mirror of
https://github.com/Mbed-TLS/mbedtls.git
synced 2025-03-12 10:13:39 +00:00
Add warning about not using keys directly
Keys that are the result of key agreement have biases and really should not be used directly. Warning taken in part from psa_raw_key_agreement() Signed-off-by: Paul Elliott <paul.elliott@arm.com>
This commit is contained in:
parent
327da4774b
commit
e50edc0d95
@ -4887,6 +4887,12 @@ uint32_t psa_key_agreement_iop_get_num_ops(psa_key_agreement_iop_t *operation);
|
||||
* at any point. It is not bound by the usual
|
||||
* interface stability promises.
|
||||
*
|
||||
* \warning The raw result of a key agreement algorithm such
|
||||
* elliptic curve Diffie-Hellman has biases
|
||||
* and should not be used directly as key material.
|
||||
* It should instead be passed as input to a key
|
||||
* derivation algorithm.
|
||||
*
|
||||
* \note This function combined with \c
|
||||
* psa_key_agreement_iop_complete() is equivalent
|
||||
* to \c psa_raw_key_agreement() but \c
|
||||
|
Loading…
x
Reference in New Issue
Block a user