Replace "generator" with "key derivation" #113
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
gilles-peskine-arm
added
enhancement
gilles-peskine-arm
changed the title
gilles-peskine-arm
force-pushed
the
psa-generator_to_derivation
branch
from
1b96587 to
0129a04
Compare
Generators are mostly about key derivation (currently: only about key
derivation). "Generator" is not a commonly used term in cryptography.
So favor "derivation" as terminology. Call a generator a key
derivation operation structure, since it behaves like other multipart
operation structures. Furthermore, the function names are not fully
consistent.
In this commit, I rename the functions to consistently have the prefix
"psa_key_derivation_". I used the following command:
perl -i -pe '%t = (
psa_crypto_generator_t => "psa_key_derivation_operation_t",
psa_crypto_generator_init => "psa_key_derivation_init",
psa_key_derivation_setup => "psa_key_derivation_setup",
psa_key_derivation_input_key => "psa_key_derivation_input_key",
psa_key_derivation_input_bytes => "psa_key_derivation_input_bytes",
psa_key_agreement => "psa_key_derivation_key_agreement",
psa_set_generator_capacity => "psa_key_derivation_set_capacity",
psa_get_generator_capacity => "psa_key_derivation_get_capacity",
psa_generator_read => "psa_key_derivation_output_bytes",
psa_generate_derived_key => "psa_key_derivation_output_key",
psa_generator_abort => "psa_key_derivation_abort",
PSA_CRYPTO_GENERATOR_INIT => "PSA_KEY_DERIVATION_OPERATION_INIT",
PSA_GENERATOR_UNBRIDLED_CAPACITY => "PSA_KEY_DERIVATION_UNLIMITED_CAPACITY",
); s/\b(@{[join("|", keys %t)]})\b/$t{$1}/ge' $(git ls-files)
More consistent with the new function names.
perl -pe 's/crypto_generator/key_derivation/gi' $(git ls-files)
perl -pe 's/_generator/_key_derivation/gi' $(git ls-files)
Generators are mostly about key derivation (currently: only about key derivation). "Generator" is not a commonly used term in cryptography. So favor "derivation" as terminology. This commit updates the function descriptions.
Generators are now key derivation operations. Keep "random generator" intact.
After renaming several identifiers, re-wrap and re-indent some lines to make the code prettier.
Present key derivation functions in a more logical order, corresponding roughly to the order in which an application would call them.
There is less of a risk of confusion with the KA+KDF function now.
There was some copypasta from the KA+KDF function's description.
gilles-peskine-arm
force-pushed
the
psa-generator_to_derivation
branch
from
0129a04 to
58fe9e8
Compare
yanesca
approved these changes
May 16, 2019
Collaborator
yanesca
left a comment
yanesca
left a comment
There was a problem hiding this comment.
./programs/psa/key_ladder_demo.c still has a variable with name generator. Other than that it looks good to me.
Collaborator
Author
|
|
Contributor
|
CI failure is ABI job (known to fail until Mbed-TLS/mbedtls#2636 lands in the development branch) and |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Generators are mostly about key derivation (currently: only about key derivation). "Generator" is not a commonly used term in cryptography. So favor "derivation" as terminology. Call a generator a key derivation operation structure, since it behaves like other multipart operation structures. Furthermore, the function names were not fully consistent; this PR makes them more consistent.