mirror of
https://github.com/Mbed-TLS/mbedtls.git
synced 2025-07-28 00:21:48 +03:00
Don't access psa_key_attributes_t.core
Access the fields of `psa_key_attributes_t` directly rather than through the `core` field. This makes the `core` field obsolete. This commit is fully automated: ``` git ls-files '*.h' '*.c' '*.function' '*.jinja' | xargs perl -l -i -pe '$core = qr/\b(core\b|MBEDTLS_PRIVATE\(core\))/; s/->$core\./->/g; s/&(\w+)\.$core\./&$1./g; s/(\w+)\.$core/$1/g' ``` Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
Gilles Peskine
@ -568,7 +568,7 @@ psa_status_t psa_import_key_into_slot(
|
||||
size_t *key_buffer_length, size_t *bits)
|
||||
{
|
||||
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
|
||||
psa_key_type_t type = attributes->core.type;
|
||||
psa_key_type_t type = attributes->type;
|
||||
|
||||
/* zero-length keys are never supported. */
|
||||
if (data_length == 0) {
|
||||
@ -578,7 +578,7 @@ psa_status_t psa_import_key_into_slot(
|
||||
if (key_type_is_raw_bytes(type)) {
|
||||
*bits = PSA_BYTES_TO_BITS(data_length);
|
||||
|
||||
status = psa_validate_unstructured_key_bit_size(attributes->core.type,
|
||||
status = psa_validate_unstructured_key_bit_size(attributes->type,
|
||||
*bits);
|
||||
if (status != PSA_SUCCESS) {
|
||||
return status;
|
||||
@ -1245,8 +1245,8 @@ psa_status_t psa_get_key_slot_number(
|
||||
const psa_key_attributes_t *attributes,
|
||||
psa_key_slot_number_t *slot_number)
|
||||
{
|
||||
if (attributes->core.flags & MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER) {
|
||||
*slot_number = attributes->core.slot_number;
|
||||
if (attributes->flags & MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER) {
|
||||
*slot_number = attributes->slot_number;
|
||||
return PSA_SUCCESS;
|
||||
} else {
|
||||
return PSA_ERROR_INVALID_ARGUMENT;
|
||||
@ -1275,7 +1275,7 @@ psa_status_t psa_export_key_internal(
|
||||
const uint8_t *key_buffer, size_t key_buffer_size,
|
||||
uint8_t *data, size_t data_size, size_t *data_length)
|
||||
{
|
||||
psa_key_type_t type = attributes->core.type;
|
||||
psa_key_type_t type = attributes->type;
|
||||
|
||||
if (key_type_is_raw_bytes(type) ||
|
||||
PSA_KEY_TYPE_IS_RSA(type) ||
|
||||
@ -1341,7 +1341,7 @@ psa_status_t psa_export_public_key_internal(
|
||||
size_t data_size,
|
||||
size_t *data_length)
|
||||
{
|
||||
psa_key_type_t type = attributes->core.type;
|
||||
psa_key_type_t type = attributes->type;
|
||||
|
||||
if (PSA_KEY_TYPE_IS_PUBLIC_KEY(type) &&
|
||||
(PSA_KEY_TYPE_IS_RSA(type) || PSA_KEY_TYPE_IS_ECC(type) ||
|
||||
@ -1518,7 +1518,7 @@ static psa_status_t psa_validate_key_attributes(
|
||||
}
|
||||
}
|
||||
|
||||
status = psa_validate_key_policy(&attributes->core.policy);
|
||||
status = psa_validate_key_policy(&attributes->policy);
|
||||
if (status != PSA_SUCCESS) {
|
||||
return status;
|
||||
}
|
||||
@ -1532,7 +1532,7 @@ static psa_status_t psa_validate_key_attributes(
|
||||
}
|
||||
|
||||
/* Reject invalid flags. These should not be reachable through the API. */
|
||||
if (attributes->core.flags & ~(MBEDTLS_PSA_KA_MASK_EXTERNAL_ONLY |
|
||||
if (attributes->flags & ~(MBEDTLS_PSA_KA_MASK_EXTERNAL_ONLY |
|
||||
MBEDTLS_PSA_KA_MASK_DUAL_USE)) {
|
||||
return PSA_ERROR_INVALID_ARGUMENT;
|
||||
}
|
||||
@ -1652,7 +1652,7 @@ static psa_status_t psa_start_key_creation(
|
||||
return status;
|
||||
}
|
||||
|
||||
if (!PSA_KEY_LIFETIME_IS_VOLATILE(attributes->core.lifetime)) {
|
||||
if (!PSA_KEY_LIFETIME_IS_VOLATILE(attributes->lifetime)) {
|
||||
psa_crypto_prepare_transaction(PSA_CRYPTO_TRANSACTION_CREATE_KEY);
|
||||
psa_crypto_transaction.key.lifetime = slot->attr.lifetime;
|
||||
psa_crypto_transaction.key.slot = slot_number;
|
||||
@ -1852,14 +1852,14 @@ static psa_status_t psa_validate_optional_attributes(
|
||||
const psa_key_slot_t *slot,
|
||||
const psa_key_attributes_t *attributes)
|
||||
{
|
||||
if (attributes->core.type != 0) {
|
||||
if (attributes->core.type != slot->attr.type) {
|
||||
if (attributes->type != 0) {
|
||||
if (attributes->type != slot->attr.type) {
|
||||
return PSA_ERROR_INVALID_ARGUMENT;
|
||||
}
|
||||
}
|
||||
|
||||
if (attributes->core.bits != 0) {
|
||||
if (attributes->core.bits != slot->attr.bits) {
|
||||
if (attributes->bits != 0) {
|
||||
if (attributes->bits != slot->attr.bits) {
|
||||
return PSA_ERROR_INVALID_ARGUMENT;
|
||||
}
|
||||
}
|
||||
@ -1903,7 +1903,7 @@ psa_status_t psa_import_key(const psa_key_attributes_t *attributes,
|
||||
* with storage ( MBEDTLS_PSA_CRYPTO_SE_C ) ),we have to allocate a
|
||||
* buffer to hold the imported key material. */
|
||||
if (slot->key.data == NULL) {
|
||||
if (psa_key_lifetime_is_external(attributes->core.lifetime)) {
|
||||
if (psa_key_lifetime_is_external(attributes->lifetime)) {
|
||||
status = psa_driver_wrapper_get_key_buffer_size_from_key_data(
|
||||
attributes, data, data_length, &storage_size);
|
||||
if (status != PSA_SUCCESS) {
|
||||
@ -2023,12 +2023,12 @@ psa_status_t psa_copy_key(mbedtls_svc_key_id_t source_key,
|
||||
* equal to the ones of the source key. So it is safe to inherit
|
||||
* them from the source key now."
|
||||
* */
|
||||
actual_attributes.core.bits = source_slot->attr.bits;
|
||||
actual_attributes.core.type = source_slot->attr.type;
|
||||
actual_attributes.bits = source_slot->attr.bits;
|
||||
actual_attributes.type = source_slot->attr.type;
|
||||
|
||||
|
||||
status = psa_restrict_key_policy(source_slot->attr.type,
|
||||
&actual_attributes.core.policy,
|
||||
&actual_attributes.policy,
|
||||
&source_slot->attr.policy);
|
||||
if (status != PSA_SUCCESS) {
|
||||
goto exit;
|
||||
@ -2057,7 +2057,7 @@ psa_status_t psa_copy_key(mbedtls_svc_key_id_t source_key,
|
||||
* - For opaque keys this translates to an invocation of the drivers'
|
||||
* copy_key entry point through the dispatch layer.
|
||||
* */
|
||||
if (psa_key_lifetime_is_external(actual_attributes.core.lifetime)) {
|
||||
if (psa_key_lifetime_is_external(actual_attributes.lifetime)) {
|
||||
status = psa_driver_wrapper_get_key_buffer_size(&actual_attributes,
|
||||
&storage_size);
|
||||
if (status != PSA_SUCCESS) {
|
||||
@ -2878,7 +2878,7 @@ psa_status_t psa_sign_hash_builtin(
|
||||
psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
|
||||
uint8_t *signature, size_t signature_size, size_t *signature_length)
|
||||
{
|
||||
if (attributes->core.type == PSA_KEY_TYPE_RSA_KEY_PAIR) {
|
||||
if (attributes->type == PSA_KEY_TYPE_RSA_KEY_PAIR) {
|
||||
if (PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) ||
|
||||
PSA_ALG_IS_RSA_PSS(alg)) {
|
||||
#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
|
||||
@ -2893,7 +2893,7 @@ psa_status_t psa_sign_hash_builtin(
|
||||
} else {
|
||||
return PSA_ERROR_INVALID_ARGUMENT;
|
||||
}
|
||||
} else if (PSA_KEY_TYPE_IS_ECC(attributes->core.type)) {
|
||||
} else if (PSA_KEY_TYPE_IS_ECC(attributes->type)) {
|
||||
if (PSA_ALG_IS_ECDSA(alg)) {
|
||||
#if defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \
|
||||
defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)
|
||||
@ -2939,7 +2939,7 @@ psa_status_t psa_verify_hash_builtin(
|
||||
psa_algorithm_t alg, const uint8_t *hash, size_t hash_length,
|
||||
const uint8_t *signature, size_t signature_length)
|
||||
{
|
||||
if (PSA_KEY_TYPE_IS_RSA(attributes->core.type)) {
|
||||
if (PSA_KEY_TYPE_IS_RSA(attributes->type)) {
|
||||
if (PSA_ALG_IS_RSA_PKCS1V15_SIGN(alg) ||
|
||||
PSA_ALG_IS_RSA_PSS(alg)) {
|
||||
#if defined(MBEDTLS_PSA_BUILTIN_ALG_RSA_PKCS1V15_SIGN) || \
|
||||
@ -2954,7 +2954,7 @@ psa_status_t psa_verify_hash_builtin(
|
||||
} else {
|
||||
return PSA_ERROR_INVALID_ARGUMENT;
|
||||
}
|
||||
} else if (PSA_KEY_TYPE_IS_ECC(attributes->core.type)) {
|
||||
} else if (PSA_KEY_TYPE_IS_ECC(attributes->type)) {
|
||||
if (PSA_ALG_IS_ECDSA(alg)) {
|
||||
#if defined(MBEDTLS_PSA_BUILTIN_ALG_ECDSA) || \
|
||||
defined(MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA)
|
||||
@ -3450,7 +3450,7 @@ psa_status_t mbedtls_psa_sign_hash_start(
|
||||
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
|
||||
size_t required_hash_length;
|
||||
|
||||
if (!PSA_KEY_TYPE_IS_ECC(attributes->core.type)) {
|
||||
if (!PSA_KEY_TYPE_IS_ECC(attributes->type)) {
|
||||
return PSA_ERROR_NOT_SUPPORTED;
|
||||
}
|
||||
|
||||
@ -3467,8 +3467,8 @@ psa_status_t mbedtls_psa_sign_hash_start(
|
||||
/* Ensure num_ops is zero'ed in case of context re-use. */
|
||||
operation->num_ops = 0;
|
||||
|
||||
status = mbedtls_psa_ecp_load_representation(attributes->core.type,
|
||||
attributes->core.bits,
|
||||
status = mbedtls_psa_ecp_load_representation(attributes->type,
|
||||
attributes->bits,
|
||||
key_buffer,
|
||||
key_buffer_size,
|
||||
&operation->ctx);
|
||||
@ -3666,7 +3666,7 @@ psa_status_t mbedtls_psa_verify_hash_start(
|
||||
size_t coordinate_bytes = 0;
|
||||
size_t required_hash_length = 0;
|
||||
|
||||
if (!PSA_KEY_TYPE_IS_ECC(attributes->core.type)) {
|
||||
if (!PSA_KEY_TYPE_IS_ECC(attributes->type)) {
|
||||
return PSA_ERROR_NOT_SUPPORTED;
|
||||
}
|
||||
|
||||
@ -3685,8 +3685,8 @@ psa_status_t mbedtls_psa_verify_hash_start(
|
||||
/* Ensure num_ops is zero'ed in case of context re-use. */
|
||||
operation->num_ops = 0;
|
||||
|
||||
status = mbedtls_psa_ecp_load_representation(attributes->core.type,
|
||||
attributes->core.bits,
|
||||
status = mbedtls_psa_ecp_load_representation(attributes->type,
|
||||
attributes->bits,
|
||||
key_buffer,
|
||||
key_buffer_size,
|
||||
&operation->ctx);
|
||||
@ -5818,7 +5818,7 @@ static psa_status_t psa_generate_derived_key_internal(
|
||||
|
||||
slot->attr.bits = (psa_key_bits_t) bits;
|
||||
|
||||
if (psa_key_lifetime_is_external(slot->attr.core.lifetime)) {
|
||||
if (psa_key_lifetime_is_external(slot->attr.lifetime)) {
|
||||
status = psa_driver_wrapper_get_key_buffer_size(&slot->attr,
|
||||
&storage_size);
|
||||
if (status != PSA_SUCCESS) {
|
||||
@ -5901,7 +5901,7 @@ psa_status_t psa_key_derivation_output_key_ext(
|
||||
#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
|
||||
if (status == PSA_SUCCESS) {
|
||||
status = psa_generate_derived_key_internal(slot,
|
||||
attributes->core.bits,
|
||||
attributes->bits,
|
||||
operation);
|
||||
}
|
||||
if (status == PSA_SUCCESS) {
|
||||
@ -7319,7 +7319,7 @@ psa_status_t psa_generate_key_internal(
|
||||
uint8_t *key_buffer, size_t key_buffer_size, size_t *key_buffer_length)
|
||||
{
|
||||
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
|
||||
psa_key_type_t type = attributes->core.type;
|
||||
psa_key_type_t type = attributes->type;
|
||||
|
||||
/* Only used for RSA */
|
||||
(void) params;
|
||||
@ -7392,12 +7392,12 @@ psa_status_t psa_generate_key_ext(const psa_key_attributes_t *attributes,
|
||||
}
|
||||
|
||||
/* Reject any attempt to create a public key. */
|
||||
if (PSA_KEY_TYPE_IS_PUBLIC_KEY(attributes->core.type)) {
|
||||
if (PSA_KEY_TYPE_IS_PUBLIC_KEY(attributes->type)) {
|
||||
return PSA_ERROR_INVALID_ARGUMENT;
|
||||
}
|
||||
|
||||
#if defined(PSA_WANT_KEY_TYPE_RSA_KEY_PAIR_GENERATE)
|
||||
if (attributes->core.type == PSA_KEY_TYPE_RSA_KEY_PAIR) {
|
||||
if (attributes->type == PSA_KEY_TYPE_RSA_KEY_PAIR) {
|
||||
if (params->flags != 0) {
|
||||
return PSA_ERROR_INVALID_ARGUMENT;
|
||||
}
|
||||
@ -7418,17 +7418,17 @@ psa_status_t psa_generate_key_ext(const psa_key_attributes_t *attributes,
|
||||
* with storage ( MBEDTLS_PSA_CRYPTO_SE_C ) ),we have to allocate a
|
||||
* buffer to hold the generated key material. */
|
||||
if (slot->key.data == NULL) {
|
||||
if (PSA_KEY_LIFETIME_GET_LOCATION(attributes->core.lifetime) ==
|
||||
if (PSA_KEY_LIFETIME_GET_LOCATION(attributes->lifetime) ==
|
||||
PSA_KEY_LOCATION_LOCAL_STORAGE) {
|
||||
status = psa_validate_key_type_and_size_for_key_generation(
|
||||
attributes->core.type, attributes->core.bits);
|
||||
attributes->type, attributes->bits);
|
||||
if (status != PSA_SUCCESS) {
|
||||
goto exit;
|
||||
}
|
||||
|
||||
key_buffer_size = PSA_EXPORT_KEY_OUTPUT_SIZE(
|
||||
attributes->core.type,
|
||||
attributes->core.bits);
|
||||
attributes->type,
|
||||
attributes->bits);
|
||||
} else {
|
||||
status = psa_driver_wrapper_get_key_buffer_size(
|
||||
attributes, &key_buffer_size);
|
||||
|
||||
Reference in New Issue
Block a user