Rename generator-related internal identifiers
perl -pe 's/crypto_generator/key_derivation/gi' $(git ls-files)
perl -pe 's/_generator/_key_derivation/gi' $(git ls-files)
diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 0bff6ce..17af57d 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -3002,7 +3002,7 @@
* make any assumptions about the content of this structure except
* as directed by the documentation of a specific implementation.
*/
-typedef struct psa_crypto_generator_s psa_key_derivation_operation_t;
+typedef struct psa_key_derivation_s psa_key_derivation_operation_t;
/** \def PSA_KEY_DERIVATION_OPERATION_INIT
*
diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h
index 74e362d..be570c2 100644
--- a/include/psa/crypto_struct.h
+++ b/include/psa/crypto_struct.h
@@ -188,11 +188,11 @@
uint8_t block_number;
unsigned int state : 2;
unsigned int info_set : 1;
-} psa_hkdf_generator_t;
+} psa_hkdf_key_derivation_t;
#endif /* MBEDTLS_MD_C */
#if defined(MBEDTLS_MD_C)
-typedef struct psa_tls12_prf_generator_s
+typedef struct psa_tls12_prf_key_derivation_s
{
/* The TLS 1.2 PRF uses the key for each HMAC iteration,
* hence we must store it for the lifetime of the generator.
@@ -219,10 +219,10 @@
/* The 1-based number of the block. */
uint8_t block_number;
-} psa_tls12_prf_generator_t;
+} psa_tls12_prf_key_derivation_t;
#endif /* MBEDTLS_MD_C */
-struct psa_crypto_generator_s
+struct psa_key_derivation_s
{
psa_algorithm_t alg;
size_t capacity;
@@ -234,16 +234,16 @@
size_t size;
} buffer;
#if defined(MBEDTLS_MD_C)
- psa_hkdf_generator_t hkdf;
- psa_tls12_prf_generator_t tls12_prf;
+ psa_hkdf_key_derivation_t hkdf;
+ psa_tls12_prf_key_derivation_t tls12_prf;
#endif
} ctx;
};
#define PSA_KEY_DERIVATION_OPERATION_INIT {0, 0, {{0, 0}}}
-static inline struct psa_crypto_generator_s psa_key_derivation_operation_init( void )
+static inline struct psa_key_derivation_s psa_key_derivation_operation_init( void )
{
- const struct psa_crypto_generator_s v = PSA_KEY_DERIVATION_OPERATION_INIT;
+ const struct psa_key_derivation_s v = PSA_KEY_DERIVATION_OPERATION_INIT;
return( v );
}
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 71648eb..29a0496 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -4065,7 +4065,7 @@
#define HKDF_STATE_KEYED 2 /* got key */
#define HKDF_STATE_OUTPUT 3 /* output started */
-static psa_algorithm_t psa_generator_get_kdf_alg(
+static psa_algorithm_t psa_key_derivation_get_kdf_alg(
const psa_key_derivation_operation_t *generator )
{
if ( PSA_ALG_IS_KEY_AGREEMENT( generator->alg ) )
@@ -4078,7 +4078,7 @@
psa_status_t psa_key_derivation_abort( psa_key_derivation_operation_t *generator )
{
psa_status_t status = PSA_SUCCESS;
- psa_algorithm_t kdf_alg = psa_generator_get_kdf_alg( generator );
+ psa_algorithm_t kdf_alg = psa_key_derivation_get_kdf_alg( generator );
if( kdf_alg == 0 )
{
/* The object has (apparently) been initialized but it is not
@@ -4156,7 +4156,7 @@
#if defined(MBEDTLS_MD_C)
/* Read some bytes from an HKDF-based generator. This performs a chunk
* of the expand phase of the HKDF algorithm. */
-static psa_status_t psa_generator_hkdf_read( psa_hkdf_generator_t *hkdf,
+static psa_status_t psa_key_derivation_hkdf_read( psa_hkdf_key_derivation_t *hkdf,
psa_algorithm_t hash_alg,
uint8_t *output,
size_t output_length )
@@ -4223,8 +4223,8 @@
return( PSA_SUCCESS );
}
-static psa_status_t psa_generator_tls12_prf_generate_next_block(
- psa_tls12_prf_generator_t *tls12_prf,
+static psa_status_t psa_key_derivation_tls12_prf_generate_next_block(
+ psa_tls12_prf_key_derivation_t *tls12_prf,
psa_algorithm_t alg )
{
psa_algorithm_t hash_alg = PSA_ALG_HKDF_GET_HASH( alg );
@@ -4258,7 +4258,7 @@
* A(0) = seed
* A(i) = HMAC_hash( secret, A(i-1) )
*
- * The `psa_tls12_prf_generator` structures saves the block
+ * The `psa_tls12_prf_key_derivation` structures saves the block
* `HMAC_hash(secret, A(i) + seed)` from which the output
* is currently extracted as `output_block`, while
* `A(i) + seed` is stored in `Ai_with_seed`.
@@ -4337,8 +4337,8 @@
/* Read some bytes from an TLS-1.2-PRF-based generator.
* See Section 5 of RFC 5246. */
-static psa_status_t psa_generator_tls12_prf_read(
- psa_tls12_prf_generator_t *tls12_prf,
+static psa_status_t psa_key_derivation_tls12_prf_read(
+ psa_tls12_prf_key_derivation_t *tls12_prf,
psa_algorithm_t alg,
uint8_t *output,
size_t output_length )
@@ -4355,7 +4355,7 @@
/* Check if we have fully processed the current block. */
if( n == 0 )
{
- status = psa_generator_tls12_prf_generate_next_block( tls12_prf,
+ status = psa_key_derivation_tls12_prf_generate_next_block( tls12_prf,
alg );
if( status != PSA_SUCCESS )
return( status );
@@ -4381,7 +4381,7 @@
size_t output_length )
{
psa_status_t status;
- psa_algorithm_t kdf_alg = psa_generator_get_kdf_alg( generator );
+ psa_algorithm_t kdf_alg = psa_key_derivation_get_kdf_alg( generator );
if( generator->alg == 0 )
{
@@ -4430,13 +4430,13 @@
if( PSA_ALG_IS_HKDF( kdf_alg ) )
{
psa_algorithm_t hash_alg = PSA_ALG_HKDF_GET_HASH( kdf_alg );
- status = psa_generator_hkdf_read( &generator->ctx.hkdf, hash_alg,
+ status = psa_key_derivation_hkdf_read( &generator->ctx.hkdf, hash_alg,
output, output_length );
}
else if( PSA_ALG_IS_TLS12_PRF( kdf_alg ) ||
PSA_ALG_IS_TLS12_PSK_TO_MS( kdf_alg ) )
{
- status = psa_generator_tls12_prf_read( &generator->ctx.tls12_prf,
+ status = psa_key_derivation_tls12_prf_read( &generator->ctx.tls12_prf,
kdf_alg, output,
output_length );
}
@@ -4571,7 +4571,7 @@
* Note that if this function fails, you must call psa_key_derivation_abort()
* to potentially free embedded data structures and wipe confidential data.
*/
-static psa_status_t psa_generator_hkdf_setup( psa_hkdf_generator_t *hkdf,
+static psa_status_t psa_key_derivation_hkdf_setup( psa_hkdf_key_derivation_t *hkdf,
const uint8_t *secret,
size_t secret_length,
psa_algorithm_t hash_alg,
@@ -4616,8 +4616,8 @@
* Note that if this function fails, you must call psa_key_derivation_abort()
* to potentially free embedded data structures and wipe confidential data.
*/
-static psa_status_t psa_generator_tls12_prf_setup(
- psa_tls12_prf_generator_t *tls12_prf,
+static psa_status_t psa_key_derivation_tls12_prf_setup(
+ psa_tls12_prf_key_derivation_t *tls12_prf,
const unsigned char *key,
size_t key_len,
psa_algorithm_t hash_alg,
@@ -4669,8 +4669,8 @@
}
/* Set up a TLS-1.2-PSK-to-MS-based generator. */
-static psa_status_t psa_generator_tls12_psk_to_ms_setup(
- psa_tls12_prf_generator_t *tls12_prf,
+static psa_status_t psa_key_derivation_tls12_psk_to_ms_setup(
+ psa_tls12_prf_key_derivation_t *tls12_prf,
const unsigned char *psk,
size_t psk_len,
psa_algorithm_t hash_alg,
@@ -4699,7 +4699,7 @@
pms[2 + psk_len + 1] = pms[1];
memcpy( pms + 4 + psk_len, psk, psk_len );
- status = psa_generator_tls12_prf_setup( tls12_prf,
+ status = psa_key_derivation_tls12_prf_setup( tls12_prf,
pms, 4 + 2 * psk_len,
hash_alg,
salt, salt_length,
@@ -4752,7 +4752,7 @@
if( hash_size == 0 )
return( PSA_ERROR_NOT_SUPPORTED );
max_capacity = 255 * hash_size;
- status = psa_generator_hkdf_setup( &generator->ctx.hkdf,
+ status = psa_key_derivation_hkdf_setup( &generator->ctx.hkdf,
secret, secret_length,
hash_alg,
salt, salt_length,
@@ -4776,14 +4776,14 @@
if( PSA_ALG_IS_TLS12_PRF( alg ) )
{
- status = psa_generator_tls12_prf_setup( &generator->ctx.tls12_prf,
+ status = psa_key_derivation_tls12_prf_setup( &generator->ctx.tls12_prf,
secret, secret_length,
hash_alg, salt, salt_length,
label, label_length );
}
else
{
- status = psa_generator_tls12_psk_to_ms_setup(
+ status = psa_key_derivation_tls12_psk_to_ms_setup(
&generator->ctx.tls12_prf,
secret, secret_length,
hash_alg, salt, salt_length,
@@ -4905,7 +4905,7 @@
}
#if defined(MBEDTLS_MD_C)
-static psa_status_t psa_hkdf_input( psa_hkdf_generator_t *hkdf,
+static psa_status_t psa_hkdf_input( psa_hkdf_key_derivation_t *hkdf,
psa_algorithm_t hash_alg,
psa_key_derivation_step_t step,
const uint8_t *data,
@@ -4978,7 +4978,7 @@
size_t data_length )
{
psa_status_t status;
- psa_algorithm_t kdf_alg = psa_generator_get_kdf_alg( generator );
+ psa_algorithm_t kdf_alg = psa_key_derivation_get_kdf_alg( generator );
if( kdf_alg == PSA_ALG_SELECT_RAW )
{
diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data
index 991d91a..d98470d 100644
--- a/tests/suites/test_suite_psa_crypto.data
+++ b/tests/suites/test_suite_psa_crypto.data
@@ -1717,7 +1717,7 @@
asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"0099ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"":129:PSA_ERROR_INVALID_ARGUMENT
Crypto generator initializers zero properly
-crypto_generator_init:
+key_derivation_init:
PSA key derivation: HKDF-SHA-256, good case
depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
@@ -1757,11 +1757,11 @@
PSA key derivation: invalid generator state ( double generate + read past capacity )
depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
-test_derive_invalid_generator_state:
+test_derive_invalid_key_derivation_state:
PSA key derivation: invalid generator state ( call read/get_capacity after init and abort )
depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
-test_derive_invalid_generator_tests:
+test_derive_invalid_key_derivation_tests:
PSA key derivation: HKDF SHA-256, RFC5869 #1, output 42+0
depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 5527e39..52c41e7 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -3996,7 +3996,7 @@
/* END_CASE */
/* BEGIN_CASE */
-void crypto_generator_init( )
+void key_derivation_init( )
{
/* Test each valid way of initializing the object, except for `= {0}`, as
* Clang 5 complains when `-Wmissing-field-initializers` is used, even
@@ -4064,7 +4064,7 @@
/* END_CASE */
/* BEGIN_CASE */
-void test_derive_invalid_generator_state( )
+void test_derive_invalid_key_derivation_state( )
{
psa_key_handle_t handle = 0;
size_t key_type = PSA_KEY_TYPE_DERIVE;
@@ -4113,7 +4113,7 @@
/* END_CASE */
/* BEGIN_CASE */
-void test_derive_invalid_generator_tests( )
+void test_derive_invalid_key_derivation_tests( )
{
uint8_t output_buffer[16];
size_t buffer_size = 16;