From 4f387ef277eab7dd43f85a03f2caa2e8096f97a3 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Tue, 2 May 2023 14:15:59 +0200 Subject: [PATCH] pk: use better naming for the new key ID field Signed-off-by: Valerio Setti --- include/mbedtls/pk.h | 4 ++-- library/pk.c | 8 ++++---- library/pk_wrap.c | 8 ++++---- library/pkwrite.c | 4 ++-- library/ssl_tls12_server.c | 2 +- tests/src/test_helpers/ssl_helpers.c | 2 +- 6 files changed, 14 insertions(+), 14 deletions(-) diff --git a/include/mbedtls/pk.h b/include/mbedtls/pk.h index 4934b3e262..dae61da844 100644 --- a/include/mbedtls/pk.h +++ b/include/mbedtls/pk.h @@ -235,7 +235,7 @@ typedef struct mbedtls_pk_info_t mbedtls_pk_info_t; /** * \brief Public key container * - * \note The opaque_id is guarded by MBEDTLS_PSA_CRYPTO_C and not + * \note The priv_id is guarded by MBEDTLS_PSA_CRYPTO_C and not * only by MBEDTLS_USE_PSA_CRYPTO because it can be used also * in mbedtls_pk_sign_ext for RSA keys. */ @@ -243,7 +243,7 @@ typedef struct mbedtls_pk_context { const mbedtls_pk_info_t *MBEDTLS_PRIVATE(pk_info); /**< Public key information */ void *MBEDTLS_PRIVATE(pk_ctx); /**< Underlying public key context */ #if defined(MBEDTLS_PSA_CRYPTO_C) - mbedtls_svc_key_id_t MBEDTLS_PRIVATE(opaque_id); /**< Key ID for opaque keys */ + mbedtls_svc_key_id_t MBEDTLS_PRIVATE(priv_id); /**< Key ID for opaque keys */ #endif /* MBEDTLS_PSA_CRYPTO_C */ } mbedtls_pk_context; diff --git a/library/pk.c b/library/pk.c index bd6bf98b2d..71ab60d54c 100644 --- a/library/pk.c +++ b/library/pk.c @@ -61,7 +61,7 @@ void mbedtls_pk_init(mbedtls_pk_context *ctx) ctx->pk_info = NULL; ctx->pk_ctx = NULL; #if defined(MBEDTLS_PSA_CRYPTO_C) - ctx->opaque_id = MBEDTLS_SVC_KEY_ID_INIT; + ctx->priv_id = MBEDTLS_SVC_KEY_ID_INIT; #endif /* MBEDTLS_PSA_CRYPTO_C */ } @@ -183,7 +183,7 @@ int mbedtls_pk_setup_opaque(mbedtls_pk_context *ctx, } ctx->pk_info = info; - ctx->opaque_id = key; + ctx->priv_id = key; return 0; } @@ -316,7 +316,7 @@ int mbedtls_pk_can_do_ext(const mbedtls_pk_context *ctx, psa_algorithm_t alg, psa_algorithm_t key_alg, key_alg2; psa_status_t status; - status = psa_get_key_attributes(ctx->opaque_id, &attributes); + status = psa_get_key_attributes(ctx->priv_id, &attributes); if (status != PSA_SUCCESS) { return 0; } @@ -699,7 +699,7 @@ int mbedtls_pk_sign_ext(mbedtls_pk_type_t pk_type, if (mbedtls_pk_get_type(ctx) == MBEDTLS_PK_OPAQUE) { psa_status_t status; - status = psa_sign_hash(ctx->opaque_id, PSA_ALG_RSA_PSS(psa_md_alg), + status = psa_sign_hash(ctx->priv_id, PSA_ALG_RSA_PSS(psa_md_alg), hash, hash_len, sig, sig_size, sig_len); return PSA_PK_RSA_TO_MBEDTLS_ERR(status); diff --git a/library/pk_wrap.c b/library/pk_wrap.c index d9366c149f..0e5e12049a 100644 --- a/library/pk_wrap.c +++ b/library/pk_wrap.c @@ -1508,7 +1508,7 @@ static size_t pk_opaque_get_bitlen(mbedtls_pk_context *pk) size_t bits; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; - if (PSA_SUCCESS != psa_get_key_attributes(pk->opaque_id, &attributes)) { + if (PSA_SUCCESS != psa_get_key_attributes(pk->priv_id, &attributes)) { return 0; } @@ -1555,7 +1555,7 @@ static int pk_opaque_sign_wrap(mbedtls_pk_context *pk, mbedtls_md_type_t md_alg, (void) f_rng; (void) p_rng; - status = psa_get_key_attributes(pk->opaque_id, &attributes); + status = psa_get_key_attributes(pk->priv_id, &attributes); if (status != PSA_SUCCESS) { return PSA_PK_TO_MBEDTLS_ERR(status); } @@ -1576,7 +1576,7 @@ static int pk_opaque_sign_wrap(mbedtls_pk_context *pk, mbedtls_md_type_t md_alg, return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE; /* make the signature */ - status = psa_sign_hash(pk->opaque_id, alg, hash, hash_len, + status = psa_sign_hash(pk->priv_id, alg, hash, hash_len, sig, sig_size, sig_len); if (status != PSA_SUCCESS) { #if defined(MBEDTLS_PK_CAN_ECDSA_SIGN) @@ -1638,7 +1638,7 @@ static int pk_opaque_rsa_decrypt(mbedtls_pk_context *pk, (void) f_rng; (void) p_rng; - status = psa_asymmetric_decrypt(pk->opaque_id, PSA_ALG_RSA_PKCS1V15_CRYPT, + status = psa_asymmetric_decrypt(pk->priv_id, PSA_ALG_RSA_PKCS1V15_CRYPT, input, ilen, NULL, 0, output, osize, olen); diff --git a/library/pkwrite.c b/library/pkwrite.c index e62ad5432a..4bb9ac15fb 100644 --- a/library/pkwrite.c +++ b/library/pkwrite.c @@ -194,7 +194,7 @@ int mbedtls_pk_write_pubkey(unsigned char **p, unsigned char *start, } buffer_size = (size_t) (*p - start); - if (psa_export_public_key(key->opaque_id, start, buffer_size, &len) + if (psa_export_public_key(key->priv_id, start, buffer_size, &len) != PSA_SUCCESS) { return MBEDTLS_ERR_PK_BAD_INPUT_DATA; } else { @@ -256,7 +256,7 @@ int mbedtls_pk_write_pubkey_der(const mbedtls_pk_context *key, unsigned char *bu psa_ecc_family_t curve; size_t bits; - if (PSA_SUCCESS != psa_get_key_attributes(key->opaque_id, + if (PSA_SUCCESS != psa_get_key_attributes(key->priv_id, &attributes)) { return MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED; } diff --git a/library/ssl_tls12_server.c b/library/ssl_tls12_server.c index 3025725b0c..ac6c10d419 100644 --- a/library/ssl_tls12_server.c +++ b/library/ssl_tls12_server.c @@ -2614,7 +2614,7 @@ static int ssl_get_ecdh_params_from_cert(mbedtls_ssl_context *ssl) return MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH; } - ssl->handshake->ecdh_psa_privkey = pk->opaque_id; + ssl->handshake->ecdh_psa_privkey = pk->priv_id; /* Key should not be destroyed in the TLS library */ ssl->handshake->ecdh_psa_privkey_is_external = 1; diff --git a/tests/src/test_helpers/ssl_helpers.c b/tests/src/test_helpers/ssl_helpers.c index 23f5977c3b..fbf9ea5c89 100644 --- a/tests/src/test_helpers/ssl_helpers.c +++ b/tests/src/test_helpers/ssl_helpers.c @@ -595,7 +595,7 @@ static void test_ssl_endpoint_certificate_free(mbedtls_test_ssl_endpoint *ep) if (cert->pkey != NULL) { #if defined(MBEDTLS_USE_PSA_CRYPTO) if (mbedtls_pk_get_type(cert->pkey) == MBEDTLS_PK_OPAQUE) { - psa_destroy_key(cert->pkey->opaque_id); + psa_destroy_key(cert->pkey->priv_id); } #endif mbedtls_pk_free(cert->pkey);