From b884f7e3dcb6a41c8986699a040dcdd4538183f6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= Date: Fri, 9 Dec 2022 09:53:55 +0100 Subject: [PATCH] Clarify documentation of ECP_RESTARTABLE MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Manuel Pégourié-Gonnard --- include/mbedtls/config.h | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/include/mbedtls/config.h b/include/mbedtls/config.h index f6d2c612b..9a2de676d 100644 --- a/include/mbedtls/config.h +++ b/include/mbedtls/config.h @@ -862,7 +862,8 @@ * This option: * - Adds xxx_restartable() variants of existing operations in the * following modules, with corresponding restart context types: - * - ECP: scalar multiplication (mult), linear combination (muladd); + * - ECP (for Short Weierstrass curves only): scalar multiplication (mul), + * linear combination (muladd); * - ECDSA: signature generation & verification; * - PK: signature generation & verification; * - X509: certificate chain verification. @@ -870,11 +871,12 @@ * - Changes the behaviour of TLS 1.2 clients (not servers) when using the * ECDHE-ECDSA key exchange (not other key exchanges) to make all ECC * computations restartable: - * - ECDH operations from the key exchange; + * - ECDH operations from the key exchange, only for Short Weierstass + * curves; * - verification of the server's key exchange signature; * - verification of the server's certificate chain; - * - generation of our signature if client authentication is used, with an - * ECC key/certificate. + * - generation of the client's signature if client authentication is used, + * with an ECC key/certificate. * * \note In the cases above, the usual SSL/TLS functions, such as * mbedtls_ssl_handshake(), can now return