Improve documentation of MBEDTLS_MPI_IS_PUBLIC Signed-off-by: Janos Follath <janos.follath@arm.com>

commit: e084964068a2c79b1230670875b48a907e63c108 [log] [tgz]
author: Janos Follath <janos.follath@arm.com> Mon Aug 12 17:26:24 2024 +0100
committer: Janos Follath <janos.follath@arm.com> Mon Aug 12 20:02:59 2024 +0100
tree: db5be5294c902e148ed35119e5c2b1f3a52a5f1a
parent: 75ed58723e93a45455ba2412d1d523931de0d978 [diff]
diff --git a/include/mbedtls/bignum.h b/include/mbedtls/bignum.h
index bb96f4f..cd7e2f6 100644
--- a/include/mbedtls/bignum.h
+++ b/include/mbedtls/bignum.h

@@ -44,7 +44,12 @@
         goto cleanup;        \
     } while (0)
 
-/* Constants to identify whether a value is public or secret.
+/* Constants to identify whether a value is public or secret. If a parameter is marked as secret by
+ * this constant, the function must be constant time with respect to the parameter.
+ *
+ * This is only needed for functions with the _optionally_safe postfix. All other functions have
+ * fixed behavior that can't be changed at runtime and are constant time with respect to their
+ * parameters as prescribed by their documentation or by conventions in their module's documentation.
  *
  * Parameters should be named X_public where X is the name of the
  * corresponding input parameter.
commit	e084964068a2c79b1230670875b48a907e63c108	[log] [tgz]
author	Janos Follath <janos.follath@arm.com>	Mon Aug 12 17:26:24 2024 +0100
committer	Janos Follath <janos.follath@arm.com>	Mon Aug 12 20:02:59 2024 +0100
tree	db5be5294c902e148ed35119e5c2b1f3a52a5f1a
parent	75ed58723e93a45455ba2412d1d523931de0d978 [diff]