lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-08-01 10:06:53 +03:00
Code Activity

Rename generator functions to psa_key_derivation_xxx

Browse Source 
Generators are mostly about key derivation (currently: only about key
derivation). "Generator" is not a commonly used term in cryptography.
So favor "derivation" as terminology. Call a generator a key
derivation operation structure, since it behaves like other multipart
operation structures. Furthermore, the function names are not fully
consistent.

In this commit, I rename the functions to consistently have the prefix
"psa_key_derivation_". I used the following command:

    perl -i -pe '%t = (
        psa_crypto_generator_t => "psa_key_derivation_operation_t",
        psa_crypto_generator_init => "psa_key_derivation_init",
        psa_key_derivation_setup => "psa_key_derivation_setup",
        psa_key_derivation_input_key => "psa_key_derivation_input_key",
        psa_key_derivation_input_bytes => "psa_key_derivation_input_bytes",
        psa_key_agreement => "psa_key_derivation_key_agreement",
        psa_set_generator_capacity => "psa_key_derivation_set_capacity",
        psa_get_generator_capacity => "psa_key_derivation_get_capacity",
        psa_generator_read => "psa_key_derivation_output_bytes",
        psa_generate_derived_key => "psa_key_derivation_output_key",
        psa_generator_abort => "psa_key_derivation_abort",
        PSA_CRYPTO_GENERATOR_INIT => "PSA_KEY_DERIVATION_OPERATION_INIT",
        PSA_GENERATOR_UNBRIDLED_CAPACITY => "PSA_KEY_DERIVATION_UNLIMITED_CAPACITY",
        ); s/\b(@{[join("|", keys %t)]})\b/$t{$1}/ge' $(git ls-files)
This commit is contained in:
Gilles Peskine
2019-05-16 15:28:51 +02:00
parent d35249e66f
commit a99d3fbd05
9 changed files with 182 additions and 182 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
library/ssl_tls.c
View File

@ -526,7 +526,7 @@ static int tls_prf_generic( mbedtls_md_type_t md_type,
psa_algorithm_t alg;
psa_key_policy_t policy;
psa_key_handle_t master_slot;
psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
psa_key_derivation_operation_t generator = PSA_KEY_DERIVATION_OPERATION_INIT;
if( ( status = psa_allocate_key( &master_slot ) ) != PSA_SUCCESS )
return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
@ -556,20 +556,20 @@ static int tls_prf_generic( mbedtls_md_type_t md_type,
dlen );
if( status != PSA_SUCCESS )
{
psa_generator_abort( &generator );
psa_key_derivation_abort( &generator );
psa_destroy_key( master_slot );
return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
}
status = psa_generator_read( &generator, dstbuf, dlen );
status = psa_key_derivation_output_bytes( &generator, dstbuf, dlen );
if( status != PSA_SUCCESS )
{
psa_generator_abort( &generator );
psa_key_derivation_abort( &generator );
psa_destroy_key( master_slot );
return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
}
status = psa_generator_abort( &generator );
status = psa_key_derivation_abort( &generator );
if( status != PSA_SUCCESS )
{
psa_destroy_key( master_slot );
@ -892,7 +892,7 @@ int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl )
/* Perform PSK-to-MS expansion in a single step. */
psa_status_t status;
psa_algorithm_t alg;
psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
psa_key_derivation_operation_t generator = PSA_KEY_DERIVATION_OPERATION_INIT;
psa_key_handle_t psk;
MBEDTLS_SSL_DEBUG_MSG( 2, ( "perform PSA-based PSK-to-MS expansion" ) );
@ -913,19 +913,19 @@ int mbedtls_ssl_derive_keys( mbedtls_ssl_context *ssl )
master_secret_len );
if( status != PSA_SUCCESS )
{
psa_generator_abort( &generator );
psa_key_derivation_abort( &generator );
return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
}
status = psa_generator_read( &generator, session->master,
status = psa_key_derivation_output_bytes( &generator, session->master,
master_secret_len );
if( status != PSA_SUCCESS )
{
psa_generator_abort( &generator );
psa_key_derivation_abort( &generator );
return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
}
status = psa_generator_abort( &generator );
status = psa_key_derivation_abort( &generator );
if( status != PSA_SUCCESS )
return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
}