mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-04-25 00:02:42 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Wrap and reindent some lines

Browse Source 
After renaming several identifiers, re-wrap and re-indent some lines
to make the code prettier.
This commit is contained in:
Gilles Peskine 2019-05-16 17:53:40 +02:00
parent 51ae0e4b79
commit cf7292e257
5 changed files with 140 additions and 121 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

48
include/psa/crypto.h
View File

@ -3033,7 +3033,8 @@ static psa_key_derivation_operation_t psa_key_derivation_operation_init(void);
* \retval #PSA_ERROR_BAD_STATE * \retval #PSA_ERROR_BAD_STATE
* \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_COMMUNICATION_FAILURE
*/ */
psa_status_t psa_key_derivation_get_capacity(const psa_key_derivation_operation_t *operation, psa_status_t psa_key_derivation_get_capacity(
const psa_key_derivation_operation_t *operation,
size_t *capacity); size_t *capacity);
/** Set the maximum capacity of a key derivation operation. /** Set the maximum capacity of a key derivation operation.
@ -3054,7 +3055,8 @@ psa_status_t psa_key_derivation_get_capacity(const psa_key_derivation_operation_
* \retval #PSA_ERROR_BAD_STATE * \retval #PSA_ERROR_BAD_STATE
* \retval #PSA_ERROR_COMMUNICATION_FAILURE * \retval #PSA_ERROR_COMMUNICATION_FAILURE
*/ */
psa_status_t psa_key_derivation_set_capacity(psa_key_derivation_operation_t *operation, psa_status_t psa_key_derivation_set_capacity(
psa_key_derivation_operation_t *operation,
size_t capacity); size_t capacity);
/** Read some data from a key derivation operation. /** Read some data from a key derivation operation.
@ -3084,7 +3086,8 @@ psa_status_t psa_key_derivation_set_capacity(psa_key_derivation_operation_t *ope
* \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE
* \retval #PSA_ERROR_TAMPERING_DETECTED * \retval #PSA_ERROR_TAMPERING_DETECTED
*/ */
psa_status_t psa_key_derivation_output_bytes(psa_key_derivation_operation_t *operation, psa_status_t psa_key_derivation_output_bytes(
psa_key_derivation_operation_t *operation,
uint8_t *output, uint8_t *output,
size_t output_length); size_t output_length);
@ -3101,8 +3104,8 @@ psa_status_t psa_key_derivation_output_bytes(psa_key_derivation_operation_t *ope
* the key is derived, depends on the key type: * the key is derived, depends on the key type:
* *
* - For key types for which the key is an arbitrary sequence of bytes * - For key types for which the key is an arbitrary sequence of bytes
* of a given size, * of a given size, this function is functionally equivalent to
* this function is functionally equivalent to calling #psa_key_derivation_output_bytes * calling #psa_key_derivation_output_bytes
* and passing the resulting output to #psa_import_key. * and passing the resulting output to #psa_import_key.
* However, this function has a security benefit: * However, this function has a security benefit:
* if the implementation provides an isolation boundary then * if the implementation provides an isolation boundary then
@ -3202,7 +3205,8 @@ psa_status_t psa_key_derivation_output_bytes(psa_key_derivation_operation_t *ope
* It is implementation-dependent whether a failure to initialize * It is implementation-dependent whether a failure to initialize
* results in this error code. * results in this error code.
*/ */
psa_status_t psa_key_derivation_output_key(const psa_key_attributes_t *attributes, psa_status_t psa_key_derivation_output_key(
const psa_key_attributes_t *attributes,
psa_key_derivation_operation_t *operation, psa_key_derivation_operation_t *operation,
psa_key_handle_t *handle); psa_key_handle_t *handle);
@ -3214,9 +3218,9 @@ psa_status_t psa_key_derivation_output_key(const psa_key_attributes_t *attribute
* *
* This function may be called at any time as long as the operation * This function may be called at any time as long as the operation
* object has been initialized to #PSA_KEY_DERIVATION_OPERATION_INIT, to * object has been initialized to #PSA_KEY_DERIVATION_OPERATION_INIT, to
* psa_key_derivation_operation_init() or a zero value. In particular, it is valid * psa_key_derivation_operation_init() or a zero value. In particular,
* to call psa_key_derivation_abort() twice, or to call psa_key_derivation_abort() * it is valid to call psa_key_derivation_abort() twice, or to call
* on an operation that has not been set up. * psa_key_derivation_abort() on an operation that has not been set up.
* *
* Once aborted, the key derivation operation object may be called. * Once aborted, the key derivation operation object may be called.
* *
@ -3228,7 +3232,8 @@ psa_status_t psa_key_derivation_output_key(const psa_key_attributes_t *attribute
* \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE
* \retval #PSA_ERROR_TAMPERING_DETECTED * \retval #PSA_ERROR_TAMPERING_DETECTED
*/ */
psa_status_t psa_key_derivation_abort(psa_key_derivation_operation_t *operation); psa_status_t psa_key_derivation_abort(
psa_key_derivation_operation_t *operation);
/** Use the maximum possible capacity for a key derivation operation. /** Use the maximum possible capacity for a key derivation operation.
* *
@ -3254,15 +3259,16 @@ psa_status_t psa_key_derivation_abort(psa_key_derivation_operation_t *operation)
* as appropriate. Which inputs are needed, in what order, and whether * as appropriate. Which inputs are needed, in what order, and whether
* they may be keys and if so of what type depends on the algorithm. * they may be keys and if so of what type depends on the algorithm.
* - Optionally set the operation's maximum capacity with * - Optionally set the operation's maximum capacity with
* psa_key_derivation_set_capacity(). You may do this before, in the middle of * psa_key_derivation_set_capacity(). You may do this before, in the middle
* or after providing inputs. For some algorithms, this step is mandatory * of or after providing inputs. For some algorithms, this step is mandatory
* because the output depends on the maximum capacity. * because the output depends on the maximum capacity.
* - To derive a key, call psa_key_derivation_output_key(). * - To derive a key, call psa_key_derivation_output_key().
* To derive a byte string for a different purpose, call * To derive a byte string for a different purpose, call
* - psa_key_derivation_output_bytes(). * - psa_key_derivation_output_bytes().
* Successive calls to these functions use successive output bytes * Successive calls to these functions use successive output bytes
* calculated by the key derivation algorithm. * calculated by the key derivation algorithm.
* - Clean up the key derivation operation object with psa_key_derivation_abort(). * - Clean up the key derivation operation object with
* psa_key_derivation_abort().
* *
* \param[in,out] operation The key derivation operation object * \param[in,out] operation The key derivation operation object
* to set up. It must * to set up. It must
@ -3283,7 +3289,8 @@ psa_status_t psa_key_derivation_abort(psa_key_derivation_operation_t *operation)
* \retval #PSA_ERROR_TAMPERING_DETECTED * \retval #PSA_ERROR_TAMPERING_DETECTED
* \retval #PSA_ERROR_BAD_STATE * \retval #PSA_ERROR_BAD_STATE
*/ */
psa_status_t psa_key_derivation_setup(psa_key_derivation_operation_t *operation, psa_status_t psa_key_derivation_setup(
psa_key_derivation_operation_t *operation,
psa_algorithm_t alg); psa_algorithm_t alg);
/** Provide an input for key derivation or key agreement. /** Provide an input for key derivation or key agreement.
@ -3321,7 +3328,8 @@ psa_status_t psa_key_derivation_setup(psa_key_derivation_operation_t *operation,
* It is implementation-dependent whether a failure to initialize * It is implementation-dependent whether a failure to initialize
* results in this error code. * results in this error code.
*/ */
psa_status_t psa_key_derivation_input_bytes(psa_key_derivation_operation_t *operation, psa_status_t psa_key_derivation_input_bytes(
psa_key_derivation_operation_t *operation,
psa_key_derivation_step_t step, psa_key_derivation_step_t step,
const uint8_t *data, const uint8_t *data,
size_t data_length); size_t data_length);
@ -3366,7 +3374,8 @@ psa_status_t psa_key_derivation_input_bytes(psa_key_derivation_operation_t *oper
* It is implementation-dependent whether a failure to initialize * It is implementation-dependent whether a failure to initialize
* results in this error code. * results in this error code.
*/ */
psa_status_t psa_key_derivation_input_key(psa_key_derivation_operation_t *operation, psa_status_t psa_key_derivation_input_key(
psa_key_derivation_operation_t *operation,
psa_key_derivation_step_t step, psa_key_derivation_step_t step,
psa_key_handle_t handle); psa_key_handle_t handle);
@ -3423,7 +3432,8 @@ psa_status_t psa_key_derivation_input_key(psa_key_derivation_operation_t *operat
* \retval #PSA_ERROR_HARDWARE_FAILURE * \retval #PSA_ERROR_HARDWARE_FAILURE
* \retval #PSA_ERROR_TAMPERING_DETECTED * \retval #PSA_ERROR_TAMPERING_DETECTED
*/ */
psa_status_t psa_key_derivation_key_agreement(psa_key_derivation_operation_t *operation, psa_status_t psa_key_derivation_key_agreement(
psa_key_derivation_operation_t *operation,
psa_key_derivation_step_t step, psa_key_derivation_step_t step,
psa_key_handle_t private_key, psa_key_handle_t private_key,
const uint8_t *peer_key, const uint8_t *peer_key,
@ -3439,8 +3449,8 @@ psa_status_t psa_key_derivation_key_agreement(psa_key_derivation_operation_t *op
* Diffie-Hellman or elliptic curve Diffie-Hellman has biases and should * Diffie-Hellman or elliptic curve Diffie-Hellman has biases and should
* not be used directly as key material. It should instead be passed as * not be used directly as key material. It should instead be passed as
* input to a key derivation algorithm. To chain a key agreement with * input to a key derivation algorithm. To chain a key agreement with
* a key derivation, use psa_key_derivation_key_agreement() and other functions from * a key derivation, use psa_key_derivation_key_agreement() and other
* the key derivation interface. * functions from the key derivation interface.
* *
* \param alg The key agreement algorithm to compute * \param alg The key agreement algorithm to compute
* (\c PSA_ALG_XXX value such that * (\c PSA_ALG_XXX value such that

7
include/psa/crypto_extra.h
View File

@ -157,9 +157,10 @@ psa_status_t mbedtls_psa_inject_entropy(const unsigned char *seed,
* - For HKDF (#PSA_ALG_HKDF), \p salt is the salt used in the "extract" step * - For HKDF (#PSA_ALG_HKDF), \p salt is the salt used in the "extract" step
* and \p label is the info string used in the "expand" step. * and \p label is the info string used in the "expand" step.
* *
* \param[in,out] operation The key derivation object to set up. It must have * \param[in,out] operation The key derivation object to set up. It must
* been initialized as per the documentation for * have been initialized as per the documentation
* #psa_key_derivation_operation_t and not yet in use. * for #psa_key_derivation_operation_t and not
* yet be in use.
* \param handle Handle to the secret key. * \param handle Handle to the secret key.
* \param alg The key derivation algorithm to compute * \param alg The key derivation algorithm to compute
* (\c PSA_ALG_XXX value such that * (\c PSA_ALG_XXX value such that

42
tests/suites/test_suite_psa_crypto.function
View File

@ -572,7 +572,8 @@ exit:
/* We need two keys to exercise key agreement. Exercise the /* We need two keys to exercise key agreement. Exercise the
* private key against its own public key. */ * private key against its own public key. */
static psa_status_t key_agreement_with_self( psa_key_derivation_operation_t *operation, static psa_status_t key_agreement_with_self(
psa_key_derivation_operation_t *operation,
psa_key_handle_t handle ) psa_key_handle_t handle )
{ {
psa_key_type_t private_key_type; psa_key_type_t private_key_type;
@ -581,8 +582,8 @@ static psa_status_t key_agreement_with_self( psa_key_derivation_operation_t *ope
uint8_t *public_key = NULL; uint8_t *public_key = NULL;
size_t public_key_length; size_t public_key_length;
/* Return GENERIC_ERROR if something other than the final call to /* Return GENERIC_ERROR if something other than the final call to
* psa_key_derivation_key_agreement fails. This isn't fully satisfactory, but it's * psa_key_derivation_key_agreement fails. This isn't fully satisfactory,
* good enough: callers will report it as a failed test anyway. */ * but it's good enough: callers will report it as a failed test anyway. */
psa_status_t status = PSA_ERROR_GENERIC_ERROR; psa_status_t status = PSA_ERROR_GENERIC_ERROR;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
@ -596,7 +597,8 @@ static psa_status_t key_agreement_with_self( psa_key_derivation_operation_t *ope
public_key, public_key_length, public_key, public_key_length,
&public_key_length ) ); &public_key_length ) );
status = psa_key_derivation_key_agreement( operation, PSA_KEY_DERIVATION_INPUT_SECRET, handle, status = psa_key_derivation_key_agreement(
operation, PSA_KEY_DERIVATION_INPUT_SECRET, handle,
public_key, public_key_length ); public_key, public_key_length );
exit: exit:
mbedtls_free( public_key ); mbedtls_free( public_key );
@ -617,8 +619,8 @@ static psa_status_t raw_key_agreement_with_self( psa_algorithm_t alg,
uint8_t output[1024]; uint8_t output[1024];
size_t output_length; size_t output_length;
/* Return GENERIC_ERROR if something other than the final call to /* Return GENERIC_ERROR if something other than the final call to
* psa_key_derivation_key_agreement fails. This isn't fully satisfactory, but it's * psa_key_derivation_key_agreement fails. This isn't fully satisfactory,
* good enough: callers will report it as a failed test anyway. */ * but it's good enough: callers will report it as a failed test anyway. */
psa_status_t status = PSA_ERROR_GENERIC_ERROR; psa_status_t status = PSA_ERROR_GENERIC_ERROR;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT; psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
@ -4120,7 +4122,8 @@ void test_derive_invalid_key_derivation_tests( )
size_t capacity = 0; size_t capacity = 0;
psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT; psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT;
TEST_ASSERT( psa_key_derivation_output_bytes( &operation, output_buffer, buffer_size ) TEST_ASSERT( psa_key_derivation_output_bytes( &operation,
output_buffer, buffer_size )
== PSA_ERROR_BAD_STATE ); == PSA_ERROR_BAD_STATE );
TEST_ASSERT( psa_key_derivation_get_capacity( &operation, &capacity ) TEST_ASSERT( psa_key_derivation_get_capacity( &operation, &capacity )
@ -4128,7 +4131,8 @@ void test_derive_invalid_key_derivation_tests( )
PSA_ASSERT( psa_key_derivation_abort( &operation ) ); PSA_ASSERT( psa_key_derivation_abort( &operation ) );
TEST_ASSERT( psa_key_derivation_output_bytes( &operation, output_buffer, buffer_size ) TEST_ASSERT( psa_key_derivation_output_bytes( &operation,
output_buffer, buffer_size )
== PSA_ERROR_BAD_STATE ); == PSA_ERROR_BAD_STATE );
TEST_ASSERT( psa_key_derivation_get_capacity( &operation, &capacity ) TEST_ASSERT( psa_key_derivation_get_capacity( &operation, &capacity )
@ -4502,7 +4506,8 @@ void key_agreement_setup( int alg_arg,
status = psa_key_derivation_setup( &operation, alg ); status = psa_key_derivation_setup( &operation, alg );
if( status == PSA_SUCCESS ) if( status == PSA_SUCCESS )
{ {
TEST_EQUAL( psa_key_derivation_key_agreement( &operation, PSA_KEY_DERIVATION_INPUT_SECRET, TEST_EQUAL( psa_key_derivation_key_agreement(
&operation, PSA_KEY_DERIVATION_INPUT_SECRET,
our_key, our_key,
peer_key_data->x, peer_key_data->len ), peer_key_data->x, peer_key_data->len ),
expected_status ); expected_status );
@ -4580,8 +4585,9 @@ void key_agreement_capacity( int alg_arg,
&our_key ) ); &our_key ) );
PSA_ASSERT( psa_key_derivation_setup( &operation, alg ) ); PSA_ASSERT( psa_key_derivation_setup( &operation, alg ) );
PSA_ASSERT( psa_key_derivation_key_agreement( &operation, PSA_KEY_DERIVATION_INPUT_SECRET, PSA_ASSERT( psa_key_derivation_key_agreement(
our_key, &operation,
PSA_KEY_DERIVATION_INPUT_SECRET, our_key,
peer_key_data->x, peer_key_data->len ) ); peer_key_data->x, peer_key_data->len ) );
if( PSA_ALG_IS_HKDF( PSA_ALG_KEY_AGREEMENT_GET_KDF( alg ) ) ) if( PSA_ALG_IS_HKDF( PSA_ALG_KEY_AGREEMENT_GET_KDF( alg ) ) )
{ {
@ -4641,8 +4647,9 @@ void key_agreement_output( int alg_arg,
&our_key ) ); &our_key ) );
PSA_ASSERT( psa_key_derivation_setup( &operation, alg ) ); PSA_ASSERT( psa_key_derivation_setup( &operation, alg ) );
PSA_ASSERT( psa_key_derivation_key_agreement( &operation, PSA_KEY_DERIVATION_INPUT_SECRET, PSA_ASSERT( psa_key_derivation_key_agreement(
our_key, &operation,
PSA_KEY_DERIVATION_INPUT_SECRET, our_key,
peer_key_data->x, peer_key_data->len ) ); peer_key_data->x, peer_key_data->len ) );
if( PSA_ALG_IS_HKDF( PSA_ALG_KEY_AGREEMENT_GET_KDF( alg ) ) ) if( PSA_ALG_IS_HKDF( PSA_ALG_KEY_AGREEMENT_GET_KDF( alg ) ) )
{ {
@ -4934,13 +4941,14 @@ void persistent_key_load_key_from_storage( data_t *data,
&base_key ) ); &base_key ) );
/* Derive a key. */ /* Derive a key. */
PSA_ASSERT( psa_key_derivation_setup( &operation, derive_alg ) ); PSA_ASSERT( psa_key_derivation_setup( &operation, derive_alg ) );
PSA_ASSERT( psa_key_derivation_input_key( &operation, PSA_ASSERT( psa_key_derivation_input_key(
PSA_KEY_DERIVATION_INPUT_SECRET, &operation,
base_key ) ); PSA_KEY_DERIVATION_INPUT_SECRET, base_key ) );
PSA_ASSERT( psa_key_derivation_input_bytes( PSA_ASSERT( psa_key_derivation_input_bytes(
&operation, PSA_KEY_DERIVATION_INPUT_INFO, &operation, PSA_KEY_DERIVATION_INPUT_INFO,
NULL, 0 ) ); NULL, 0 ) );
PSA_ASSERT( psa_key_derivation_output_key( &attributes, &operation, PSA_ASSERT( psa_key_derivation_output_key( &attributes,
&operation,
&handle ) ); &handle ) );
PSA_ASSERT( psa_key_derivation_abort( &operation ) ); PSA_ASSERT( psa_key_derivation_abort( &operation ) );
PSA_ASSERT( psa_destroy_key( base_key ) ); PSA_ASSERT( psa_destroy_key( base_key ) );