From: Lukasz Pawelczyk <l.pawelczyk@samsung.com>
Date: Tue, 13 Sep 2016 11:03:16 +0000 (+0200)
Subject: Describe padding usage for sign/verify operations
X-Git-Tag: accepted/tizen/3.0/ivi/20161011.070302~2
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=0dd2d096bce922d2b7fba3fb7ba08c103e8ca715;p=platform%2Fcore%2Fsecurity%2Fyaca.git

Describe padding usage for sign/verify operations

Change-Id: I4efa09f2a57c7fcd5f81124fc57bcbf890b484d4
---

diff --git a/api/yaca/yaca_sign.h b/api/yaca/yaca_sign.h
index 84aae2c..16bcfd1 100755
--- a/api/yaca/yaca_sign.h
+++ b/api/yaca/yaca_sign.h
@@ -44,6 +44,9 @@ extern "C" {
  * @remarks  For verification use yaca_verify_initialize(), yaca_verify_update() and
  *           yaca_verify_finalize() functions with matching public key.
  *
+ * @remarks  For RSA operations the default padding used is #YACA_PADDING_PKCS1. It can be
+ *           changed using yaca_context_set_property() with #YACA_PROPERTY_PADDING.
+ *
  * @remarks  The @a ctx should be released using yaca_context_destroy()
  *
  * @param[out] ctx      Newly created context
@@ -63,6 +66,8 @@ extern "C" {
  *
  * @see #yaca_key_type_e
  * @see #yaca_digest_algorithm_e
+ * @see #yaca_padding_e
+ * @see yaca_context_set_property()
  * @see yaca_sign_update()
  * @see yaca_sign_finalize()
  * @see yaca_verify_initialize()
@@ -202,6 +207,10 @@ int yaca_sign_finalize(yaca_context_h ctx,
  *
  * @since_tizen 3.0
  *
+ * @remarks  For RSA operations the default padding used is #YACA_PADDING_PKCS1. It can be
+ *           changed using yaca_context_set_property() with #YACA_PROPERTY_PADDING.
+ *           For verify to succeed it has to be set to the same value it was signed with.
+ *
  * @remarks  The @a ctx should be released using yaca_context_destroy()
  *
  * @param[out] ctx      Newly created context
@@ -221,6 +230,8 @@ int yaca_sign_finalize(yaca_context_h ctx,
  *
  * @see #yaca_key_type_e
  * @see #yaca_digest_algorithm_e
+ * @see #yaca_padding_e
+ * @see yaca_context_set_property()
  * @see yaca_verify_update()
  * @see yaca_verify_finalize()
  * @see yaca_context_destroy()
diff --git a/api/yaca/yaca_simple.h b/api/yaca/yaca_simple.h
index a6d00ce..9adb8ca 100755
--- a/api/yaca/yaca_simple.h
+++ b/api/yaca/yaca_simple.h
@@ -25,7 +25,8 @@
  *           - All operations are single-shot (no streaming possible)
  *           - Context is not used
  *           - Only digest, signatures and symmetric ciphers are supported
- *           - Disabling PKCS#5 padding for ECB and CBC chaining is not supported
+ *           - Disabling PKCS#7 padding for ECB and CBC chaining is not supported
+ *           - Changing the default PKCS#1 padding for sign/verify is not supported
  *           - GCM and CCM chaining is not supported
  *           - RC2 effective key bits property is not supported
  *           - All outputs are allocated by the library