PSA PAKE: fix J-PAKE documentation code rendering

4-space indent is only guaranteed to result in a code block if there's a blank line just before (details vary depending on the markdown implementation, and doxygen isn't exactly markdown anyway). In a bullet list, you need 8 spaces since the list itself is a nested construct which takes a 4-space indent (even though you don't have to indent continuation lines inside a bullet point by 4 spaces, 1 is enough). Using \code...\encode which is rendering as intended. Signed-off-by: Janos Follath <janos.follath@arm.com>
2025-11-04 04:32:24 -05:00 · 2021-06-03 14:48:51 +01:00 · 2021-06-03 14:48:51 +01:00 · b384ec19d1
commit b384ec19d1
parent 3293dae00e
1 changed files with 62 additions and 46 deletions
--- a/include/psa/crypto_extra.h
+++ b/include/psa/crypto_extra.h
@ -842,19 +842,25 @@ psa_status_t mbedtls_psa_platform_get_builtin_key(
 * - A secure cryptographic hash function.
 *
 * To select these parameters and set up the cipher suite, call
+ *
+ * \code
 * psa_pake_cs_set_algorithm(cipher_suite, PSA_ALG_JPAKE);
 * psa_pake_cs_set_primitive(cipher_suite,
 *                           PSA_PAKE_PRIMITIVE(type, family, bits));
 * psa_pake_cs_set_hash(cipher_suite, hash);
+ * \endcode
 *
 * For more information on how to set a specific curve or field, refer to the
 * documentation of the individual \c PSA_PAKE_PRIMITIVE_TYPE_XXX constants.
 *
 * After initializing a J-PAKE operation, call
+ *
+ * \code
 * psa_pake_setup(operation, cipher_suite);
 * psa_pake_set_user(operation, ...);
 * psa_pake_set_peer(operation, ...);
 * psa_pake_set_password_key(operation, ...);
+ * \endcode
 *
 * The password is read as a byte array and must be non-empty. This can be the
 * password itself (in some pre-defined character encoding) or some value
@ -869,6 +875,7 @@ psa_status_t mbedtls_psa_platform_get_builtin_key(
 *
 * The key exchange flow for J-PAKE is as follows:
 * -# To get the first round data that needs to be sent to the peer, call
+ *    \code
 *    // Get g1
 *    psa_pake_output(operation, #PSA_PAKE_STEP_KEY_SHARE, ...);
 *    // Get the ZKP public key for x1
@ -881,8 +888,10 @@ psa_status_t mbedtls_psa_platform_get_builtin_key(
 *    psa_pake_output(operation, #PSA_PAKE_STEP_ZK_PUBLIC, ...);
 *    // Get the ZKP proof for x2
 *    psa_pake_output(operation, #PSA_PAKE_STEP_ZK_PROOF, ...);
+ *    \endcode
 * -# To provide the first round data received from the peer to the operation,
 *    call
+ *    \code
 *    // Set g3
 *    psa_pake_input(operation, #PSA_PAKE_STEP_KEY_SHARE, ...);
 *    // Set the ZKP public key for x3
@ -895,24 +904,31 @@ psa_status_t mbedtls_psa_platform_get_builtin_key(
 *    psa_pake_input(operation, #PSA_PAKE_STEP_ZK_PUBLIC, ...);
 *    // Set the ZKP proof for x4
 *    psa_pake_input(operation, #PSA_PAKE_STEP_ZK_PROOF, ...);
+ *    \endcode
 * -# To get the second round data that needs to be sent to the peer, call
+ *    \code
 *    // Get A
 *    psa_pake_output(operation, #PSA_PAKE_STEP_KEY_SHARE, ...);
 *    // Get ZKP public key for x2*s
 *    psa_pake_output(operation, #PSA_PAKE_STEP_ZK_PUBLIC, ...);
 *    // Get ZKP proof for x2*s
 *    psa_pake_output(operation, #PSA_PAKE_STEP_ZK_PROOF, ...);
+ *    \endcode
 * -# To provide the second round data received from the peer to the operation,
 *    call
+ *    \code
 *    // Set B
 *    psa_pake_input(operation, #PSA_PAKE_STEP_KEY_SHARE, ...);
 *    // Set ZKP public key for x4*s
 *    psa_pake_input(operation, #PSA_PAKE_STEP_ZK_PUBLIC, ...);
 *    // Set ZKP proof for x4*s
 *    psa_pake_input(operation, #PSA_PAKE_STEP_ZK_PROOF, ...);
+ *    \endcode
 * -# To access the shared secret call
+ *    \code
 *    // Get Ka=Kb=K
 *    psa_pake_get_implicit_key()
+ *    \endcode
 *
 * For more information consult the documentation of the individual
 * \c PSA_PAKE_STEP_XXX constants.