TeamHepta/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2026-05-09 03:04:24 +02:00
Code Issues Packages Projects Releases Wiki Activity

Rename functions that inject key material to an allocated handle

Browse Source 
This commit starts a migration to a new interface for key creation.
Today, the application allocates a handle, then fills its metadata,
and finally injects key material. The new interface fills metadata
into a temporary structure, and a handle is allocated at the same time
it gets filled with both metadata and key material.

This commit was obtained by moving the declaration of the old-style
functions to crypto_extra.h and renaming them with the to_handle
suffix, adding declarations for the new-style functions in crypto.h
under their new name, and running

    perl -i -pe 's/\bpsa_(import|copy|generator_import|generate)_key\b/$&_to_handle/g' library/*.c tests/suites/*.function programs/psa/*.c
    perl -i -pe 's/\bpsa_get_key_lifetime\b/$&_from_handle/g' library/*.c tests/suites/*.function programs/psa/*.c

Many functions that are specific to the old interface, and which will
not remain under the same name with the new interface, are still in
crypto.h for now.

All functional tests should still pass. The documentation may have
some broken links.
This commit is contained in:
Gilles Peskine
2019-04-17 12:28:25 +02:00
parent c69af209f8
commit 87a5e565f4
15 changed files with 222 additions and 171 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
programs/psa/crypto_examples.c
View File

@@ -179,7 +179,7 @@ cipher_example_encrypt_decrypt_aes_cbc_nopad_1_block( void )
alg );
ASSERT_STATUS( status, PSA_SUCCESS );
status = psa_generate_key( key_handle, PSA_KEY_TYPE_AES, key_bits,
status = psa_generate_key_to_handle( key_handle, PSA_KEY_TYPE_AES, key_bits,
NULL, 0 );
ASSERT_STATUS( status, PSA_SUCCESS );
@@ -229,7 +229,7 @@ static psa_status_t cipher_example_encrypt_decrypt_aes_cbc_pkcs7_multi( void )
alg );
ASSERT_STATUS( status, PSA_SUCCESS );
status = psa_generate_key( key_handle, PSA_KEY_TYPE_AES, key_bits,
status = psa_generate_key_to_handle( key_handle, PSA_KEY_TYPE_AES, key_bits,
NULL, 0 );
ASSERT_STATUS( status, PSA_SUCCESS );
@@ -277,7 +277,7 @@ static psa_status_t cipher_example_encrypt_decrypt_aes_ctr_multi( void )
alg );
ASSERT_STATUS( status, PSA_SUCCESS );
status = psa_generate_key( key_handle, PSA_KEY_TYPE_AES, key_bits,
status = psa_generate_key_to_handle( key_handle, PSA_KEY_TYPE_AES, key_bits,
NULL, 0 );
ASSERT_STATUS( status, PSA_SUCCESS );

8
programs/psa/key_ladder_demo.c
View File

@@ -208,7 +208,7 @@ static psa_status_t generate( const char *key_file_name )
KDF_ALG );
PSA_CHECK( psa_set_key_policy( key_handle, &policy ) );
PSA_CHECK( psa_generate_key( key_handle,
PSA_CHECK( psa_generate_key_to_handle( key_handle,
PSA_KEY_TYPE_DERIVE,
PSA_BYTES_TO_BITS( KEY_SIZE_BYTES ),
NULL, 0 ) );
@@ -255,7 +255,7 @@ static psa_status_t import_key_from_file( psa_key_usage_t usage,
PSA_CHECK( psa_allocate_key( master_key_handle ) );
psa_key_policy_set_usage( &policy, usage, alg );
PSA_CHECK( psa_set_key_policy( *master_key_handle, &policy ) );
PSA_CHECK( psa_import_key( *master_key_handle,
PSA_CHECK( psa_import_key_to_handle( *master_key_handle,
PSA_KEY_TYPE_DERIVE,
key_data, key_size ) );
exit:
@@ -309,7 +309,7 @@ static psa_status_t derive_key_ladder( const char *ladder[],
PSA_CHECK( psa_set_key_policy( *key_handle, &policy ) );
/* Use the generator obtained from the parent key to create
* the next intermediate key. */
PSA_CHECK( psa_generator_import_key(
PSA_CHECK( psa_generator_import_key_to_handle(
*key_handle,
PSA_KEY_TYPE_DERIVE,
PSA_BYTES_TO_BITS( KEY_SIZE_BYTES ),
@@ -348,7 +348,7 @@ static psa_status_t derive_wrapping_key( psa_key_usage_t usage,
WRAPPING_KEY_SALT, WRAPPING_KEY_SALT_LENGTH,
NULL, 0,
PSA_BITS_TO_BYTES( WRAPPING_KEY_BITS ) ) );
PSA_CHECK( psa_generator_import_key(
PSA_CHECK( psa_generator_import_key_to_handle(
*wrapping_key_handle,
PSA_KEY_TYPE_AES,
WRAPPING_KEY_BITS,