Rename generator-related internal identifiers

    perl -pe 's/crypto_generator/key_derivation/gi' $(git ls-files)
    perl -pe 's/_generator/_key_derivation/gi' $(git ls-files)
diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 0bff6ce..17af57d 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -3002,7 +3002,7 @@
  * make any assumptions about the content of this structure except
  * as directed by the documentation of a specific implementation.
  */
-typedef struct psa_crypto_generator_s psa_key_derivation_operation_t;
+typedef struct psa_key_derivation_s psa_key_derivation_operation_t;
 
 /** \def PSA_KEY_DERIVATION_OPERATION_INIT
  *
diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h
index 74e362d..be570c2 100644
--- a/include/psa/crypto_struct.h
+++ b/include/psa/crypto_struct.h
@@ -188,11 +188,11 @@
     uint8_t block_number;
     unsigned int state : 2;
     unsigned int info_set : 1;
-} psa_hkdf_generator_t;
+} psa_hkdf_key_derivation_t;
 #endif /* MBEDTLS_MD_C */
 
 #if defined(MBEDTLS_MD_C)
-typedef struct psa_tls12_prf_generator_s
+typedef struct psa_tls12_prf_key_derivation_s
 {
     /* The TLS 1.2 PRF uses the key for each HMAC iteration,
      * hence we must store it for the lifetime of the generator.
@@ -219,10 +219,10 @@
     /* The 1-based number of the block. */
     uint8_t block_number;
 
-} psa_tls12_prf_generator_t;
+} psa_tls12_prf_key_derivation_t;
 #endif /* MBEDTLS_MD_C */
 
-struct psa_crypto_generator_s
+struct psa_key_derivation_s
 {
     psa_algorithm_t alg;
     size_t capacity;
@@ -234,16 +234,16 @@
             size_t size;
         } buffer;
 #if defined(MBEDTLS_MD_C)
-        psa_hkdf_generator_t hkdf;
-        psa_tls12_prf_generator_t tls12_prf;
+        psa_hkdf_key_derivation_t hkdf;
+        psa_tls12_prf_key_derivation_t tls12_prf;
 #endif
     } ctx;
 };
 
 #define PSA_KEY_DERIVATION_OPERATION_INIT {0, 0, {{0, 0}}}
-static inline struct psa_crypto_generator_s psa_key_derivation_operation_init( void )
+static inline struct psa_key_derivation_s psa_key_derivation_operation_init( void )
 {
-    const struct psa_crypto_generator_s v = PSA_KEY_DERIVATION_OPERATION_INIT;
+    const struct psa_key_derivation_s v = PSA_KEY_DERIVATION_OPERATION_INIT;
     return( v );
 }
 
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 71648eb..29a0496 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -4065,7 +4065,7 @@
 #define HKDF_STATE_KEYED 2 /* got key */
 #define HKDF_STATE_OUTPUT 3 /* output started */
 
-static psa_algorithm_t psa_generator_get_kdf_alg(
+static psa_algorithm_t psa_key_derivation_get_kdf_alg(
     const psa_key_derivation_operation_t *generator )
 {
     if ( PSA_ALG_IS_KEY_AGREEMENT( generator->alg ) )
@@ -4078,7 +4078,7 @@
 psa_status_t psa_key_derivation_abort( psa_key_derivation_operation_t *generator )
 {
     psa_status_t status = PSA_SUCCESS;
-    psa_algorithm_t kdf_alg = psa_generator_get_kdf_alg( generator );
+    psa_algorithm_t kdf_alg = psa_key_derivation_get_kdf_alg( generator );
     if( kdf_alg == 0 )
     {
         /* The object has (apparently) been initialized but it is not
@@ -4156,7 +4156,7 @@
 #if defined(MBEDTLS_MD_C)
 /* Read some bytes from an HKDF-based generator. This performs a chunk
  * of the expand phase of the HKDF algorithm. */
-static psa_status_t psa_generator_hkdf_read( psa_hkdf_generator_t *hkdf,
+static psa_status_t psa_key_derivation_hkdf_read( psa_hkdf_key_derivation_t *hkdf,
                                              psa_algorithm_t hash_alg,
                                              uint8_t *output,
                                              size_t output_length )
@@ -4223,8 +4223,8 @@
     return( PSA_SUCCESS );
 }
 
-static psa_status_t psa_generator_tls12_prf_generate_next_block(
-    psa_tls12_prf_generator_t *tls12_prf,
+static psa_status_t psa_key_derivation_tls12_prf_generate_next_block(
+    psa_tls12_prf_key_derivation_t *tls12_prf,
     psa_algorithm_t alg )
 {
     psa_algorithm_t hash_alg = PSA_ALG_HKDF_GET_HASH( alg );
@@ -4258,7 +4258,7 @@
      * A(0) = seed
      * A(i) = HMAC_hash( secret, A(i-1) )
      *
-     * The `psa_tls12_prf_generator` structures saves the block
+     * The `psa_tls12_prf_key_derivation` structures saves the block
      * `HMAC_hash(secret, A(i) + seed)` from which the output
      * is currently extracted as `output_block`, while
      * `A(i) + seed` is stored in `Ai_with_seed`.
@@ -4337,8 +4337,8 @@
 
 /* Read some bytes from an TLS-1.2-PRF-based generator.
  * See Section 5 of RFC 5246. */
-static psa_status_t psa_generator_tls12_prf_read(
-                                        psa_tls12_prf_generator_t *tls12_prf,
+static psa_status_t psa_key_derivation_tls12_prf_read(
+                                        psa_tls12_prf_key_derivation_t *tls12_prf,
                                         psa_algorithm_t alg,
                                         uint8_t *output,
                                         size_t output_length )
@@ -4355,7 +4355,7 @@
         /* Check if we have fully processed the current block. */
         if( n == 0 )
         {
-            status = psa_generator_tls12_prf_generate_next_block( tls12_prf,
+            status = psa_key_derivation_tls12_prf_generate_next_block( tls12_prf,
                                                                   alg );
             if( status != PSA_SUCCESS )
                 return( status );
@@ -4381,7 +4381,7 @@
                                  size_t output_length )
 {
     psa_status_t status;
-    psa_algorithm_t kdf_alg = psa_generator_get_kdf_alg( generator );
+    psa_algorithm_t kdf_alg = psa_key_derivation_get_kdf_alg( generator );
 
     if( generator->alg == 0 )
     {
@@ -4430,13 +4430,13 @@
     if( PSA_ALG_IS_HKDF( kdf_alg ) )
     {
         psa_algorithm_t hash_alg = PSA_ALG_HKDF_GET_HASH( kdf_alg );
-        status = psa_generator_hkdf_read( &generator->ctx.hkdf, hash_alg,
+        status = psa_key_derivation_hkdf_read( &generator->ctx.hkdf, hash_alg,
                                           output, output_length );
     }
     else if( PSA_ALG_IS_TLS12_PRF( kdf_alg ) ||
              PSA_ALG_IS_TLS12_PSK_TO_MS( kdf_alg ) )
     {
-        status = psa_generator_tls12_prf_read( &generator->ctx.tls12_prf,
+        status = psa_key_derivation_tls12_prf_read( &generator->ctx.tls12_prf,
                                                kdf_alg, output,
                                                output_length );
     }
@@ -4571,7 +4571,7 @@
  * Note that if this function fails, you must call psa_key_derivation_abort()
  * to potentially free embedded data structures and wipe confidential data.
  */
-static psa_status_t psa_generator_hkdf_setup( psa_hkdf_generator_t *hkdf,
+static psa_status_t psa_key_derivation_hkdf_setup( psa_hkdf_key_derivation_t *hkdf,
                                               const uint8_t *secret,
                                               size_t secret_length,
                                               psa_algorithm_t hash_alg,
@@ -4616,8 +4616,8 @@
  * Note that if this function fails, you must call psa_key_derivation_abort()
  * to potentially free embedded data structures and wipe confidential data.
  */
-static psa_status_t psa_generator_tls12_prf_setup(
-    psa_tls12_prf_generator_t *tls12_prf,
+static psa_status_t psa_key_derivation_tls12_prf_setup(
+    psa_tls12_prf_key_derivation_t *tls12_prf,
     const unsigned char *key,
     size_t key_len,
     psa_algorithm_t hash_alg,
@@ -4669,8 +4669,8 @@
 }
 
 /* Set up a TLS-1.2-PSK-to-MS-based generator. */
-static psa_status_t psa_generator_tls12_psk_to_ms_setup(
-    psa_tls12_prf_generator_t *tls12_prf,
+static psa_status_t psa_key_derivation_tls12_psk_to_ms_setup(
+    psa_tls12_prf_key_derivation_t *tls12_prf,
     const unsigned char *psk,
     size_t psk_len,
     psa_algorithm_t hash_alg,
@@ -4699,7 +4699,7 @@
     pms[2 + psk_len + 1] = pms[1];
     memcpy( pms + 4 + psk_len, psk, psk_len );
 
-    status = psa_generator_tls12_prf_setup( tls12_prf,
+    status = psa_key_derivation_tls12_prf_setup( tls12_prf,
                                             pms, 4 + 2 * psk_len,
                                             hash_alg,
                                             salt, salt_length,
@@ -4752,7 +4752,7 @@
         if( hash_size == 0 )
             return( PSA_ERROR_NOT_SUPPORTED );
         max_capacity = 255 * hash_size;
-        status = psa_generator_hkdf_setup( &generator->ctx.hkdf,
+        status = psa_key_derivation_hkdf_setup( &generator->ctx.hkdf,
                                            secret, secret_length,
                                            hash_alg,
                                            salt, salt_length,
@@ -4776,14 +4776,14 @@
 
         if( PSA_ALG_IS_TLS12_PRF( alg ) )
         {
-            status = psa_generator_tls12_prf_setup( &generator->ctx.tls12_prf,
+            status = psa_key_derivation_tls12_prf_setup( &generator->ctx.tls12_prf,
                                                     secret, secret_length,
                                                     hash_alg, salt, salt_length,
                                                     label, label_length );
         }
         else
         {
-            status = psa_generator_tls12_psk_to_ms_setup(
+            status = psa_key_derivation_tls12_psk_to_ms_setup(
                 &generator->ctx.tls12_prf,
                 secret, secret_length,
                 hash_alg, salt, salt_length,
@@ -4905,7 +4905,7 @@
 }
 
 #if defined(MBEDTLS_MD_C)
-static psa_status_t psa_hkdf_input( psa_hkdf_generator_t *hkdf,
+static psa_status_t psa_hkdf_input( psa_hkdf_key_derivation_t *hkdf,
                                     psa_algorithm_t hash_alg,
                                     psa_key_derivation_step_t step,
                                     const uint8_t *data,
@@ -4978,7 +4978,7 @@
     size_t data_length )
 {
     psa_status_t status;
-    psa_algorithm_t kdf_alg = psa_generator_get_kdf_alg( generator );
+    psa_algorithm_t kdf_alg = psa_key_derivation_get_kdf_alg( generator );
 
     if( kdf_alg == PSA_ALG_SELECT_RAW )
     {
diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 991d91a..d98470d 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -1717,7 +1717,7 @@
 asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"0099ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"":129:PSA_ERROR_INVALID_ARGUMENT
 
 Crypto generator initializers zero properly
-crypto_generator_init:
+key_derivation_init:
 
 PSA key derivation: HKDF-SHA-256, good case
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
@@ -1757,11 +1757,11 @@
 
 PSA key derivation: invalid generator state ( double generate + read past capacity )
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
-test_derive_invalid_generator_state:
+test_derive_invalid_key_derivation_state:
 
 PSA key derivation:  invalid generator state ( call read/get_capacity after init and abort )
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
-test_derive_invalid_generator_tests:
+test_derive_invalid_key_derivation_tests:
 
 PSA key derivation: HKDF SHA-256, RFC5869 #1, output 42+0
 depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 5527e39..52c41e7 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -3996,7 +3996,7 @@
 /* END_CASE */
 
 /* BEGIN_CASE */
-void crypto_generator_init( )
+void key_derivation_init( )
 {
     /* Test each valid way of initializing the object, except for `= {0}`, as
      * Clang 5 complains when `-Wmissing-field-initializers` is used, even
@@ -4064,7 +4064,7 @@
 /* END_CASE */
 
 /* BEGIN_CASE */
-void test_derive_invalid_generator_state( )
+void test_derive_invalid_key_derivation_state( )
 {
     psa_key_handle_t handle = 0;
     size_t key_type = PSA_KEY_TYPE_DERIVE;
@@ -4113,7 +4113,7 @@
 /* END_CASE */
 
 /* BEGIN_CASE */
-void test_derive_invalid_generator_tests( )
+void test_derive_invalid_key_derivation_tests( )
 {
     uint8_t output_buffer[16];
     size_t buffer_size = 16;