commit d167b94b877c9a64cb219ebc54e98580a33bb097
author Gilles Peskine <Gilles.Peskine@arm.com> Fri Apr 19 18:19:40 2019 +0200
committer Gilles Peskine <Gilles.Peskine@arm.com> Wed Apr 24 15:46:04 2019 +0200
tree 37d832a1ea8742459af3a682554ed7564fde3f31
parent 34e23d2109129e24477dbde8e02cc915904e3706

Reject invalid key ids/lifetimes in attribute-based creation

library/psa_crypto_slot_management.c

diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c
index 33c03a7..d8b0a2e 100644
--- a/library/psa_crypto_slot_management.c
+++ b/library/psa_crypto_slot_management.c
@@ -219,9 +219,6 @@
     psa_key_slot_t *slot;
     psa_status_t status;
 
-    if( ! psa_is_key_id_valid( id ) )
-        return( PSA_ERROR_INVALID_ARGUMENT );
-
     status = psa_get_key_slot( handle, &slot );
     if( status != PSA_SUCCESS )
         return( status );
@@ -239,6 +236,17 @@
 #endif /* !MBEDTLS_PSA_CRYPTO_STORAGE_C */
 }
 
+psa_status_t psa_validate_persistent_key_parameters(
+    psa_key_lifetime_t lifetime,
+    psa_key_file_id_t id )
+{
+    if( lifetime != PSA_KEY_LIFETIME_PERSISTENT )
+        return( PSA_ERROR_INVALID_ARGUMENT );
+    if( ! psa_is_key_id_valid( id ) )
+        return( PSA_ERROR_INVALID_ARGUMENT );
+    return( PSA_SUCCESS );
+}
+
 static psa_status_t persistent_key_setup( psa_key_lifetime_t lifetime,
                                           psa_key_file_id_t id,
                                           psa_key_handle_t *handle,
@@ -248,8 +256,9 @@
 
     *handle = 0;
 
-    if( lifetime != PSA_KEY_LIFETIME_PERSISTENT )
-        return( PSA_ERROR_INVALID_ARGUMENT );
+    status = psa_validate_persistent_key_parameters( lifetime, id );
+    if( status != PSA_SUCCESS )
+        return( status );
 
     status = psa_internal_allocate_key_slot( handle );
     if( status != PSA_SUCCESS )