mirror of
https://github.com/Mbed-TLS/mbedtls.git
synced 2025-08-07 06:42:56 +03:00
PSA PAKE: explain implicit key confirmation
Signed-off-by: Janos Follath <janos.follath@arm.com>
This commit is contained in:
@@ -4637,6 +4637,14 @@ psa_status_t psa_pake_input(psa_pake_operation_t *operation,
|
|||||||
size_t input_length);
|
size_t input_length);
|
||||||
|
|
||||||
/** Get implicitly confirmed shared secret from a PAKE.
|
/** Get implicitly confirmed shared secret from a PAKE.
|
||||||
|
*
|
||||||
|
* At this point there is a cryptographic guarantee that only the authenticated
|
||||||
|
* party who used the same password is able to compute the key. But there is no
|
||||||
|
* guarantee that the peer is the party he claims to be and was able to do so.
|
||||||
|
*
|
||||||
|
* That is, the authentication is only implicit (the peer is not authenticated
|
||||||
|
* at this point, and no action should be taken that assume that they are - like
|
||||||
|
* for example accessing restricted files).
|
||||||
*
|
*
|
||||||
* This function can be called after the key exchange phase of the operation
|
* This function can be called after the key exchange phase of the operation
|
||||||
* has completed. It imports the shared secret output of the PAKE into the
|
* has completed. It imports the shared secret output of the PAKE into the
|
||||||
|
Reference in New Issue
Block a user