Fix PSA_MAX_PERSISTENT_KEY_IDENTIFIER to mean what it says PSA_MAX_PERSISTENT_KEY_IDENTIFIER was actually one plus the maximum key identifier. Change it to be the maximum value, and change the code that uses it accordingly. There is no semantic change here (the maximum value hasn't changed). This commit only makes the implementation clearer.

commit: e988a66b5b74629a15de043b9ceacf0d7209def7 [log] [tgz]
author: Gilles Peskine <Gilles.Peskine@arm.com> Mon Feb 18 17:33:52 2019 +0100
committer: Gilles Peskine <Gilles.Peskine@arm.com> Wed Feb 20 12:51:37 2019 +0100
tree: 1c41cabd71d7791f1233ec96e7efe4876bea6809
parent: c8569bc5c25db60496aa33cf4bf2c795c3d644ac [diff]
diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c
index dbe3bba..a9458b0 100644
--- a/library/psa_crypto_slot_management.c
+++ b/library/psa_crypto_slot_management.c

@@ -201,7 +201,7 @@
         return( 0 );
     /* Reject high values because the file names are reserved for the
      * library's internal use. */
-    if( key_id >= PSA_MAX_PERSISTENT_KEY_IDENTIFIER )
+    if( key_id > PSA_MAX_PERSISTENT_KEY_IDENTIFIER )
         return( 0 );
     return( 1 );
 }

diff --git a/library/psa_crypto_storage.h b/library/psa_crypto_storage.h
index 9da009d..74f9e23 100644
--- a/library/psa_crypto_storage.h
+++ b/library/psa_crypto_storage.h

@@ -59,7 +59,7 @@
  * This limitation will probably become moot when we implement client
  * separation for key storage.
  */
-#define PSA_MAX_PERSISTENT_KEY_IDENTIFIER 0xffff0000
+#define PSA_MAX_PERSISTENT_KEY_IDENTIFIER 0xfffeffff
 
 /**
  * \brief Format key data and metadata and save to a location for given key
commit	e988a66b5b74629a15de043b9ceacf0d7209def7	[log] [tgz]
author	Gilles Peskine <Gilles.Peskine@arm.com>	Mon Feb 18 17:33:52 2019 +0100
committer	Gilles Peskine <Gilles.Peskine@arm.com>	Wed Feb 20 12:51:37 2019 +0100
tree	1c41cabd71d7791f1233ec96e7efe4876bea6809
parent	c8569bc5c25db60496aa33cf4bf2c795c3d644ac [diff]