AuroraMiddleware/mbedtls
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Rename psa cipher functions to psa_cipher_xxx

Browse Source 
Make function names for multipart operations more consistent (cipher
edition).

Rename symmetric cipher multipart operation functions so that they all
start with psa_cipher_:

* psa_encrypt_setup -> psa_cipher_encrypt_setup
* psa_decrypt_setup -> psa_cipher_decrypt_setup
* psa_encrypt_set_iv -> psa_cipher_set_iv
* psa_encrypt_generate_iv -> psa_cipher_generate_iv
This commit is contained in:
Gilles Peskine 2018-07-08 21:39:34 +02:00 committed by itayzafrir
parent fbfac6867b
commit fe11951c16
3 changed files with 81 additions and 79 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

42
include/psa/crypto.h
View File

@ -1464,10 +1464,10 @@ typedef struct psa_cipher_operation_s psa_cipher_operation_t;
* is as follows: * is as follows:
* -# Allocate an operation object which will be passed to all the functions * -# Allocate an operation object which will be passed to all the functions
* listed here. * listed here.
* -# Call psa_encrypt_setup() to specify the algorithm and key. * -# Call psa_cipher_encrypt_setup() to specify the algorithm and key.
* The key remains associated with the operation even if the content * The key remains associated with the operation even if the content
* of the key slot changes. * of the key slot changes.
* -# Call either psa_encrypt_generate_iv() or psa_encrypt_set_iv() to * -# Call either psa_encrypt_generate_iv() or psa_cipher_set_iv() to
* generate or set the IV (initialization vector). You should use * generate or set the IV (initialization vector). You should use
* psa_encrypt_generate_iv() unless the protocol you are implementing * psa_encrypt_generate_iv() unless the protocol you are implementing
* requires a specific IV value. * requires a specific IV value.
@ -1476,12 +1476,12 @@ typedef struct psa_cipher_operation_s psa_cipher_operation_t;
* -# Call psa_cipher_finish(). * -# Call psa_cipher_finish().
* *
* The application may call psa_cipher_abort() at any time after the operation * The application may call psa_cipher_abort() at any time after the operation
* has been initialized with psa_encrypt_setup(). * has been initialized with psa_cipher_encrypt_setup().
* *
* After a successful call to psa_encrypt_setup(), the application must * After a successful call to psa_cipher_encrypt_setup(), the application must
* eventually terminate the operation. The following events terminate an * eventually terminate the operation. The following events terminate an
* operation: * operation:
* - A failed call to psa_encrypt_generate_iv(), psa_encrypt_set_iv() * - A failed call to psa_encrypt_generate_iv(), psa_cipher_set_iv()
* or psa_cipher_update(). * or psa_cipher_update().
* - A call to psa_cipher_finish() or psa_cipher_abort(). * - A call to psa_cipher_finish() or psa_cipher_abort().
* *
@ -1503,9 +1503,9 @@ typedef struct psa_cipher_operation_s psa_cipher_operation_t;
* \retval PSA_ERROR_HARDWARE_FAILURE * \retval PSA_ERROR_HARDWARE_FAILURE
* \retval PSA_ERROR_TAMPERING_DETECTED * \retval PSA_ERROR_TAMPERING_DETECTED
*/ */
psa_status_t psa_encrypt_setup(psa_cipher_operation_t *operation, psa_status_t psa_cipher_encrypt_setup(psa_cipher_operation_t *operation,
psa_key_slot_t key, psa_key_slot_t key,
psa_algorithm_t alg); psa_algorithm_t alg);
/** Set the key for a multipart symmetric decryption operation. /** Set the key for a multipart symmetric decryption operation.
* *
@ -1513,7 +1513,7 @@ psa_status_t psa_encrypt_setup(psa_cipher_operation_t *operation,
* is as follows: * is as follows:
* -# Allocate an operation object which will be passed to all the functions * -# Allocate an operation object which will be passed to all the functions
* listed here. * listed here.
* -# Call psa_decrypt_setup() to specify the algorithm and key. * -# Call psa_cipher_decrypt_setup() to specify the algorithm and key.
* The key remains associated with the operation even if the content * The key remains associated with the operation even if the content
* of the key slot changes. * of the key slot changes.
* -# Call psa_cipher_update() with the IV (initialization vector) for the * -# Call psa_cipher_update() with the IV (initialization vector) for the
@ -1525,9 +1525,9 @@ psa_status_t psa_encrypt_setup(psa_cipher_operation_t *operation,
* -# Call psa_cipher_finish(). * -# Call psa_cipher_finish().
* *
* The application may call psa_cipher_abort() at any time after the operation * The application may call psa_cipher_abort() at any time after the operation
* has been initialized with psa_encrypt_setup(). * has been initialized with psa_cipher_decrypt_setup().
* *
* After a successful call to psa_decrypt_setup(), the application must * After a successful call to psa_cipher_decrypt_setup(), the application must
* eventually terminate the operation. The following events terminate an * eventually terminate the operation. The following events terminate an
* operation: * operation:
* - A failed call to psa_cipher_update(). * - A failed call to psa_cipher_update().
@ -1551,18 +1551,18 @@ psa_status_t psa_encrypt_setup(psa_cipher_operation_t *operation,
* \retval PSA_ERROR_HARDWARE_FAILURE * \retval PSA_ERROR_HARDWARE_FAILURE
* \retval PSA_ERROR_TAMPERING_DETECTED * \retval PSA_ERROR_TAMPERING_DETECTED
*/ */
psa_status_t psa_decrypt_setup(psa_cipher_operation_t *operation, psa_status_t psa_cipher_decrypt_setup(psa_cipher_operation_t *operation,
psa_key_slot_t key, psa_key_slot_t key,
psa_algorithm_t alg); psa_algorithm_t alg);
psa_status_t psa_encrypt_generate_iv(psa_cipher_operation_t *operation, psa_status_t psa_cipher_generate_iv(psa_cipher_operation_t *operation,
unsigned char *iv, unsigned char *iv,
size_t iv_size, size_t iv_size,
size_t *iv_length); size_t *iv_length);
psa_status_t psa_encrypt_set_iv(psa_cipher_operation_t *operation, psa_status_t psa_cipher_set_iv(psa_cipher_operation_t *operation,
const unsigned char *iv, const unsigned char *iv,
size_t iv_length); size_t iv_length);
psa_status_t psa_cipher_update(psa_cipher_operation_t *operation, psa_status_t psa_cipher_update(psa_cipher_operation_t *operation,
const uint8_t *input, const uint8_t *input,

28
library/psa_crypto.c
View File

@ -2360,24 +2360,24 @@ static psa_status_t psa_cipher_setup( psa_cipher_operation_t *operation,
return( PSA_SUCCESS ); return( PSA_SUCCESS );
} }
psa_status_t psa_encrypt_setup( psa_cipher_operation_t *operation, psa_status_t psa_cipher_encrypt_setup( psa_cipher_operation_t *operation,
psa_key_slot_t key, psa_key_slot_t key,
psa_algorithm_t alg ) psa_algorithm_t alg )
{ {
return( psa_cipher_setup( operation, key, alg, MBEDTLS_ENCRYPT ) ); return( psa_cipher_setup( operation, key, alg, MBEDTLS_ENCRYPT ) );
} }
psa_status_t psa_decrypt_setup( psa_cipher_operation_t *operation, psa_status_t psa_cipher_decrypt_setup( psa_cipher_operation_t *operation,
psa_key_slot_t key, psa_key_slot_t key,
psa_algorithm_t alg ) psa_algorithm_t alg )
{ {
return( psa_cipher_setup( operation, key, alg, MBEDTLS_DECRYPT ) ); return( psa_cipher_setup( operation, key, alg, MBEDTLS_DECRYPT ) );
} }
psa_status_t psa_encrypt_generate_iv( psa_cipher_operation_t *operation, psa_status_t psa_cipher_generate_iv( psa_cipher_operation_t *operation,
unsigned char *iv, unsigned char *iv,
size_t iv_size, size_t iv_size,
size_t *iv_length ) size_t *iv_length )
{ {
int ret = PSA_SUCCESS; int ret = PSA_SUCCESS;
if( operation->iv_set || ! operation->iv_required ) if( operation->iv_set || ! operation->iv_required )
@ -2396,7 +2396,7 @@ psa_status_t psa_encrypt_generate_iv( psa_cipher_operation_t *operation,
} }
*iv_length = operation->iv_size; *iv_length = operation->iv_size;
ret = psa_encrypt_set_iv( operation, iv, *iv_length ); ret = psa_cipher_set_iv( operation, iv, *iv_length );
exit: exit:
if( ret != PSA_SUCCESS ) if( ret != PSA_SUCCESS )
@ -2404,9 +2404,9 @@ exit:
return( ret ); return( ret );
} }
psa_status_t psa_encrypt_set_iv( psa_cipher_operation_t *operation, psa_status_t psa_cipher_set_iv( psa_cipher_operation_t *operation,
const unsigned char *iv, const unsigned char *iv,
size_t iv_length ) size_t iv_length )
{ {
int ret = PSA_SUCCESS; int ret = PSA_SUCCESS;
if( operation->iv_set || ! operation->iv_required ) if( operation->iv_set || ! operation->iv_required )

90
tests/suites/test_suite_psa_crypto.function
View File

@ -184,10 +184,11 @@ static int exercise_cipher_key( psa_key_slot_t key,
if( usage & PSA_KEY_USAGE_ENCRYPT ) if( usage & PSA_KEY_USAGE_ENCRYPT )
{ {
TEST_ASSERT( psa_encrypt_setup( &operation, key, alg ) == PSA_SUCCESS ); TEST_ASSERT( psa_cipher_encrypt_setup( &operation,
TEST_ASSERT( psa_encrypt_generate_iv( &operation, key, alg ) == PSA_SUCCESS );
iv, sizeof( iv ), TEST_ASSERT( psa_cipher_generate_iv( &operation,
&iv_length ) == PSA_SUCCESS ); iv, sizeof( iv ),
&iv_length ) == PSA_SUCCESS );
TEST_ASSERT( psa_cipher_update( &operation, TEST_ASSERT( psa_cipher_update( &operation,
plaintext, sizeof( plaintext ), plaintext, sizeof( plaintext ),
ciphertext, sizeof( ciphertext ), ciphertext, sizeof( ciphertext ),
@ -209,9 +210,10 @@ static int exercise_cipher_key( psa_key_slot_t key,
TEST_ASSERT( psa_get_key_information( key, &type, &bits ) ); TEST_ASSERT( psa_get_key_information( key, &type, &bits ) );
iv_length = PSA_BLOCK_CIPHER_BLOCK_SIZE( type ); iv_length = PSA_BLOCK_CIPHER_BLOCK_SIZE( type );
} }
TEST_ASSERT( psa_decrypt_setup( &operation, key, alg ) == PSA_SUCCESS ); TEST_ASSERT( psa_cipher_decrypt_setup( &operation,
TEST_ASSERT( psa_encrypt_set_iv( &operation, key, alg ) == PSA_SUCCESS );
iv, iv_length ) == PSA_SUCCESS ); TEST_ASSERT( psa_cipher_set_iv( &operation,
iv, iv_length ) == PSA_SUCCESS );
TEST_ASSERT( psa_cipher_update( &operation, TEST_ASSERT( psa_cipher_update( &operation,
ciphertext, ciphertext_length, ciphertext, ciphertext_length,
decrypted, sizeof( decrypted ), decrypted, sizeof( decrypted ),
@ -792,7 +794,7 @@ void cipher_key_policy( int policy_usage,
TEST_ASSERT( psa_import_key( key_slot, key_type, TEST_ASSERT( psa_import_key( key_slot, key_type,
key_data->x, key_data->len ) == PSA_SUCCESS ); key_data->x, key_data->len ) == PSA_SUCCESS );
status = psa_encrypt_setup( &operation, key_slot, exercise_alg ); status = psa_cipher_encrypt_setup( &operation, key_slot, exercise_alg );
if( policy_alg == exercise_alg && if( policy_alg == exercise_alg &&
( policy_usage & PSA_KEY_USAGE_ENCRYPT ) != 0 ) ( policy_usage & PSA_KEY_USAGE_ENCRYPT ) != 0 )
TEST_ASSERT( status == PSA_SUCCESS ); TEST_ASSERT( status == PSA_SUCCESS );
@ -800,7 +802,7 @@ void cipher_key_policy( int policy_usage,
TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED ); TEST_ASSERT( status == PSA_ERROR_NOT_PERMITTED );
psa_cipher_abort( &operation ); psa_cipher_abort( &operation );
status = psa_decrypt_setup( &operation, key_slot, exercise_alg ); status = psa_cipher_decrypt_setup( &operation, key_slot, exercise_alg );
if( policy_alg == exercise_alg && if( policy_alg == exercise_alg &&
( policy_usage & PSA_KEY_USAGE_DECRYPT ) != 0 ) ( policy_usage & PSA_KEY_USAGE_DECRYPT ) != 0 )
TEST_ASSERT( status == PSA_SUCCESS ); TEST_ASSERT( status == PSA_SUCCESS );
@ -1230,7 +1232,7 @@ void cipher_setup( int key_type_arg,
TEST_ASSERT( psa_import_key( key_slot, key_type, TEST_ASSERT( psa_import_key( key_slot, key_type,
key->x, key->len ) == PSA_SUCCESS ); key->x, key->len ) == PSA_SUCCESS );
status = psa_encrypt_setup( &operation, key_slot, alg ); status = psa_cipher_encrypt_setup( &operation, key_slot, alg );
psa_cipher_abort( &operation ); psa_cipher_abort( &operation );
TEST_ASSERT( status == expected_status ); TEST_ASSERT( status == expected_status );
@ -1279,11 +1281,11 @@ void cipher_encrypt( int alg_arg, int key_type_arg,
TEST_ASSERT( psa_import_key( key_slot, key_type, TEST_ASSERT( psa_import_key( key_slot, key_type,
key->x, key->len ) == PSA_SUCCESS ); key->x, key->len ) == PSA_SUCCESS );
TEST_ASSERT( psa_encrypt_setup( &operation, TEST_ASSERT( psa_cipher_encrypt_setup( &operation,
key_slot, alg ) == PSA_SUCCESS ); key_slot, alg ) == PSA_SUCCESS );
TEST_ASSERT( psa_encrypt_set_iv( &operation, TEST_ASSERT( psa_cipher_set_iv( &operation,
iv, iv_size ) == PSA_SUCCESS ); iv, iv_size ) == PSA_SUCCESS );
output_buffer_size = (size_t) input->len + output_buffer_size = (size_t) input->len +
PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ); PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type );
output = mbedtls_calloc( 1, output_buffer_size ); output = mbedtls_calloc( 1, output_buffer_size );
@ -1354,11 +1356,11 @@ void cipher_encrypt_multipart( int alg_arg, int key_type_arg,
TEST_ASSERT( psa_import_key( key_slot, key_type, TEST_ASSERT( psa_import_key( key_slot, key_type,
key->x, key->len ) == PSA_SUCCESS ); key->x, key->len ) == PSA_SUCCESS );
TEST_ASSERT( psa_encrypt_setup( &operation, TEST_ASSERT( psa_cipher_encrypt_setup( &operation,
key_slot, alg ) == PSA_SUCCESS ); key_slot, alg ) == PSA_SUCCESS );
TEST_ASSERT( psa_encrypt_set_iv( &operation, TEST_ASSERT( psa_cipher_set_iv( &operation,
iv, sizeof( iv ) ) == PSA_SUCCESS ); iv, sizeof( iv ) ) == PSA_SUCCESS );
output_buffer_size = (size_t) input->len + output_buffer_size = (size_t) input->len +
PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ); PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type );
output = mbedtls_calloc( 1, output_buffer_size ); output = mbedtls_calloc( 1, output_buffer_size );
@ -1432,11 +1434,11 @@ void cipher_decrypt_multipart( int alg_arg, int key_type_arg,
TEST_ASSERT( psa_import_key( key_slot, key_type, TEST_ASSERT( psa_import_key( key_slot, key_type,
key->x, key->len ) == PSA_SUCCESS ); key->x, key->len ) == PSA_SUCCESS );
TEST_ASSERT( psa_decrypt_setup( &operation, TEST_ASSERT( psa_cipher_decrypt_setup( &operation,
key_slot, alg ) == PSA_SUCCESS ); key_slot, alg ) == PSA_SUCCESS );
TEST_ASSERT( psa_encrypt_set_iv( &operation, TEST_ASSERT( psa_cipher_set_iv( &operation,
iv, sizeof( iv ) ) == PSA_SUCCESS ); iv, sizeof( iv ) ) == PSA_SUCCESS );
output_buffer_size = (size_t) input->len + output_buffer_size = (size_t) input->len +
PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ); PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type );
@ -1512,11 +1514,11 @@ void cipher_decrypt( int alg_arg, int key_type_arg,
TEST_ASSERT( psa_import_key( key_slot, key_type, TEST_ASSERT( psa_import_key( key_slot, key_type,
key->x, key->len ) == PSA_SUCCESS ); key->x, key->len ) == PSA_SUCCESS );
TEST_ASSERT( psa_decrypt_setup( &operation, TEST_ASSERT( psa_cipher_decrypt_setup( &operation,
key_slot, alg ) == PSA_SUCCESS ); key_slot, alg ) == PSA_SUCCESS );
TEST_ASSERT( psa_encrypt_set_iv( &operation, TEST_ASSERT( psa_cipher_set_iv( &operation,
iv, iv_size ) == PSA_SUCCESS ); iv, iv_size ) == PSA_SUCCESS );
output_buffer_size = (size_t) input->len + output_buffer_size = (size_t) input->len +
PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ); PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type );
@ -1586,14 +1588,14 @@ void cipher_verify_output( int alg_arg, int key_type_arg,
TEST_ASSERT( psa_import_key( key_slot, key_type, TEST_ASSERT( psa_import_key( key_slot, key_type,
key->x, key->len ) == PSA_SUCCESS ); key->x, key->len ) == PSA_SUCCESS );
TEST_ASSERT( psa_encrypt_setup( &operation1, TEST_ASSERT( psa_cipher_encrypt_setup( &operation1,
key_slot, alg ) == PSA_SUCCESS ); key_slot, alg ) == PSA_SUCCESS );
TEST_ASSERT( psa_decrypt_setup( &operation2, TEST_ASSERT( psa_cipher_decrypt_setup( &operation2,
key_slot, alg ) == PSA_SUCCESS ); key_slot, alg ) == PSA_SUCCESS );
TEST_ASSERT( psa_encrypt_generate_iv( &operation1, TEST_ASSERT( psa_cipher_generate_iv( &operation1,
iv, iv_size, iv, iv_size,
&iv_length ) == PSA_SUCCESS ); &iv_length ) == PSA_SUCCESS );
output1_size = (size_t) input->len + output1_size = (size_t) input->len +
PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ); PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type );
output1 = mbedtls_calloc( 1, output1_size ); output1 = mbedtls_calloc( 1, output1_size );
@ -1614,8 +1616,8 @@ void cipher_verify_output( int alg_arg, int key_type_arg,
output2 = mbedtls_calloc( 1, output2_size ); output2 = mbedtls_calloc( 1, output2_size );
TEST_ASSERT( output2 != NULL ); TEST_ASSERT( output2 != NULL );
TEST_ASSERT( psa_encrypt_set_iv( &operation2, TEST_ASSERT( psa_cipher_set_iv( &operation2,
iv, iv_length ) == PSA_SUCCESS ); iv, iv_length ) == PSA_SUCCESS );
TEST_ASSERT( psa_cipher_update( &operation2, output1, output1_length, TEST_ASSERT( psa_cipher_update( &operation2, output1, output1_length,
output2, output2_size, output2, output2_size,
&output2_length ) == PSA_SUCCESS ); &output2_length ) == PSA_SUCCESS );
@ -1678,14 +1680,14 @@ void cipher_verify_output_multipart( int alg_arg,
TEST_ASSERT( psa_import_key( key_slot, key_type, TEST_ASSERT( psa_import_key( key_slot, key_type,
key->x, key->len ) == PSA_SUCCESS ); key->x, key->len ) == PSA_SUCCESS );
TEST_ASSERT( psa_encrypt_setup( &operation1, TEST_ASSERT( psa_cipher_encrypt_setup( &operation1,
key_slot, alg ) == PSA_SUCCESS ); key_slot, alg ) == PSA_SUCCESS );
TEST_ASSERT( psa_decrypt_setup( &operation2, TEST_ASSERT( psa_cipher_decrypt_setup( &operation2,
key_slot, alg ) == PSA_SUCCESS ); key_slot, alg ) == PSA_SUCCESS );
TEST_ASSERT( psa_encrypt_generate_iv( &operation1, TEST_ASSERT( psa_cipher_generate_iv( &operation1,
iv, iv_size, iv, iv_size,
&iv_length ) == PSA_SUCCESS ); &iv_length ) == PSA_SUCCESS );
output1_buffer_size = (size_t) input->len + output1_buffer_size = (size_t) input->len +
PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ); PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type );
output1 = mbedtls_calloc( 1, output1_buffer_size ); output1 = mbedtls_calloc( 1, output1_buffer_size );
@ -1717,8 +1719,8 @@ void cipher_verify_output_multipart( int alg_arg,
output2 = mbedtls_calloc( 1, output2_buffer_size ); output2 = mbedtls_calloc( 1, output2_buffer_size );
TEST_ASSERT( output2 != NULL ); TEST_ASSERT( output2 != NULL );
TEST_ASSERT( psa_encrypt_set_iv( &operation2, TEST_ASSERT( psa_cipher_set_iv( &operation2,
iv, iv_length ) == PSA_SUCCESS ); iv, iv_length ) == PSA_SUCCESS );
TEST_ASSERT( psa_cipher_update( &operation2, output1, first_part_size, TEST_ASSERT( psa_cipher_update( &operation2, output1, first_part_size,
output2, output2_buffer_size, output2, output2_buffer_size,