Rename psa_mac_{finish,verify} -> psa_mac_{sign,verify}_finish
Make function names for multipart operations more consistent (MAC finish edition).
This commit is contained in:
parent
da8191d1cd
commit
acd4be36fa
4 changed files with 34 additions and 31 deletions
|
@ -1345,8 +1345,8 @@ typedef struct psa_mac_operation_s psa_mac_operation_t;
|
|||
* -# Call psa_mac_update() zero, one or more times, passing a fragment
|
||||
* of the message each time. The MAC that is calculated is the MAC
|
||||
* of the concatenation of these messages in order.
|
||||
* -# To calculate the MAC, call psa_mac_finish().
|
||||
* To compare the MAC with an expected value, call psa_mac_verify().
|
||||
* -# To calculate the MAC, call psa_mac_sign_finish().
|
||||
* To compare the MAC with an expected value, call psa_mac_verify_finish().
|
||||
*
|
||||
* The application may call psa_mac_abort() at any time after the operation
|
||||
* has been initialized with psa_mac_start().
|
||||
|
@ -1355,7 +1355,8 @@ typedef struct psa_mac_operation_s psa_mac_operation_t;
|
|||
* eventually terminate the operation. The following events terminate an
|
||||
* operation:
|
||||
* - A failed call to psa_mac_update().
|
||||
* - A call to psa_mac_finish(), psa_mac_verify() or psa_mac_abort().
|
||||
* - A call to psa_mac_sign_finish(), psa_mac_verify_finish() or
|
||||
* psa_mac_abort().
|
||||
*
|
||||
* \param operation The operation object to use.
|
||||
* \param key Slot containing the key to use for the operation.
|
||||
|
@ -1383,14 +1384,14 @@ psa_status_t psa_mac_update(psa_mac_operation_t *operation,
|
|||
const uint8_t *input,
|
||||
size_t input_length);
|
||||
|
||||
psa_status_t psa_mac_finish(psa_mac_operation_t *operation,
|
||||
uint8_t *mac,
|
||||
size_t mac_size,
|
||||
size_t *mac_length);
|
||||
psa_status_t psa_mac_sign_finish(psa_mac_operation_t *operation,
|
||||
uint8_t *mac,
|
||||
size_t mac_size,
|
||||
size_t *mac_length);
|
||||
|
||||
psa_status_t psa_mac_verify(psa_mac_operation_t *operation,
|
||||
const uint8_t *mac,
|
||||
size_t mac_length);
|
||||
psa_status_t psa_mac_verify_finish(psa_mac_operation_t *operation,
|
||||
const uint8_t *mac,
|
||||
size_t mac_length);
|
||||
|
||||
psa_status_t psa_mac_abort(psa_mac_operation_t *operation);
|
||||
|
||||
|
|
|
@ -142,9 +142,9 @@
|
|||
|
||||
|
||||
|
||||
/** The size of the output of psa_mac_finish(), in bytes.
|
||||
/** The size of the output of psa_mac_sign_finish(), in bytes.
|
||||
*
|
||||
* This is also the MAC size that psa_mac_verify() expects.
|
||||
* This is also the MAC size that psa_mac_verify_finish() expects.
|
||||
*
|
||||
* \param key_type The type of the MAC key.
|
||||
* \param key_bits The size of the MAC key in bits.
|
||||
|
|
|
@ -1483,8 +1483,8 @@ psa_status_t psa_mac_start( psa_mac_operation_t *operation,
|
|||
/* Since this function is called identically for a sign or verify
|
||||
* operation, we don't know yet whether the operation is permitted.
|
||||
* Store the part of the key policy that we can't check in the
|
||||
* operation structure. psa_mac_finish() or psa_mac_verify() will
|
||||
* check that remaining part. */
|
||||
* operation structure. psa_mac_sign_finish() or psa_mac_verify_finish()
|
||||
* will check that remaining part. */
|
||||
if( ( slot->policy.usage & PSA_KEY_USAGE_SIGN ) != 0 )
|
||||
operation->key_usage_sign = 1;
|
||||
if( ( slot->policy.usage & PSA_KEY_USAGE_VERIFY ) != 0 )
|
||||
|
@ -1671,10 +1671,10 @@ cleanup:
|
|||
}
|
||||
}
|
||||
|
||||
psa_status_t psa_mac_finish( psa_mac_operation_t *operation,
|
||||
uint8_t *mac,
|
||||
size_t mac_size,
|
||||
size_t *mac_length )
|
||||
psa_status_t psa_mac_sign_finish( psa_mac_operation_t *operation,
|
||||
uint8_t *mac,
|
||||
size_t mac_size,
|
||||
size_t *mac_length )
|
||||
{
|
||||
if( ! operation->key_usage_sign )
|
||||
return( PSA_ERROR_NOT_PERMITTED );
|
||||
|
@ -1683,9 +1683,9 @@ psa_status_t psa_mac_finish( psa_mac_operation_t *operation,
|
|||
mac_size, mac_length ) );
|
||||
}
|
||||
|
||||
psa_status_t psa_mac_verify( psa_mac_operation_t *operation,
|
||||
const uint8_t *mac,
|
||||
size_t mac_length )
|
||||
psa_status_t psa_mac_verify_finish( psa_mac_operation_t *operation,
|
||||
const uint8_t *mac,
|
||||
size_t mac_length )
|
||||
{
|
||||
uint8_t actual_mac[PSA_MAC_MAX_SIZE];
|
||||
size_t actual_mac_length;
|
||||
|
|
|
@ -141,9 +141,9 @@ static int exercise_mac_key( psa_key_slot_t key,
|
|||
TEST_ASSERT( psa_mac_start( &operation, key, alg ) == PSA_SUCCESS );
|
||||
TEST_ASSERT( psa_mac_update( &operation,
|
||||
input, sizeof( input ) ) == PSA_SUCCESS );
|
||||
TEST_ASSERT( psa_mac_finish( &operation,
|
||||
mac, sizeof( input ),
|
||||
&mac_length ) == PSA_SUCCESS );
|
||||
TEST_ASSERT( psa_mac_sign_finish( &operation,
|
||||
mac, sizeof( input ),
|
||||
&mac_length ) == PSA_SUCCESS );
|
||||
}
|
||||
|
||||
if( usage & PSA_KEY_USAGE_VERIFY )
|
||||
|
@ -155,7 +155,9 @@ static int exercise_mac_key( psa_key_slot_t key,
|
|||
TEST_ASSERT( psa_mac_start( &operation, key, alg ) == PSA_SUCCESS );
|
||||
TEST_ASSERT( psa_mac_update( &operation,
|
||||
input, sizeof( input ) ) == PSA_SUCCESS );
|
||||
TEST_ASSERT( psa_mac_verify( &operation, mac, mac_length ) == verify_status );
|
||||
TEST_ASSERT( psa_mac_verify_finish( &operation,
|
||||
mac,
|
||||
mac_length ) == verify_status );
|
||||
}
|
||||
|
||||
return( 1 );
|
||||
|
@ -747,8 +749,8 @@ void mac_key_policy( int policy_usage,
|
|||
|
||||
status = psa_mac_start( &operation, key_slot, exercise_alg );
|
||||
if( status == PSA_SUCCESS )
|
||||
status = psa_mac_finish( &operation,
|
||||
mac, sizeof( mac ), &output_length );
|
||||
status = psa_mac_sign_finish( &operation,
|
||||
mac, sizeof( mac ), &output_length );
|
||||
if( policy_alg == exercise_alg &&
|
||||
( policy_usage & PSA_KEY_USAGE_SIGN ) != 0 )
|
||||
TEST_ASSERT( status == PSA_SUCCESS );
|
||||
|
@ -759,7 +761,7 @@ void mac_key_policy( int policy_usage,
|
|||
memset( mac, 0, sizeof( mac ) );
|
||||
status = psa_mac_start( &operation, key_slot, exercise_alg );
|
||||
if( status == PSA_SUCCESS )
|
||||
status = psa_mac_verify( &operation, mac, sizeof( mac ) );
|
||||
status = psa_mac_verify_finish( &operation, mac, sizeof( mac ) );
|
||||
if( policy_alg == exercise_alg &&
|
||||
( policy_usage & PSA_KEY_USAGE_VERIFY ) != 0 )
|
||||
TEST_ASSERT( status == PSA_ERROR_INVALID_SIGNATURE );
|
||||
|
@ -1198,9 +1200,9 @@ void mac_verify( int key_type_arg,
|
|||
TEST_ASSERT( psa_destroy_key( key_slot ) == PSA_SUCCESS );
|
||||
TEST_ASSERT( psa_mac_update( &operation,
|
||||
input->x, input->len ) == PSA_SUCCESS );
|
||||
TEST_ASSERT( psa_mac_verify( &operation,
|
||||
expected_mac->x,
|
||||
expected_mac->len ) == PSA_SUCCESS );
|
||||
TEST_ASSERT( psa_mac_verify_finish( &operation,
|
||||
expected_mac->x,
|
||||
expected_mac->len ) == PSA_SUCCESS );
|
||||
|
||||
exit:
|
||||
psa_destroy_key( key_slot );
|
||||
|
|
Loading…
Reference in a new issue