Rename PSA_KDF_STEP_xxx -> PSA_KEY_DERIVATION_INPUT_xxx
More consistent with the new function names.
diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h
index e67fc60..c57d06a 100644
--- a/include/psa/crypto_values.h
+++ b/include/psa/crypto_values.h
@@ -1216,12 +1216,12 @@
* For example, `PSA_ALG_HKDF(PSA_ALG_SHA256)` is HKDF using HMAC-SHA-256.
*
* This key derivation algorithm uses the following inputs:
- * - #PSA_KDF_STEP_SALT is the salt used in the "extract" step.
+ * - #PSA_KEY_DERIVATION_INPUT_SALT is the salt used in the "extract" step.
* It is optional; if omitted, the derivation uses an empty salt.
- * - #PSA_KDF_STEP_SECRET is the secret key used in the "extract" step.
- * - #PSA_KDF_STEP_INFO is the info string used in the "expand" step.
- * You must pass #PSA_KDF_STEP_SALT before #PSA_KDF_STEP_SECRET.
- * You may pass #PSA_KDF_STEP_INFO at any time after steup and before
+ * - #PSA_KEY_DERIVATION_INPUT_SECRET is the secret key used in the "extract" step.
+ * - #PSA_KEY_DERIVATION_INPUT_INFO is the info string used in the "expand" step.
+ * You must pass #PSA_KEY_DERIVATION_INPUT_SALT before #PSA_KEY_DERIVATION_INPUT_SECRET.
+ * You may pass #PSA_KEY_DERIVATION_INPUT_INFO at any time after steup and before
* starting to generate output.
*
* \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that
@@ -1590,25 +1590,25 @@
*
* This must be a key of type #PSA_KEY_TYPE_DERIVE.
*/
-#define PSA_KDF_STEP_SECRET ((psa_key_derivation_step_t)0x0101)
+#define PSA_KEY_DERIVATION_INPUT_SECRET ((psa_key_derivation_step_t)0x0101)
/** A label for key derivation.
*
* This must be a direct input.
*/
-#define PSA_KDF_STEP_LABEL ((psa_key_derivation_step_t)0x0201)
+#define PSA_KEY_DERIVATION_INPUT_LABEL ((psa_key_derivation_step_t)0x0201)
/** A salt for key derivation.
*
* This must be a direct input.
*/
-#define PSA_KDF_STEP_SALT ((psa_key_derivation_step_t)0x0202)
+#define PSA_KEY_DERIVATION_INPUT_SALT ((psa_key_derivation_step_t)0x0202)
/** An information string for key derivation.
*
* This must be a direct input.
*/
-#define PSA_KDF_STEP_INFO ((psa_key_derivation_step_t)0x0203)
+#define PSA_KEY_DERIVATION_INPUT_INFO ((psa_key_derivation_step_t)0x0203)
/**@}*/
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 88e646a..71648eb 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -4914,7 +4914,7 @@
psa_status_t status;
switch( step )
{
- case PSA_KDF_STEP_SALT:
+ case PSA_KEY_DERIVATION_INPUT_SALT:
if( hkdf->state != HKDF_STATE_INIT )
return( PSA_ERROR_BAD_STATE );
status = psa_hmac_setup_internal( &hkdf->hmac,
@@ -4924,7 +4924,7 @@
return( status );
hkdf->state = HKDF_STATE_STARTED;
return( PSA_SUCCESS );
- case PSA_KDF_STEP_SECRET:
+ case PSA_KEY_DERIVATION_INPUT_SECRET:
/* If no salt was provided, use an empty salt. */
if( hkdf->state == HKDF_STATE_INIT )
{
@@ -4950,7 +4950,7 @@
hkdf->block_number = 0;
hkdf->state = HKDF_STATE_KEYED;
return( PSA_SUCCESS );
- case PSA_KDF_STEP_INFO:
+ case PSA_KEY_DERIVATION_INPUT_INFO:
if( hkdf->state == HKDF_STATE_OUTPUT )
return( PSA_ERROR_BAD_STATE );
if( hkdf->info_set )
@@ -5029,9 +5029,9 @@
{
switch( step )
{
- case PSA_KDF_STEP_LABEL:
- case PSA_KDF_STEP_SALT:
- case PSA_KDF_STEP_INFO:
+ case PSA_KEY_DERIVATION_INPUT_LABEL:
+ case PSA_KEY_DERIVATION_INPUT_SALT:
+ case PSA_KEY_DERIVATION_INPUT_INFO:
return( psa_key_derivation_input_raw( generator, step,
data, data_length ) );
default:
@@ -5058,7 +5058,7 @@
* the material should be dedicated to a particular input step,
* otherwise this may allow the key to be used in an unintended way
* and leak values derived from the key. So be conservative. */
- if( step != PSA_KDF_STEP_SECRET )
+ if( step != PSA_KEY_DERIVATION_INPUT_SECRET )
return( PSA_ERROR_INVALID_ARGUMENT );
return( psa_key_derivation_input_raw( generator,
step,
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index ab74baf..5527e39 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -538,14 +538,14 @@
{
PSA_ASSERT( psa_key_derivation_setup( &generator, alg ) );
PSA_ASSERT( psa_key_derivation_input_bytes( &generator,
- PSA_KDF_STEP_SALT,
+ PSA_KEY_DERIVATION_INPUT_SALT,
label,
label_length ) );
PSA_ASSERT( psa_key_derivation_input_key( &generator,
- PSA_KDF_STEP_SECRET,
+ PSA_KEY_DERIVATION_INPUT_SECRET,
handle ) );
PSA_ASSERT( psa_key_derivation_input_bytes( &generator,
- PSA_KDF_STEP_INFO,
+ PSA_KEY_DERIVATION_INPUT_INFO,
seed,
seed_length ) );
}
@@ -596,7 +596,7 @@
public_key, public_key_length,
&public_key_length ) );
- status = psa_key_derivation_key_agreement( generator, PSA_KDF_STEP_SECRET, handle,
+ status = psa_key_derivation_key_agreement( generator, PSA_KEY_DERIVATION_INPUT_SECRET, handle,
public_key, public_key_length );
exit:
mbedtls_free( public_key );
@@ -4188,13 +4188,13 @@
PSA_ASSERT( psa_key_derivation_set_capacity( &generator,
requested_capacity ) );
PSA_ASSERT( psa_key_derivation_input_bytes( &generator,
- PSA_KDF_STEP_SALT,
+ PSA_KEY_DERIVATION_INPUT_SALT,
salt->x, salt->len ) );
PSA_ASSERT( psa_key_derivation_input_key( &generator,
- PSA_KDF_STEP_SECRET,
+ PSA_KEY_DERIVATION_INPUT_SECRET,
handle ) );
PSA_ASSERT( psa_key_derivation_input_bytes( &generator,
- PSA_KDF_STEP_INFO,
+ PSA_KEY_DERIVATION_INPUT_INFO,
label->x, label->len ) );
}
else
@@ -4284,13 +4284,13 @@
PSA_ASSERT( psa_key_derivation_set_capacity( &generator,
requested_capacity ) );
PSA_ASSERT( psa_key_derivation_input_bytes( &generator,
- PSA_KDF_STEP_SALT,
+ PSA_KEY_DERIVATION_INPUT_SALT,
salt->x, salt->len ) );
PSA_ASSERT( psa_key_derivation_input_key( &generator,
- PSA_KDF_STEP_SECRET,
+ PSA_KEY_DERIVATION_INPUT_SECRET,
handle ) );
PSA_ASSERT( psa_key_derivation_input_bytes( &generator,
- PSA_KDF_STEP_INFO,
+ PSA_KEY_DERIVATION_INPUT_INFO,
label->x, label->len ) );
}
else
@@ -4502,7 +4502,7 @@
status = psa_key_derivation_setup( &generator, alg );
if( status == PSA_SUCCESS )
{
- TEST_EQUAL( psa_key_derivation_key_agreement( &generator, PSA_KDF_STEP_SECRET,
+ TEST_EQUAL( psa_key_derivation_key_agreement( &generator, PSA_KEY_DERIVATION_INPUT_SECRET,
our_key,
peer_key_data->x, peer_key_data->len ),
expected_status );
@@ -4580,14 +4580,14 @@
&our_key ) );
PSA_ASSERT( psa_key_derivation_setup( &generator, alg ) );
- PSA_ASSERT( psa_key_derivation_key_agreement( &generator, PSA_KDF_STEP_SECRET,
+ PSA_ASSERT( psa_key_derivation_key_agreement( &generator, PSA_KEY_DERIVATION_INPUT_SECRET,
our_key,
peer_key_data->x, peer_key_data->len ) );
if( PSA_ALG_IS_HKDF( PSA_ALG_KEY_AGREEMENT_GET_KDF( alg ) ) )
{
/* The test data is for info="" */
PSA_ASSERT( psa_key_derivation_input_bytes( &generator,
- PSA_KDF_STEP_INFO,
+ PSA_KEY_DERIVATION_INPUT_INFO,
NULL, 0 ) );
}
@@ -4641,14 +4641,14 @@
&our_key ) );
PSA_ASSERT( psa_key_derivation_setup( &generator, alg ) );
- PSA_ASSERT( psa_key_derivation_key_agreement( &generator, PSA_KDF_STEP_SECRET,
+ PSA_ASSERT( psa_key_derivation_key_agreement( &generator, PSA_KEY_DERIVATION_INPUT_SECRET,
our_key,
peer_key_data->x, peer_key_data->len ) );
if( PSA_ALG_IS_HKDF( PSA_ALG_KEY_AGREEMENT_GET_KDF( alg ) ) )
{
/* The test data is for info="" */
PSA_ASSERT( psa_key_derivation_input_bytes( &generator,
- PSA_KDF_STEP_INFO,
+ PSA_KEY_DERIVATION_INPUT_INFO,
NULL, 0 ) );
}
@@ -4935,10 +4935,10 @@
/* Derive a key. */
PSA_ASSERT( psa_key_derivation_setup( &generator, derive_alg ) );
PSA_ASSERT( psa_key_derivation_input_key( &generator,
- PSA_KDF_STEP_SECRET,
+ PSA_KEY_DERIVATION_INPUT_SECRET,
base_key ) );
PSA_ASSERT( psa_key_derivation_input_bytes(
- &generator, PSA_KDF_STEP_INFO,
+ &generator, PSA_KEY_DERIVATION_INPUT_INFO,
NULL, 0 ) );
PSA_ASSERT( psa_key_derivation_output_key( &attributes, &generator,
&handle ) );