mprse
commented
2 years ago From the documentation getter functions should have the following declaration:
psa_status_t psa_crypto_driver_key_derivation_get_input_size(
const psa_crypto_driver_key_derivation_inputs_t *inputs,
psa_key_derivation_step_t step,
size_t *size);
psa_status_t psa_crypto_driver_key_derivation_get_input_bytes(
const psa_crypto_driver_key_derivation_inputs_t *inputs,
psa_key_derivation_step_t step,
uint8_t *buffer, size_t buffer_size, size_t *buffer_length);I understand that psa_crypto_driver_key_derivation_inputs_t is the union of inputs for different algs (hkdf, prf, ...):
typedef struct
{
union
{
/* Make the union non-empty even with no supported algorithms. */
uint8_t MBEDTLS_PRIVATE(dummy);
#if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF) || \
defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS)
psa_tls12_prf_key_derivation_inputs_t MBEDTLS_PRIVATE(tls12_prf);
#endif /* MBEDTLS_PSA_BUILTIN_ALG_TLS12_PRF ||
MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS */
#if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF)
psa_hkdf_key_derivation_inputs_t MBEDTLS_PRIVATE(hkdf);
};
#endif /* MBEDTLS_PSA_BUILTIN_ALG_HKDF */
} psa_crypto_driver_key_derivation_inputs_t;So we need here to pass also operation to determine the alg and distinguish different input types to process.
This a step of the implementation of the interface for key derivation drivers introduced in #5451. It follows #5477. The goal of this issue is:
psa_crypto_driver_key_derivation_inputs_t:psa_crypto_driver_key_derivation_get_input_size,psa_crypto_driver_key_derivation_get_input_bytes. Nopsa_crypto_driver_key_derivation_get_input_keyyet: that will come with opaque driver support. Nopsa_crypto_driver_key_derivation_get_input_integeryet: we don't yet implement any KDF with integer parameters.psa_crypto_key_derivation_driver_setup.