Improve some internal documentation

This commit is contained in:
Manuel Pégourié-Gonnard 2019-09-20 08:57:18 +02:00
parent a77e9b5b35
commit 8b5e6bd6ae
2 changed files with 20 additions and 1 deletions

View file

@ -853,14 +853,33 @@
#undef MBEDTLS_HASHES_ENABLED
#endif /* MBEDTLS_MD_SINGLE_HASH */
/*
* Note: the dependency on TinyCrypt is reflected in several ways in the code:
*
* 1. We only define the various MBEDTLS_PK_INFO_{TYPE}_{FIELD} macros for
* TYPE == ECKEY, resolving to the TinyCrypt version.
* 2. In pk_init() and pk_free() we assume that zeroization is a proper way
* to init/free the context, which is true of mbedtls_uecc_keypair, but
* might not always hold otherwise (think hardware-accelerated ECP_ALT).
* 3. We rely on the fact that MBEDTLS_ECP_RESTARTABLE is disabled - code
* paths (and pk_info fields) that are guarded by this are currently not
* handled by the internal abstraction layers enabling PK_SINGLE_TYPE.
*
* If this dependency is ever removed, the above points need to be addressed
* in the code.
*/
#if defined(MBEDTLS_PK_SINGLE_TYPE) && !defined(MBEDTLS_USE_TINYCRYPT)
#error "MBEDTLS_PK_SINGLE_TYPE can only be used with MBEDTLS_USE_TINYCRYPT"
#endif
/* Note: code paths that depend on MBEDTLS_PK_RSA_ALT_SUPPORT are not ported
* to the internal abstraction layers that enable PK_SINGLE_TYPE. */
#if defined(MBEDTLS_PK_SINGLE_TYPE) && defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
#error "MBEDTLS_PK_SINGLE_TYPE is not compatible with MBEDTLS_PK_RSA_ALT_SUPPORT"
#endif
/* This is to avoid a situation where RSA is available, but not through the PK
* layer, which might surprise user code. */
#if defined(MBEDTLS_PK_SINGLE_TYPE) && defined(MBEDTLS_RSA_C)
#error "MBEDTLS_PK_SINGLE_TYPE is not compatible with MBEDTLS_RSA_C"
#endif

View file

@ -1014,7 +1014,7 @@ const mbedtls_pk_info_t mbedtls_rsa_alt_info = {
* when hardcoding a single PK - some compilers optimize better that way.
*
* Not implemented for members that are only present in builds with
* MBEDTLS_ECP_RESTARTABLE for now, as the main target for hardcoded is builds
* MBEDTLS_ECP_RESTARTABLE for now, as the main target for this is builds
* with MBEDTLS_USE_TINYCRYPT, which don't have MBEDTLS_ECP_RESTARTABLE.
*/
#if defined(MBEDTLS_PK_SINGLE_TYPE)