Google Git
Sign in
boringssl / boringssl.git / 92812cb73ca0e3a2d4d8c20d9bc3f2584b6c083c^! / . / include / openssl / rsa.h
commit92812cb73ca0e3a2d4d8c20d9bc3f2584b6c083c[log] [tgz]
authorDavid Benjamin <davidben@google.com>Mon Sep 03 16:20:09 2018 -0500
committerAdam Langley <agl@google.com>Tue Sep 04 22:32:01 2018 +0000
treeb12f9ea88cddbb24c2cb49ef790c20c88fed6bee
parent53affef48639fe152526fb807eee3b2187b9d5c0 [diff] [blame]
Tidy up docs for #defines.

This removes the special-case for #defines in doc.go.

Change-Id: I6bf750485a94ad28c3975644c74a17c550bb3224
Reviewed-on: https://boringssl-review.googlesource.com/31505
Reviewed-by: Adam Langley <agl@google.com>

diff --git a/include/openssl/rsa.h b/include/openssl/rsa.h
index 98bb31c..47e2d34 100644
--- a/include/openssl/rsa.h
+++ b/include/openssl/rsa.h

@@ -175,11 +175,19 @@
 // These functions are considered non-mutating for thread-safety purposes and
 // may be used concurrently.
 
-// Padding types for encryption.
+// RSA_PKCS1_PADDING denotes PKCS#1 v1.5 padding. When used with encryption,
+// this is RSAES-PKCS1-v1_5. When used with signing, this is RSASSA-PKCS1-v1_5.
 #define RSA_PKCS1_PADDING 1
+
+// RSA_NO_PADDING denotes a raw RSA operation.
 #define RSA_NO_PADDING 3
+
+// RSA_PKCS1_OAEP_PADDING denotes the RSAES-OAEP encryption scheme.
 #define RSA_PKCS1_OAEP_PADDING 4
-// RSA_PKCS1_PSS_PADDING can only be used via the EVP interface.
+
+// RSA_PKCS1_PSS_PADDING denotes the RSASSA-PSS signature scheme. This value may
+// not be passed into |RSA_sign_raw|, only |EVP_PKEY_CTX_set_rsa_padding|. See
+// also |RSA_sign_pss_mgf1| and |RSA_verify_pss_mgf1|.
 #define RSA_PKCS1_PSS_PADDING 6
 
 // RSA_encrypt encrypts |in_len| bytes from |in| to the public key from |rsa|
@@ -285,7 +293,8 @@
 //
 // The |padding| argument must be one of the |RSA_*_PADDING| values. If in
 // doubt, |RSA_PKCS1_PADDING| is the most common but |RSA_PKCS1_PSS_PADDING|
-// (via the |EVP_PKEY| interface) is preferred for new protocols.
+// (via |RSA_sign_pss_mgf1| or the |EVP_PKEY| interface) is preferred for new
+// protocols.
 OPENSSL_EXPORT int RSA_sign_raw(RSA *rsa, size_t *out_len, uint8_t *out,
                                 size_t max_out, const uint8_t *in,
                                 size_t in_len, int padding);
@@ -330,7 +339,8 @@
 //
 // The |padding| argument must be one of the |RSA_*_PADDING| values. If in
 // doubt, |RSA_PKCS1_PADDING| is the most common but |RSA_PKCS1_PSS_PADDING|
-// (via the |EVP_PKEY| interface) is preferred for new protocols.
+// (via |RSA_verify_pss_mgf1| or the |EVP_PKEY| interface) is preferred for new
+// protocols.
 OPENSSL_EXPORT int RSA_verify_raw(RSA *rsa, size_t *out_len, uint8_t *out,
                                   size_t max_out, const uint8_t *in,
                                   size_t in_len, int padding);