-23 07:06:49 +01:00
parent 2f08f4cdb8
commit 8fb0fe8e12
1 changed files with 13 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
include/mbedtls/pk.h
View File

@ -394,35 +394,36 @@ int mbedtls_pk_setup_opaque(mbedtls_pk_context *ctx,
/** /**
* \brief Create a PK context starting from a key stored in PSA. * \brief Create a PK context starting from a key stored in PSA.
* This key: * This key:
* - must have PSA_KEY_USAGE_EXPORT attribute set and * - must be exportabel and
* - must be a either a RSA or EC (DH is not managed in PK) and * - must be a either an RSA or EC key (DH is not managed in PK) and
* - must be either a key pair or a public key. * - must be either a key pair or a public key.
* *
* The resulting PK object will be a transparent type: * The resulting PK object will be a transparent type:
* - MBEDTLS_PK_RSA for RSA keys or * - #MBEDTLS_PK_RSA for RSA keys or
* - MBEDTLS_PK_ECKEY for EC keys. * - #MBEDTLS_PK_ECKEY for EC keys.
*
* Once this functions returns the PK object will be completely * Once this functions returns the PK object will be completely
* independent from the original PSA key that it was generated * independent from the original PSA key that it was generated
* from. * from.
* Calling `mbedtls_pk_sign`, `mbedtls_pk_verify`, * Calling mbedtls_pk_sign(), mbedtls_pk_verify(),
* `mbedtls_pk_encrypt`, `mbedtls_pk_decrypt` on the resulting * mbedtls_pk_encrypt(), mbedtls_pk_decrypt() on the resulting
* PK context will perform an algorithm that is compatible with * PK context will perform an algorithm that is compatible with
* the PSA key's primary algorithm policy if that is a matching * the PSA key's primary algorithm policy if that is a matching
* operation type (sign/verify, encrypt/decrypt), but with no * operation type (sign/verify, encrypt/decrypt), but with no
* restriction on the hash (as if the policy had * restriction on the hash (as if the policy had
* `PSA_ALG_ANY_HASH` instead of a specific hash, and with * #PSA_ALG_ANY_HASH instead of a specific hash, and with
* `PSA_ALG_RSA_PKCS1V15_SIGN_RAW` merged with * #PSA_ALG_RSA_PKCS1V15_SIGN_RAW merged with
* `PSA_ALG_RSA_PKCS1V15_SIGN(hash_alg)`). * #PSA_ALG_RSA_PKCS1V15_SIGN(\c hash_alg)).
* * For ECDSA, the choice of deterministic vs randomized will * * For ECDSA, the choice of deterministic vs randomized will
* be based on the compile-time setting `MBEDTLS_ECDSA_DETERMINISTIC`. * be based on the compile-time setting #MBEDTLS_ECDSA_DETERMINISTIC.
* * For an RSA key, the output key will allow both encrypt/decrypt * * For an RSA key, the output key will allow both encrypt/decrypt
* and sign/verify regardless of the original key's policy. * and sign/verify regardless of the original key's policy.
* The original key's policy determines the output key's padding * The original key's policy determines the output key's padding
* mode. * mode.
* *
* \param key_id The ID of the key stored in PSA. * \param key_id The key identifier of the key stored in PSA.
* \param pk The PK context that will be filled. It must be initialized, * \param pk The PK context that will be filled. It must be initialized,
* but not setup. * but not set up.
* *
* \return 0 on success. * \return 0 on success.
* \return MBEDTLS_ERR_PK_BAD_INPUT_DATA in case the provided input * \return MBEDTLS_ERR_PK_BAD_INPUT_DATA in case the provided input