commit 88658becd4c06eb6757899d3c30e4717d1c939d2
author Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com> Mon May 03 10:28:57 2021 +0200
committer Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com> Mon May 03 10:28:57 2021 +0200
tree beea19ccaca4ab6a56f875dae0c9ed682d2b2a9a
parent 9023cacf15cffbcbe37d4fc1a463d5cf80f175a4

Clarify algorithm constraint for verification

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>

include/psa/crypto.h

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index b92d194..da2a15c 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -3724,7 +3724,8 @@
  * \param[in,out] operation The key derivation operation object to read from.
  * \param[in] expected      A key of type #PSA_KEY_TYPE_RAW_DATA containing
  *                          the expected output. Its policy must include the
- *                          #PSA_KEY_USAGE_VERIFY_DERIVATION flag.
+ *                          #PSA_KEY_USAGE_VERIFY_DERIVATION flag and the
+ *                          permitted algorithm must match the operation.
  *                          The value of this key was likely computed by a
  *                          previous call to psa_key_derivation_output_key().
  *
@@ -3737,7 +3738,8 @@
  * \retval #PSA_ERROR_INVALID_ARGUMENT
  *         The key passed as the expected value has an invalid type.
  * \retval #PSA_ERROR_NOT_PERMITTED
- *         The key passed as the expected value does not allow this usage.
+ *         The key passed as the expected value does not allow this usage or
+ *         this algorithm.
  * \retval #PSA_ERROR_INSUFFICIENT_DATA
  *                          The operation's capacity was less than
  *                          the length of the expected value. In this case,