You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: doc/crypto/api/keys/types.rst
+5-5Lines changed: 5 additions & 5 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -1016,7 +1016,7 @@ See :secref:`wpa3-sae-passwords`.
1016
1016
* :math:`x` encoded as a big-endian :math:`m`-byte string;
1017
1017
* :math:`y` encoded as a big-endian :math:`m`-byte string.
1018
1018
1019
-
For an elliptic curve over :math:`\mathbb{F}_p`, :math:`m` is the integer for which :math:`2^{8m-1} \leq p < 2^{8m}`.
1019
+
For an elliptic curve over :math:`\mathbb{F}_p`, :math:`m` is the integer for which :math:`2^{8(m-1)} \leq p < 2^{8m}`.
1020
1020
1021
1021
.. note::
1022
1022
@@ -1063,7 +1063,7 @@ See :secref:`wpa3-sae-passwords`.
1063
1063
1064
1064
The password token is a finite-field group element :math:`y \in [1, p - 1]`, where :math:`p` is the group's prime modulus.
1065
1065
1066
-
The data format for import and export of the password token is :math:`y` encoded as a big-endian :math:`m`-byte string, where :math:`m` is the integer for which :math:`2^{8m-1} \leq p < 2^{8m}`.
1066
+
The data format for import and export of the password token is :math:`y` encoded as a big-endian :math:`m`-byte string, where :math:`m` is the integer for which :math:`2^{8(m-1)} \leq p < 2^{8m}`.
1067
1067
1068
1068
.. note::
1069
1069
@@ -1313,7 +1313,7 @@ The curve type affects the key format, the key-derivation procedure, and the alg
1313
1313
.. param:: curve
1314
1314
A value of type `psa_ecc_family_t` that identifies the ECC curve family to be used.
1315
1315
1316
-
The size of an elliptic curve key is the bit size associated with the curve, that is, the bit size of :math:`q`` for a curve over a field :math:`\mathbb{F}_q`.
1316
+
The size of an elliptic curve key is the bit size associated with the curve, that is, the bit size of :math:`q` for a curve over a field :math:`\mathbb{F}_q`.
1317
1317
See the documentation of each elliptic curve family for details.
1318
1318
1319
1319
.. subsection:: Compatible algorithms
@@ -1408,7 +1408,7 @@ The curve type affects the key format, the key-derivation procedure, and the alg
1408
1408
Let :math:`m` be the bit size of :math:`N`, such that :math:`2^{m-1} \leq N < 2^m`. This function generates the private key using the following process:
1409
1409
1410
1410
1. Draw a byte string of length :math:`\lceil{m/8}\rceil` bytes.
1411
-
#. If :math:`m` is not a multiple of 8, set the most significant :math:`8 * \lceil{m/8}\rceil - m`` bits of the first byte in the string to zero.
1411
+
#. If :math:`m` is not a multiple of 8, set the most significant :math:`8 * \lceil{m/8}\rceil - m` bits of the first byte in the string to zero.
1412
1412
#. Convert the string to integer :math:`k` by decoding it as a big-endian byte-string.
1413
1413
#. If :math:`k > N-2`, discard the result and return to step 1.
1414
1414
#. Output :math:`d = k + 1` as the private key.
@@ -1592,7 +1592,7 @@ Diffie Hellman keys
1592
1592
This function generates the private key using the following process:
1593
1593
1594
1594
1. Draw a byte string of length :math:`\lceil{m/8}\rceil` bytes.
1595
-
#. If :math:`m` is not a multiple of 8, set the most significant :math:`8 * \lceil{m/8}\rceil - m`` bits of the first byte in the string to zero.
1595
+
#. If :math:`m` is not a multiple of 8, set the most significant :math:`8 * \lceil{m/8}\rceil - m` bits of the first byte in the string to zero.
1596
1596
#. Convert the string to integer :math:`k` by decoding it as a big-endian byte-string.
1597
1597
#. If :math:`k > p-2`, discard the result and return to step 1.
Copy file name to clipboardExpand all lines: doc/crypto/api/ops/key-derivation.rst
+1-1Lines changed: 1 addition & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -345,7 +345,7 @@ Key-derivation algorithms
345
345
346
346
This KDF is defined in :cite-title:`TLS-ECJPAKE` §8.7. This specifies the use of a KDF to derive the TLS 1.2 session secrets from the output of EC J-PAKE over the secp256r1 Elliptic curve (the 256-bit curve in `PSA_ECC_FAMILY_SECP_R1`). EC J-PAKE operations can be performed using a PAKE operation, see :secref:`pake`.
347
347
348
-
This KDF takes the shared secret :math:`K`` (an uncompressed EC point in case of EC J-PAKE) and calculates :math:`\text{SHA256}(K.x)`.
348
+
This KDF takes the shared secret :math:`K` (an uncompressed EC point in case of EC J-PAKE) and calculates :math:`\text{SHA256}(K.x)`.
Copy file name to clipboardExpand all lines: doc/crypto/api/ops/pake.rst
+1-1Lines changed: 1 addition & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -1414,7 +1414,7 @@ The following steps demonstrate the application code for 'User' in :numref:`fig-
1414
1414
See :secref:`jpake-cipher-suites` and :secref:`jpake-passwords` for details on the requirements for the cipher suite and key.
1415
1415
1416
1416
The key material is used as an array of bytes, which is converted to an integer as described in :cite-title:`SEC1` §2.3.8, before reducing it modulo :math:`q`.
1417
-
Here, :math:`q`` is the order of the group defined by the cipher-suite primitive.
1417
+
Here, :math:`q` is the order of the group defined by the cipher-suite primitive.
1418
1418
`psa_pake_setup()` will return an error if the result of the conversion and reduction is ``0``.
0 commit comments