commit a6df6040eec06b4defb5dadb8f0be774d3fb34ec
author Steven Cooreman <steven.cooreman@silabs.com> Thu Apr 29 19:32:25 2021 +0200
committer Steven Cooreman <steven.cooreman@silabs.com> Fri May 07 23:33:50 2021 +0200
tree 6a3728910e84f14467f96c59b59a0e04b05d0ed9
parent d1ed1d935f5938a767cd66a15f8e6526b164b466

Base the PSA implementation of TLS 1.2 PRF on the MAC API

This means there is no longer a need to have an internal HMAC API, so
it is being removed in this commit as well.

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>

library/psa_crypto_mac.c

diff --git a/library/psa_crypto_mac.c b/library/psa_crypto_mac.c
index ac026ff..ca40b03 100644
--- a/library/psa_crypto_mac.c
+++ b/library/psa_crypto_mac.c
@@ -69,16 +69,18 @@
     }
 }
 
-psa_status_t psa_hmac_abort_internal( mbedtls_psa_hmac_operation_t *hmac )
+static psa_status_t psa_hmac_abort_internal(
+    mbedtls_psa_hmac_operation_t *hmac )
 {
     mbedtls_platform_zeroize( hmac->opad, sizeof( hmac->opad ) );
     return( psa_hash_abort( &hmac->hash_ctx ) );
 }
 
-psa_status_t psa_hmac_setup_internal( mbedtls_psa_hmac_operation_t *hmac,
-                                      const uint8_t *key,
-                                      size_t key_length,
-                                      psa_algorithm_t hash_alg )
+static psa_status_t psa_hmac_setup_internal(
+    mbedtls_psa_hmac_operation_t *hmac,
+    const uint8_t *key,
+    size_t key_length,
+    psa_algorithm_t hash_alg )
 {
     uint8_t ipad[PSA_HMAC_MAX_HASH_BLOCK_SIZE];
     size_t i;
@@ -139,16 +141,18 @@
     return( status );
 }
 
-psa_status_t psa_hmac_update_internal( mbedtls_psa_hmac_operation_t *hmac,
-                                       const uint8_t *data,
-                                       size_t data_length )
+static psa_status_t psa_hmac_update_internal(
+    mbedtls_psa_hmac_operation_t *hmac,
+    const uint8_t *data,
+    size_t data_length )
 {
     return( psa_hash_update( &hmac->hash_ctx, data, data_length ) );
 }
 
-psa_status_t psa_hmac_finish_internal( mbedtls_psa_hmac_operation_t *hmac,
-                                       uint8_t *mac,
-                                       size_t mac_size )
+static psa_status_t psa_hmac_finish_internal(
+    mbedtls_psa_hmac_operation_t *hmac,
+    uint8_t *mac,
+    size_t mac_size )
 {
     uint8_t tmp[MBEDTLS_MD_MAX_SIZE];
     psa_algorithm_t hash_alg = hmac->alg;
@@ -183,23 +187,6 @@
     mbedtls_platform_zeroize( tmp, hash_size );
     return( status );
 }
-
-psa_status_t psa_hmac_clone_internal(
-    const mbedtls_psa_hmac_operation_t *source,
-    mbedtls_psa_hmac_operation_t *destination )
-{
-    psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
-
-    destination->alg = source->alg;
-    destination->hash_ctx = psa_hash_operation_init();
-    status = psa_hash_clone( &source->hash_ctx, &destination->hash_ctx );
-    memcpy( destination->opad, source->opad, sizeof( destination->opad ) );
-
-    if( status != PSA_SUCCESS )
-        memset( destination, 0, sizeof( *destination ) );
-
-    return( status );
-}
 #endif /* MBEDTLS_PSA_BUILTIN_ALG_HMAC || PSA_CRYPTO_DRIVER_TEST */
 
 /* Implement the PSA driver MAC interface on top of mbed TLS if either the
@@ -457,8 +444,8 @@
 #if defined(BUILTIN_ALG_HMAC)
     if( PSA_ALG_IS_HMAC( operation->alg ) )
     {
-        return( psa_hash_update( &operation->ctx.hmac.hash_ctx, input,
-                                 input_length ) );
+        return( psa_hmac_update_internal( &operation->ctx.hmac,
+                                          input, input_length ) );
     }
     else
 #endif /* BUILTIN_ALG_HMAC */