generate/derive key ext: pass method_data_length rather than method_length

Instead of passing the size of the whole structure, just pass the data length and let the implementation worry about adding the size of the structure. The intent with passing the structure size was to allow the client code in a client-server implementation to know nothing about the structure and just copy the bytes to the server. But that was not really a useful consideration since the application has to know the structure layout, so it has to be available in the client implementation's headers. Passing the method data length makes life simpler for everyone by not having to worry about possible padding at the end of the structure, and removes a potential error condition (method_length < sizeof(psa_key_generation_method_t)). Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2024-02-14 20:51:28 +01:00 · 2024-02-14 20:51:28 +01:00 · c81393b2ed
commit c81393b2ed
parent 7a18f9645c
7 changed files with 56 additions and 95 deletions
--- a/include/psa/crypto_struct.h
+++ b/include/psa/crypto_struct.h
@ -233,7 +233,7 @@ struct psa_key_generation_method_s {
 *
 * Calling psa_generate_key_ext() or psa_key_derivation_output_key_ext()
 * with `method=PSA_KEY_GENERATION_METHOD_INIT` and
- * `method_length=sizeof(psa_key_generation_method_t)` is equivalent to
+ * `method_data_length == 0` is equivalent to
 * calling psa_generate_key() or psa_key_derivation_output_key()
 * respectively.
 */