diff --git a/include/psa/crypto_compat.h b/include/psa/crypto_compat.h index cc95a13cd..cb2be7fd1 100644 --- a/include/psa/crypto_compat.h +++ b/include/psa/crypto_compat.h @@ -51,10 +51,12 @@ typedef MBEDTLS_PSA_DEPRECATED size_t mbedtls_deprecated_size_t; typedef MBEDTLS_PSA_DEPRECATED psa_status_t mbedtls_deprecated_psa_status_t; typedef MBEDTLS_PSA_DEPRECATED psa_key_usage_t mbedtls_deprecated_psa_key_usage_t; typedef MBEDTLS_PSA_DEPRECATED psa_ecc_family_t mbedtls_deprecated_psa_ecc_family_t; -typedef MBEDTLS_PSA_DEPRECATED psa_dh_group_t mbedtls_deprecated_psa_dh_group_t; +typedef MBEDTLS_PSA_DEPRECATED psa_dh_family_t mbedtls_deprecated_psa_dh_family_t; typedef MBEDTLS_PSA_DEPRECATED psa_ecc_family_t psa_ecc_curve_t; +typedef MBEDTLS_PSA_DEPRECATED psa_dh_family_t psa_dh_group_t; #define PSA_KEY_TYPE_GET_CURVE PSA_KEY_TYPE_ECC_GET_FAMILY +#define PSA_KEY_TYPE_GET_GROUP PSA_KEY_TYPE_DH_GET_FAMILY #define MBEDTLS_DEPRECATED_CONSTANT( type, value ) \ ( (mbedtls_deprecated_##type) ( value ) ) @@ -118,7 +120,7 @@ MBEDTLS_PSA_DEPRECATED static inline psa_status_t psa_asymmetric_verify( psa_key #endif /* MBEDTLS_DEPRECATED_REMOVED */ /* - * Size-specific elliptic curve and Diffie-Hellman group names + * Size-specific elliptic curve families. */ #define PSA_ECC_CURVE_SECP160K1 \ MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_SECP_K1 ) @@ -201,16 +203,27 @@ MBEDTLS_PSA_DEPRECATED static inline psa_status_t psa_asymmetric_verify( psa_key #define PSA_ECC_CURVE_MONTGOMERY \ MBEDTLS_DEPRECATED_CONSTANT( psa_ecc_family_t, PSA_ECC_FAMILY_MONTGOMERY ) +/* + * Finite-field Diffie-Hellman families. + */ #define PSA_DH_GROUP_FFDHE2048 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_dh_group_t, PSA_DH_GROUP_RFC7919 ) + MBEDTLS_DEPRECATED_CONSTANT( psa_dh_family_t, PSA_DH_FAMILY_RFC7919 ) #define PSA_DH_GROUP_FFDHE3072 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_dh_group_t, PSA_DH_GROUP_RFC7919 ) + MBEDTLS_DEPRECATED_CONSTANT( psa_dh_family_t, PSA_DH_FAMILY_RFC7919 ) #define PSA_DH_GROUP_FFDHE4096 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_dh_group_t, PSA_DH_GROUP_RFC7919 ) + MBEDTLS_DEPRECATED_CONSTANT( psa_dh_family_t, PSA_DH_FAMILY_RFC7919 ) #define PSA_DH_GROUP_FFDHE6144 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_dh_group_t, PSA_DH_GROUP_RFC7919 ) + MBEDTLS_DEPRECATED_CONSTANT( psa_dh_family_t, PSA_DH_FAMILY_RFC7919 ) #define PSA_DH_GROUP_FFDHE8192 \ - MBEDTLS_DEPRECATED_CONSTANT( psa_dh_group_t, PSA_DH_GROUP_RFC7919 ) + MBEDTLS_DEPRECATED_CONSTANT( psa_dh_family_t, PSA_DH_FAMILY_RFC7919 ) + +/* + * Diffie-Hellman families that changed name due to PSA specification. + */ +#define PSA_DH_GROUP_RFC7919 \ + MBEDTLS_DEPRECATED_CONSTANT( psa_dh_family_t, PSA_DH_FAMILY_RFC7919 ) +#define PSA_DH_GROUP_CUSTOM \ + MBEDTLS_DEPRECATED_CONSTANT( psa_dh_family_t, PSA_DH_FAMILY_CUSTOM ) #ifdef __cplusplus } diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h index ceca3e384..afb16ad5c 100644 --- a/include/psa/crypto_extra.h +++ b/include/psa/crypto_extra.h @@ -414,11 +414,11 @@ psa_status_t mbedtls_psa_inject_entropy(const uint8_t *seed, /** Custom Diffie-Hellman group. * - * For keys of type #PSA_KEY_TYPE_DH_PUBLIC_KEY(#PSA_DH_GROUP_CUSTOM) or - * #PSA_KEY_TYPE_DH_KEY_PAIR(#PSA_DH_GROUP_CUSTOM), the group data comes + * For keys of type #PSA_KEY_TYPE_DH_PUBLIC_KEY(#PSA_DH_FAMILY_CUSTOM) or + * #PSA_KEY_TYPE_DH_KEY_PAIR(#PSA_DH_FAMILY_CUSTOM), the group data comes * from domain parameters set by psa_set_key_domain_parameters(). */ -#define PSA_DH_GROUP_CUSTOM ((psa_dh_group_t) 0x7e) +#define PSA_DH_FAMILY_CUSTOM ((psa_dh_family_t) 0x7e) /** @@ -448,8 +448,8 @@ psa_status_t mbedtls_psa_inject_entropy(const uint8_t *seed, * } * ``` * - For Diffie-Hellman key exchange keys - * (#PSA_KEY_TYPE_DH_PUBLIC_KEY(#PSA_DH_GROUP_CUSTOM) or - * #PSA_KEY_TYPE_DH_KEY_PAIR(#PSA_DH_GROUP_CUSTOM)), the + * (#PSA_KEY_TYPE_DH_PUBLIC_KEY(#PSA_DH_FAMILY_CUSTOM) or + * #PSA_KEY_TYPE_DH_KEY_PAIR(#PSA_DH_FAMILY_CUSTOM)), the * `DomainParameters` format as defined by RFC 3279 §2.3.3. * ``` * DomainParameters ::= SEQUENCE { diff --git a/include/psa/crypto_types.h b/include/psa/crypto_types.h index 8e98eafb4..29e1f2939 100644 --- a/include/psa/crypto_types.h +++ b/include/psa/crypto_types.h @@ -85,7 +85,7 @@ typedef uint8_t psa_ecc_family_t; * Values defined by this standard will never be in the range 0x80-0xff. * Vendors who define additional families must use an encoding in this range. */ -typedef uint8_t psa_dh_group_t; +typedef uint8_t psa_dh_family_t; /** \brief Encoding of a cryptographic algorithm. * diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index 3feaa1c98..73d7d9d14 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -536,14 +536,14 @@ #define PSA_KEY_TYPE_DH_GROUP_MASK ((psa_key_type_t)0x00ff) /** Diffie-Hellman key pair. * - * \param group A value of type ::psa_dh_group_t that identifies the + * \param group A value of type ::psa_dh_family_t that identifies the * Diffie-Hellman group to be used. */ #define PSA_KEY_TYPE_DH_KEY_PAIR(group) \ (PSA_KEY_TYPE_DH_KEY_PAIR_BASE | (group)) /** Diffie-Hellman public key. * - * \param group A value of type ::psa_dh_group_t that identifies the + * \param group A value of type ::psa_dh_family_t that identifies the * Diffie-Hellman group to be used. */ #define PSA_KEY_TYPE_DH_PUBLIC_KEY(group) \ @@ -563,8 +563,8 @@ PSA_KEY_TYPE_DH_PUBLIC_KEY_BASE) /** Extract the group from a Diffie-Hellman key type. */ -#define PSA_KEY_TYPE_GET_GROUP(type) \ - ((psa_dh_group_t) (PSA_KEY_TYPE_IS_DH(type) ? \ +#define PSA_KEY_TYPE_DH_GET_FAMILY(type) \ + ((psa_dh_family_t) (PSA_KEY_TYPE_IS_DH(type) ? \ ((type) & PSA_KEY_TYPE_DH_GROUP_MASK) : \ 0)) @@ -574,7 +574,7 @@ * 2048, 3072, 4096, 6144, 8192. A given implementation may support * all of these sizes or only a subset. */ -#define PSA_DH_GROUP_RFC7919 ((psa_dh_group_t) 0x03) +#define PSA_DH_FAMILY_RFC7919 ((psa_dh_family_t) 0x03) #define PSA_GET_KEY_TYPE_BLOCK_SIZE_EXPONENT(type) \ (((type) >> 8) & 7) diff --git a/programs/psa/psa_constant_names.c b/programs/psa/psa_constant_names.c index a5a223707..5fc4f9e4e 100644 --- a/programs/psa/psa_constant_names.c +++ b/programs/psa/psa_constant_names.c @@ -83,7 +83,7 @@ static void append_integer(char **buffer, size_t buffer_size, /* The code of these function is automatically generated and included below. */ static const char *psa_ecc_family_name(psa_ecc_family_t curve); -static const char *psa_dh_group_name(psa_dh_group_t group); +static const char *psa_dh_family_name(psa_dh_family_t group); static const char *psa_hash_algorithm_name(psa_algorithm_t hash_alg); static void append_with_curve(char **buffer, size_t buffer_size, @@ -107,9 +107,9 @@ static void append_with_curve(char **buffer, size_t buffer_size, static void append_with_group(char **buffer, size_t buffer_size, size_t *required_size, const char *string, size_t length, - psa_dh_group_t group) + psa_dh_family_t group) { - const char *group_name = psa_dh_group_name(group); + const char *group_name = psa_dh_family_name(group); append(buffer, buffer_size, required_size, string, length); append(buffer, buffer_size, required_size, "(", 1); if (group_name != NULL) { @@ -176,9 +176,9 @@ static int psa_snprint_ecc_curve(char *buffer, size_t buffer_size, } static int psa_snprint_dh_group(char *buffer, size_t buffer_size, - psa_dh_group_t group) + psa_dh_family_t group) { - const char *name = psa_dh_group_name(group); + const char *name = psa_dh_family_name(group); if (name == NULL) { return snprintf(buffer, buffer_size, "0x%02x", (unsigned) group); } else { @@ -200,7 +200,7 @@ static void usage(const char *program_name) printf("Supported types (with = between aliases):\n"); printf(" alg=algorithm Algorithm (psa_algorithm_t)\n"); printf(" curve=ecc_curve Elliptic curve identifier (psa_ecc_family_t)\n"); - printf(" group=dh_group Diffie-Hellman group identifier (psa_dh_group_t)\n"); + printf(" group=dh_group Diffie-Hellman group identifier (psa_dh_family_t)\n"); printf(" type=key_type Key type (psa_key_type_t)\n"); printf(" usage=key_usage Key usage (psa_key_usage_t)\n"); printf(" error=status Status code (psa_status_t)\n"); @@ -275,7 +275,7 @@ int process_unsigned(unsigned_value_type type, unsigned long max, char **argp) break; case TYPE_DH_GROUP: psa_snprint_dh_group(buffer, sizeof(buffer), - (psa_dh_group_t) value); + (psa_dh_family_t) value); break; case TYPE_KEY_TYPE: psa_snprint_key_type(buffer, sizeof(buffer), @@ -314,7 +314,7 @@ int main(int argc, char *argv[]) return process_unsigned(TYPE_ECC_CURVE, (psa_ecc_family_t) (-1), argv + 2); } else if (!strcmp(argv[1], "group") || !strcmp(argv[1], "dh_group")) { - return process_unsigned(TYPE_DH_GROUP, (psa_dh_group_t) (-1), + return process_unsigned(TYPE_DH_GROUP, (psa_dh_family_t) (-1), argv + 2); } else if (!strcmp(argv[1], "type") || !strcmp(argv[1], "key_type")) { return process_unsigned(TYPE_KEY_TYPE, (psa_key_type_t) (-1), diff --git a/scripts/generate_psa_constants.py b/scripts/generate_psa_constants.py index 539856489..c84b83857 100755 --- a/scripts/generate_psa_constants.py +++ b/scripts/generate_psa_constants.py @@ -51,7 +51,7 @@ static const char *psa_ecc_family_name(psa_ecc_family_t curve) } } -static const char *psa_dh_group_name(psa_dh_group_t group) +static const char *psa_dh_family_name(psa_dh_family_t group) { switch (group) { %(dh_group_cases)s @@ -185,7 +185,7 @@ KEY_TYPE_FROM_CURVE_TEMPLATE = '''if (%(tester)s(type)) { KEY_TYPE_FROM_GROUP_TEMPLATE = '''if (%(tester)s(type)) { append_with_group(&buffer, buffer_size, &required_size, "%(builder)s", %(builder_length)s, - PSA_KEY_TYPE_GET_GROUP(type)); + PSA_KEY_TYPE_DH_GET_FAMILY(type)); } else ''' ALGORITHM_FROM_HASH_TEMPLATE = '''if (%(tester)s(core_alg)) { @@ -266,7 +266,7 @@ class MacroCollector: self.key_types_from_group[name] = name[:13] + 'IS_' + name[13:] elif name.startswith('PSA_ECC_FAMILY_') and not parameter: self.ecc_curves.add(name) - elif name.startswith('PSA_DH_GROUP_') and not parameter: + elif name.startswith('PSA_DH_FAMILY_') and not parameter: self.dh_groups.add(name) elif name.startswith('PSA_ALG_') and not parameter: if name in ['PSA_ALG_ECDSA_BASE', diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function index ff79872e4..4576b8bb4 100644 --- a/tests/suites/test_suite_psa_crypto.function +++ b/tests/suites/test_suite_psa_crypto.function @@ -1299,11 +1299,14 @@ void static_checks( ) TEST_EQUAL( PSA_ECC_CURVE_BRAINPOOL_P_R1, PSA_ECC_FAMILY_BRAINPOOL_P_R1 ); TEST_EQUAL( PSA_ECC_CURVE_MONTGOMERY, PSA_ECC_FAMILY_MONTGOMERY ); - TEST_EQUAL( PSA_DH_GROUP_FFDHE2048, PSA_DH_GROUP_RFC7919 ); - TEST_EQUAL( PSA_DH_GROUP_FFDHE3072, PSA_DH_GROUP_RFC7919 ); - TEST_EQUAL( PSA_DH_GROUP_FFDHE4096, PSA_DH_GROUP_RFC7919 ); - TEST_EQUAL( PSA_DH_GROUP_FFDHE6144, PSA_DH_GROUP_RFC7919 ); - TEST_EQUAL( PSA_DH_GROUP_FFDHE8192, PSA_DH_GROUP_RFC7919 ); + TEST_EQUAL( PSA_DH_GROUP_FFDHE2048, PSA_DH_FAMILY_RFC7919 ); + TEST_EQUAL( PSA_DH_GROUP_FFDHE3072, PSA_DH_FAMILY_RFC7919 ); + TEST_EQUAL( PSA_DH_GROUP_FFDHE4096, PSA_DH_FAMILY_RFC7919 ); + TEST_EQUAL( PSA_DH_GROUP_FFDHE6144, PSA_DH_FAMILY_RFC7919 ); + TEST_EQUAL( PSA_DH_GROUP_FFDHE8192, PSA_DH_FAMILY_RFC7919 ); + + TEST_EQUAL( PSA_DH_GROUP_RFC7919, PSA_DH_FAMILY_RFC7919 ); + TEST_EQUAL( PSA_DH_GROUP_CUSTOM, PSA_DH_FAMILY_CUSTOM ); #endif } /* END_CASE */ diff --git a/tests/suites/test_suite_psa_crypto_metadata.data b/tests/suites/test_suite_psa_crypto_metadata.data index 5813d2f5f..4abdd27be 100644 --- a/tests/suites/test_suite_psa_crypto_metadata.data +++ b/tests/suites/test_suite_psa_crypto_metadata.data @@ -376,4 +376,4 @@ ECC key family: Montgomery (Curve25519, Curve448) ecc_key_family:PSA_ECC_FAMILY_MONTGOMERY DH group family: RFC 7919 -dh_key_family:PSA_DH_GROUP_RFC7919 +dh_key_family:PSA_DH_FAMILY_RFC7919 diff --git a/tests/suites/test_suite_psa_crypto_metadata.function b/tests/suites/test_suite_psa_crypto_metadata.function index d4ae85520..1ba846695 100644 --- a/tests/suites/test_suite_psa_crypto_metadata.function +++ b/tests/suites/test_suite_psa_crypto_metadata.function @@ -510,7 +510,7 @@ void ecc_key_family( int curve_arg ) /* BEGIN_CASE depends_on:MBEDTLS_DHM_C */ void dh_key_family( int group_arg ) { - psa_dh_group_t group = group_arg; + psa_dh_family_t group = group_arg; psa_key_type_t public_type = PSA_KEY_TYPE_DH_PUBLIC_KEY( group ); psa_key_type_t pair_type = PSA_KEY_TYPE_DH_KEY_PAIR( group ); @@ -519,7 +519,7 @@ void dh_key_family( int group_arg ) test_key_type( public_type, KEY_TYPE_IS_DH | KEY_TYPE_IS_PUBLIC_KEY ); test_key_type( pair_type, KEY_TYPE_IS_DH | KEY_TYPE_IS_KEY_PAIR ); - TEST_EQUAL( PSA_KEY_TYPE_GET_GROUP( public_type ), group ); - TEST_EQUAL( PSA_KEY_TYPE_GET_GROUP( pair_type ), group ); + TEST_EQUAL( PSA_KEY_TYPE_DH_GET_FAMILY( public_type ), group ); + TEST_EQUAL( PSA_KEY_TYPE_DH_GET_FAMILY( pair_type ), group ); } /* END_CASE */