getting_started: Make it clear that keys are passed in #317
Conversation
|
This is a portability enhancement, not a workaround. Yes, we should use ECDSA here and also in the Mbed OS example. It's not this PR's aim to change this. Another PR should do so. This PR's aim is to help ensure we test the code snippets in our docs. The only testing our getting started doc currently has is the Mbed OS example. For ease of maintenance, as much as is possible, it's preferred to have parity between what we test and run in the Mbed OS example and what we list as code snippets in our docs. The ideal would be we run our getting started guide as a sort of literate program ala Knuth (which is out of scope for this PR), rather than copy pasting to an Mbed OS example for testing. |
|
No. Adding extra code to declare a non-standard scope variables has no place in example code. It's an additional cognitive burden. The example code needs to be easy to understand, not maximally portable. |
It was not obvious before that `AES_KEY` and `RSA_KEY` were shorthand for key material. A user copy pasting the code snippet would run into a compilation error if they didn't realize this. Make it more obvious that key material must come from somewhere external by making the snippets which use global keys into functions that take a key as a parameter.
Patater
force-pushed
the
reduce-ram-rsa
branch
from
214745c to
fbdf150
Compare
Patater
changed the title
|
We need to do both readable and portable. New patch set changes snippets to avoid magic all-caps keys which always cause a compilation error when a user copy pastes. Now, it is more obvious that the key material must be supplied from elsewhere. |
Agreed. Removed |
|
The corresponding change to the source code of the example has been merged. This pull request has been approved, and it only modifies a file that isn't used by CI so CI is irrelevant. Merging. |
* ARMmbed#292: Make psa_close_key(0) and psa_destroy_key(0) succeed * ARMmbed#299: Allow xxx_drbg_set_entropy_len before xxx_drbg_seed * ARMmbed#259: Check `len` against buffers size upper bound in PSA tests * ARMmbed#288: Add ECDSA tests with hash and key of different lengths * ARMmbed#305: CTR_DRBG: grab a nonce from the entropy source if needed * ARMmbed#316: Stop transactions from being reentrant * ARMmbed#317: getting_started: Make it clear that keys are passed in * ARMmbed#314: Fix pk_write with EC key to use a constant size for the private value * ARMmbed#298: Test a build without any asymmetric cryptography * ARMmbed#284: Fix some possibly-undefined variable warnings * ARMmbed#315: Define MBEDTLS_PK_SIGNATURE_MAX_SIZE * ARMmbed#318: Finish side-porting commits from mbedtls-restricted that missed the split
3 participants
It was not obvious before that
AES_KEYandRSA_KEYwere shorthandfor key material. A user copy pasting the code snippet would run into a
compilation error if they didn't realize this. Make it more obvious that
key material must come from somewhere external by making the snippets
which use global keys into functions that take a key as a parameter.