eden-emu/mbedtls
15
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Split psa_mac_setup -> psa_mac_{sign,verify}_setup

Browse source 
Make function names for multipart operations more consistent (MAC
setup edition).

Split psa_mac_setup into two functions psa_mac_sign_setup and
psa_mac_verify_setup. These functions behave identically except that
they require different usage flags on the key. The goal of the split
is to enforce the key policy during setup rather than at the end of
the operation (which was a bit of a hack).

In psa_mac_sign_finish and psa_mac_verify_finish, if the operation is
of the wrong type, abort the operation before returning BAD_STATE.
This commit is contained in:
Gilles Peskine 2018-07-08 20:12:23 +02:00 committed by itayzafrir
parent acd4be36fa
commit 89167cb597
4 changed files with 116 additions and 57 deletions
Download patch file Download diff file Expand all files Collapse all files

3
include/psa/crypto_struct.h
View file

@ -102,8 +102,7 @@ struct psa_mac_operation_s
int iv_required : 1;
int iv_set : 1;
int has_input : 1;
int key_usage_sign : 1;
int key_usage_verify : 1;
int is_sign : 1;
uint8_t mac_size;
union
{