commit f4ee6628681f7889b2dd82d8feee2c1a8712998b
author Gilles Peskine <Gilles.Peskine@arm.com> Wed Jul 24 13:44:30 2019 +0200
committer Gilles Peskine <Gilles.Peskine@arm.com> Wed Jul 24 13:44:30 2019 +0200
tree 4a3dff27f7ddefd63add46eef4e7461e6d662650
parent 89870eb1238159abaaec84bc8a01f06a463a6639

SE keys: error out in key creation function that lack support

library/psa_crypto.c

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 5fcf0ac..e508f8f 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1756,6 +1756,15 @@
     if( status != PSA_SUCCESS )
         goto exit;
 
+#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
+    if( driver != NULL )
+    {
+        /* Copying to a secure element is not implemented yet. */
+        status = PSA_ERROR_NOT_SUPPORTED;
+        goto exit;
+    }
+#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
+
     status = psa_copy_key_material( source_slot, target_slot );
     if( status != PSA_SUCCESS )
         goto exit;
@@ -4661,6 +4670,13 @@
     psa_key_slot_t *slot = NULL;
     psa_se_drv_table_entry_t *driver = NULL;
     status = psa_start_key_creation( attributes, handle, &slot, &driver );
+#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
+    if( driver != NULL )
+    {
+        /* Deriving a key in a secure element is not implemented yet. */
+        status = PSA_ERROR_NOT_SUPPORTED;
+    }
+#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
     if( status == PSA_SUCCESS )
     {
         status = psa_generate_derived_key_internal( slot,
@@ -5692,6 +5708,13 @@
     psa_key_slot_t *slot = NULL;
     psa_se_drv_table_entry_t *driver = NULL;
     status = psa_start_key_creation( attributes, handle, &slot, &driver );
+#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
+    if( driver != NULL )
+    {
+        /* Generating a key in a secure element is not implemented yet. */
+        status = PSA_ERROR_NOT_SUPPORTED;
+    }
+#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
     if( status == PSA_SUCCESS )
     {
         status = psa_generate_key_internal(