New function to get key slot statistics
New function mbedtls_psa_get_stats to obtain some data about how many
key slots are in use. This is intended for debugging and testing
purposes.
diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h
index 56e0536..b08f46d 100644
--- a/include/psa/crypto_extra.h
+++ b/include/psa/crypto_extra.h
@@ -116,6 +116,43 @@
*/
void mbedtls_psa_crypto_free( void );
+/** \brief Statistics about
+ * resource consumption related to the PSA keystore.
+ *
+ * \note The content of this structure is not part of the stable API and ABI
+ * of Mbed Crypto and may change arbitrarily from version to version.
+ */
+typedef struct mbedtls_psa_stats_s
+{
+ /** Number of slots containing key material for a volatile key. */
+ size_t volatile_slots;
+ /** Number of slots containing key material for a key which is in
+ * internal persistent storage. */
+ size_t persistent_slots;
+ /** Number of slots containing a reference to a key in a
+ * secure element. */
+ size_t external_slots;
+ /** Number of slots which are occupied, but do not contain
+ * key material yet. */
+ size_t half_filled_slots;
+ /** Number of slots that contain cache data. */
+ size_t cache_slots;
+ /** Number of slots that are not used for anything. */
+ size_t empty_slots;
+ /** Largest key id value among open keys in internal persistent storage. */
+ psa_key_id_t max_open_internal_key_id;
+ /** Largest key id value among open keys in secure elements. */
+ psa_key_id_t max_open_external_key_id;
+} mbedtls_psa_stats_t;
+
+/** \brief Get statistics about
+ * resource consumption related to the PSA keystore.
+ *
+ * \note When Mbed Crypto is built as part of a service, with isolation
+ * between the application and the keystore, the service may or
+ * may not expose this function.
+ */
+void mbedtls_psa_get_stats( mbedtls_psa_stats_t *stats );
/**
* \brief Inject an initial entropy seed for the random generator into
diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c
index 0ffc2aa..900aa41 100644
--- a/library/psa_crypto_slot_management.c
+++ b/library/psa_crypto_slot_management.c
@@ -232,4 +232,36 @@
return( psa_wipe_key_slot( slot ) );
}
+void mbedtls_psa_get_stats( mbedtls_psa_stats_t *stats )
+{
+ psa_key_handle_t key;
+ memset( stats, 0, sizeof( *stats ) );
+ for( key = 1; key <= PSA_KEY_SLOT_COUNT; key++ )
+ {
+ psa_key_slot_t *slot = &global_data.key_slots[key - 1];
+ if( slot->type == PSA_KEY_TYPE_NONE )
+ {
+ if( slot->allocated )
+ ++stats->half_filled_slots;
+ else
+ ++stats->empty_slots;
+ continue;
+ }
+ if( slot->lifetime == PSA_KEY_LIFETIME_VOLATILE )
+ ++stats->volatile_slots;
+ else if( slot->lifetime == PSA_KEY_LIFETIME_PERSISTENT )
+ {
+ ++stats->persistent_slots;
+ if( slot->persistent_storage_id > stats->max_open_internal_key_id )
+ stats->max_open_internal_key_id = slot->persistent_storage_id;
+ }
+ else
+ {
+ ++stats->external_slots;
+ if( slot->persistent_storage_id > stats->max_open_external_key_id )
+ stats->max_open_external_key_id = slot->persistent_storage_id;
+ }
+ }
+}
+
#endif /* MBEDTLS_PSA_CRYPTO_C */