From 52f9efad22a3c1dbeea5abd33479188ae2978e85 Mon Sep 17 00:00:00 2001
From: Janos Follath <janos.follath@arm.com>
Date: Thu, 27 May 2021 08:40:16 +0100
Subject: [PATCH] Revert "Rename psa_pake_set_password()"

This reverts commit 03a5fd7780026b2ca0b4728352ded930f5a7cff9.

We're already calling the output of a PAKE a "shared secret". The
password is a shared secret (for PAKE where the verifier knows a
password-equivalent secret), but calling it "shared secret" or even just
"secret" would be confusing.

Signed-off-by: Janos Follath <janos.follath@arm.com>
---
 include/psa/crypto_extra.h | 11 +++++------
 1 file changed, 5 insertions(+), 6 deletions(-)

diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h
index 43d37b912a..dcaf75568d 100644
--- a/include/psa/crypto_extra.h
+++ b/include/psa/crypto_extra.h
@@ -854,7 +854,7 @@ psa_status_t mbedtls_psa_platform_get_builtin_key(
  *      psa_pake_setup(operation, cipher_suite);
  *      psa_pake_set_user(operation, ...);
  *      psa_pake_set_peer(operation, ...);
- *      psa_pake_set_secret_from_key(operation, ...);
+ *      psa_pake_set_password_key(operation, ...);
  *
  * The password is read as a byte array and must be non-empty. This can be the
  * password itself (in some pre-defined character encoding) or some value
@@ -1345,15 +1345,14 @@ psa_status_t psa_pake_setup(psa_pake_operation_t *operation,
 /** Set the password for a password-authenticated key exchange from key ID.
  *
  * Call this function when the password, or a value derived from the password,
- * (for example a hash of the password or a key derived from the password) is
- * already present in the key store.
+ * is already present in the key store.
  *
  * \param[in,out] operation     The operation object to set the password for. It
  *                              must have been set up by psa_pake_setup() and
  *                              not yet in use (neither psa_pake_output() nor
  *                              psa_pake_input() has been called yet). It must
  *                              be on operation for which the password hasn't
- *                              been set yet (psa_pake_set_secret_from_key()
+ *                              been set yet (psa_pake_set_password_key()
  *                              hasn't been called yet).
  * \param password              Identifier of the key holding the password or a
  *                              value derived from the password (eg. by a
@@ -1380,8 +1379,8 @@ psa_status_t psa_pake_setup(psa_pake_operation_t *operation,
  *         It is implementation-dependent whether a failure to initialize
  *         results in this error code.
  */
-psa_status_t psa_pake_set_secret_from_key(psa_pake_operation_t *operation,
-                                          mbedtls_svc_key_id_t password);
+psa_status_t psa_pake_set_password_key(psa_pake_operation_t *operation,
+                                       mbedtls_svc_key_id_t password);
 
 /** Set the user ID for a password-authenticated key exchange.
  *