Make it possible to include psa_crypto_random_impl.h with psa_util.h
There was some intentional duplication between library/psa_crypto_random_impl.h and include/mbedtls/psa_util.h, with the intent that the compiler would complain if one file was edited in a way that's incompatible with the other file. However, the two files were never included together, and in fact could not be included together because some definitions can't be duplicated (type, static variable). Now library/psa_crypto_random_impl.h includes include/mbedtls/psa_util.h, so the compiler will check what it can. There is less redundancy since it isn't always possible to declare something twice (specifically, types can't be declared). Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
parent
2cff7e2a59
commit
996f2168b6
2 changed files with 17 additions and 39 deletions
|
@ -420,8 +420,9 @@ static inline int mbedtls_psa_tls_ecpoint_to_psa_ec( unsigned char const *src,
|
||||||
#endif /* MBEDTLS_USE_PSA_CRYPTO */
|
#endif /* MBEDTLS_USE_PSA_CRYPTO */
|
||||||
|
|
||||||
/* Expose whatever RNG the PSA subsystem uses to applications using the
|
/* Expose whatever RNG the PSA subsystem uses to applications using the
|
||||||
* mbedtls_xxx API. The declarations here need to be consistent with the
|
* mbedtls_xxx API. The declarations and definitions here need to be
|
||||||
* implementation in library/psa_crypto_random_impl.h. */
|
* consistent with the implementation in library/psa_crypto_random_impl.h.
|
||||||
|
* See that file for implementation documentation. */
|
||||||
#if defined(MBEDTLS_PSA_CRYPTO_C)
|
#if defined(MBEDTLS_PSA_CRYPTO_C)
|
||||||
|
|
||||||
/* The type of a `f_rng` random generator function that many library functions
|
/* The type of a `f_rng` random generator function that many library functions
|
||||||
|
|
|
@ -3,7 +3,12 @@
|
||||||
* \brief PSA crypto random generator implementation abstraction.
|
* \brief PSA crypto random generator implementation abstraction.
|
||||||
*
|
*
|
||||||
* The definitions here need to be consistent with the declarations
|
* The definitions here need to be consistent with the declarations
|
||||||
* in include/mbedtls/psa_util.h.
|
* in include/mbedtls/psa_util.h. This file contains some redundant
|
||||||
|
* declarations to increase the chance that a compiler will detect
|
||||||
|
* inconsistencies if one file is changed without updating the other,
|
||||||
|
* but not all potential inconsistencies can be enforced, so make sure
|
||||||
|
* to check the public declarations and contracts in
|
||||||
|
* include/mbedtls/psa_util.h if you modify this file.
|
||||||
*/
|
*/
|
||||||
/*
|
/*
|
||||||
* Copyright The Mbed TLS Contributors
|
* Copyright The Mbed TLS Contributors
|
||||||
|
@ -25,6 +30,8 @@
|
||||||
#ifndef PSA_CRYPTO_RANDOM_IMPL_H
|
#ifndef PSA_CRYPTO_RANDOM_IMPL_H
|
||||||
#define PSA_CRYPTO_RANDOM_IMPL_H
|
#define PSA_CRYPTO_RANDOM_IMPL_H
|
||||||
|
|
||||||
|
#include <mbedtls/psa_util.h>
|
||||||
|
|
||||||
#if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
|
#if defined(MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG)
|
||||||
|
|
||||||
#include <string.h>
|
#include <string.h>
|
||||||
|
@ -78,14 +85,6 @@ int mbedtls_psa_get_random( void *p_rng,
|
||||||
|
|
||||||
#include "mbedtls/entropy.h"
|
#include "mbedtls/entropy.h"
|
||||||
|
|
||||||
/** The type of the PSA DRBG context.
|
|
||||||
*/
|
|
||||||
#if defined(MBEDTLS_CTR_DRBG_C)
|
|
||||||
typedef mbedtls_ctr_drbg_context mbedtls_psa_drbg_context_t;
|
|
||||||
#elif defined(MBEDTLS_HMAC_DRBG_C)
|
|
||||||
typedef mbedtls_hmac_drbg_context mbedtls_psa_drbg_context_t;
|
|
||||||
#endif
|
|
||||||
|
|
||||||
/** Initialize the PSA DRBG.
|
/** Initialize the PSA DRBG.
|
||||||
*
|
*
|
||||||
* \param p_rng Pointer to the Mbed TLS DRBG state.
|
* \param p_rng Pointer to the Mbed TLS DRBG state.
|
||||||
|
@ -125,34 +124,9 @@ typedef struct
|
||||||
mbedtls_psa_drbg_context_t drbg;
|
mbedtls_psa_drbg_context_t drbg;
|
||||||
} mbedtls_psa_random_context_t;
|
} mbedtls_psa_random_context_t;
|
||||||
|
|
||||||
/* The type of an Mbed TLS random generator function. This should be
|
/* Defined in include/mbedtls/psa_util.h so that it's visible to
|
||||||
* part of the public API instead of repeating the type everywhere.
|
* application code. */
|
||||||
* For the time being, declare it here. Declaring a type is necessary
|
static mbedtls_f_rng_t *const mbedtls_psa_get_random;
|
||||||
* to define mbedtls_psa_get_random as a variable of a function pointer
|
|
||||||
* type without incurring the wrath of check-names.sh. */
|
|
||||||
typedef int mbedtls_f_rng_t( void *p_rng, unsigned char *output, size_t output_size );
|
|
||||||
|
|
||||||
/** Return random data.
|
|
||||||
*
|
|
||||||
* This function is suitable as the \p f_rng parameter to Mbed TLS functions
|
|
||||||
* that require a random generator. Use #MBEDTLS_PSA_RANDOM_STATE to
|
|
||||||
* obtain the \p p_rng parameter.
|
|
||||||
*
|
|
||||||
* \param p_rng The DRBG context. This must be
|
|
||||||
* #MBEDTLS_PSA_RANDOM_STATE.
|
|
||||||
* \param output The buffer to fill.
|
|
||||||
* \param output_len The length of the buffer in bytes.
|
|
||||||
* It must be at most #MBEDTLS_PSA_RANDOM_MAX_REQUEST.
|
|
||||||
*
|
|
||||||
* \retval \c 0 on success.
|
|
||||||
* \return \c MBEDTLS_ERR_xxx_DRBG_xxx or
|
|
||||||
* \c MBEDTLS_ERR_PLATFORM_xxx on failure.
|
|
||||||
*/
|
|
||||||
#if defined(MBEDTLS_CTR_DRBG_C)
|
|
||||||
static mbedtls_f_rng_t *const mbedtls_psa_get_random = mbedtls_ctr_drbg_random;
|
|
||||||
#elif defined(MBEDTLS_HMAC_DRBG_C)
|
|
||||||
static mbedtls_f_rng_t *const mbedtls_psa_get_random = mbedtls_hmac_drbg_random;
|
|
||||||
#endif
|
|
||||||
|
|
||||||
/** The maximum number of bytes that mbedtls_psa_get_random() is expected to
|
/** The maximum number of bytes that mbedtls_psa_get_random() is expected to
|
||||||
* return.
|
* return.
|
||||||
|
@ -170,6 +144,9 @@ static mbedtls_f_rng_t *const mbedtls_psa_get_random = mbedtls_hmac_drbg_random;
|
||||||
*/
|
*/
|
||||||
/* psa_crypto.c sets this variable to a pointer to the DRBG state in the
|
/* psa_crypto.c sets this variable to a pointer to the DRBG state in the
|
||||||
* global PSA crypto state. */
|
* global PSA crypto state. */
|
||||||
|
/* The type `mbedtls_psa_drbg_context_t` is defined in
|
||||||
|
* include/mbedtls/psa_util.h so that `mbedtls_psa_random_state` can be
|
||||||
|
* declared there and be visible to application code. */
|
||||||
extern mbedtls_psa_drbg_context_t *const mbedtls_psa_random_state;
|
extern mbedtls_psa_drbg_context_t *const mbedtls_psa_random_state;
|
||||||
|
|
||||||
/** A pointer to the PSA DRBG state.
|
/** A pointer to the PSA DRBG state.
|
||||||
|
|
Loading…
Reference in a new issue