Move key id validity check into its own function
diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c
index dad23c4..dbe3bba 100644
--- a/library/psa_crypto_slot_management.c
+++ b/library/psa_crypto_slot_management.c
@@ -182,6 +182,29 @@
psa_free_persistent_key_data( key_data, key_data_length );
return( status );
}
+
+/** Check whether a key identifier is acceptable.
+ *
+ * For backward compatibility, key identifiers that were valid in a
+ * past released version must remain valid, unless a migration path
+ * is provided.
+ *
+ * \param key_id The key identifier to check.
+ *
+ * \return 1 if \p key_id is acceptable, otherwise 0.
+ */
+static int psa_is_key_id_valid( psa_key_id_t key_id )
+{
+ /* Reject id=0 because by general library conventions, 0 is an invalid
+ * value wherever possible. */
+ if( key_id == 0 )
+ return( 0 );
+ /* Reject high values because the file names are reserved for the
+ * library's internal use. */
+ if( key_id >= PSA_MAX_PERSISTENT_KEY_IDENTIFIER )
+ return( 0 );
+ return( 1 );
+}
#endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */
/** Declare a slot as persistent and load it from storage.
@@ -209,13 +232,7 @@
psa_key_slot_t *slot;
psa_status_t status;
- /* Reject id=0 because by general library conventions, 0 is an invalid
- * value wherever possible. */
- if( id == 0 )
- return( PSA_ERROR_INVALID_ARGUMENT );
- /* Reject high values because the file names are reserved for the
- * library's internal use. */
- if( id >= PSA_MAX_PERSISTENT_KEY_IDENTIFIER )
+ if( ! psa_is_key_id_valid( id ) )
return( PSA_ERROR_INVALID_ARGUMENT );
status = psa_get_key_slot( handle, &slot );