Remove the deprecated PSA_ALG_SELECT_RAW option

This change affects the psa_key_derivation_s structure. With the buffer removed from the union, it is empty if MBEDTLS_MD_C is not defined. We can avoid undefined behaviour by adding a new dummy field that is always present or make the whole union conditional on MBEDTLS_MD_C. In this latter case the initialiser macro has to depend on MBEDTLS_MD_C as well. Furthermore the first structure would be either psa_hkdf_key_derivation_t or psa_tls12_prf_key_derivation_t both of which are very deep and would make the initialisation macro difficult to maintain, therefore we go with the first option.
2019-06-14 11:05:39 +01:00 · 2019-06-14 11:05:39 +01:00 · adbec81cc4
commit adbec81cc4
parent a27c927d4a
4 changed files with 7 additions and 83 deletions
--- a/include/psa/crypto_struct.h
+++ b/include/psa/crypto_struct.h
@ -277,11 +277,8 @@ struct psa_key_derivation_s
    size_t capacity;
    union
    {
-        struct
-        {
-            uint8_t *data;
-            size_t size;
-        } buffer;
+        /* Make the union non-empty even with no supported algorithms. */
+        uint8_t dummy;
 #if defined(MBEDTLS_MD_C)
        psa_hkdf_key_derivation_t hkdf;
        psa_tls12_prf_key_derivation_t tls12_prf;
@ -289,7 +286,8 @@ struct psa_key_derivation_s
    } ctx;
 };

-#define PSA_KEY_DERIVATION_OPERATION_INIT {0, 0, {{0, 0}}}
+/* This only zeroes out the first byte in the union, the rest is unspecified. */
+#define PSA_KEY_DERIVATION_OPERATION_INIT {0, 0, {0}}
 static inline struct psa_key_derivation_s psa_key_derivation_operation_init( void )
 {
    const struct psa_key_derivation_s v = PSA_KEY_DERIVATION_OPERATION_INIT;