From d3a0c2c7793c514340a96fcb79292d4e0e35e022 Mon Sep 17 00:00:00 2001 From: Jaeden Amero Date: Fri, 11 Jan 2019 17:15:56 +0000 Subject: [PATCH] psa: Document requirements for psa_export_public_key() Copy the nice and clear documentation from psa_export_key() as to what implementations are allowed to do regarding key export formats, as the same applies to public keys. --- include/psa/crypto.h | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/include/psa/crypto.h b/include/psa/crypto.h index 683feb83fd..ed3f56369d 100644 --- a/include/psa/crypto.h +++ b/include/psa/crypto.h @@ -467,6 +467,13 @@ psa_status_t psa_export_key(psa_key_handle_t handle, * The output of this function can be passed to psa_import_key() to * create an object that is equivalent to the public key. * + * This specification supports a single format for each key type. + * Implementations may support other formats as long as the standard + * format is supported. Implementations that support other formats + * should ensure that the formats are clearly unambiguous so as to + * minimize the risk that an invalid input is accidentally interpreted + * according to a different format. + * * The format is the DER representation defined by RFC 5280 as * `SubjectPublicKeyInfo`, with the `subjectPublicKey` format * specified below.