From e084964068a2c79b1230670875b48a907e63c108 Mon Sep 17 00:00:00 2001 From: Janos Follath Date: Mon, 12 Aug 2024 17:26:24 +0100 Subject: [PATCH] Improve documentation of MBEDTLS_MPI_IS_PUBLIC Signed-off-by: Janos Follath --- include/mbedtls/bignum.h | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/include/mbedtls/bignum.h b/include/mbedtls/bignum.h index bb96f4fb89..cd7e2f6c66 100644 --- a/include/mbedtls/bignum.h +++ b/include/mbedtls/bignum.h @@ -44,7 +44,12 @@ goto cleanup; \ } while (0) -/* Constants to identify whether a value is public or secret. +/* Constants to identify whether a value is public or secret. If a parameter is marked as secret by + * this constant, the function must be constant time with respect to the parameter. + * + * This is only needed for functions with the _optionally_safe postfix. All other functions have + * fixed behavior that can't be changed at runtime and are constant time with respect to their + * parameters as prescribed by their documentation or by conventions in their module's documentation. * * Parameters should be named X_public where X is the name of the * corresponding input parameter.