pk: deprecate mbedtls_pk_wrap_as_opaque()

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
This commit is contained in:
Valerio Setti 2024-02-27 10:48:49 +01:00
parent 7541ebea52
commit 4c6cea549c
2 changed files with 21 additions and 16 deletions

View file

@ -1213,12 +1213,17 @@ int mbedtls_pk_write_pubkey(unsigned char **p, unsigned char *start,
const mbedtls_pk_context *key); const mbedtls_pk_context *key);
#endif /* MBEDTLS_PK_WRITE_C */ #endif /* MBEDTLS_PK_WRITE_C */
#if defined(MBEDTLS_USE_PSA_CRYPTO) #if defined(MBEDTLS_USE_PSA_CRYPTO) && !defined(MBEDTLS_DEPRECATED_REMOVED)
/** /**
* \brief Turn an EC or RSA key into an opaque one. * \brief Turn an EC or RSA key into an opaque one.
* *
* \warning This is a temporary utility function for tests. It might * \warning This function is deprecated and will be removed in a
* change or be removed at any time without notice. * future version of the library.
* To wrap a key into an opaque one the following functions
* should be used instead:
* - mbedtls_pk_get_psa_attributes()
* - mbedtls_pk_import_into_psa()
* - mbedtls_pk_setup_opaque().
* *
* \param pk Input: the EC or RSA key to import to a PSA key. * \param pk Input: the EC or RSA key to import to a PSA key.
* Output: a PK context wrapping that PSA key. * Output: a PK context wrapping that PSA key.
@ -1233,12 +1238,12 @@ int mbedtls_pk_write_pubkey(unsigned char **p, unsigned char *start,
* \return \c 0 if successful. * \return \c 0 if successful.
* \return An Mbed TLS error code otherwise. * \return An Mbed TLS error code otherwise.
*/ */
int mbedtls_pk_wrap_as_opaque(mbedtls_pk_context *pk, MBEDTLS_DEPRECATED mbedtls_pk_wrap_as_opaque(mbedtls_pk_context *pk,
mbedtls_svc_key_id_t *key, mbedtls_svc_key_id_t *key,
psa_algorithm_t alg, psa_algorithm_t alg,
psa_key_usage_t usage, psa_key_usage_t usage,
psa_algorithm_t alg2); psa_algorithm_t alg2);
#endif /* MBEDTLS_USE_PSA_CRYPTO */ #endif /* MBEDTLS_USE_PSA_CRYPTO && !MBEDTLS_DEPRECATED_REMOVED */
#ifdef __cplusplus #ifdef __cplusplus
} }

View file

@ -1357,14 +1357,14 @@ mbedtls_pk_type_t mbedtls_pk_get_type(const mbedtls_pk_context *ctx)
return ctx->pk_info->type; return ctx->pk_info->type;
} }
#if defined(MBEDTLS_USE_PSA_CRYPTO) #if defined(MBEDTLS_USE_PSA_CRYPTO) && !defined(MBEDTLS_DEPRECATED_REMOVED)
/* /*
* Load the key to a PSA key slot, * Load the key to a PSA key slot,
* then turn the PK context into a wrapper for that key slot. * then turn the PK context into a wrapper for that key slot.
* *
* Currently only works for EC & RSA private keys. * Currently only works for EC & RSA private keys.
*/ */
int mbedtls_pk_wrap_as_opaque(mbedtls_pk_context *pk, MBEDTLS_DEPRECATED int mbedtls_pk_wrap_as_opaque(mbedtls_pk_context *pk,
mbedtls_svc_key_id_t *key, mbedtls_svc_key_id_t *key,
psa_algorithm_t alg, psa_algorithm_t alg,
psa_key_usage_t usage, psa_key_usage_t usage,
@ -1476,5 +1476,5 @@ int mbedtls_pk_wrap_as_opaque(mbedtls_pk_context *pk,
#endif /* !MBEDTLS_PK_HAVE_ECC_KEYS && !MBEDTLS_RSA_C */ #endif /* !MBEDTLS_PK_HAVE_ECC_KEYS && !MBEDTLS_RSA_C */
return MBEDTLS_ERR_PK_TYPE_MISMATCH; return MBEDTLS_ERR_PK_TYPE_MISMATCH;
} }
#endif /* MBEDTLS_USE_PSA_CRYPTO */ #endif /* MBEDTLS_USE_PSA_CRYPTO && !MBEDTLS_DEPRECATED_REMOVED */
#endif /* MBEDTLS_PK_C */ #endif /* MBEDTLS_PK_C */