mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2025-01-11 08:05:38 +00:00
Rename PSA_KDF_STEP_xxx -> PSA_KEY_DERIVATION_INPUT_xxx
More consistent with the new function names.
This commit is contained in:
parent
a99d3fbd05
commit
03410b5c5f
|
@ -1216,12 +1216,12 @@
|
||||||
* For example, `PSA_ALG_HKDF(PSA_ALG_SHA256)` is HKDF using HMAC-SHA-256.
|
* For example, `PSA_ALG_HKDF(PSA_ALG_SHA256)` is HKDF using HMAC-SHA-256.
|
||||||
*
|
*
|
||||||
* This key derivation algorithm uses the following inputs:
|
* This key derivation algorithm uses the following inputs:
|
||||||
* - #PSA_KDF_STEP_SALT is the salt used in the "extract" step.
|
* - #PSA_KEY_DERIVATION_INPUT_SALT is the salt used in the "extract" step.
|
||||||
* It is optional; if omitted, the derivation uses an empty salt.
|
* It is optional; if omitted, the derivation uses an empty salt.
|
||||||
* - #PSA_KDF_STEP_SECRET is the secret key used in the "extract" step.
|
* - #PSA_KEY_DERIVATION_INPUT_SECRET is the secret key used in the "extract" step.
|
||||||
* - #PSA_KDF_STEP_INFO is the info string used in the "expand" step.
|
* - #PSA_KEY_DERIVATION_INPUT_INFO is the info string used in the "expand" step.
|
||||||
* You must pass #PSA_KDF_STEP_SALT before #PSA_KDF_STEP_SECRET.
|
* You must pass #PSA_KEY_DERIVATION_INPUT_SALT before #PSA_KEY_DERIVATION_INPUT_SECRET.
|
||||||
* You may pass #PSA_KDF_STEP_INFO at any time after steup and before
|
* You may pass #PSA_KEY_DERIVATION_INPUT_INFO at any time after steup and before
|
||||||
* starting to generate output.
|
* starting to generate output.
|
||||||
*
|
*
|
||||||
* \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that
|
* \param hash_alg A hash algorithm (\c PSA_ALG_XXX value such that
|
||||||
|
@ -1590,25 +1590,25 @@
|
||||||
*
|
*
|
||||||
* This must be a key of type #PSA_KEY_TYPE_DERIVE.
|
* This must be a key of type #PSA_KEY_TYPE_DERIVE.
|
||||||
*/
|
*/
|
||||||
#define PSA_KDF_STEP_SECRET ((psa_key_derivation_step_t)0x0101)
|
#define PSA_KEY_DERIVATION_INPUT_SECRET ((psa_key_derivation_step_t)0x0101)
|
||||||
|
|
||||||
/** A label for key derivation.
|
/** A label for key derivation.
|
||||||
*
|
*
|
||||||
* This must be a direct input.
|
* This must be a direct input.
|
||||||
*/
|
*/
|
||||||
#define PSA_KDF_STEP_LABEL ((psa_key_derivation_step_t)0x0201)
|
#define PSA_KEY_DERIVATION_INPUT_LABEL ((psa_key_derivation_step_t)0x0201)
|
||||||
|
|
||||||
/** A salt for key derivation.
|
/** A salt for key derivation.
|
||||||
*
|
*
|
||||||
* This must be a direct input.
|
* This must be a direct input.
|
||||||
*/
|
*/
|
||||||
#define PSA_KDF_STEP_SALT ((psa_key_derivation_step_t)0x0202)
|
#define PSA_KEY_DERIVATION_INPUT_SALT ((psa_key_derivation_step_t)0x0202)
|
||||||
|
|
||||||
/** An information string for key derivation.
|
/** An information string for key derivation.
|
||||||
*
|
*
|
||||||
* This must be a direct input.
|
* This must be a direct input.
|
||||||
*/
|
*/
|
||||||
#define PSA_KDF_STEP_INFO ((psa_key_derivation_step_t)0x0203)
|
#define PSA_KEY_DERIVATION_INPUT_INFO ((psa_key_derivation_step_t)0x0203)
|
||||||
|
|
||||||
/**@}*/
|
/**@}*/
|
||||||
|
|
||||||
|
|
|
@ -4914,7 +4914,7 @@ static psa_status_t psa_hkdf_input( psa_hkdf_generator_t *hkdf,
|
||||||
psa_status_t status;
|
psa_status_t status;
|
||||||
switch( step )
|
switch( step )
|
||||||
{
|
{
|
||||||
case PSA_KDF_STEP_SALT:
|
case PSA_KEY_DERIVATION_INPUT_SALT:
|
||||||
if( hkdf->state != HKDF_STATE_INIT )
|
if( hkdf->state != HKDF_STATE_INIT )
|
||||||
return( PSA_ERROR_BAD_STATE );
|
return( PSA_ERROR_BAD_STATE );
|
||||||
status = psa_hmac_setup_internal( &hkdf->hmac,
|
status = psa_hmac_setup_internal( &hkdf->hmac,
|
||||||
|
@ -4924,7 +4924,7 @@ static psa_status_t psa_hkdf_input( psa_hkdf_generator_t *hkdf,
|
||||||
return( status );
|
return( status );
|
||||||
hkdf->state = HKDF_STATE_STARTED;
|
hkdf->state = HKDF_STATE_STARTED;
|
||||||
return( PSA_SUCCESS );
|
return( PSA_SUCCESS );
|
||||||
case PSA_KDF_STEP_SECRET:
|
case PSA_KEY_DERIVATION_INPUT_SECRET:
|
||||||
/* If no salt was provided, use an empty salt. */
|
/* If no salt was provided, use an empty salt. */
|
||||||
if( hkdf->state == HKDF_STATE_INIT )
|
if( hkdf->state == HKDF_STATE_INIT )
|
||||||
{
|
{
|
||||||
|
@ -4950,7 +4950,7 @@ static psa_status_t psa_hkdf_input( psa_hkdf_generator_t *hkdf,
|
||||||
hkdf->block_number = 0;
|
hkdf->block_number = 0;
|
||||||
hkdf->state = HKDF_STATE_KEYED;
|
hkdf->state = HKDF_STATE_KEYED;
|
||||||
return( PSA_SUCCESS );
|
return( PSA_SUCCESS );
|
||||||
case PSA_KDF_STEP_INFO:
|
case PSA_KEY_DERIVATION_INPUT_INFO:
|
||||||
if( hkdf->state == HKDF_STATE_OUTPUT )
|
if( hkdf->state == HKDF_STATE_OUTPUT )
|
||||||
return( PSA_ERROR_BAD_STATE );
|
return( PSA_ERROR_BAD_STATE );
|
||||||
if( hkdf->info_set )
|
if( hkdf->info_set )
|
||||||
|
@ -5029,9 +5029,9 @@ psa_status_t psa_key_derivation_input_bytes( psa_key_derivation_operation_t *gen
|
||||||
{
|
{
|
||||||
switch( step )
|
switch( step )
|
||||||
{
|
{
|
||||||
case PSA_KDF_STEP_LABEL:
|
case PSA_KEY_DERIVATION_INPUT_LABEL:
|
||||||
case PSA_KDF_STEP_SALT:
|
case PSA_KEY_DERIVATION_INPUT_SALT:
|
||||||
case PSA_KDF_STEP_INFO:
|
case PSA_KEY_DERIVATION_INPUT_INFO:
|
||||||
return( psa_key_derivation_input_raw( generator, step,
|
return( psa_key_derivation_input_raw( generator, step,
|
||||||
data, data_length ) );
|
data, data_length ) );
|
||||||
default:
|
default:
|
||||||
|
@ -5058,7 +5058,7 @@ psa_status_t psa_key_derivation_input_key( psa_key_derivation_operation_t *gener
|
||||||
* the material should be dedicated to a particular input step,
|
* the material should be dedicated to a particular input step,
|
||||||
* otherwise this may allow the key to be used in an unintended way
|
* otherwise this may allow the key to be used in an unintended way
|
||||||
* and leak values derived from the key. So be conservative. */
|
* and leak values derived from the key. So be conservative. */
|
||||||
if( step != PSA_KDF_STEP_SECRET )
|
if( step != PSA_KEY_DERIVATION_INPUT_SECRET )
|
||||||
return( PSA_ERROR_INVALID_ARGUMENT );
|
return( PSA_ERROR_INVALID_ARGUMENT );
|
||||||
return( psa_key_derivation_input_raw( generator,
|
return( psa_key_derivation_input_raw( generator,
|
||||||
step,
|
step,
|
||||||
|
|
|
@ -538,14 +538,14 @@ static int exercise_key_derivation_key( psa_key_handle_t handle,
|
||||||
{
|
{
|
||||||
PSA_ASSERT( psa_key_derivation_setup( &generator, alg ) );
|
PSA_ASSERT( psa_key_derivation_setup( &generator, alg ) );
|
||||||
PSA_ASSERT( psa_key_derivation_input_bytes( &generator,
|
PSA_ASSERT( psa_key_derivation_input_bytes( &generator,
|
||||||
PSA_KDF_STEP_SALT,
|
PSA_KEY_DERIVATION_INPUT_SALT,
|
||||||
label,
|
label,
|
||||||
label_length ) );
|
label_length ) );
|
||||||
PSA_ASSERT( psa_key_derivation_input_key( &generator,
|
PSA_ASSERT( psa_key_derivation_input_key( &generator,
|
||||||
PSA_KDF_STEP_SECRET,
|
PSA_KEY_DERIVATION_INPUT_SECRET,
|
||||||
handle ) );
|
handle ) );
|
||||||
PSA_ASSERT( psa_key_derivation_input_bytes( &generator,
|
PSA_ASSERT( psa_key_derivation_input_bytes( &generator,
|
||||||
PSA_KDF_STEP_INFO,
|
PSA_KEY_DERIVATION_INPUT_INFO,
|
||||||
seed,
|
seed,
|
||||||
seed_length ) );
|
seed_length ) );
|
||||||
}
|
}
|
||||||
|
@ -596,7 +596,7 @@ static psa_status_t key_agreement_with_self( psa_key_derivation_operation_t *gen
|
||||||
public_key, public_key_length,
|
public_key, public_key_length,
|
||||||
&public_key_length ) );
|
&public_key_length ) );
|
||||||
|
|
||||||
status = psa_key_derivation_key_agreement( generator, PSA_KDF_STEP_SECRET, handle,
|
status = psa_key_derivation_key_agreement( generator, PSA_KEY_DERIVATION_INPUT_SECRET, handle,
|
||||||
public_key, public_key_length );
|
public_key, public_key_length );
|
||||||
exit:
|
exit:
|
||||||
mbedtls_free( public_key );
|
mbedtls_free( public_key );
|
||||||
|
@ -4188,13 +4188,13 @@ void derive_output( int alg_arg,
|
||||||
PSA_ASSERT( psa_key_derivation_set_capacity( &generator,
|
PSA_ASSERT( psa_key_derivation_set_capacity( &generator,
|
||||||
requested_capacity ) );
|
requested_capacity ) );
|
||||||
PSA_ASSERT( psa_key_derivation_input_bytes( &generator,
|
PSA_ASSERT( psa_key_derivation_input_bytes( &generator,
|
||||||
PSA_KDF_STEP_SALT,
|
PSA_KEY_DERIVATION_INPUT_SALT,
|
||||||
salt->x, salt->len ) );
|
salt->x, salt->len ) );
|
||||||
PSA_ASSERT( psa_key_derivation_input_key( &generator,
|
PSA_ASSERT( psa_key_derivation_input_key( &generator,
|
||||||
PSA_KDF_STEP_SECRET,
|
PSA_KEY_DERIVATION_INPUT_SECRET,
|
||||||
handle ) );
|
handle ) );
|
||||||
PSA_ASSERT( psa_key_derivation_input_bytes( &generator,
|
PSA_ASSERT( psa_key_derivation_input_bytes( &generator,
|
||||||
PSA_KDF_STEP_INFO,
|
PSA_KEY_DERIVATION_INPUT_INFO,
|
||||||
label->x, label->len ) );
|
label->x, label->len ) );
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
|
@ -4284,13 +4284,13 @@ void derive_full( int alg_arg,
|
||||||
PSA_ASSERT( psa_key_derivation_set_capacity( &generator,
|
PSA_ASSERT( psa_key_derivation_set_capacity( &generator,
|
||||||
requested_capacity ) );
|
requested_capacity ) );
|
||||||
PSA_ASSERT( psa_key_derivation_input_bytes( &generator,
|
PSA_ASSERT( psa_key_derivation_input_bytes( &generator,
|
||||||
PSA_KDF_STEP_SALT,
|
PSA_KEY_DERIVATION_INPUT_SALT,
|
||||||
salt->x, salt->len ) );
|
salt->x, salt->len ) );
|
||||||
PSA_ASSERT( psa_key_derivation_input_key( &generator,
|
PSA_ASSERT( psa_key_derivation_input_key( &generator,
|
||||||
PSA_KDF_STEP_SECRET,
|
PSA_KEY_DERIVATION_INPUT_SECRET,
|
||||||
handle ) );
|
handle ) );
|
||||||
PSA_ASSERT( psa_key_derivation_input_bytes( &generator,
|
PSA_ASSERT( psa_key_derivation_input_bytes( &generator,
|
||||||
PSA_KDF_STEP_INFO,
|
PSA_KEY_DERIVATION_INPUT_INFO,
|
||||||
label->x, label->len ) );
|
label->x, label->len ) );
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
|
@ -4502,7 +4502,7 @@ void key_agreement_setup( int alg_arg,
|
||||||
status = psa_key_derivation_setup( &generator, alg );
|
status = psa_key_derivation_setup( &generator, alg );
|
||||||
if( status == PSA_SUCCESS )
|
if( status == PSA_SUCCESS )
|
||||||
{
|
{
|
||||||
TEST_EQUAL( psa_key_derivation_key_agreement( &generator, PSA_KDF_STEP_SECRET,
|
TEST_EQUAL( psa_key_derivation_key_agreement( &generator, PSA_KEY_DERIVATION_INPUT_SECRET,
|
||||||
our_key,
|
our_key,
|
||||||
peer_key_data->x, peer_key_data->len ),
|
peer_key_data->x, peer_key_data->len ),
|
||||||
expected_status );
|
expected_status );
|
||||||
|
@ -4580,14 +4580,14 @@ void key_agreement_capacity( int alg_arg,
|
||||||
&our_key ) );
|
&our_key ) );
|
||||||
|
|
||||||
PSA_ASSERT( psa_key_derivation_setup( &generator, alg ) );
|
PSA_ASSERT( psa_key_derivation_setup( &generator, alg ) );
|
||||||
PSA_ASSERT( psa_key_derivation_key_agreement( &generator, PSA_KDF_STEP_SECRET,
|
PSA_ASSERT( psa_key_derivation_key_agreement( &generator, PSA_KEY_DERIVATION_INPUT_SECRET,
|
||||||
our_key,
|
our_key,
|
||||||
peer_key_data->x, peer_key_data->len ) );
|
peer_key_data->x, peer_key_data->len ) );
|
||||||
if( PSA_ALG_IS_HKDF( PSA_ALG_KEY_AGREEMENT_GET_KDF( alg ) ) )
|
if( PSA_ALG_IS_HKDF( PSA_ALG_KEY_AGREEMENT_GET_KDF( alg ) ) )
|
||||||
{
|
{
|
||||||
/* The test data is for info="" */
|
/* The test data is for info="" */
|
||||||
PSA_ASSERT( psa_key_derivation_input_bytes( &generator,
|
PSA_ASSERT( psa_key_derivation_input_bytes( &generator,
|
||||||
PSA_KDF_STEP_INFO,
|
PSA_KEY_DERIVATION_INPUT_INFO,
|
||||||
NULL, 0 ) );
|
NULL, 0 ) );
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -4641,14 +4641,14 @@ void key_agreement_output( int alg_arg,
|
||||||
&our_key ) );
|
&our_key ) );
|
||||||
|
|
||||||
PSA_ASSERT( psa_key_derivation_setup( &generator, alg ) );
|
PSA_ASSERT( psa_key_derivation_setup( &generator, alg ) );
|
||||||
PSA_ASSERT( psa_key_derivation_key_agreement( &generator, PSA_KDF_STEP_SECRET,
|
PSA_ASSERT( psa_key_derivation_key_agreement( &generator, PSA_KEY_DERIVATION_INPUT_SECRET,
|
||||||
our_key,
|
our_key,
|
||||||
peer_key_data->x, peer_key_data->len ) );
|
peer_key_data->x, peer_key_data->len ) );
|
||||||
if( PSA_ALG_IS_HKDF( PSA_ALG_KEY_AGREEMENT_GET_KDF( alg ) ) )
|
if( PSA_ALG_IS_HKDF( PSA_ALG_KEY_AGREEMENT_GET_KDF( alg ) ) )
|
||||||
{
|
{
|
||||||
/* The test data is for info="" */
|
/* The test data is for info="" */
|
||||||
PSA_ASSERT( psa_key_derivation_input_bytes( &generator,
|
PSA_ASSERT( psa_key_derivation_input_bytes( &generator,
|
||||||
PSA_KDF_STEP_INFO,
|
PSA_KEY_DERIVATION_INPUT_INFO,
|
||||||
NULL, 0 ) );
|
NULL, 0 ) );
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -4935,10 +4935,10 @@ void persistent_key_load_key_from_storage( data_t *data,
|
||||||
/* Derive a key. */
|
/* Derive a key. */
|
||||||
PSA_ASSERT( psa_key_derivation_setup( &generator, derive_alg ) );
|
PSA_ASSERT( psa_key_derivation_setup( &generator, derive_alg ) );
|
||||||
PSA_ASSERT( psa_key_derivation_input_key( &generator,
|
PSA_ASSERT( psa_key_derivation_input_key( &generator,
|
||||||
PSA_KDF_STEP_SECRET,
|
PSA_KEY_DERIVATION_INPUT_SECRET,
|
||||||
base_key ) );
|
base_key ) );
|
||||||
PSA_ASSERT( psa_key_derivation_input_bytes(
|
PSA_ASSERT( psa_key_derivation_input_bytes(
|
||||||
&generator, PSA_KDF_STEP_INFO,
|
&generator, PSA_KEY_DERIVATION_INPUT_INFO,
|
||||||
NULL, 0 ) );
|
NULL, 0 ) );
|
||||||
PSA_ASSERT( psa_key_derivation_output_key( &attributes, &generator,
|
PSA_ASSERT( psa_key_derivation_output_key( &attributes, &generator,
|
||||||
&handle ) );
|
&handle ) );
|
||||||
|
|
Loading…
Reference in a new issue