Move attribute fields to a substructure
Move the "core attributes" to a substructure of psa_key_attribute_t.
The motivation is to be able to use the new structure
psa_core_key_attributes_t internally.
diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h
index b2d4633..6dfaa13 100644
--- a/include/psa/crypto_extra.h
+++ b/include/psa/crypto_extra.h
@@ -89,7 +89,7 @@
psa_key_attributes_t *attributes,
psa_algorithm_t alg2)
{
- attributes->policy.alg2 = alg2;
+ attributes->core.policy.alg2 = alg2;
}
/** Retrieve the enrollment algorithm policy from key attributes.
@@ -101,7 +101,7 @@
static inline psa_algorithm_t psa_get_key_enrollment_algorithm(
const psa_key_attributes_t *attributes)
{
- return( attributes->policy.alg2 );
+ return( attributes->core.policy.alg2 );
}
/**@}*/
diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h
index 0ddc7a3..fea59df 100644
--- a/include/psa/crypto_struct.h
+++ b/include/psa/crypto_struct.h
@@ -309,18 +309,25 @@
return( v );
}
+typedef struct
+{
+ psa_key_type_t type;
+ psa_key_lifetime_t lifetime;
+ psa_key_id_t id;
+ psa_key_policy_t policy;
+ size_t bits;
+} psa_core_key_attributes_t;
+
+#define PSA_CORE_KEY_ATTRIBUTES_INIT {0, 0, 0, {0, 0, 0}, 0}
+
struct psa_key_attributes_s
{
- psa_key_id_t id;
- psa_key_lifetime_t lifetime;
- psa_key_policy_t policy;
- psa_key_type_t type;
- size_t bits;
+ psa_core_key_attributes_t core;
void *domain_parameters;
size_t domain_parameters_size;
};
-#define PSA_KEY_ATTRIBUTES_INIT {0, 0, {0, 0, 0}, 0, 0, NULL, 0}
+#define PSA_KEY_ATTRIBUTES_INIT {PSA_CORE_KEY_ATTRIBUTES_INIT, NULL, 0}
static inline struct psa_key_attributes_s psa_key_attributes_init( void )
{
const struct psa_key_attributes_s v = PSA_KEY_ATTRIBUTES_INIT;
@@ -330,53 +337,53 @@
static inline void psa_set_key_id(psa_key_attributes_t *attributes,
psa_key_id_t id)
{
- attributes->id = id;
- if( attributes->lifetime == PSA_KEY_LIFETIME_VOLATILE )
- attributes->lifetime = PSA_KEY_LIFETIME_PERSISTENT;
+ attributes->core.id = id;
+ if( attributes->core.lifetime == PSA_KEY_LIFETIME_VOLATILE )
+ attributes->core.lifetime = PSA_KEY_LIFETIME_PERSISTENT;
}
static inline psa_key_id_t psa_get_key_id(
const psa_key_attributes_t *attributes)
{
- return( attributes->id );
+ return( attributes->core.id );
}
static inline void psa_set_key_lifetime(psa_key_attributes_t *attributes,
psa_key_lifetime_t lifetime)
{
- attributes->lifetime = lifetime;
+ attributes->core.lifetime = lifetime;
if( lifetime == PSA_KEY_LIFETIME_VOLATILE )
- attributes->id = 0;
+ attributes->core.id = 0;
}
static inline psa_key_lifetime_t psa_get_key_lifetime(
const psa_key_attributes_t *attributes)
{
- return( attributes->lifetime );
+ return( attributes->core.lifetime );
}
static inline void psa_set_key_usage_flags(psa_key_attributes_t *attributes,
psa_key_usage_t usage_flags)
{
- attributes->policy.usage = usage_flags;
+ attributes->core.policy.usage = usage_flags;
}
static inline psa_key_usage_t psa_get_key_usage_flags(
const psa_key_attributes_t *attributes)
{
- return( attributes->policy.usage );
+ return( attributes->core.policy.usage );
}
static inline void psa_set_key_algorithm(psa_key_attributes_t *attributes,
psa_algorithm_t alg)
{
- attributes->policy.alg = alg;
+ attributes->core.policy.alg = alg;
}
static inline psa_algorithm_t psa_get_key_algorithm(
const psa_key_attributes_t *attributes)
{
- return( attributes->policy.alg );
+ return( attributes->core.policy.alg );
}
/* This function is declared in crypto_extra.h, which comes after this
@@ -392,7 +399,7 @@
if( attributes->domain_parameters == NULL )
{
/* Common case: quick path */
- attributes->type = type;
+ attributes->core.type = type;
}
else
{
@@ -407,19 +414,19 @@
static inline psa_key_type_t psa_get_key_type(
const psa_key_attributes_t *attributes)
{
- return( attributes->type );
+ return( attributes->core.type );
}
static inline void psa_set_key_bits(psa_key_attributes_t *attributes,
size_t bits)
{
- attributes->bits = bits;
+ attributes->core.bits = bits;
}
static inline size_t psa_get_key_bits(
const psa_key_attributes_t *attributes)
{
- return( attributes->bits );
+ return( attributes->core.bits );
}
#endif /* PSA_CRYPTO_STRUCT_H */
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 8752528..4721f6b 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1086,7 +1086,7 @@
attributes->domain_parameters = copy;
attributes->domain_parameters_size = data_length;
- attributes->type = type;
+ attributes->core.type = type;
return( PSA_SUCCESS );
}
@@ -1153,11 +1153,11 @@
static void psa_get_key_slot_attributes( psa_key_slot_t *slot,
psa_key_attributes_t *attributes )
{
- attributes->id = slot->persistent_storage_id;
- attributes->lifetime = slot->lifetime;
- attributes->policy = slot->policy;
- attributes->type = slot->type;
- attributes->bits = psa_get_key_slot_bits( slot );
+ attributes->core.id = slot->persistent_storage_id;
+ attributes->core.lifetime = slot->lifetime;
+ attributes->core.policy = slot->policy;
+ attributes->core.type = slot->type;
+ attributes->core.bits = psa_get_key_slot_bits( slot );
}
/** Retrieve all the publicly-accessible attributes of a key.
@@ -1454,21 +1454,21 @@
return( status );
slot = *p_slot;
- status = psa_set_key_policy_internal( slot, &attributes->policy );
+ status = psa_set_key_policy_internal( slot, &attributes->core.policy );
if( status != PSA_SUCCESS )
return( status );
- slot->lifetime = attributes->lifetime;
+ slot->lifetime = attributes->core.lifetime;
- if( attributes->lifetime != PSA_KEY_LIFETIME_VOLATILE )
+ if( attributes->core.lifetime != PSA_KEY_LIFETIME_VOLATILE )
{
- status = psa_validate_persistent_key_parameters( attributes->lifetime,
- attributes->id,
+ status = psa_validate_persistent_key_parameters( attributes->core.lifetime,
+ attributes->core.id,
p_drv, 1 );
if( status != PSA_SUCCESS )
return( status );
- slot->persistent_storage_id = attributes->id;
+ slot->persistent_storage_id = attributes->core.id;
}
- slot->type = attributes->type;
+ slot->type = attributes->core.type;
#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
/* For a key in a secure element, we need to do three things:
@@ -1628,9 +1628,9 @@
const psa_key_slot_t *slot,
const psa_key_attributes_t *attributes )
{
- if( attributes->type != 0 )
+ if( attributes->core.type != 0 )
{
- if( attributes->type != slot->type )
+ if( attributes->core.type != slot->type )
return( PSA_ERROR_INVALID_ARGUMENT );
}
@@ -1667,9 +1667,9 @@
}
}
- if( attributes->bits != 0 )
+ if( attributes->core.bits != 0 )
{
- if( attributes->bits != psa_get_key_slot_bits( slot ) )
+ if( attributes->core.bits != psa_get_key_slot_bits( slot ) )
return( PSA_ERROR_INVALID_ARGUMENT );
}
@@ -1772,7 +1772,7 @@
if( status != PSA_SUCCESS )
goto exit;
- status = psa_restrict_key_policy( &actual_attributes.policy,
+ status = psa_restrict_key_policy( &actual_attributes.core.policy,
&source_slot->policy );
if( status != PSA_SUCCESS )
goto exit;
@@ -4706,7 +4706,7 @@
if( status == PSA_SUCCESS )
{
status = psa_generate_derived_key_internal( slot,
- attributes->bits,
+ attributes->core.bits,
operation );
}
if( status == PSA_SUCCESS )
@@ -5744,7 +5744,7 @@
if( status == PSA_SUCCESS )
{
status = psa_generate_key_internal(
- slot, attributes->bits,
+ slot, attributes->core.bits,
attributes->domain_parameters, attributes->domain_parameters_size );
}
if( status == PSA_SUCCESS )
diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h
index 8658490..d335b75 100644
--- a/library/psa_crypto_core.h
+++ b/library/psa_crypto_core.h
@@ -40,9 +40,9 @@
typedef struct
{
psa_key_type_t type;
- psa_key_policy_t policy;
psa_key_lifetime_t lifetime;
psa_key_file_id_t persistent_storage_id;
+ psa_key_policy_t policy;
unsigned allocated : 1;
union
{
diff --git a/library/psa_crypto_se.c b/library/psa_crypto_se.c
index aece47d..58b0f38 100644
--- a/library/psa_crypto_se.c
+++ b/library/psa_crypto_se.c
@@ -198,7 +198,7 @@
psa_drv_se_allocate_key_t p_allocate = NULL;
/* If the lifetime is wrong, it's a bug in the library. */
- if( driver->lifetime != attributes->lifetime )
+ if( driver->lifetime != psa_get_key_lifetime( attributes ) )
return( PSA_ERROR_CORRUPTION_DETECTED );
/* If the driver doesn't support key creation in any way, give up now. */
diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c
index e63dcda..6add6b8 100644
--- a/library/psa_crypto_slot_management.c
+++ b/library/psa_crypto_slot_management.c
@@ -133,7 +133,7 @@
goto exit;
p_slot->lifetime = psa_get_key_lifetime( &attributes );
p_slot->type = psa_get_key_type( &attributes );
- p_slot->policy = attributes.policy;
+ p_slot->policy = attributes.core.policy;
#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
if( psa_key_lifetime_is_external( p_slot->lifetime ) )
diff --git a/library/psa_crypto_storage.c b/library/psa_crypto_storage.c
index b8569be..4113fb7 100644
--- a/library/psa_crypto_storage.c
+++ b/library/psa_crypto_storage.c
@@ -328,11 +328,11 @@
memcpy( *key_data, storage_format->key_data, *key_data_length );
}
- GET_UINT32_LE( attributes->lifetime, storage_format->lifetime, 0 );
- GET_UINT32_LE( attributes->type, storage_format->type, 0 );
- GET_UINT32_LE( attributes->policy.usage, storage_format->policy, 0 );
- GET_UINT32_LE( attributes->policy.alg, storage_format->policy, sizeof( uint32_t ) );
- GET_UINT32_LE( attributes->policy.alg2, storage_format->policy, 2 * sizeof( uint32_t ) );
+ GET_UINT32_LE( attributes->core.lifetime, storage_format->lifetime, 0 );
+ GET_UINT32_LE( attributes->core.type, storage_format->type, 0 );
+ GET_UINT32_LE( attributes->core.policy.usage, storage_format->policy, 0 );
+ GET_UINT32_LE( attributes->core.policy.alg, storage_format->policy, sizeof( uint32_t ) );
+ GET_UINT32_LE( attributes->core.policy.alg2, storage_format->policy, 2 * sizeof( uint32_t ) );
return( PSA_SUCCESS );
}
diff --git a/tests/suites/test_suite_psa_crypto.function b/tests/suites/test_suite_psa_crypto.function
index 1d06d62..887ff84 100644
--- a/tests/suites/test_suite_psa_crypto.function
+++ b/tests/suites/test_suite_psa_crypto.function
@@ -1225,7 +1225,7 @@
PSA_ASSERT( psa_get_key_attributes( handle, &got_attributes ) );
TEST_EQUAL( psa_get_key_type( &got_attributes ), type );
if( attr_bits != 0 )
- TEST_EQUAL( attr_bits, got_attributes.bits );
+ TEST_EQUAL( attr_bits, psa_get_key_bits( &got_attributes ) );
PSA_ASSERT( psa_destroy_key( handle ) );
test_operations_on_invalid_handle( handle );