commit 24f10f85e2d771d8eccd5b1f5674ac57327e8dc6
author Gilles Peskine <Gilles.Peskine@arm.com> Thu May 16 12:18:32 2019 +0200
committer Gilles Peskine <Gilles.Peskine@arm.com> Thu May 16 19:27:05 2019 +0200
tree b840426ca250ac1ced5a6de5f429fd65df3f12d4
parent eef988fc2d7e96d8b7f905032de496f9c020edcb

Remove domain parameters from the official API

Move psa_get_key_domain_parameters() and
psa_set_key_domain_parameters() out of the official API and declare
them to be implementation-specific extensions.

Expand the documentation of psa_set_key_domain_parameters() a bit to
explain how domain parameters are used.

Remove all mentions of domain parameters from the documentation of API
functions. This leaves DH and DSA effectively unusable.

include/psa/crypto_struct.h

diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h
index 01d3069..885d908 100644
--- a/include/psa/crypto_struct.h
+++ b/include/psa/crypto_struct.h
@@ -331,6 +331,13 @@
     return( attributes->policy.alg );
 }
 
+/* This function is declared in crypto_extra.h, which comes after this
+ * header file, but we need the function here, so repeat the declaration. */
+psa_status_t psa_set_key_domain_parameters(psa_key_attributes_t *attributes,
+                                           psa_key_type_t type,
+                                           const uint8_t *data,
+                                           size_t data_length);
+
 static inline void psa_set_key_type(psa_key_attributes_t *attributes,
                                     psa_key_type_t type)
 {