Add documentation notes about the required size of the signature buffers
This commit is contained in:
parent
5dbe7caf2e
commit
49bd3e897e
@ -458,6 +458,10 @@ int mbedtls_pk_verify_ext( mbedtls_pk_type_t type, const void *options,
|
|||||||
*
|
*
|
||||||
* \note For RSA, md_alg may be MBEDTLS_MD_NONE if hash_len != 0.
|
* \note For RSA, md_alg may be MBEDTLS_MD_NONE if hash_len != 0.
|
||||||
* For ECDSA, md_alg may never be MBEDTLS_MD_NONE.
|
* For ECDSA, md_alg may never be MBEDTLS_MD_NONE.
|
||||||
|
*
|
||||||
|
* \note In order to ensure enough space for the signature, the
|
||||||
|
* \p sig buffer size must be of at least
|
||||||
|
* `max(MBEDTLS_ECDSA_MAX_LEN, MBEDTLS_MPI_MAX_SIZE)` bytes.
|
||||||
*/
|
*/
|
||||||
int mbedtls_pk_sign( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
|
int mbedtls_pk_sign( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
|
||||||
const unsigned char *hash, size_t hash_len,
|
const unsigned char *hash, size_t hash_len,
|
||||||
@ -472,6 +476,10 @@ int mbedtls_pk_sign( mbedtls_pk_context *ctx, mbedtls_md_type_t md_alg,
|
|||||||
* \c mbedtls_ecp_set_max_ops() to reduce blocking for ECC
|
* \c mbedtls_ecp_set_max_ops() to reduce blocking for ECC
|
||||||
* operations. For RSA, same as \c mbedtls_pk_sign().
|
* operations. For RSA, same as \c mbedtls_pk_sign().
|
||||||
*
|
*
|
||||||
|
* \note In order to ensure enough space for the signature, the
|
||||||
|
* \p sig buffer size must be of at least
|
||||||
|
* `max(MBEDTLS_ECDSA_MAX_LEN, MBEDTLS_MPI_MAX_SIZE)` bytes.
|
||||||
|
*
|
||||||
* \param ctx The PK context to use. It must have been set up
|
* \param ctx The PK context to use. It must have been set up
|
||||||
* with a private key.
|
* with a private key.
|
||||||
* \param md_alg Hash algorithm used (see notes)
|
* \param md_alg Hash algorithm used (see notes)
|
||||||
|
@ -907,7 +907,8 @@ int mbedtls_rsa_rsaes_oaep_decrypt( mbedtls_rsa_context *ctx,
|
|||||||
* the size of the hash corresponding to \p md_alg.
|
* the size of the hash corresponding to \p md_alg.
|
||||||
* \param sig The buffer to hold the signature. This must be a writable
|
* \param sig The buffer to hold the signature. This must be a writable
|
||||||
* buffer of length \c ctx->len Bytes. For example, \c 256 Bytes
|
* buffer of length \c ctx->len Bytes. For example, \c 256 Bytes
|
||||||
* for an 2048-bit RSA modulus.
|
* for an 2048-bit RSA modulus. A buffer length of
|
||||||
|
* #MBEDTLS_MPI_MAX_SIZE is always safe.
|
||||||
*
|
*
|
||||||
* \return \c 0 if the signing operation was successful.
|
* \return \c 0 if the signing operation was successful.
|
||||||
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
|
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
|
||||||
@ -954,7 +955,8 @@ int mbedtls_rsa_pkcs1_sign( mbedtls_rsa_context *ctx,
|
|||||||
* the size of the hash corresponding to \p md_alg.
|
* the size of the hash corresponding to \p md_alg.
|
||||||
* \param sig The buffer to hold the signature. This must be a writable
|
* \param sig The buffer to hold the signature. This must be a writable
|
||||||
* buffer of length \c ctx->len Bytes. For example, \c 256 Bytes
|
* buffer of length \c ctx->len Bytes. For example, \c 256 Bytes
|
||||||
* for an 2048-bit RSA modulus.
|
* for an 2048-bit RSA modulus. A buffer length of
|
||||||
|
* #MBEDTLS_MPI_MAX_SIZE is always safe.
|
||||||
*
|
*
|
||||||
* \return \c 0 if the signing operation was successful.
|
* \return \c 0 if the signing operation was successful.
|
||||||
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
|
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
|
||||||
@ -1015,7 +1017,8 @@ int mbedtls_rsa_rsassa_pkcs1_v15_sign( mbedtls_rsa_context *ctx,
|
|||||||
* the size of the hash corresponding to \p md_alg.
|
* the size of the hash corresponding to \p md_alg.
|
||||||
* \param sig The buffer to hold the signature. This must be a writable
|
* \param sig The buffer to hold the signature. This must be a writable
|
||||||
* buffer of length \c ctx->len Bytes. For example, \c 256 Bytes
|
* buffer of length \c ctx->len Bytes. For example, \c 256 Bytes
|
||||||
* for an 2048-bit RSA modulus.
|
* for an 2048-bit RSA modulus. A buffer length of
|
||||||
|
* #MBEDTLS_MPI_MAX_SIZE is always safe.
|
||||||
*
|
*
|
||||||
* \return \c 0 if the signing operation was successful.
|
* \return \c 0 if the signing operation was successful.
|
||||||
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
|
* \return An \c MBEDTLS_ERR_RSA_XXX error code on failure.
|
||||||
|
Loading…
Reference in New Issue
Block a user