Declare mbedtls_pk_info_t through macro
New macro MBEDTLS_PK_OPAQUE_INFO_1 to initialize mbedtls_pk_info_t structures.
Document that this macro must be used in engine implementations for forward
compatibility. Use this macro rather than accessing the structure directly
in tests and in the sample engine to set a good example.
diff --git a/include/mbedtls/pk_info.h b/include/mbedtls/pk_info.h
index a852ab8..a808c2c 100644
--- a/include/mbedtls/pk_info.h
+++ b/include/mbedtls/pk_info.h
@@ -71,6 +71,13 @@
* \note If you are using the PK interface to perform operations on
* keys, call the functions in pk.h. The interface in this file should only
* be used by implementers of opaque key engines.
+ *
+ * \warning: Do not declare this structure directly! It may be extended in
+ * future* versions of Mbed TLS. Call the macro
+ * MBEDTLS_PK_OPAQUE_INFO_1() or MBEDTLS_PK_OPAQUE_INFO_ASYNC_1() instead.
+ * These macros are guaranteed to take parameters with the same type
+ * and semantics as previous versions and fill any new field of the
+ * structure with sensible values.
*/
struct mbedtls_pk_info_t
{
@@ -220,6 +227,36 @@
};
+#define MBEDTLS_PK_OPAQUE_INFO_1( \
+ name \
+ , get_bitlen \
+ , can_do \
+ , signature_size_func \
+ , verify_func \
+ , sign_func \
+ , decrypt_func \
+ , encrypt_func \
+ , check_pair_func \
+ , ctx_alloc_func \
+ , ctx_free_func \
+ , debug_func \
+ ) \
+ { \
+ MBEDTLS_PK_OPAQUE \
+ , name \
+ , get_bitlen \
+ , can_do \
+ , signature_size_func \
+ , verify_func \
+ , sign_func \
+ , decrypt_func \
+ , encrypt_func \
+ , check_pair_func \
+ , ctx_alloc_func \
+ , ctx_free_func \
+ , debug_func \
+ }
+
#ifdef __cplusplus
}
#endif
diff --git a/tests/suites/test_suite_pk.function b/tests/suites/test_suite_pk.function
index 0bf9ef3..bd92f0c 100644
--- a/tests/suites/test_suite_pk.function
+++ b/tests/suites/test_suite_pk.function
@@ -746,21 +746,20 @@
void pk_opaque_mock( )
{
mbedtls_pk_info_t info =
- {
- MBEDTLS_PK_OPAQUE,
- "mock",
- opaque_mock_get_bitlen,
- opaque_mock_can_do,
- opaque_mock_signature_size_func,
- opaque_mock_verify_func,
- opaque_mock_sign_func,
- opaque_mock_decrypt_func,
- opaque_mock_encrypt_func,
- opaque_mock_check_pair_func,
- opaque_mock_ctx_alloc_func,
- opaque_mock_ctx_free_func,
- opaque_mock_debug_func,
- };
+ MBEDTLS_PK_OPAQUE_INFO_1(
+ "mock"
+ , opaque_mock_get_bitlen
+ , opaque_mock_can_do
+ , opaque_mock_signature_size_func
+ , opaque_mock_verify_func
+ , opaque_mock_sign_func
+ , opaque_mock_decrypt_func
+ , opaque_mock_encrypt_func
+ , opaque_mock_check_pair_func
+ , opaque_mock_ctx_alloc_func
+ , opaque_mock_ctx_free_func
+ , opaque_mock_debug_func
+ );
mbedtls_pk_context ctx;
unsigned char sig[OPAQUE_MOCK_SIGNATURE_SIZE] = OPAQUE_MOCK_GOOD_SIGNATURE;
unsigned char input[sizeof( opaque_mock_reference_input )];
@@ -857,21 +856,20 @@
void pk_opaque_minimal( )
{
mbedtls_pk_info_t info =
- {
- MBEDTLS_PK_OPAQUE,
- "mock",
- opaque_mock_get_bitlen,
- opaque_mock_can_do,
- NULL,
- NULL,
- NULL,
- NULL,
- NULL,
- NULL,
- NULL,
- opaque_mock_ctx_free_func,
- NULL,
- };
+ MBEDTLS_PK_OPAQUE_INFO_1(
+ "mock"
+ , opaque_mock_get_bitlen
+ , opaque_mock_can_do
+ , NULL
+ , NULL
+ , NULL
+ , NULL
+ , NULL
+ , NULL
+ , NULL
+ , opaque_mock_ctx_free_func
+ , NULL
+ );
mbedtls_pk_context ctx;
mbedtls_pk_init( &ctx );
@@ -928,21 +926,20 @@
void pk_opaque_fail_allocation( )
{
mbedtls_pk_info_t info =
- {
- MBEDTLS_PK_OPAQUE,
- "mock",
- NULL,
- NULL,
- NULL,
- NULL,
- NULL,
- NULL,
- NULL,
- NULL,
- opaque_mock_ctx_alloc_fail,
- NULL,
- NULL,
- };
+ MBEDTLS_PK_OPAQUE_INFO_1(
+ "mock"
+ , opaque_mock_get_bitlen
+ , opaque_mock_can_do
+ , NULL
+ , NULL
+ , NULL
+ , NULL
+ , NULL
+ , NULL
+ , opaque_mock_ctx_alloc_fail
+ , NULL
+ , NULL
+ );
mbedtls_pk_context ctx;
mbedtls_pk_init( &ctx );
TEST_ASSERT( mbedtls_pk_setup( &ctx, &info ) ==
@@ -964,21 +961,20 @@
const mbedtls_pk_info_t *mbedtls_rsa_info =
mbedtls_pk_info_from_type( MBEDTLS_PK_RSA );
mbedtls_pk_info_t pk_rsa_opaque_info =
- {
- MBEDTLS_PK_OPAQUE,
- "RSA-opaque-wrapper",
- mbedtls_rsa_info->get_bitlen,
- mbedtls_rsa_info->can_do,
- mbedtls_rsa_info->signature_size_func,
- mbedtls_rsa_info->verify_func,
- mbedtls_rsa_info->sign_func,
- mbedtls_rsa_info->decrypt_func,
- mbedtls_rsa_info->encrypt_func,
- NULL, // we don't test check_pair here
- mbedtls_rsa_info->ctx_alloc_func,
- mbedtls_rsa_info->ctx_free_func,
- mbedtls_rsa_info->debug_func,
- };
+ MBEDTLS_PK_OPAQUE_INFO_1(
+ "RSA-opaque-wrapper"
+ , mbedtls_rsa_info->get_bitlen
+ , mbedtls_rsa_info->can_do
+ , mbedtls_rsa_info->signature_size_func
+ , mbedtls_rsa_info->verify_func
+ , mbedtls_rsa_info->sign_func
+ , mbedtls_rsa_info->decrypt_func
+ , mbedtls_rsa_info->encrypt_func
+ , NULL // we don't test check_pair here
+ , mbedtls_rsa_info->ctx_alloc_func
+ , mbedtls_rsa_info->ctx_free_func
+ , mbedtls_rsa_info->debug_func
+ );
/* Generate an RSA key to use in both contexts */
pk_rsa_prepare( &raw );