Clarify the use of MBEDTLS_ERR_PK_SIG_LEN_MISMATCH Clarify what MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH and MBEDTLS_ERR_PK_SIG_LEN_MISMATCH mean. Add comments to highlight that this indicates that a valid signature is present, unlike other error codes. See https://github.com/ARMmbed/mbedtls/pull/1149#discussion_r178130705

commit: 1198e6329fed723d3a4bcc4e87a71a111ec15932 [log] [tgz]
author: Gilles Peskine <Gilles.Peskine@arm.com> Fri Mar 30 07:12:15 2018 +0200
committer: Gilles Peskine <Gilles.Peskine@arm.com> Fri Mar 30 18:51:14 2018 +0200
tree: f6e1fb65ae1256dacf42f125b124c495d7df0bff
parent: 616485854ecfec1f228ebe7fb2bccec4a536e915 [diff] [blame]
diff --git a/include/mbedtls/ecp.h b/include/mbedtls/ecp.h
index ef65326..3c2fbaa 100644
--- a/include/mbedtls/ecp.h
+++ b/include/mbedtls/ecp.h

@@ -35,7 +35,7 @@
 #define MBEDTLS_ERR_ECP_ALLOC_FAILED                      -0x4D80  /**< Memory allocation failed. */
 #define MBEDTLS_ERR_ECP_RANDOM_FAILED                     -0x4D00  /**< Generation of random value, such as (ephemeral) key, failed. */
 #define MBEDTLS_ERR_ECP_INVALID_KEY                       -0x4C80  /**< Invalid private or public key. */
-#define MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH                  -0x4C00  /**< Signature is valid but shorter than the user-supplied length. */
+#define MBEDTLS_ERR_ECP_SIG_LEN_MISMATCH                  -0x4C00  /**< The buffer contains a valid signature followed by more data. */
 
 #ifdef __cplusplus
 extern "C" {
commit	1198e6329fed723d3a4bcc4e87a71a111ec15932	[log] [tgz]
author	Gilles Peskine <Gilles.Peskine@arm.com>	Fri Mar 30 07:12:15 2018 +0200
committer	Gilles Peskine <Gilles.Peskine@arm.com>	Fri Mar 30 18:51:14 2018 +0200
tree	f6e1fb65ae1256dacf42f125b124c495d7df0bff
parent	616485854ecfec1f228ebe7fb2bccec4a536e915 [diff] [blame]