Document that key agreement produces a maximum-capacity generator

This commit is contained in:
Gilles Peskine 2018-10-25 22:22:31 +02:00
parent 79dd6229e4
commit 211a436f2e
2 changed files with 12 additions and 0 deletions

View file

@ -3206,6 +3206,9 @@ psa_status_t psa_key_derivation(psa_crypto_generator_t *generator,
* The result of this function is a byte generator which can
* be used to produce keys and other cryptographic material.
*
* The resulting generator always has the maximum capacity permitted by
* the algorithm.
*
* \param[in,out] generator The generator object to set up. It must
* have been initialized to all-bits-zero,
* a logical zero (`{0}`),

View file

@ -3371,6 +3371,15 @@ psa_status_t psa_generator_read( psa_crypto_generator_t *generator,
if( generator->alg == PSA_ALG_SELECT_RAW )
{
/* Initially, the capacity of a selection generator is always
* the size of the buffer, i.e. `generator->ctx.buffer.size`,
* abbreviated in this comment as `size`. When the remaining
* capacity is `c`, the next bytes to serve start `c` bytes
* from the end of the buffer, i.e. `size - c` from the
* beginning of the buffer. Since `generator->capacity` was just
* decremented above, we need to serve the bytes from
* `size - generator->capacity - output_length` to
* `size - generator->capacity`. */
size_t offset =
generator->ctx.buffer.size - generator->capacity - output_length;
memcpy( output, generator->ctx.buffer.data + offset, output_length );