API: minor corrections after beta 2 #83
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Validated by
perl -ne 'if (/^\/\*\*/) {%param=(); @p=()} if (/\\param.*? (\w+)/) {$param{$1}=1} while (/\\p \*?(\w+)/g) {push @p,[$1,ARGV->input_line_number()]} if (/^\ \*\//) {foreach (@p) {if (!$param{$_->[0]}) {printf "%s:%d: bad \\p %s\n", $ARGV, $_->[1], $_->[0]}}} close ARGV if eof' include/psa/*.h
gilles-peskine-arm
added
writing
yanesca
reviewed
Mar 11, 2019
psa_generator_import_key() was only specified for "symmetric keys", and there were some mistakes in the specification. Rewrite the specification and extend it to other key types. * For most private key types, specify that the function draws a byte string repeatedly until the byte string is suitable. * For DES, despite being a symmetric key type, re-drawing is necessary. * For Montgomery curves, despite being asymmetric, no re-drawing is necessary. * Specify the behavior for every standard key type other than RSA. An implementation doesn't have to support all key types, but if it does, it's better to have a standard.
gilles-peskine-arm
force-pushed
the
psa-api-1.0-beta-beta2_minor_fixes
branch
from
12a6ba4 to
2de2c0d
Compare
For DH, ECC (Weierstrass curves) and DSA, specify that the re-drawing method is the one defined by NIST as "key-pair generation by testing candidates", and describe it unambiguously. Also specify DES explicitly.
yanesca
reviewed
Mar 12, 2019
include/psa/crypto.h
Outdated
| * (the prime *p* for Diffie-Hellman, the subprime *q* for DSA, | ||
| * or the order of the curve's coordinate field for ECC). | ||
| * Add 1 to the resulting integer and use this as the private key *x*. | ||
| * This is the method described as |
There was a problem hiding this comment.
The method described in the standard is more relaxed in some cases (for example when generating DH keys the standard allows going for shorter private keys than the size of the prime). I think writing something like "This method allows for compliance with NIST and FIPS standards, see:" would be more accurate.
There was a problem hiding this comment.
I tweaked the wording.
include/psa/crypto.h
Outdated
| * in big-endian order. Discard it if it is not in the range | ||
| * [0, *N* - 2] where *N* is the boundary of the private key domain | ||
| * (the prime *p* for Diffie-Hellman, the subprime *q* for DSA, | ||
| * or the order of the curve's coordinate field for ECC). |
There was a problem hiding this comment.
In case of ECC the boundary is the order of the curve's base point (here I use the term curve in the sense of the set of cryptographic domain parameters and not as a mathematical object, but I assume that is what we do throughout this documentation).
There was a problem hiding this comment.
Indeed. Fixed, thanks.
yanesca
reviewed
Mar 12, 2019
include/psa/crypto.h
Outdated
| * Add 1 to the resulting integer and use this as the private key *x*. | ||
| * This is the method described as | ||
| * "key-pair generation by testing candidates" | ||
| * This method allow compliance to NIST standards, specifically |
There was a problem hiding this comment.
Amended
gilles-peskine-arm
force-pushed
the
psa-api-1.0-beta-beta2_minor_fixes
branch
from
431ea53 to
5579971
Compare
yanesca
approved these changes
Mar 12, 2019
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
psa_generator_import_keyfor most key types.