diff options
| author | Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com> | 2022-12-21 09:59:33 +0100 |
|---|---|---|
| committer | Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com> | 2022-12-21 09:59:33 +0100 |
| commit | a6e0291c5118231926959db9a14c2830e45c8e21 (patch) | |
| tree | 03db2ed95cde97cdac1ab5fa85f5391427af3523 | |
| parent | 3b1a7069354e177478d3bbbb82ee1d9922ea34f9 (diff) | |
| download | mbedtls-a6e0291c5118231926959db9a14c2830e45c8e21.zip mbedtls-a6e0291c5118231926959db9a14c2830e45c8e21.tar.gz mbedtls-a6e0291c5118231926959db9a14c2830e45c8e21.tar.bz2 | |
Update documentation
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
| -rw-r--r-- | docs/use-psa-crypto.md | 8 | ||||
| -rw-r--r-- | include/mbedtls/pk.h | 4 |
2 files changed, 6 insertions, 6 deletions
diff --git a/docs/use-psa-crypto.md b/docs/use-psa-crypto.md index 194d96f..fc5317a 100644 --- a/docs/use-psa-crypto.md +++ b/docs/use-psa-crypto.md @@ -95,8 +95,6 @@ Other than the above exceptions, all crypto operations are based on PSA when Current exceptions: -- Verification of RSA-PSS signatures with a salt length that is different from - the hash length. - Restartable operations when `MBEDTLS_ECP_RESTARTABLE` is also enabled (see the documentation of that option). @@ -107,11 +105,11 @@ Other than the above exception, all crypto operations are based on PSA when Current exceptions: -- Verification of RSA-PSS signatures with a salt length that is different from - the hash length, or with an MGF hash that's different from the message hash. +- Verification of RSA-PSS signatures with an MGF hash that's different from + the message hash. - Restartable operations when `MBEDTLS_ECP_RESTARTABLE` is also enabled (see the documentation of that option). -Other than the above exception, all crypto operations are based on PSA when +Other than the above exceptions, all crypto operations are based on PSA when `MBEDTLS_USE_PSA_CRYPTO` is enabled. diff --git a/include/mbedtls/pk.h b/include/mbedtls/pk.h index db0bfac..386ec42 100644 --- a/include/mbedtls/pk.h +++ b/include/mbedtls/pk.h @@ -496,7 +496,9 @@ int mbedtls_pk_verify_restartable( mbedtls_pk_context *ctx, * * \note If type is MBEDTLS_PK_RSASSA_PSS, then options must point * to a mbedtls_pk_rsassa_pss_options structure, - * otherwise it must be NULL. + * otherwise it must be NULL. Note that if + * #MBEDTLS_USE_PSA_CRYPTO is defined, the salt length is not + * verified as PSA_ALG_RSA_PSS_ANY_SALT is used. */ int mbedtls_pk_verify_ext( mbedtls_pk_type_t type, const void *options, mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg, |