commit df17914e01f923dd1c32c9e6067ca46cd4d8e1cd
author Gilles Peskine <Gilles.Peskine@arm.com> Mon Jul 15 22:02:14 2019 +0200
committer Gilles Peskine <Gilles.Peskine@arm.com> Fri Aug 09 14:54:03 2019 +0200
tree bfcb249ce9030158ea670bc714468a724f2a0c2c
parent b231d996a0506ee6396c1289935f9a8c39627a0a

psa_start_key_creation: take the method as a parameter

Let psa_start_key_creation know what type of key creation this is. This
will be used at least for key registration in a secure element, which
is a peculiar kind of creation since it uses existing key material.

library/psa_crypto.c

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 856d862..0c8b99b 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1506,6 +1506,16 @@
     return( PSA_SUCCESS );
 }
 
+/** An enumeration indicating how a key is created.
+ */
+typedef enum
+{
+    PSA_KEY_CREATION_IMPORT,
+    PSA_KEY_CREATION_GENERATE,
+    PSA_KEY_CREATION_DERIVE,
+    PSA_KEY_CREATION_COPY,
+} psa_key_creation_method_t;
+
 /** Prepare a key slot to receive key material.
  *
  * This function allocates a key slot and sets its metadata.
@@ -1520,6 +1530,7 @@
  * In case of failure at any step, stop the sequence and call
  * psa_fail_key_creation().
  *
+ * \param method            An identification of the calling function.
  * \param[in] attributes    Key attributes for the new key.
  * \param[out] handle       On success, a handle for the allocated slot.
  * \param[out] p_slot       On success, a pointer to the prepared slot.
@@ -1532,6 +1543,7 @@
  *         You must call psa_fail_key_creation() to wipe and free the slot.
  */
 static psa_status_t psa_start_key_creation(
+    psa_key_creation_method_t method,
     const psa_key_attributes_t *attributes,
     psa_key_handle_t *handle,
     psa_key_slot_t **p_slot,
@@ -1540,6 +1552,7 @@
     psa_status_t status;
     psa_key_slot_t *slot;
 
+    (void) method;
     *p_drv = NULL;
 
     status = psa_validate_key_attributes( attributes, p_drv );
@@ -1796,7 +1809,8 @@
     psa_key_slot_t *slot = NULL;
     psa_se_drv_table_entry_t *driver = NULL;
 
-    status = psa_start_key_creation( attributes, handle, &slot, &driver );
+    status = psa_start_key_creation( PSA_KEY_CREATION_IMPORT, attributes,
+                                     handle, &slot, &driver );
     if( status != PSA_SUCCESS )
         goto exit;
 
@@ -1899,7 +1913,8 @@
     if( status != PSA_SUCCESS )
         goto exit;
 
-    status = psa_start_key_creation( &actual_attributes,
+    status = psa_start_key_creation( PSA_KEY_CREATION_COPY,
+                                     &actual_attributes,
                                      target_handle, &target_slot, &driver );
     if( status != PSA_SUCCESS )
         goto exit;
@@ -4817,7 +4832,8 @@
     psa_status_t status;
     psa_key_slot_t *slot = NULL;
     psa_se_drv_table_entry_t *driver = NULL;
-    status = psa_start_key_creation( attributes, handle, &slot, &driver );
+    status = psa_start_key_creation( PSA_KEY_CREATION_DERIVE,
+                                     attributes, handle, &slot, &driver );
 #if defined(MBEDTLS_PSA_CRYPTO_SE_C)
     if( driver != NULL )
     {
@@ -5863,7 +5879,8 @@
     psa_status_t status;
     psa_key_slot_t *slot = NULL;
     psa_se_drv_table_entry_t *driver = NULL;
-    status = psa_start_key_creation( attributes, handle, &slot, &driver );
+    status = psa_start_key_creation( PSA_KEY_CREATION_GENERATE,
+                                     attributes, handle, &slot, &driver );
 #if defined(MBEDTLS_PSA_CRYPTO_SE_C)
     if( driver != NULL )
     {