commit 424f89453b27091a1fc7e51c8f9848a1a8a944e6
author Gilles Peskine <Gilles.Peskine@arm.com> Mon Jul 15 21:59:53 2019 +0200
committer Gilles Peskine <Gilles.Peskine@arm.com> Mon Jul 29 17:06:06 2019 +0200
tree 97ba7ad623a79e8487d6c578a5cb39fe278c8482
parent adb1c52149932121d5fc1649e4a9f5159cdd4b7d

SE keys: store the bit size internally (partial implementation)

This commit blindingly copies the size from the attributes. This is
not correct for copy and import.

library/psa_crypto.c

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 0b33d76..fc9161d 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1035,6 +1035,11 @@
 /* Return the size of the key in the given slot, in bits. */
 static size_t psa_get_key_slot_bits( const psa_key_slot_t *slot )
 {
+#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
+    if( psa_get_se_driver( slot->lifetime, NULL, NULL ) )
+        return( slot->data.se.bits );
+#endif /* defined(MBEDTLS_PSA_CRYPTO_SE_C) */
+
     if( key_type_is_raw_bytes( slot->type ) )
         return( slot->data.raw.bytes * 8 );
 #if defined(MBEDTLS_RSA_C)
@@ -1489,6 +1494,10 @@
             (void) psa_crypto_stop_transaction( );
             return( status );
         }
+
+        /* TOnogrepDO: validate bits. How to do this depends on the key
+         * creation method, so setting bits might not belong here. */
+        slot->data.se.bits = psa_get_key_bits( attributes );
     }
 #endif /* MBEDTLS_PSA_CRYPTO_SE_C */
 

library/psa_crypto_core.h

diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h
index 6096810..8658490 100644
--- a/library/psa_crypto_core.h
+++ b/library/psa_crypto_core.h
@@ -64,6 +64,7 @@
         struct se
         {
             psa_key_slot_number_t slot_number;
+            size_t bits;
         } se;
     } data;
 } psa_key_slot_t;