diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 29a0496bc..3e77dceb0 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -4066,19 +4066,19 @@ exit: #define HKDF_STATE_OUTPUT 3 /* output started */ static psa_algorithm_t psa_key_derivation_get_kdf_alg( - const psa_key_derivation_operation_t *generator ) + const psa_key_derivation_operation_t *operation ) { - if ( PSA_ALG_IS_KEY_AGREEMENT( generator->alg ) ) - return( PSA_ALG_KEY_AGREEMENT_GET_KDF( generator->alg ) ); + if ( PSA_ALG_IS_KEY_AGREEMENT( operation->alg ) ) + return( PSA_ALG_KEY_AGREEMENT_GET_KDF( operation->alg ) ); else - return( generator->alg ); + return( operation->alg ); } -psa_status_t psa_key_derivation_abort( psa_key_derivation_operation_t *generator ) +psa_status_t psa_key_derivation_abort( psa_key_derivation_operation_t *operation ) { psa_status_t status = PSA_SUCCESS; - psa_algorithm_t kdf_alg = psa_key_derivation_get_kdf_alg( generator ); + psa_algorithm_t kdf_alg = psa_key_derivation_get_kdf_alg( operation ); if( kdf_alg == 0 ) { /* The object has (apparently) been initialized but it is not @@ -4088,36 +4088,36 @@ psa_status_t psa_key_derivation_abort( psa_key_derivation_operation_t *generator else if( kdf_alg == PSA_ALG_SELECT_RAW ) { - if( generator->ctx.buffer.data != NULL ) + if( operation->ctx.buffer.data != NULL ) { - mbedtls_platform_zeroize( generator->ctx.buffer.data, - generator->ctx.buffer.size ); - mbedtls_free( generator->ctx.buffer.data ); + mbedtls_platform_zeroize( operation->ctx.buffer.data, + operation->ctx.buffer.size ); + mbedtls_free( operation->ctx.buffer.data ); } } else #if defined(MBEDTLS_MD_C) if( PSA_ALG_IS_HKDF( kdf_alg ) ) { - mbedtls_free( generator->ctx.hkdf.info ); - status = psa_hmac_abort_internal( &generator->ctx.hkdf.hmac ); + mbedtls_free( operation->ctx.hkdf.info ); + status = psa_hmac_abort_internal( &operation->ctx.hkdf.hmac ); } else if( PSA_ALG_IS_TLS12_PRF( kdf_alg ) || - /* TLS-1.2 PSK-to-MS KDF uses the same generator as TLS-1.2 PRF */ + /* TLS-1.2 PSK-to-MS KDF uses the same core as TLS-1.2 PRF */ PSA_ALG_IS_TLS12_PSK_TO_MS( kdf_alg ) ) { - if( generator->ctx.tls12_prf.key != NULL ) + if( operation->ctx.tls12_prf.key != NULL ) { - mbedtls_platform_zeroize( generator->ctx.tls12_prf.key, - generator->ctx.tls12_prf.key_len ); - mbedtls_free( generator->ctx.tls12_prf.key ); + mbedtls_platform_zeroize( operation->ctx.tls12_prf.key, + operation->ctx.tls12_prf.key_len ); + mbedtls_free( operation->ctx.tls12_prf.key ); } - if( generator->ctx.tls12_prf.Ai_with_seed != NULL ) + if( operation->ctx.tls12_prf.Ai_with_seed != NULL ) { - mbedtls_platform_zeroize( generator->ctx.tls12_prf.Ai_with_seed, - generator->ctx.tls12_prf.Ai_with_seed_len ); - mbedtls_free( generator->ctx.tls12_prf.Ai_with_seed ); + mbedtls_platform_zeroize( operation->ctx.tls12_prf.Ai_with_seed, + operation->ctx.tls12_prf.Ai_with_seed_len ); + mbedtls_free( operation->ctx.tls12_prf.Ai_with_seed ); } } else @@ -4125,36 +4125,36 @@ psa_status_t psa_key_derivation_abort( psa_key_derivation_operation_t *generator { status = PSA_ERROR_BAD_STATE; } - memset( generator, 0, sizeof( *generator ) ); + memset( operation, 0, sizeof( *operation ) ); return( status ); } -psa_status_t psa_key_derivation_get_capacity(const psa_key_derivation_operation_t *generator, +psa_status_t psa_key_derivation_get_capacity(const psa_key_derivation_operation_t *operation, size_t *capacity) { - if( generator->alg == 0 ) + if( operation->alg == 0 ) { - /* This is a blank generator. */ + /* This is a blank key derivation operation. */ return PSA_ERROR_BAD_STATE; } - *capacity = generator->capacity; + *capacity = operation->capacity; return( PSA_SUCCESS ); } -psa_status_t psa_key_derivation_set_capacity( psa_key_derivation_operation_t *generator, +psa_status_t psa_key_derivation_set_capacity( psa_key_derivation_operation_t *operation, size_t capacity ) { - if( generator->alg == 0 ) + if( operation->alg == 0 ) return( PSA_ERROR_BAD_STATE ); - if( capacity > generator->capacity ) + if( capacity > operation->capacity ) return( PSA_ERROR_INVALID_ARGUMENT ); - generator->capacity = capacity; + operation->capacity = capacity; return( PSA_SUCCESS ); } #if defined(MBEDTLS_MD_C) -/* Read some bytes from an HKDF-based generator. This performs a chunk +/* Read some bytes from an HKDF-based operation. This performs a chunk * of the expand phase of the HKDF algorithm. */ static psa_status_t psa_key_derivation_hkdf_read( psa_hkdf_key_derivation_t *hkdf, psa_algorithm_t hash_alg, @@ -4182,7 +4182,7 @@ static psa_status_t psa_key_derivation_hkdf_read( psa_hkdf_key_derivation_t *hkd break; /* We can't be wanting more output after block 0xff, otherwise * the capacity check in psa_key_derivation_output_bytes() would have - * prevented this call. It could happen only if the generator + * prevented this call. It could happen only if the operation * object was corrupted or if this function is called directly * inside the library. */ if( hkdf->block_number == 0xff ) @@ -4237,7 +4237,7 @@ static psa_status_t psa_key_derivation_tls12_prf_generate_next_block( /* We can't be wanting more output after block 0xff, otherwise * the capacity check in psa_key_derivation_output_bytes() would have - * prevented this call. It could happen only if the generator + * prevented this call. It could happen only if the operation * object was corrupted or if this function is called directly * inside the library. */ if( tls12_prf->block_number == 0xff ) @@ -4335,7 +4335,7 @@ cleanup: return( status ); } -/* Read some bytes from an TLS-1.2-PRF-based generator. +/* Read some bytes from an TLS-1.2-PRF-based operation. * See Section 5 of RFC 5246. */ static psa_status_t psa_key_derivation_tls12_prf_read( psa_tls12_prf_key_derivation_t *tls12_prf, @@ -4376,53 +4376,53 @@ static psa_status_t psa_key_derivation_tls12_prf_read( } #endif /* MBEDTLS_MD_C */ -psa_status_t psa_key_derivation_output_bytes( psa_key_derivation_operation_t *generator, +psa_status_t psa_key_derivation_output_bytes( psa_key_derivation_operation_t *operation, uint8_t *output, size_t output_length ) { psa_status_t status; - psa_algorithm_t kdf_alg = psa_key_derivation_get_kdf_alg( generator ); + psa_algorithm_t kdf_alg = psa_key_derivation_get_kdf_alg( operation ); - if( generator->alg == 0 ) + if( operation->alg == 0 ) { - /* This is a blank generator. */ + /* This is a blank operation. */ return PSA_ERROR_BAD_STATE; } - if( output_length > generator->capacity ) + if( output_length > operation->capacity ) { - generator->capacity = 0; + operation->capacity = 0; /* Go through the error path to wipe all confidential data now - * that the generator object is useless. */ + * that the operation object is useless. */ status = PSA_ERROR_INSUFFICIENT_DATA; goto exit; } - if( output_length == 0 && generator->capacity == 0 ) + if( output_length == 0 && operation->capacity == 0 ) { - /* Edge case: this is a finished generator, and 0 bytes + /* Edge case: this is a finished operation, and 0 bytes * were requested. The right error in this case could * be either INSUFFICIENT_CAPACITY or BAD_STATE. Return * INSUFFICIENT_CAPACITY, which is right for a finished - * generator, for consistency with the case when + * operation, for consistency with the case when * output_length > 0. */ return( PSA_ERROR_INSUFFICIENT_DATA ); } - generator->capacity -= output_length; + operation->capacity -= output_length; if( kdf_alg == PSA_ALG_SELECT_RAW ) { - /* Initially, the capacity of a selection generator is always - * the size of the buffer, i.e. `generator->ctx.buffer.size`, + /* Initially, the capacity of a selection operation is always + * the size of the buffer, i.e. `operation->ctx.buffer.size`, * abbreviated in this comment as `size`. When the remaining * capacity is `c`, the next bytes to serve start `c` bytes * from the end of the buffer, i.e. `size - c` from the - * beginning of the buffer. Since `generator->capacity` was just + * beginning of the buffer. Since `operation->capacity` was just * decremented above, we need to serve the bytes from - * `size - generator->capacity - output_length` to - * `size - generator->capacity`. */ + * `size - operation->capacity - output_length` to + * `size - operation->capacity`. */ size_t offset = - generator->ctx.buffer.size - generator->capacity - output_length; - memcpy( output, generator->ctx.buffer.data + offset, output_length ); + operation->ctx.buffer.size - operation->capacity - output_length; + memcpy( output, operation->ctx.buffer.data + offset, output_length ); status = PSA_SUCCESS; } else @@ -4430,13 +4430,13 @@ psa_status_t psa_key_derivation_output_bytes( psa_key_derivation_operation_t *ge if( PSA_ALG_IS_HKDF( kdf_alg ) ) { psa_algorithm_t hash_alg = PSA_ALG_HKDF_GET_HASH( kdf_alg ); - status = psa_key_derivation_hkdf_read( &generator->ctx.hkdf, hash_alg, + status = psa_key_derivation_hkdf_read( &operation->ctx.hkdf, hash_alg, output, output_length ); } else if( PSA_ALG_IS_TLS12_PRF( kdf_alg ) || PSA_ALG_IS_TLS12_PSK_TO_MS( kdf_alg ) ) { - status = psa_key_derivation_tls12_prf_read( &generator->ctx.tls12_prf, + status = psa_key_derivation_tls12_prf_read( &operation->ctx.tls12_prf, kdf_alg, output, output_length ); } @@ -4450,12 +4450,12 @@ exit: if( status != PSA_SUCCESS ) { /* Preserve the algorithm upon errors, but clear all sensitive state. - * This allows us to differentiate between exhausted generators and - * blank generators, so we can return PSA_ERROR_BAD_STATE on blank - * generators. */ - psa_algorithm_t alg = generator->alg; - psa_key_derivation_abort( generator ); - generator->alg = alg; + * This allows us to differentiate between exhausted operations and + * blank operations, so we can return PSA_ERROR_BAD_STATE on blank + * operations. */ + psa_algorithm_t alg = operation->alg; + psa_key_derivation_abort( operation ); + operation->alg = alg; memset( output, '!', output_length ); } return( status ); @@ -4476,7 +4476,7 @@ static void psa_des_set_key_parity( uint8_t *data, size_t data_size ) static psa_status_t psa_generate_derived_key_internal( psa_key_slot_t *slot, size_t bits, - psa_key_derivation_operation_t *generator ) + psa_key_derivation_operation_t *operation ) { uint8_t *data = NULL; size_t bytes = PSA_BITS_TO_BYTES( bits ); @@ -4490,7 +4490,7 @@ static psa_status_t psa_generate_derived_key_internal( if( data == NULL ) return( PSA_ERROR_INSUFFICIENT_MEMORY ); - status = psa_key_derivation_output_bytes( generator, data, bytes ); + status = psa_key_derivation_output_bytes( operation, data, bytes ); if( status != PSA_SUCCESS ) goto exit; #if defined(MBEDTLS_DES_C) @@ -4505,7 +4505,7 @@ exit: } psa_status_t psa_key_derivation_output_key( const psa_key_attributes_t *attributes, - psa_key_derivation_operation_t *generator, + psa_key_derivation_operation_t *operation, psa_key_handle_t *handle ) { psa_status_t status; @@ -4515,7 +4515,7 @@ psa_status_t psa_key_derivation_output_key( const psa_key_attributes_t *attribut { status = psa_generate_derived_key_internal( slot, attributes->bits, - generator ); + operation ); } if( status == PSA_SUCCESS ) status = psa_finish_key_creation( slot ); @@ -4530,7 +4530,7 @@ psa_status_t psa_key_derivation_output_key( const psa_key_attributes_t *attribut psa_status_t psa_generate_derived_key_to_handle( psa_key_handle_t handle, psa_key_type_t type, size_t bits, - psa_key_derivation_operation_t *generator ) + psa_key_derivation_operation_t *operation ) { uint8_t *data = NULL; size_t bytes = PSA_BITS_TO_BYTES( bits ); @@ -4544,7 +4544,7 @@ psa_status_t psa_generate_derived_key_to_handle( psa_key_handle_t handle, if( data == NULL ) return( PSA_ERROR_INSUFFICIENT_MEMORY ); - status = psa_key_derivation_output_bytes( generator, data, bytes ); + status = psa_key_derivation_output_bytes( operation, data, bytes ); if( status != PSA_SUCCESS ) goto exit; #if defined(MBEDTLS_DES_C) @@ -4565,7 +4565,7 @@ exit: /****************************************************************/ #if defined(MBEDTLS_MD_C) -/* Set up an HKDF-based generator. This is exactly the extract phase +/* Set up an HKDF-based operation. This is exactly the extract phase * of the HKDF algorithm. * * Note that if this function fails, you must call psa_key_derivation_abort() @@ -4611,7 +4611,7 @@ static psa_status_t psa_key_derivation_hkdf_setup( psa_hkdf_key_derivation_t *hk #endif /* MBEDTLS_MD_C */ #if defined(MBEDTLS_MD_C) -/* Set up a TLS-1.2-prf-based generator (see RFC 5246, Section 5). +/* Set up a TLS-1.2-prf-based operation (see RFC 5246, Section 5). * * Note that if this function fails, you must call psa_key_derivation_abort() * to potentially free embedded data structures and wipe confidential data. @@ -4668,7 +4668,7 @@ static psa_status_t psa_key_derivation_tls12_prf_setup( return( PSA_SUCCESS ); } -/* Set up a TLS-1.2-PSK-to-MS-based generator. */ +/* Set up a TLS-1.2-PSK-to-MS-based operation. */ static psa_status_t psa_key_derivation_tls12_psk_to_ms_setup( psa_tls12_prf_key_derivation_t *tls12_prf, const unsigned char *psk, @@ -4714,7 +4714,7 @@ static psa_status_t psa_key_derivation_tls12_psk_to_ms_setup( * to potentially free embedded data structures and wipe confidential data. */ static psa_status_t psa_key_derivation_internal( - psa_key_derivation_operation_t *generator, + psa_key_derivation_operation_t *operation, const uint8_t *secret, size_t secret_length, psa_algorithm_t alg, const uint8_t *salt, size_t salt_length, @@ -4724,8 +4724,8 @@ static psa_status_t psa_key_derivation_internal( psa_status_t status; size_t max_capacity; - /* Set generator->alg even on failure so that abort knows what to do. */ - generator->alg = alg; + /* Set operation->alg even on failure so that abort knows what to do. */ + operation->alg = alg; if( alg == PSA_ALG_SELECT_RAW ) { @@ -4735,11 +4735,11 @@ static psa_status_t psa_key_derivation_internal( (void) label; if( label_length != 0 ) return( PSA_ERROR_INVALID_ARGUMENT ); - generator->ctx.buffer.data = mbedtls_calloc( 1, secret_length ); - if( generator->ctx.buffer.data == NULL ) + operation->ctx.buffer.data = mbedtls_calloc( 1, secret_length ); + if( operation->ctx.buffer.data == NULL ) return( PSA_ERROR_INSUFFICIENT_MEMORY ); - memcpy( generator->ctx.buffer.data, secret, secret_length ); - generator->ctx.buffer.size = secret_length; + memcpy( operation->ctx.buffer.data, secret, secret_length ); + operation->ctx.buffer.size = secret_length; max_capacity = secret_length; status = PSA_SUCCESS; } @@ -4752,7 +4752,7 @@ static psa_status_t psa_key_derivation_internal( if( hash_size == 0 ) return( PSA_ERROR_NOT_SUPPORTED ); max_capacity = 255 * hash_size; - status = psa_key_derivation_hkdf_setup( &generator->ctx.hkdf, + status = psa_key_derivation_hkdf_setup( &operation->ctx.hkdf, secret, secret_length, hash_alg, salt, salt_length, @@ -4776,7 +4776,7 @@ static psa_status_t psa_key_derivation_internal( if( PSA_ALG_IS_TLS12_PRF( alg ) ) { - status = psa_key_derivation_tls12_prf_setup( &generator->ctx.tls12_prf, + status = psa_key_derivation_tls12_prf_setup( &operation->ctx.tls12_prf, secret, secret_length, hash_alg, salt, salt_length, label, label_length ); @@ -4784,7 +4784,7 @@ static psa_status_t psa_key_derivation_internal( else { status = psa_key_derivation_tls12_psk_to_ms_setup( - &generator->ctx.tls12_prf, + &operation->ctx.tls12_prf, secret, secret_length, hash_alg, salt, salt_length, label, label_length ); @@ -4800,16 +4800,16 @@ static psa_status_t psa_key_derivation_internal( return( status ); if( capacity <= max_capacity ) - generator->capacity = capacity; + operation->capacity = capacity; else if( capacity == PSA_KEY_DERIVATION_UNLIMITED_CAPACITY ) - generator->capacity = max_capacity; + operation->capacity = max_capacity; else return( PSA_ERROR_INVALID_ARGUMENT ); return( PSA_SUCCESS ); } -psa_status_t psa_key_derivation( psa_key_derivation_operation_t *generator, +psa_status_t psa_key_derivation( psa_key_derivation_operation_t *operation, psa_key_handle_t handle, psa_algorithm_t alg, const uint8_t *salt, @@ -4821,7 +4821,7 @@ psa_status_t psa_key_derivation( psa_key_derivation_operation_t *generator, psa_key_slot_t *slot; psa_status_t status; - if( generator->alg != 0 ) + if( operation->alg != 0 ) return( PSA_ERROR_BAD_STATE ); /* Make sure that alg is a key derivation algorithm. This prevents @@ -4837,7 +4837,7 @@ psa_status_t psa_key_derivation( psa_key_derivation_operation_t *generator, if( slot->type != PSA_KEY_TYPE_DERIVE ) return( PSA_ERROR_INVALID_ARGUMENT ); - status = psa_key_derivation_internal( generator, + status = psa_key_derivation_internal( operation, slot->data.raw.data, slot->data.raw.bytes, alg, @@ -4845,12 +4845,12 @@ psa_status_t psa_key_derivation( psa_key_derivation_operation_t *generator, label, label_length, capacity ); if( status != PSA_SUCCESS ) - psa_key_derivation_abort( generator ); + psa_key_derivation_abort( operation ); return( status ); } static psa_status_t psa_key_derivation_setup_kdf( - psa_key_derivation_operation_t *generator, + psa_key_derivation_operation_t *operation, psa_algorithm_t kdf_alg ) { /* Make sure that kdf_alg is a supported key derivation algorithm. */ @@ -4869,7 +4869,7 @@ static psa_status_t psa_key_derivation_setup_kdf( { return( PSA_ERROR_NOT_SUPPORTED ); } - generator->capacity = 255 * hash_size; + operation->capacity = 255 * hash_size; return( PSA_SUCCESS ); } #endif /* MBEDTLS_MD_C */ @@ -4877,12 +4877,12 @@ static psa_status_t psa_key_derivation_setup_kdf( return( PSA_ERROR_NOT_SUPPORTED ); } -psa_status_t psa_key_derivation_setup( psa_key_derivation_operation_t *generator, +psa_status_t psa_key_derivation_setup( psa_key_derivation_operation_t *operation, psa_algorithm_t alg ) { psa_status_t status; - if( generator->alg != 0 ) + if( operation->alg != 0 ) return( PSA_ERROR_BAD_STATE ); if( PSA_ALG_IS_RAW_KEY_AGREEMENT( alg ) ) @@ -4890,17 +4890,17 @@ psa_status_t psa_key_derivation_setup( psa_key_derivation_operation_t *generator else if( PSA_ALG_IS_KEY_AGREEMENT( alg ) ) { psa_algorithm_t kdf_alg = PSA_ALG_KEY_AGREEMENT_GET_KDF( alg ); - status = psa_key_derivation_setup_kdf( generator, kdf_alg ); + status = psa_key_derivation_setup_kdf( operation, kdf_alg ); } else if( PSA_ALG_IS_KEY_DERIVATION( alg ) ) { - status = psa_key_derivation_setup_kdf( generator, alg ); + status = psa_key_derivation_setup_kdf( operation, alg ); } else return( PSA_ERROR_INVALID_ARGUMENT ); if( status == PSA_SUCCESS ) - generator->alg = alg; + operation->alg = alg; return( status ); } @@ -4972,31 +4972,31 @@ static psa_status_t psa_hkdf_input( psa_hkdf_key_derivation_t *hkdf, #endif /* MBEDTLS_MD_C */ static psa_status_t psa_key_derivation_input_raw( - psa_key_derivation_operation_t *generator, + psa_key_derivation_operation_t *operation, psa_key_derivation_step_t step, const uint8_t *data, size_t data_length ) { psa_status_t status; - psa_algorithm_t kdf_alg = psa_key_derivation_get_kdf_alg( generator ); + psa_algorithm_t kdf_alg = psa_key_derivation_get_kdf_alg( operation ); if( kdf_alg == PSA_ALG_SELECT_RAW ) { - if( generator->capacity != 0 ) + if( operation->capacity != 0 ) return( PSA_ERROR_INVALID_ARGUMENT ); - generator->ctx.buffer.data = mbedtls_calloc( 1, data_length ); - if( generator->ctx.buffer.data == NULL ) + operation->ctx.buffer.data = mbedtls_calloc( 1, data_length ); + if( operation->ctx.buffer.data == NULL ) return( PSA_ERROR_INSUFFICIENT_MEMORY ); - memcpy( generator->ctx.buffer.data, data, data_length ); - generator->ctx.buffer.size = data_length; - generator->capacity = data_length; + memcpy( operation->ctx.buffer.data, data, data_length ); + operation->ctx.buffer.size = data_length; + operation->capacity = data_length; status = PSA_SUCCESS; } else #if defined(MBEDTLS_MD_C) if( PSA_ALG_IS_HKDF( kdf_alg ) ) { - status = psa_hkdf_input( &generator->ctx.hkdf, + status = psa_hkdf_input( &operation->ctx.hkdf, PSA_ALG_HKDF_GET_HASH( kdf_alg ), step, data, data_length ); } @@ -5013,16 +5013,16 @@ static psa_status_t psa_key_derivation_input_raw( else #endif /* MBEDTLS_MD_C */ { - /* This can't happen unless the generator object was not initialized */ + /* This can't happen unless the operation object was not initialized */ return( PSA_ERROR_BAD_STATE ); } if( status != PSA_SUCCESS ) - psa_key_derivation_abort( generator ); + psa_key_derivation_abort( operation ); return( status ); } -psa_status_t psa_key_derivation_input_bytes( psa_key_derivation_operation_t *generator, +psa_status_t psa_key_derivation_input_bytes( psa_key_derivation_operation_t *operation, psa_key_derivation_step_t step, const uint8_t *data, size_t data_length ) @@ -5032,14 +5032,14 @@ psa_status_t psa_key_derivation_input_bytes( psa_key_derivation_operation_t *gen case PSA_KEY_DERIVATION_INPUT_LABEL: case PSA_KEY_DERIVATION_INPUT_SALT: case PSA_KEY_DERIVATION_INPUT_INFO: - return( psa_key_derivation_input_raw( generator, step, + return( psa_key_derivation_input_raw( operation, step, data, data_length ) ); default: return( PSA_ERROR_INVALID_ARGUMENT ); } } -psa_status_t psa_key_derivation_input_key( psa_key_derivation_operation_t *generator, +psa_status_t psa_key_derivation_input_key( psa_key_derivation_operation_t *operation, psa_key_derivation_step_t step, psa_key_handle_t handle ) { @@ -5047,7 +5047,7 @@ psa_status_t psa_key_derivation_input_key( psa_key_derivation_operation_t *gener psa_status_t status; status = psa_get_key_from_slot( handle, &slot, PSA_KEY_USAGE_DERIVE, - generator->alg ); + operation->alg ); if( status != PSA_SUCCESS ) return( status ); if( slot->type != PSA_KEY_TYPE_DERIVE ) @@ -5060,7 +5060,7 @@ psa_status_t psa_key_derivation_input_key( psa_key_derivation_operation_t *gener * and leak values derived from the key. So be conservative. */ if( step != PSA_KEY_DERIVATION_INPUT_SECRET ) return( PSA_ERROR_INVALID_ARGUMENT ); - return( psa_key_derivation_input_raw( generator, + return( psa_key_derivation_input_raw( operation, step, slot->data.raw.data, slot->data.raw.bytes ) ); @@ -5151,7 +5151,7 @@ static psa_status_t psa_key_agreement_raw_internal( psa_algorithm_t alg, /* Note that if this function fails, you must call psa_key_derivation_abort() * to potentially free embedded data structures and wipe confidential data. */ -static psa_status_t psa_key_agreement_internal( psa_key_derivation_operation_t *generator, +static psa_status_t psa_key_agreement_internal( psa_key_derivation_operation_t *operation, psa_key_derivation_step_t step, psa_key_slot_t *private_key, const uint8_t *peer_key, @@ -5160,7 +5160,7 @@ static psa_status_t psa_key_agreement_internal( psa_key_derivation_operation_t * psa_status_t status; uint8_t shared_secret[PSA_KEY_AGREEMENT_MAX_SHARED_SECRET_SIZE]; size_t shared_secret_length = 0; - psa_algorithm_t ka_alg = PSA_ALG_KEY_AGREEMENT_GET_BASE( generator->alg ); + psa_algorithm_t ka_alg = PSA_ALG_KEY_AGREEMENT_GET_BASE( operation->alg ); /* Step 1: run the secret agreement algorithm to generate the shared * secret. */ @@ -5175,7 +5175,7 @@ static psa_status_t psa_key_agreement_internal( psa_key_derivation_operation_t * /* Step 2: set up the key derivation to generate key material from * the shared secret. */ - status = psa_key_derivation_input_raw( generator, step, + status = psa_key_derivation_input_raw( operation, step, shared_secret, shared_secret_length ); exit: @@ -5183,7 +5183,7 @@ exit: return( status ); } -psa_status_t psa_key_derivation_key_agreement( psa_key_derivation_operation_t *generator, +psa_status_t psa_key_derivation_key_agreement( psa_key_derivation_operation_t *operation, psa_key_derivation_step_t step, psa_key_handle_t private_key, const uint8_t *peer_key, @@ -5191,17 +5191,17 @@ psa_status_t psa_key_derivation_key_agreement( psa_key_derivation_operation_t *g { psa_key_slot_t *slot; psa_status_t status; - if( ! PSA_ALG_IS_KEY_AGREEMENT( generator->alg ) ) + if( ! PSA_ALG_IS_KEY_AGREEMENT( operation->alg ) ) return( PSA_ERROR_INVALID_ARGUMENT ); status = psa_get_key_from_slot( private_key, &slot, - PSA_KEY_USAGE_DERIVE, generator->alg ); + PSA_KEY_USAGE_DERIVE, operation->alg ); if( status != PSA_SUCCESS ) return( status ); - status = psa_key_agreement_internal( generator, step, + status = psa_key_agreement_internal( operation, step, slot, peer_key, peer_key_length ); if( status != PSA_SUCCESS ) - psa_key_derivation_abort( generator ); + psa_key_derivation_abort( operation ); return( status ); } diff --git a/tests/suites/test_suite_psa_crypto.data b/tests/suites/test_suite_psa_crypto.data index d98470d3d..abc73aebe 100644 --- a/tests/suites/test_suite_psa_crypto.data +++ b/tests/suites/test_suite_psa_crypto.data @@ -1716,7 +1716,7 @@ PSA decrypt: RSA OAEP-SHA-256, input too large depends_on:MBEDTLS_PK_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_PKCS1_V21:MBEDTLS_SHA256_C asymmetric_decrypt_fail:PSA_KEY_TYPE_RSA_KEYPAIR:"3082025e02010002818100af057d396ee84fb75fdbb5c2b13c7fe5a654aa8aa2470b541ee1feb0b12d25c79711531249e1129628042dbbb6c120d1443524ef4c0e6e1d8956eeb2077af12349ddeee54483bc06c2c61948cd02b202e796aebd94d3a7cbf859c2c1819c324cb82b9cd34ede263a2abffe4733f077869e8660f7d6834da53d690ef7985f6bc3020301000102818100874bf0ffc2f2a71d14671ddd0171c954d7fdbf50281e4f6d99ea0e1ebcf82faa58e7b595ffb293d1abe17f110b37c48cc0f36c37e84d876621d327f64bbe08457d3ec4098ba2fa0a319fba411c2841ed7be83196a8cdf9daa5d00694bc335fc4c32217fe0488bce9cb7202e59468b1ead119000477db2ca797fac19eda3f58c1024100e2ab760841bb9d30a81d222de1eb7381d82214407f1b975cbbfe4e1a9467fd98adbd78f607836ca5be1928b9d160d97fd45c12d6b52e2c9871a174c66b488113024100c5ab27602159ae7d6f20c3c2ee851e46dc112e689e28d5fcbbf990a99ef8a90b8bb44fd36467e7fc1789ceb663abda338652c3c73f111774902e840565927091024100b6cdbd354f7df579a63b48b3643e353b84898777b48b15f94e0bfc0567a6ae5911d57ad6409cf7647bf96264e9bd87eb95e263b7110b9a1f9f94acced0fafa4d024071195eec37e8d257decfc672b07ae639f10cbb9b0c739d0c809968d644a94e3fd6ed9287077a14583f379058f76a8aecd43c62dc8c0f41766650d725275ac4a1024100bb32d133edc2e048d463388b7be9cb4be29f4b6250be603e70e3647501c97ddde20a4e71be95fd5e71784e25aca4baf25be5738aae59bbfe1c997781447a2b24":PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256):"0099ffde2fcc00c9cc01972ebfa7779b298dbbaf7f50707a7405296dd2783456fc792002f462e760500e02afa25a859ace8701cb5d3b0262116431c43af8eb08f5a88301057cf1c156a2a5193c143e7a5b03fac132b7e89e6dcd8f4c82c9b28452329c260d30bc39b3816b7c46b41b37b4850d2ae74e729f99c6621fbbe2e46872":"":129:PSA_ERROR_INVALID_ARGUMENT -Crypto generator initializers zero properly +Crypto derivation operation object initializers zero properly key_derivation_init: PSA key derivation: HKDF-SHA-256, good case @@ -1755,11 +1755,11 @@ PSA key derivation: unsupported key derivation algorithm depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C derive_setup:PSA_KEY_TYPE_DERIVE:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_ALG_CATEGORY_KEY_DERIVATION:"":"":42:PSA_ERROR_NOT_SUPPORTED -PSA key derivation: invalid generator state ( double generate + read past capacity ) +PSA key derivation: invalid state (double generate + read past capacity) depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C test_derive_invalid_key_derivation_state: -PSA key derivation: invalid generator state ( call read/get_capacity after init and abort ) +PSA key derivation: invalid state (call read/get_capacity after init and abort) depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C test_derive_invalid_key_derivation_tests: diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index 52c41e7eb..4c28b80a6 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -525,7 +525,7 @@ static int exercise_key_derivation_key( psa_key_handle_t handle, psa_key_usage_t usage, psa_algorithm_t alg ) { - psa_key_derivation_operation_t generator = PSA_KEY_DERIVATION_OPERATION_INIT; + psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; unsigned char label[16] = "This is a label."; size_t label_length = sizeof( label ); unsigned char seed[16] = "abcdefghijklmnop"; @@ -536,15 +536,15 @@ static int exercise_key_derivation_key( psa_key_handle_t handle, { if( PSA_ALG_IS_HKDF( alg ) ) { - PSA_ASSERT( psa_key_derivation_setup( &generator, alg ) ); - PSA_ASSERT( psa_key_derivation_input_bytes( &generator, + PSA_ASSERT( psa_key_derivation_setup( &operation, alg ) ); + PSA_ASSERT( psa_key_derivation_input_bytes( &operation, PSA_KEY_DERIVATION_INPUT_SALT, label, label_length ) ); - PSA_ASSERT( psa_key_derivation_input_key( &generator, + PSA_ASSERT( psa_key_derivation_input_key( &operation, PSA_KEY_DERIVATION_INPUT_SECRET, handle ) ); - PSA_ASSERT( psa_key_derivation_input_bytes( &generator, + PSA_ASSERT( psa_key_derivation_input_bytes( &operation, PSA_KEY_DERIVATION_INPUT_INFO, seed, seed_length ) ); @@ -552,16 +552,16 @@ static int exercise_key_derivation_key( psa_key_handle_t handle, else { // legacy - PSA_ASSERT( psa_key_derivation( &generator, + PSA_ASSERT( psa_key_derivation( &operation, handle, alg, label, label_length, seed, seed_length, sizeof( output ) ) ); } - PSA_ASSERT( psa_key_derivation_output_bytes( &generator, + PSA_ASSERT( psa_key_derivation_output_bytes( &operation, output, sizeof( output ) ) ); - PSA_ASSERT( psa_key_derivation_abort( &generator ) ); + PSA_ASSERT( psa_key_derivation_abort( &operation ) ); } return( 1 ); @@ -572,7 +572,7 @@ exit: /* We need two keys to exercise key agreement. Exercise the * private key against its own public key. */ -static psa_status_t key_agreement_with_self( psa_key_derivation_operation_t *generator, +static psa_status_t key_agreement_with_self( psa_key_derivation_operation_t *operation, psa_key_handle_t handle ) { psa_key_type_t private_key_type; @@ -596,7 +596,7 @@ static psa_status_t key_agreement_with_self( psa_key_derivation_operation_t *gen public_key, public_key_length, &public_key_length ) ); - status = psa_key_derivation_key_agreement( generator, PSA_KEY_DERIVATION_INPUT_SECRET, handle, + status = psa_key_derivation_key_agreement( operation, PSA_KEY_DERIVATION_INPUT_SECRET, handle, public_key, public_key_length ); exit: mbedtls_free( public_key ); @@ -664,7 +664,7 @@ static int exercise_key_agreement_key( psa_key_handle_t handle, psa_key_usage_t usage, psa_algorithm_t alg ) { - psa_key_derivation_operation_t generator = PSA_KEY_DERIVATION_OPERATION_INIT; + psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; unsigned char output[1]; int ok = 0; @@ -672,12 +672,12 @@ static int exercise_key_agreement_key( psa_key_handle_t handle, { /* We need two keys to exercise key agreement. Exercise the * private key against its own public key. */ - PSA_ASSERT( psa_key_derivation_setup( &generator, alg ) ); - PSA_ASSERT( key_agreement_with_self( &generator, handle ) ); - PSA_ASSERT( psa_key_derivation_output_bytes( &generator, + PSA_ASSERT( psa_key_derivation_setup( &operation, alg ) ); + PSA_ASSERT( key_agreement_with_self( &operation, handle ) ); + PSA_ASSERT( psa_key_derivation_output_bytes( &operation, output, sizeof( output ) ) ); - PSA_ASSERT( psa_key_derivation_abort( &generator ) ); + PSA_ASSERT( psa_key_derivation_abort( &operation ) ); } ok = 1; @@ -1844,7 +1844,7 @@ void derive_key_policy( int policy_usage, { psa_key_handle_t handle = 0; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - psa_key_derivation_operation_t generator = PSA_KEY_DERIVATION_OPERATION_INIT; + psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; psa_status_t status; PSA_ASSERT( psa_crypto_init( ) ); @@ -1856,7 +1856,7 @@ void derive_key_policy( int policy_usage, PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &handle ) ); - status = psa_key_derivation( &generator, handle, + status = psa_key_derivation( &operation, handle, exercise_alg, NULL, 0, NULL, 0, @@ -1868,7 +1868,7 @@ void derive_key_policy( int policy_usage, TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED ); exit: - psa_key_derivation_abort( &generator ); + psa_key_derivation_abort( &operation ); psa_destroy_key( handle ); mbedtls_psa_crypto_free( ); } @@ -1884,7 +1884,7 @@ void agreement_key_policy( int policy_usage, psa_key_handle_t handle = 0; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_type_t key_type = key_type_arg; - psa_key_derivation_operation_t generator = PSA_KEY_DERIVATION_OPERATION_INIT; + psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; psa_status_t status; PSA_ASSERT( psa_crypto_init( ) ); @@ -1896,8 +1896,8 @@ void agreement_key_policy( int policy_usage, PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &handle ) ); - PSA_ASSERT( psa_key_derivation_setup( &generator, exercise_alg ) ); - status = key_agreement_with_self( &generator, handle ); + PSA_ASSERT( psa_key_derivation_setup( &operation, exercise_alg ) ); + status = key_agreement_with_self( &operation, handle ); if( policy_alg == exercise_alg && ( policy_usage & PSA_KEY_USAGE_DERIVE ) != 0 ) @@ -1906,7 +1906,7 @@ void agreement_key_policy( int policy_usage, TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED ); exit: - psa_key_derivation_abort( &generator ); + psa_key_derivation_abort( &operation ); psa_destroy_key( handle ); mbedtls_psa_crypto_free( ); } @@ -1922,7 +1922,7 @@ void raw_agreement_key_policy( int policy_usage, psa_key_handle_t handle = 0; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_type_t key_type = key_type_arg; - psa_key_derivation_operation_t generator = PSA_KEY_DERIVATION_OPERATION_INIT; + psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; psa_status_t status; PSA_ASSERT( psa_crypto_init( ) ); @@ -1943,7 +1943,7 @@ void raw_agreement_key_policy( int policy_usage, TEST_EQUAL( status, PSA_ERROR_NOT_PERMITTED ); exit: - psa_key_derivation_abort( &generator ); + psa_key_derivation_abort( &operation ); psa_destroy_key( handle ); mbedtls_psa_crypto_free( ); } @@ -4009,7 +4009,7 @@ void key_derivation_init( ) memset( &zero, 0, sizeof( zero ) ); - /* A default generator should not be able to report its capacity. */ + /* A default operation should not be able to report its capacity. */ TEST_EQUAL( psa_key_derivation_get_capacity( &func, &capacity ), PSA_ERROR_BAD_STATE ); TEST_EQUAL( psa_key_derivation_get_capacity( &init, &capacity ), @@ -4017,7 +4017,7 @@ void key_derivation_init( ) TEST_EQUAL( psa_key_derivation_get_capacity( &zero, &capacity ), PSA_ERROR_BAD_STATE ); - /* A default generator should be abortable without error. */ + /* A default operation should be abortable without error. */ PSA_ASSERT( psa_key_derivation_abort(&func) ); PSA_ASSERT( psa_key_derivation_abort(&init) ); PSA_ASSERT( psa_key_derivation_abort(&zero) ); @@ -4038,7 +4038,7 @@ void derive_setup( int key_type_arg, psa_algorithm_t alg = alg_arg; size_t requested_capacity = requested_capacity_arg; psa_status_t expected_status = expected_status_arg; - psa_key_derivation_operation_t generator = PSA_KEY_DERIVATION_OPERATION_INIT; + psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; PSA_ASSERT( psa_crypto_init( ) ); @@ -4050,14 +4050,14 @@ void derive_setup( int key_type_arg, PSA_ASSERT( psa_import_key( &attributes, key_data->x, key_data->len, &handle ) ); - TEST_EQUAL( psa_key_derivation( &generator, handle, alg, + TEST_EQUAL( psa_key_derivation( &operation, handle, alg, salt->x, salt->len, label->x, label->len, requested_capacity ), expected_status ); exit: - psa_key_derivation_abort( &generator ); + psa_key_derivation_abort( &operation ); psa_destroy_key( handle ); mbedtls_psa_crypto_free( ); } @@ -4068,7 +4068,7 @@ void test_derive_invalid_key_derivation_state( ) { psa_key_handle_t handle = 0; size_t key_type = PSA_KEY_TYPE_DERIVE; - psa_key_derivation_operation_t generator = PSA_KEY_DERIVATION_OPERATION_INIT; + psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; psa_algorithm_t alg = PSA_ALG_HKDF( PSA_ALG_SHA_256 ); uint8_t buffer[42]; size_t capacity = sizeof( buffer ); @@ -4088,25 +4088,25 @@ void test_derive_invalid_key_derivation_state( ) &handle ) ); /* valid key derivation */ - PSA_ASSERT( psa_key_derivation( &generator, handle, alg, + PSA_ASSERT( psa_key_derivation( &operation, handle, alg, NULL, 0, NULL, 0, capacity ) ); - /* state of generator shouldn't allow additional generation */ - TEST_EQUAL( psa_key_derivation( &generator, handle, alg, + /* state of operation shouldn't allow additional generation */ + TEST_EQUAL( psa_key_derivation( &operation, handle, alg, NULL, 0, NULL, 0, capacity ), PSA_ERROR_BAD_STATE ); - PSA_ASSERT( psa_key_derivation_output_bytes( &generator, buffer, capacity ) ); + PSA_ASSERT( psa_key_derivation_output_bytes( &operation, buffer, capacity ) ); - TEST_EQUAL( psa_key_derivation_output_bytes( &generator, buffer, capacity ), + TEST_EQUAL( psa_key_derivation_output_bytes( &operation, buffer, capacity ), PSA_ERROR_INSUFFICIENT_DATA ); exit: - psa_key_derivation_abort( &generator ); + psa_key_derivation_abort( &operation ); psa_destroy_key( handle ); mbedtls_psa_crypto_free( ); } @@ -4118,24 +4118,24 @@ void test_derive_invalid_key_derivation_tests( ) uint8_t output_buffer[16]; size_t buffer_size = 16; size_t capacity = 0; - psa_key_derivation_operation_t generator = PSA_KEY_DERIVATION_OPERATION_INIT; + psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; - TEST_ASSERT( psa_key_derivation_output_bytes( &generator, output_buffer, buffer_size ) + TEST_ASSERT( psa_key_derivation_output_bytes( &operation, output_buffer, buffer_size ) == PSA_ERROR_BAD_STATE ); - TEST_ASSERT( psa_key_derivation_get_capacity( &generator, &capacity ) + TEST_ASSERT( psa_key_derivation_get_capacity( &operation, &capacity ) == PSA_ERROR_BAD_STATE ); - PSA_ASSERT( psa_key_derivation_abort( &generator ) ); + PSA_ASSERT( psa_key_derivation_abort( &operation ) ); - TEST_ASSERT( psa_key_derivation_output_bytes( &generator, output_buffer, buffer_size ) + TEST_ASSERT( psa_key_derivation_output_bytes( &operation, output_buffer, buffer_size ) == PSA_ERROR_BAD_STATE ); - TEST_ASSERT( psa_key_derivation_get_capacity( &generator, &capacity ) + TEST_ASSERT( psa_key_derivation_get_capacity( &operation, &capacity ) == PSA_ERROR_BAD_STATE ); exit: - psa_key_derivation_abort( &generator ); + psa_key_derivation_abort( &operation ); } /* END_CASE */ @@ -4151,7 +4151,7 @@ void derive_output( int alg_arg, psa_key_handle_t handle = 0; psa_algorithm_t alg = alg_arg; size_t requested_capacity = requested_capacity_arg; - psa_key_derivation_operation_t generator = PSA_KEY_DERIVATION_OPERATION_INIT; + psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; uint8_t *expected_outputs[2] = {expected_output1->x, expected_output2->x}; size_t output_sizes[2] = @@ -4184,28 +4184,28 @@ void derive_output( int alg_arg, /* Extraction phase. */ if( PSA_ALG_IS_HKDF( alg ) ) { - PSA_ASSERT( psa_key_derivation_setup( &generator, alg ) ); - PSA_ASSERT( psa_key_derivation_set_capacity( &generator, + PSA_ASSERT( psa_key_derivation_setup( &operation, alg ) ); + PSA_ASSERT( psa_key_derivation_set_capacity( &operation, requested_capacity ) ); - PSA_ASSERT( psa_key_derivation_input_bytes( &generator, + PSA_ASSERT( psa_key_derivation_input_bytes( &operation, PSA_KEY_DERIVATION_INPUT_SALT, salt->x, salt->len ) ); - PSA_ASSERT( psa_key_derivation_input_key( &generator, + PSA_ASSERT( psa_key_derivation_input_key( &operation, PSA_KEY_DERIVATION_INPUT_SECRET, handle ) ); - PSA_ASSERT( psa_key_derivation_input_bytes( &generator, + PSA_ASSERT( psa_key_derivation_input_bytes( &operation, PSA_KEY_DERIVATION_INPUT_INFO, label->x, label->len ) ); } else { // legacy - PSA_ASSERT( psa_key_derivation( &generator, handle, alg, + PSA_ASSERT( psa_key_derivation( &operation, handle, alg, salt->x, salt->len, label->x, label->len, requested_capacity ) ); } - PSA_ASSERT( psa_key_derivation_get_capacity( &generator, + PSA_ASSERT( psa_key_derivation_get_capacity( &operation, ¤t_capacity ) ); TEST_EQUAL( current_capacity, requested_capacity ); expected_capacity = requested_capacity; @@ -4214,7 +4214,7 @@ void derive_output( int alg_arg, for( i = 0; i < ARRAY_LENGTH( expected_outputs ); i++ ) { /* Read some bytes. */ - status = psa_key_derivation_output_bytes( &generator, + status = psa_key_derivation_output_bytes( &operation, output_buffer, output_sizes[i] ); if( expected_capacity == 0 && output_sizes[i] == 0 ) { @@ -4236,17 +4236,17 @@ void derive_output( int alg_arg, if( output_sizes[i] != 0 ) ASSERT_COMPARE( output_buffer, output_sizes[i], expected_outputs[i], output_sizes[i] ); - /* Check the generator status. */ + /* Check the operation status. */ expected_capacity -= output_sizes[i]; - PSA_ASSERT( psa_key_derivation_get_capacity( &generator, + PSA_ASSERT( psa_key_derivation_get_capacity( &operation, ¤t_capacity ) ); TEST_EQUAL( expected_capacity, current_capacity ); } - PSA_ASSERT( psa_key_derivation_abort( &generator ) ); + PSA_ASSERT( psa_key_derivation_abort( &operation ) ); exit: mbedtls_free( output_buffer ); - psa_key_derivation_abort( &generator ); + psa_key_derivation_abort( &operation ); psa_destroy_key( handle ); mbedtls_psa_crypto_free( ); } @@ -4262,7 +4262,7 @@ void derive_full( int alg_arg, psa_key_handle_t handle = 0; psa_algorithm_t alg = alg_arg; size_t requested_capacity = requested_capacity_arg; - psa_key_derivation_operation_t generator = PSA_KEY_DERIVATION_OPERATION_INIT; + psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; unsigned char output_buffer[16]; size_t expected_capacity = requested_capacity; size_t current_capacity; @@ -4280,28 +4280,28 @@ void derive_full( int alg_arg, /* Extraction phase. */ if( PSA_ALG_IS_HKDF( alg ) ) { - PSA_ASSERT( psa_key_derivation_setup( &generator, alg ) ); - PSA_ASSERT( psa_key_derivation_set_capacity( &generator, + PSA_ASSERT( psa_key_derivation_setup( &operation, alg ) ); + PSA_ASSERT( psa_key_derivation_set_capacity( &operation, requested_capacity ) ); - PSA_ASSERT( psa_key_derivation_input_bytes( &generator, + PSA_ASSERT( psa_key_derivation_input_bytes( &operation, PSA_KEY_DERIVATION_INPUT_SALT, salt->x, salt->len ) ); - PSA_ASSERT( psa_key_derivation_input_key( &generator, + PSA_ASSERT( psa_key_derivation_input_key( &operation, PSA_KEY_DERIVATION_INPUT_SECRET, handle ) ); - PSA_ASSERT( psa_key_derivation_input_bytes( &generator, + PSA_ASSERT( psa_key_derivation_input_bytes( &operation, PSA_KEY_DERIVATION_INPUT_INFO, label->x, label->len ) ); } else { // legacy - PSA_ASSERT( psa_key_derivation( &generator, handle, alg, + PSA_ASSERT( psa_key_derivation( &operation, handle, alg, salt->x, salt->len, label->x, label->len, requested_capacity ) ); } - PSA_ASSERT( psa_key_derivation_get_capacity( &generator, + PSA_ASSERT( psa_key_derivation_get_capacity( &operation, ¤t_capacity ) ); TEST_EQUAL( current_capacity, expected_capacity ); @@ -4311,23 +4311,23 @@ void derive_full( int alg_arg, size_t read_size = sizeof( output_buffer ); if( read_size > current_capacity ) read_size = current_capacity; - PSA_ASSERT( psa_key_derivation_output_bytes( &generator, + PSA_ASSERT( psa_key_derivation_output_bytes( &operation, output_buffer, read_size ) ); expected_capacity -= read_size; - PSA_ASSERT( psa_key_derivation_get_capacity( &generator, + PSA_ASSERT( psa_key_derivation_get_capacity( &operation, ¤t_capacity ) ); TEST_EQUAL( current_capacity, expected_capacity ); } - /* Check that the generator refuses to go over capacity. */ - TEST_EQUAL( psa_key_derivation_output_bytes( &generator, output_buffer, 1 ), + /* Check that the operation refuses to go over capacity. */ + TEST_EQUAL( psa_key_derivation_output_bytes( &operation, output_buffer, 1 ), PSA_ERROR_INSUFFICIENT_DATA ); - PSA_ASSERT( psa_key_derivation_abort( &generator ) ); + PSA_ASSERT( psa_key_derivation_abort( &operation ) ); exit: - psa_key_derivation_abort( &generator ); + psa_key_derivation_abort( &operation ); psa_destroy_key( handle ); mbedtls_psa_crypto_free( ); } @@ -4351,7 +4351,7 @@ void derive_key_exercise( int alg_arg, psa_key_usage_t derived_usage = derived_usage_arg; psa_algorithm_t derived_alg = derived_alg_arg; size_t capacity = PSA_BITS_TO_BYTES( derived_bits ); - psa_key_derivation_operation_t generator = PSA_KEY_DERIVATION_OPERATION_INIT; + psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_attributes_t got_attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -4364,7 +4364,7 @@ void derive_key_exercise( int alg_arg, &base_handle ) ); /* Derive a key. */ - PSA_ASSERT( psa_key_derivation( &generator, base_handle, alg, + PSA_ASSERT( psa_key_derivation( &operation, base_handle, alg, salt->x, salt->len, label->x, label->len, capacity ) ); @@ -4372,7 +4372,7 @@ void derive_key_exercise( int alg_arg, psa_set_key_algorithm( &attributes, derived_alg ); psa_set_key_type( &attributes, derived_type ); psa_set_key_bits( &attributes, derived_bits ); - PSA_ASSERT( psa_key_derivation_output_key( &attributes, &generator, + PSA_ASSERT( psa_key_derivation_output_key( &attributes, &operation, &derived_handle ) ); /* Test the key information */ @@ -4385,7 +4385,7 @@ void derive_key_exercise( int alg_arg, goto exit; exit: - psa_key_derivation_abort( &generator ); + psa_key_derivation_abort( &operation ); psa_reset_key_attributes( &got_attributes ); psa_destroy_key( base_handle ); psa_destroy_key( derived_handle ); @@ -4407,7 +4407,7 @@ void derive_key_export( int alg_arg, size_t bytes1 = bytes1_arg; size_t bytes2 = bytes2_arg; size_t capacity = bytes1 + bytes2; - psa_key_derivation_operation_t generator = PSA_KEY_DERIVATION_OPERATION_INIT; + psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; uint8_t *output_buffer = NULL; uint8_t *export_buffer = NULL; psa_key_attributes_t base_attributes = PSA_KEY_ATTRIBUTES_INIT; @@ -4425,17 +4425,17 @@ void derive_key_export( int alg_arg, &base_handle ) ); /* Derive some material and output it. */ - PSA_ASSERT( psa_key_derivation( &generator, base_handle, alg, + PSA_ASSERT( psa_key_derivation( &operation, base_handle, alg, salt->x, salt->len, label->x, label->len, capacity ) ); - PSA_ASSERT( psa_key_derivation_output_bytes( &generator, + PSA_ASSERT( psa_key_derivation_output_bytes( &operation, output_buffer, capacity ) ); - PSA_ASSERT( psa_key_derivation_abort( &generator ) ); + PSA_ASSERT( psa_key_derivation_abort( &operation ) ); /* Derive the same output again, but this time store it in key objects. */ - PSA_ASSERT( psa_key_derivation( &generator, base_handle, alg, + PSA_ASSERT( psa_key_derivation( &operation, base_handle, alg, salt->x, salt->len, label->x, label->len, capacity ) ); @@ -4443,7 +4443,7 @@ void derive_key_export( int alg_arg, psa_set_key_algorithm( &derived_attributes, 0 ); psa_set_key_type( &derived_attributes, PSA_KEY_TYPE_RAW_DATA ); psa_set_key_bits( &derived_attributes, PSA_BYTES_TO_BITS( bytes1 ) ); - PSA_ASSERT( psa_key_derivation_output_key( &derived_attributes, &generator, + PSA_ASSERT( psa_key_derivation_output_key( &derived_attributes, &operation, &derived_handle ) ); PSA_ASSERT( psa_export_key( derived_handle, export_buffer, bytes1, @@ -4451,7 +4451,7 @@ void derive_key_export( int alg_arg, TEST_EQUAL( length, bytes1 ); PSA_ASSERT( psa_destroy_key( derived_handle ) ); psa_set_key_bits( &derived_attributes, PSA_BYTES_TO_BITS( bytes2 ) ); - PSA_ASSERT( psa_key_derivation_output_key( &derived_attributes, &generator, + PSA_ASSERT( psa_key_derivation_output_key( &derived_attributes, &operation, &derived_handle ) ); PSA_ASSERT( psa_export_key( derived_handle, export_buffer + bytes1, bytes2, @@ -4465,7 +4465,7 @@ void derive_key_export( int alg_arg, exit: mbedtls_free( output_buffer ); mbedtls_free( export_buffer ); - psa_key_derivation_abort( &generator ); + psa_key_derivation_abort( &operation ); psa_destroy_key( base_handle ); psa_destroy_key( derived_handle ); mbedtls_psa_crypto_free( ); @@ -4481,7 +4481,7 @@ void key_agreement_setup( int alg_arg, psa_key_handle_t our_key = 0; psa_algorithm_t alg = alg_arg; psa_key_type_t our_key_type = our_key_type_arg; - psa_key_derivation_operation_t generator = PSA_KEY_DERIVATION_OPERATION_INIT; + psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_status_t expected_status = expected_status_arg; psa_status_t status; @@ -4499,10 +4499,10 @@ void key_agreement_setup( int alg_arg, * Test cases that fail at the setup step should be changed to call * key_derivation_setup instead, and this function should be renamed * to key_agreement_fail. */ - status = psa_key_derivation_setup( &generator, alg ); + status = psa_key_derivation_setup( &operation, alg ); if( status == PSA_SUCCESS ) { - TEST_EQUAL( psa_key_derivation_key_agreement( &generator, PSA_KEY_DERIVATION_INPUT_SECRET, + TEST_EQUAL( psa_key_derivation_key_agreement( &operation, PSA_KEY_DERIVATION_INPUT_SECRET, our_key, peer_key_data->x, peer_key_data->len ), expected_status ); @@ -4513,7 +4513,7 @@ void key_agreement_setup( int alg_arg, } exit: - psa_key_derivation_abort( &generator ); + psa_key_derivation_abort( &operation ); psa_destroy_key( our_key ); mbedtls_psa_crypto_free( ); } @@ -4565,7 +4565,7 @@ void key_agreement_capacity( int alg_arg, psa_key_handle_t our_key = 0; psa_algorithm_t alg = alg_arg; psa_key_type_t our_key_type = our_key_type_arg; - psa_key_derivation_operation_t generator = PSA_KEY_DERIVATION_OPERATION_INIT; + psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; size_t actual_capacity; unsigned char output[16]; @@ -4579,37 +4579,37 @@ void key_agreement_capacity( int alg_arg, our_key_data->x, our_key_data->len, &our_key ) ); - PSA_ASSERT( psa_key_derivation_setup( &generator, alg ) ); - PSA_ASSERT( psa_key_derivation_key_agreement( &generator, PSA_KEY_DERIVATION_INPUT_SECRET, + PSA_ASSERT( psa_key_derivation_setup( &operation, alg ) ); + PSA_ASSERT( psa_key_derivation_key_agreement( &operation, PSA_KEY_DERIVATION_INPUT_SECRET, our_key, peer_key_data->x, peer_key_data->len ) ); if( PSA_ALG_IS_HKDF( PSA_ALG_KEY_AGREEMENT_GET_KDF( alg ) ) ) { /* The test data is for info="" */ - PSA_ASSERT( psa_key_derivation_input_bytes( &generator, + PSA_ASSERT( psa_key_derivation_input_bytes( &operation, PSA_KEY_DERIVATION_INPUT_INFO, NULL, 0 ) ); } /* Test the advertized capacity. */ PSA_ASSERT( psa_key_derivation_get_capacity( - &generator, &actual_capacity ) ); + &operation, &actual_capacity ) ); TEST_EQUAL( actual_capacity, (size_t) expected_capacity_arg ); /* Test the actual capacity by reading the output. */ while( actual_capacity > sizeof( output ) ) { - PSA_ASSERT( psa_key_derivation_output_bytes( &generator, + PSA_ASSERT( psa_key_derivation_output_bytes( &operation, output, sizeof( output ) ) ); actual_capacity -= sizeof( output ); } - PSA_ASSERT( psa_key_derivation_output_bytes( &generator, + PSA_ASSERT( psa_key_derivation_output_bytes( &operation, output, actual_capacity ) ); - TEST_EQUAL( psa_key_derivation_output_bytes( &generator, output, 1 ), + TEST_EQUAL( psa_key_derivation_output_bytes( &operation, output, 1 ), PSA_ERROR_INSUFFICIENT_DATA ); exit: - psa_key_derivation_abort( &generator ); + psa_key_derivation_abort( &operation ); psa_destroy_key( our_key ); mbedtls_psa_crypto_free( ); } @@ -4624,7 +4624,7 @@ void key_agreement_output( int alg_arg, psa_key_handle_t our_key = 0; psa_algorithm_t alg = alg_arg; psa_key_type_t our_key_type = our_key_type_arg; - psa_key_derivation_operation_t generator = PSA_KEY_DERIVATION_OPERATION_INIT; + psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; uint8_t *actual_output = NULL; @@ -4640,26 +4640,26 @@ void key_agreement_output( int alg_arg, our_key_data->x, our_key_data->len, &our_key ) ); - PSA_ASSERT( psa_key_derivation_setup( &generator, alg ) ); - PSA_ASSERT( psa_key_derivation_key_agreement( &generator, PSA_KEY_DERIVATION_INPUT_SECRET, + PSA_ASSERT( psa_key_derivation_setup( &operation, alg ) ); + PSA_ASSERT( psa_key_derivation_key_agreement( &operation, PSA_KEY_DERIVATION_INPUT_SECRET, our_key, peer_key_data->x, peer_key_data->len ) ); if( PSA_ALG_IS_HKDF( PSA_ALG_KEY_AGREEMENT_GET_KDF( alg ) ) ) { /* The test data is for info="" */ - PSA_ASSERT( psa_key_derivation_input_bytes( &generator, + PSA_ASSERT( psa_key_derivation_input_bytes( &operation, PSA_KEY_DERIVATION_INPUT_INFO, NULL, 0 ) ); } - PSA_ASSERT( psa_key_derivation_output_bytes( &generator, + PSA_ASSERT( psa_key_derivation_output_bytes( &operation, actual_output, expected_output1->len ) ); ASSERT_COMPARE( actual_output, expected_output1->len, expected_output1->x, expected_output1->len ); if( expected_output2->len != 0 ) { - PSA_ASSERT( psa_key_derivation_output_bytes( &generator, + PSA_ASSERT( psa_key_derivation_output_bytes( &operation, actual_output, expected_output2->len ) ); ASSERT_COMPARE( actual_output, expected_output2->len, @@ -4667,7 +4667,7 @@ void key_agreement_output( int alg_arg, } exit: - psa_key_derivation_abort( &generator ); + psa_key_derivation_abort( &operation ); psa_destroy_key( our_key ); mbedtls_psa_crypto_free( ); mbedtls_free( actual_output ); @@ -4886,7 +4886,7 @@ void persistent_key_load_key_from_storage( data_t *data, size_t bits = bits_arg; psa_key_usage_t usage_flags = usage_flags_arg; psa_algorithm_t alg = alg_arg; - psa_key_derivation_operation_t generator = PSA_KEY_DERIVATION_OPERATION_INIT; + psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; unsigned char *first_export = NULL; unsigned char *second_export = NULL; size_t export_size = PSA_KEY_EXPORT_MAX_SIZE( type, bits ); @@ -4933,16 +4933,16 @@ void persistent_key_load_key_from_storage( data_t *data, data->x, data->len, &base_key ) ); /* Derive a key. */ - PSA_ASSERT( psa_key_derivation_setup( &generator, derive_alg ) ); - PSA_ASSERT( psa_key_derivation_input_key( &generator, + PSA_ASSERT( psa_key_derivation_setup( &operation, derive_alg ) ); + PSA_ASSERT( psa_key_derivation_input_key( &operation, PSA_KEY_DERIVATION_INPUT_SECRET, base_key ) ); PSA_ASSERT( psa_key_derivation_input_bytes( - &generator, PSA_KEY_DERIVATION_INPUT_INFO, + &operation, PSA_KEY_DERIVATION_INPUT_INFO, NULL, 0 ) ); - PSA_ASSERT( psa_key_derivation_output_key( &attributes, &generator, + PSA_ASSERT( psa_key_derivation_output_key( &attributes, &operation, &handle ) ); - PSA_ASSERT( psa_key_derivation_abort( &generator ) ); + PSA_ASSERT( psa_key_derivation_abort( &operation ) ); PSA_ASSERT( psa_destroy_key( base_key ) ); base_key = 0; } @@ -4994,7 +4994,7 @@ exit: psa_reset_key_attributes( &attributes ); mbedtls_free( first_export ); mbedtls_free( second_export ); - psa_key_derivation_abort( &generator ); + psa_key_derivation_abort( &operation ); psa_destroy_key( base_key ); if( handle == 0 ) {