Rename generator functions to psa_key_derivation_xxx
Generators are mostly about key derivation (currently: only about key
derivation). "Generator" is not a commonly used term in cryptography.
So favor "derivation" as terminology. Call a generator a key
derivation operation structure, since it behaves like other multipart
operation structures. Furthermore, the function names are not fully
consistent.
In this commit, I rename the functions to consistently have the prefix
"psa_key_derivation_". I used the following command:
perl -i -pe '%t = (
psa_crypto_generator_t => "psa_key_derivation_operation_t",
psa_crypto_generator_init => "psa_key_derivation_init",
psa_key_derivation_setup => "psa_key_derivation_setup",
psa_key_derivation_input_key => "psa_key_derivation_input_key",
psa_key_derivation_input_bytes => "psa_key_derivation_input_bytes",
psa_key_agreement => "psa_key_derivation_key_agreement",
psa_set_generator_capacity => "psa_key_derivation_set_capacity",
psa_get_generator_capacity => "psa_key_derivation_get_capacity",
psa_generator_read => "psa_key_derivation_output_bytes",
psa_generate_derived_key => "psa_key_derivation_output_key",
psa_generator_abort => "psa_key_derivation_abort",
PSA_CRYPTO_GENERATOR_INIT => "PSA_KEY_DERIVATION_OPERATION_INIT",
PSA_GENERATOR_UNBRIDLED_CAPACITY => "PSA_KEY_DERIVATION_UNLIMITED_CAPACITY",
); s/\b(@{[join("|", keys %t)]})\b/$t{$1}/ge' $(git ls-files)
diff --git a/programs/psa/key_ladder_demo.c b/programs/psa/key_ladder_demo.c
index aded3bc..4ebb7e0 100644
--- a/programs/psa/key_ladder_demo.c
+++ b/programs/psa/key_ladder_demo.c
@@ -279,7 +279,7 @@
{
psa_status_t status = PSA_SUCCESS;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
- psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
+ psa_key_derivation_operation_t generator = PSA_KEY_DERIVATION_OPERATION_INIT;
size_t i;
psa_set_key_usage_flags( &attributes,
@@ -306,13 +306,13 @@
*key_handle = 0;
/* Use the generator obtained from the parent key to create
* the next intermediate key. */
- PSA_CHECK( psa_generate_derived_key( &attributes, &generator,
+ PSA_CHECK( psa_key_derivation_output_key( &attributes, &generator,
key_handle ) );
- PSA_CHECK( psa_generator_abort( &generator ) );
+ PSA_CHECK( psa_key_derivation_abort( &generator ) );
}
exit:
- psa_generator_abort( &generator );
+ psa_key_derivation_abort( &generator );
if( status != PSA_SUCCESS )
{
psa_close_key( *key_handle );
@@ -328,7 +328,7 @@
{
psa_status_t status = PSA_SUCCESS;
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
- psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
+ psa_key_derivation_operation_t generator = PSA_KEY_DERIVATION_OPERATION_INIT;
*wrapping_key_handle = 0;
psa_set_key_usage_flags( &attributes, usage );
@@ -343,11 +343,11 @@
WRAPPING_KEY_SALT, WRAPPING_KEY_SALT_LENGTH,
NULL, 0,
PSA_BITS_TO_BYTES( WRAPPING_KEY_BITS ) ) );
- PSA_CHECK( psa_generate_derived_key( &attributes, &generator,
+ PSA_CHECK( psa_key_derivation_output_key( &attributes, &generator,
wrapping_key_handle ) );
exit:
- psa_generator_abort( &generator );
+ psa_key_derivation_abort( &generator );
if( status != PSA_SUCCESS )
{
psa_close_key( *wrapping_key_handle );