diff --git a/include/mbedtls/ecdh.h b/include/mbedtls/ecdh.h index 874b4ee12..af4b273bf 100644 --- a/include/mbedtls/ecdh.h +++ b/include/mbedtls/ecdh.h @@ -84,13 +84,13 @@ typedef enum */ typedef struct mbedtls_ecdh_context_mbed { - mbedtls_ecp_group grp; /*!< The elliptic curve used. */ - mbedtls_mpi d; /*!< The private key. */ - mbedtls_ecp_point Q; /*!< The public key. */ - mbedtls_ecp_point Qp; /*!< The value of the public key of the peer. */ - mbedtls_mpi z; /*!< The shared secret. */ + mbedtls_ecp_group MBEDTLS_PRIVATE(grp); /*!< The elliptic curve used. */ + mbedtls_mpi MBEDTLS_PRIVATE(d); /*!< The private key. */ + mbedtls_ecp_point MBEDTLS_PRIVATE(Q); /*!< The public key. */ + mbedtls_ecp_point MBEDTLS_PRIVATE(Qp); /*!< The value of the public key of the peer. */ + mbedtls_mpi MBEDTLS_PRIVATE(z); /*!< The shared secret. */ #if defined(MBEDTLS_ECP_RESTARTABLE) - mbedtls_ecp_restart_ctx rs; /*!< The restart context for EC computations. */ + mbedtls_ecp_restart_ctx MBEDTLS_PRIVATE(rs); /*!< The restart context for EC computations. */ #endif } mbedtls_ecdh_context_mbed; #endif @@ -119,21 +119,21 @@ typedef struct mbedtls_ecdh_context mbedtls_ecp_restart_ctx rs; /*!< The restart context for EC computations. */ #endif /* MBEDTLS_ECP_RESTARTABLE */ #else - uint8_t point_format; /*!< The format of point export in TLS messages + uint8_t MBEDTLS_PRIVATE(point_format); /*!< The format of point export in TLS messages as defined in RFC 4492. */ - mbedtls_ecp_group_id grp_id;/*!< The elliptic curve used. */ - mbedtls_ecdh_variant var; /*!< The ECDH implementation/structure used. */ + mbedtls_ecp_group_id MBEDTLS_PRIVATE(grp_id);/*!< The elliptic curve used. */ + mbedtls_ecdh_variant MBEDTLS_PRIVATE(var); /*!< The ECDH implementation/structure used. */ union { - mbedtls_ecdh_context_mbed mbed_ecdh; + mbedtls_ecdh_context_mbed MBEDTLS_PRIVATE(mbed_ecdh); #if defined(MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED) - mbedtls_ecdh_context_everest everest_ecdh; + mbedtls_ecdh_context_everest MBEDTLS_PRIVATE(everest_ecdh); #endif - } ctx; /*!< Implementation-specific context. The + } MBEDTLS_PRIVATE(ctx); /*!< Implementation-specific context. The context in use is specified by the \c var field. */ #if defined(MBEDTLS_ECP_RESTARTABLE) - uint8_t restart_enabled; /*!< The flag for restartable mode. Functions of + uint8_t MBEDTLS_PRIVATE(restart_enabled); /*!< The flag for restartable mode. Functions of an alternative implementation not supporting restartable mode must return MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED error diff --git a/include/mbedtls/ecdsa.h b/include/mbedtls/ecdsa.h index 525de5da1..cf063a0b5 100644 --- a/include/mbedtls/ecdsa.h +++ b/include/mbedtls/ecdsa.h @@ -107,12 +107,12 @@ typedef struct mbedtls_ecdsa_restart_det mbedtls_ecdsa_restart_det_ctx; */ typedef struct { - mbedtls_ecp_restart_ctx ecp; /*!< base context for ECP restart and + mbedtls_ecp_restart_ctx MBEDTLS_PRIVATE(ecp); /*!< base context for ECP restart and shared administrative info */ - mbedtls_ecdsa_restart_ver_ctx *ver; /*!< ecdsa_verify() sub-context */ - mbedtls_ecdsa_restart_sig_ctx *sig; /*!< ecdsa_sign() sub-context */ + mbedtls_ecdsa_restart_ver_ctx *MBEDTLS_PRIVATE(ver); /*!< ecdsa_verify() sub-context */ + mbedtls_ecdsa_restart_sig_ctx *MBEDTLS_PRIVATE(sig); /*!< ecdsa_sign() sub-context */ #if defined(MBEDTLS_ECDSA_DETERMINISTIC) - mbedtls_ecdsa_restart_det_ctx *det; /*!< ecdsa_sign_det() sub-context */ + mbedtls_ecdsa_restart_det_ctx *MBEDTLS_PRIVATE(det); /*!< ecdsa_sign_det() sub-context */ #endif } mbedtls_ecdsa_restart_ctx; diff --git a/include/mbedtls/ecp.h b/include/mbedtls/ecp.h index 913e323f1..a3b442478 100644 --- a/include/mbedtls/ecp.h +++ b/include/mbedtls/ecp.h @@ -317,10 +317,10 @@ typedef struct mbedtls_ecp_restart_muladd mbedtls_ecp_restart_muladd_ctx; */ typedef struct { - unsigned ops_done; /*!< current ops count */ - unsigned depth; /*!< call depth (0 = top-level) */ - mbedtls_ecp_restart_mul_ctx *rsm; /*!< ecp_mul_comb() sub-context */ - mbedtls_ecp_restart_muladd_ctx *ma; /*!< ecp_muladd() sub-context */ + unsigned MBEDTLS_PRIVATE(ops_done); /*!< current ops count */ + unsigned MBEDTLS_PRIVATE(depth); /*!< call depth (0 = top-level) */ + mbedtls_ecp_restart_mul_ctx *MBEDTLS_PRIVATE(rsm); /*!< ecp_mul_comb() sub-context */ + mbedtls_ecp_restart_muladd_ctx *MBEDTLS_PRIVATE(ma); /*!< ecp_muladd() sub-context */ } mbedtls_ecp_restart_ctx; /* diff --git a/include/mbedtls/pk.h b/include/mbedtls/pk.h index 06da076fb..6f88db43a 100644 --- a/include/mbedtls/pk.h +++ b/include/mbedtls/pk.h @@ -192,8 +192,8 @@ typedef struct mbedtls_pk_context */ typedef struct { - const mbedtls_pk_info_t * pk_info; /**< Public key information */ - void * rs_ctx; /**< Underlying restart context */ + const mbedtls_pk_info_t * MBEDTLS_PRIVATE(pk_info); /**< Public key information */ + void * MBEDTLS_PRIVATE(rs_ctx); /**< Underlying restart context */ } mbedtls_pk_restart_ctx; #else /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */ /* Now we can declare functions that take a pointer to that */ @@ -209,7 +209,7 @@ typedef void mbedtls_pk_restart_ctx; */ static inline mbedtls_rsa_context *mbedtls_pk_rsa( const mbedtls_pk_context pk ) { - return( (mbedtls_rsa_context *) (pk).pk_ctx ); + return( (mbedtls_rsa_context *) (pk).MBEDTLS_PRIVATE(pk_ctx) ); } #endif /* MBEDTLS_RSA_C */ @@ -222,7 +222,7 @@ static inline mbedtls_rsa_context *mbedtls_pk_rsa( const mbedtls_pk_context pk ) */ static inline mbedtls_ecp_keypair *mbedtls_pk_ec( const mbedtls_pk_context pk ) { - return( (mbedtls_ecp_keypair *) (pk).pk_ctx ); + return( (mbedtls_ecp_keypair *) (pk).MBEDTLS_PRIVATE(pk_ctx) ); } #endif /* MBEDTLS_ECP_C */ diff --git a/include/mbedtls/ssl_ciphersuites.h b/include/mbedtls/ssl_ciphersuites.h index 093238c0b..00a1aaec9 100644 --- a/include/mbedtls/ssl_ciphersuites.h +++ b/include/mbedtls/ssl_ciphersuites.h @@ -375,19 +375,19 @@ typedef struct mbedtls_ssl_ciphersuite_t mbedtls_ssl_ciphersuite_t; */ struct mbedtls_ssl_ciphersuite_t { - int id; - const char * name; + int MBEDTLS_PRIVATE(id); + const char * MBEDTLS_PRIVATE(name); - mbedtls_cipher_type_t cipher; - mbedtls_md_type_t mac; - mbedtls_key_exchange_type_t key_exchange; + mbedtls_cipher_type_t MBEDTLS_PRIVATE(cipher); + mbedtls_md_type_t MBEDTLS_PRIVATE(mac); + mbedtls_key_exchange_type_t MBEDTLS_PRIVATE(key_exchange); - int min_major_ver; - int min_minor_ver; - int max_major_ver; - int max_minor_ver; + int MBEDTLS_PRIVATE(min_major_ver); + int MBEDTLS_PRIVATE(min_minor_ver); + int MBEDTLS_PRIVATE(max_major_ver); + int MBEDTLS_PRIVATE(max_minor_ver); - unsigned char flags; + unsigned char MBEDTLS_PRIVATE(flags); }; const int *mbedtls_ssl_list_ciphersuites( void ); diff --git a/include/mbedtls/x509_crt.h b/include/mbedtls/x509_crt.h index 015962c7c..f25db4455 100644 --- a/include/mbedtls/x509_crt.h +++ b/include/mbedtls/x509_crt.h @@ -301,23 +301,23 @@ typedef struct typedef struct { /* for check_signature() */ - mbedtls_pk_restart_ctx pk; + mbedtls_pk_restart_ctx MBEDTLS_PRIVATE(pk); /* for find_parent_in() */ - mbedtls_x509_crt *parent; /* non-null iff parent_in in progress */ - mbedtls_x509_crt *fallback_parent; - int fallback_signature_is_good; + mbedtls_x509_crt *MBEDTLS_PRIVATE(parent); /* non-null iff parent_in in progress */ + mbedtls_x509_crt *MBEDTLS_PRIVATE(fallback_parent); + int MBEDTLS_PRIVATE(fallback_signature_is_good); /* for find_parent() */ - int parent_is_trusted; /* -1 if find_parent is not in progress */ + int MBEDTLS_PRIVATE(parent_is_trusted); /* -1 if find_parent is not in progress */ /* for verify_chain() */ enum { x509_crt_rs_none, x509_crt_rs_find_parent, - } in_progress; /* none if no operation is in progress */ - int self_cnt; - mbedtls_x509_crt_verify_chain ver_chain; + } MBEDTLS_PRIVATE(in_progress); /* none if no operation is in progress */ + int MBEDTLS_PRIVATE(self_cnt); + mbedtls_x509_crt_verify_chain MBEDTLS_PRIVATE(ver_chain); } mbedtls_x509_crt_restart_ctx; diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index b07ced8bd..598a9a774 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -345,7 +345,7 @@ static inline struct psa_key_attributes_s psa_key_attributes_init( void ) static inline void psa_set_key_id( psa_key_attributes_t *attributes, mbedtls_svc_key_id_t key ) { - psa_key_lifetime_t MBEDTLS_PRIVATE(lifetime) = attributes->MBEDTLS_PRIVATE(core).lifetime; + psa_key_lifetime_t lifetime = attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(lifetime); attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(id) = key; @@ -368,7 +368,7 @@ static inline mbedtls_svc_key_id_t psa_get_key_id( static inline void mbedtls_set_key_owner_id( psa_key_attributes_t *attributes, mbedtls_key_owner_id_t owner ) { - attributes->core.id.owner = owner; + attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(id).MBEDTLS_PRIVATE(owner) = owner; } #endif @@ -379,7 +379,7 @@ static inline void psa_set_key_lifetime(psa_key_attributes_t *attributes, if( PSA_KEY_LIFETIME_IS_VOLATILE( lifetime ) ) { #ifdef MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER - attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(id).key_id = 0; + attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(id).MBEDTLS_PRIVATE(key_id) = 0; #else attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(id) = 0; #endif diff --git a/include/psa/crypto_types.h b/include/psa/crypto_types.h index 386c7d794..2cf965d81 100644 --- a/include/psa/crypto_types.h +++ b/include/psa/crypto_types.h @@ -32,6 +32,7 @@ #ifndef PSA_CRYPTO_TYPES_H #define PSA_CRYPTO_TYPES_H +#include "mbedtls/private_access.h" #include "crypto_platform.h" @@ -234,8 +235,8 @@ typedef psa_key_id_t mbedtls_svc_key_id_t; */ typedef struct { - psa_key_id_t key_id; - mbedtls_key_owner_id_t owner; + psa_key_id_t MBEDTLS_PRIVATE(key_id); + mbedtls_key_owner_id_t MBEDTLS_PRIVATE(owner); } mbedtls_svc_key_id_t; #endif /* !MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER */ diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index 497bd8f01..31a64647e 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -33,6 +33,7 @@ #ifndef PSA_CRYPTO_VALUES_H #define PSA_CRYPTO_VALUES_H +#include "mbedtls/private_access.h" /** \defgroup error Error codes * @{ @@ -2124,8 +2125,8 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) static inline mbedtls_svc_key_id_t mbedtls_svc_key_id_make( mbedtls_key_owner_id_t owner_id, psa_key_id_t key_id ) { - return( (mbedtls_svc_key_id_t){ .key_id = key_id, - .owner = owner_id } ); + return( (mbedtls_svc_key_id_t){ .MBEDTLS_PRIVATE(key_id) = key_id, + .MBEDTLS_PRIVATE(owner) = owner_id } ); } /** Compare two key identifiers. @@ -2138,8 +2139,8 @@ static inline mbedtls_svc_key_id_t mbedtls_svc_key_id_make( static inline int mbedtls_svc_key_id_equal( mbedtls_svc_key_id_t id1, mbedtls_svc_key_id_t id2 ) { - return( ( id1.key_id == id2.key_id ) && - mbedtls_key_owner_id_equal( id1.owner, id2.owner ) ); + return( ( id1.MBEDTLS_PRIVATE(key_id) == id2.MBEDTLS_PRIVATE(key_id) ) && + mbedtls_key_owner_id_equal( id1.MBEDTLS_PRIVATE(owner), id2.MBEDTLS_PRIVATE(owner) ) ); } /** Check whether a key identifier is null. @@ -2150,7 +2151,7 @@ static inline int mbedtls_svc_key_id_equal( mbedtls_svc_key_id_t id1, */ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key ) { - return( ( key.key_id == 0 ) && ( key.owner == 0 ) ); + return( ( key.MBEDTLS_PRIVATE(key_id) == 0 ) && ( key.MBEDTLS_PRIVATE(owner) == 0 ) ); } #endif /* !MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER */