TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / b8cfe3f0d97557817545c34a31eef197e0330b00^! / . / include / mbedtls
commitb8cfe3f0d97557817545c34a31eef197e0330b00[log] [tgz]
authorManuel Pégourié-Gonnard <mpg@elzevir.fr>Tue Mar 31 11:04:45 2015 +0200
committerManuel Pégourié-Gonnard <mpg@elzevir.fr>Tue Mar 31 11:14:41 2015 +0200
treedbf6c56ee57778e04300a5b31a95fef710db49c0
parentfa44f20b9fd9fdffb55fa365a28ff15c34ca22cd [diff]
pk_sign() now requires non-NONE md_alg for ECDSA

diff --git a/include/mbedtls/ecdsa.h b/include/mbedtls/ecdsa.h
index b1fd884..57f9b48 100644
--- a/include/mbedtls/ecdsa.h
+++ b/include/mbedtls/ecdsa.h

@@ -52,6 +52,8 @@
 /**
  * \brief           Compute ECDSA signature of a previously hashed message
  *
+ * \note            The deterministic version is usually prefered.
+ *
  * \param grp       ECP group
  * \param r         First output integer
  * \param s         Second output integer
@@ -70,8 +72,8 @@
 
 #if defined(POLARSSL_ECDSA_DETERMINISTIC)
 /**
- * \brief           Compute ECDSA signature of a previously hashed message
- *                  (deterministic version)
+ * \brief           Compute ECDSA signature of a previously hashed message,
+ *                  deterministic version (RFC 6979).
  *
  * \param grp       ECP group
  * \param r         First output integer

diff --git a/include/mbedtls/pk.h b/include/mbedtls/pk.h
index 14ac65e..8fda581 100644
--- a/include/mbedtls/pk.h
+++ b/include/mbedtls/pk.h

@@ -377,7 +377,8 @@
  * \note            If hash_len is 0, then the length associated with md_alg
  *                  is used instead, or an error returned if it is invalid.
  *
- * \note            md_alg may be POLARSSL_MD_NONE, only if hash_len != 0
+ * \note            For RSA, md_alg may be POLARSSL_MD_NONE if hash_len != 0.
+ *                  For ECDSA, md_alg may never be POLARSSL_MD_NONE.
  */
 int pk_sign( pk_context *ctx, md_type_t md_alg,
              const unsigned char *hash, size_t hash_len,