More CTR_DRBG documentation improvements and clarifications
diff --git a/include/mbedtls/ctr_drbg.h b/include/mbedtls/ctr_drbg.h
index 6098df8..f65606e 100644
--- a/include/mbedtls/ctr_drbg.h
+++ b/include/mbedtls/ctr_drbg.h
@@ -200,6 +200,9 @@
* with mbedtls_entropy_init() (which registers the platform's default
* entropy sources).
*
+ * \p f_entropy is always called with a buffer size equal to the entropy
+ * length described in the documentation of mbedtls_ctr_drbg_set_entropy_len().
+ *
* Personalization data can be provided in addition to the more generic
* entropy source, to make this instantiation as unique as possible.
*
@@ -227,7 +230,7 @@
* \param f_entropy The entropy callback, taking as arguments the
* \p p_entropy context, the buffer to fill, and the
* length of the buffer.
- * \param p_entropy The entropy context.
+ * \param p_entropy The entropy context to pass to \p f_entropy.
* \param custom Personalization data, that is device-specific
* identifiers. This can be NULL, in which case the
* personalization data is empty regardless of the value
@@ -257,7 +260,8 @@
* The default value is off.
*
* \note If enabled, entropy is gathered at the beginning of
- * every call to mbedtls_ctr_drbg_random_with_add().
+ * every call to mbedtls_ctr_drbg_random_with_add()
+ * or mbedtls_ctr_drbg_random().
* Only use this if your entropy source has sufficient
* throughput.
*
@@ -269,8 +273,9 @@
/**
* \brief This function sets the amount of entropy grabbed on each
- * seed or reseed. The default value is
- * #MBEDTLS_CTR_DRBG_ENTROPY_LEN.
+ * seed or reseed.
+ *
+ * The default value is #MBEDTLS_CTR_DRBG_ENTROPY_LEN.
*
* \note For compliance with NIST SP 800-90A, the entropy length
* (\p len bytes = \p len * 8 bits)
@@ -307,7 +312,12 @@
/**
* \brief This function sets the reseed interval.
- * The default value is #MBEDTLS_CTR_DRBG_RESEED_INTERVAL.
+ *
+ * The reseed interval is the number of calls to mbedtls_ctr_drbg_random()
+ * or mbedtls_ctr_drbg_random_with_add() after which the entropy function
+ * is called again.
+ *
+ * The default value is #MBEDTLS_CTR_DRBG_RESEED_INTERVAL.
*
* \param ctx The CTR_DRBG context.
* \param interval The reseed interval.
@@ -361,7 +371,7 @@
* \param p_rng The CTR_DRBG context. This must be a pointer to a
* #mbedtls_ctr_drbg_context structure.
* \param output The buffer to fill.
- * \param output_len The length of the buffer.
+ * \param output_len The length of the buffer in bytes.
* \param additional Additional data to update. Can be NULL, in which
* case the additional data is empty regardless of
* the value of \p add_len.
@@ -436,7 +446,7 @@
*
* \return \c 0 on success.
* \return #MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR on file error.
- * \return #MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED on
+ * \return #MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED on reseed
* failure.
*/
int mbedtls_ctr_drbg_write_seed_file( mbedtls_ctr_drbg_context *ctx, const char *path );
@@ -450,8 +460,10 @@
*
* \return \c 0 on success.
* \return #MBEDTLS_ERR_CTR_DRBG_FILE_IO_ERROR on file error.
- * \return #MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED or
- * #MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG on failure.
+ * \return #MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED on
+ * reseed failure.
+ * \return #MBEDTLS_ERR_CTR_DRBG_INPUT_TOO_BIG if the existing
+ * seed file is too large.
*/
int mbedtls_ctr_drbg_update_seed_file( mbedtls_ctr_drbg_context *ctx, const char *path );
#endif /* MBEDTLS_FS_IO */