From 853f06732e88843574d8cbe1318446a051c038ed Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Fri, 10 Jun 2022 09:40:58 +0200 Subject: [PATCH] Clarify warning about mbedtls_pk_ec/rsa() MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The previous wording "ensure it holds an XXX" context did not mean anything without looking at the source. Looking at the source, the criterion is: - for mbedtls_pk_rsa(), that the info structure uses rsa_alloc_wrap; - for mbedtls_pk_ec(), that it uses eckey_alloc_wrap or ecdsa_alloc_wrap, since mbedtls_ecdsa_context is a typedef for mbedtls_ecp_keypair. (Note that our test code uses mbedtls_pk_ec() on contexts of type MBEDTLS_PK_ECDSA.) Signed-off-by: Manuel Pégourié-Gonnard --- include/mbedtls/pk.h | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/include/mbedtls/pk.h b/include/mbedtls/pk.h index 8f2abf2a6..3851146d8 100644 --- a/include/mbedtls/pk.h +++ b/include/mbedtls/pk.h @@ -221,8 +221,9 @@ typedef void mbedtls_pk_restart_ctx; /** * Quick access to an RSA context inside a PK context. * - * \warning You must make sure the PK context actually holds an RSA context - * before using this function! + * \warning This function can only be used when the type of the context, as + * returned by mbedtls_pk_get_type(), is #MBEDTLS_PK_RSA. + * Ensuring that is the caller's responsibility. */ static inline mbedtls_rsa_context *mbedtls_pk_rsa( const mbedtls_pk_context pk ) { @@ -234,8 +235,10 @@ static inline mbedtls_rsa_context *mbedtls_pk_rsa( const mbedtls_pk_context pk ) /** * Quick access to an EC context inside a PK context. * - * \warning You must make sure the PK context actually holds an EC context - * before using this function! + * \warning This function can only be used when the type of the context, as + * returned by mbedtls_pk_get_type(), is #MBEDTLS_PK_ECKEY, + * #MBEDTLS_PK_ECKEY_DH, or #MBEDTLS_PK_ECDSA. + * Ensuring that is the caller's responsibility. */ static inline mbedtls_ecp_keypair *mbedtls_pk_ec( const mbedtls_pk_context pk ) {