psa: Forbid creation/registration of keys in vendor range
The identifier of keys created/registred should be in
the application range.
This is by spec for key creation.
This may change for registered key.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index e45c52e..2c4878d 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1779,8 +1779,7 @@
psa_key_lifetime_t lifetime = psa_get_key_lifetime( attributes );
mbedtls_svc_key_id_t key = psa_get_key_id( attributes );
- status = psa_validate_key_location( psa_get_key_lifetime( attributes ),
- p_drv );
+ status = psa_validate_key_location( lifetime, p_drv );
if( status != PSA_SUCCESS )
return( status );
@@ -1795,10 +1794,7 @@
}
else
{
- status = psa_validate_key_id(
- psa_get_key_id( attributes ),
- psa_key_lifetime_is_external( lifetime ), 0 );
-
+ status = psa_validate_key_id( psa_get_key_id( attributes ), 0, 0 );
if( status != PSA_SUCCESS )
return( status );
}