Define handles as key identifiers
Define psa_key_handle_t to be equal to
mbedtls_svc_key_id_t. Make the handle of a persistent
key be equal to its key identifier. For volatile keys,
make the key handle equal to the volatile key
identifier of the created volatile key.
The unit tests are modified just to make them compile
not to make them run successfully. They are fixed in
the subsequent commits.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 5d9b34e..f8a8c0a 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1861,7 +1861,7 @@
if( status != PSA_SUCCESS )
return( status );
- status = psa_get_empty_key_slot( handle, &volatile_key_id, p_slot );
+ status = psa_get_empty_key_slot( &volatile_key_id, p_slot );
if( status != PSA_SUCCESS )
return( status );
slot = *p_slot;
@@ -1870,9 +1870,19 @@
* creation mechanism to verify that this information is correct.
* It's automatically correct for mechanisms that use the bit-size as
* an input (generate, device) but not for those where the bit-size
- * is optional (import, copy). */
+ * is optional (import, copy). In case of a volatile key, assign it the
+ * volatile key identifier associated to the slot returned to contain its
+ * definition. */
slot->attr = attributes->core;
+ if( PSA_KEY_LIFETIME_IS_VOLATILE( slot->attr.lifetime ) )
+ {
+#if !defined(MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER)
+ slot->attr.id = volatile_key_id;
+#else
+ slot->attr.id.key_id = volatile_key_id;
+#endif
+ }
/* Erase external-only flags from the internal copy. To access
* external-only flags, query `attributes`. Thanks to the check
@@ -1928,7 +1938,9 @@
}
#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
- return( status );
+ *handle = slot->attr.id;
+
+ return( PSA_SUCCESS );
}
/** Finalize the creation of a key once its key material has been set.