psa_copy_key: enforce PSA_KEY_USAGE_COPY Implement the check and add a negative test.

commit: c160d9ec83d201f7988835185ac29cf896fd5899 [log] [tgz]
author: Gilles Peskine <Gilles.Peskine@arm.com> Tue May 14 14:32:03 2019 +0200
committer: Gilles Peskine <Gilles.Peskine@arm.com> Tue May 14 14:32:03 2019 +0200
tree: 7d463d96c35bbc35043f7d2442fb3d26ce08fb2e
parent: f9f4a4849c8adf9b1bce6612b2bf1f25027a6092 [diff] [blame]
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index b0acc30..6465c3a 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c

@@ -1596,7 +1596,8 @@
     psa_key_slot_t *target_slot = NULL;
     psa_key_policy_t new_policy;
     psa_status_t status;
-    status = psa_get_key_from_slot( source_handle, &source_slot, 0, 0 );
+    status = psa_get_key_from_slot( source_handle, &source_slot,
+                                    PSA_KEY_USAGE_COPY, 0 );
     if( status != PSA_SUCCESS )
         return( status );
     status = psa_get_empty_key_slot( target_handle, &target_slot );
@@ -1631,7 +1632,8 @@
     psa_key_slot_t *target_slot = NULL;
     psa_key_attributes_t actual_attributes = *specified_attributes;
 
-    status = psa_get_key_from_slot( source_handle, &source_slot, 0, 0 );
+    status = psa_get_key_from_slot( source_handle, &source_slot,
+                                    PSA_KEY_USAGE_COPY, 0 );
     if( status != PSA_SUCCESS )
         goto exit;
commit	c160d9ec83d201f7988835185ac29cf896fd5899	[log] [tgz]
author	Gilles Peskine <Gilles.Peskine@arm.com>	Tue May 14 14:32:03 2019 +0200
committer	Gilles Peskine <Gilles.Peskine@arm.com>	Tue May 14 14:32:03 2019 +0200
tree	7d463d96c35bbc35043f7d2442fb3d26ce08fb2e
parent	f9f4a4849c8adf9b1bce6612b2bf1f25027a6092 [diff] [blame]