Split persistence and key id validation
With key usage based on key identifiers and not
key handles (openless APIs), volatile keys will
also have a key identifier. Thus, isolate key
identifier validation from key persistence
validation to clarify that key identifiers
are not specific to persistent keys.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index ab4e47a..36dcd3f 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1776,17 +1776,28 @@
psa_se_drv_table_entry_t **p_drv )
{
psa_status_t status = PSA_ERROR_INVALID_ARGUMENT;
+ psa_key_lifetime_t lifetime = psa_get_key_lifetime( attributes );
status = psa_validate_key_location( psa_get_key_lifetime( attributes ),
p_drv );
if( status != PSA_SUCCESS )
return( status );
- status = psa_validate_key_persistence( psa_get_key_lifetime( attributes ),
- psa_get_key_id( attributes ) );
+ status = psa_validate_key_persistence( lifetime );
if( status != PSA_SUCCESS )
return( status );
+ /* Validate the key identifier only in the case of a persistent key. */
+ if ( ! PSA_KEY_LIFETIME_IS_VOLATILE( lifetime ) )
+ {
+ status = psa_validate_key_id(
+ psa_get_key_id( attributes ),
+ psa_key_lifetime_is_external( lifetime ) );
+
+ if( status != PSA_SUCCESS )
+ return( status );
+ }
+
status = psa_validate_key_policy( &attributes->core.policy );
if( status != PSA_SUCCESS )
return( status );
diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c
index 5140772..4f651d9 100644
--- a/library/psa_crypto_slot_management.c
+++ b/library/psa_crypto_slot_management.c
@@ -51,6 +51,22 @@
static psa_global_data_t global_data;
+psa_status_t psa_validate_key_id( mbedtls_svc_key_id_t key, int vendor_ok )
+{
+ psa_key_id_t key_id = MBEDTLS_SVC_KEY_ID_GET_KEY_ID( key );
+
+ if( ( PSA_KEY_ID_USER_MIN <= key_id ) &&
+ ( key_id <= PSA_KEY_ID_USER_MAX ) )
+ return( PSA_SUCCESS );
+
+ if( vendor_ok &&
+ ( PSA_KEY_ID_VENDOR_MIN <= key_id ) &&
+ ( key_id <= PSA_KEY_ID_VENDOR_MAX ) )
+ return( PSA_SUCCESS );
+
+ return( PSA_ERROR_INVALID_ARGUMENT );
+}
+
/* Access a key slot at the given handle. The handle of a key slot is
* the index of the slot in the global slot array, plus one so that handles
* start at 1 and not 0. */
@@ -150,31 +166,6 @@
psa_free_persistent_key_data( key_data, key_data_length );
return( status );
}
-
-/** Check whether a key identifier is acceptable.
- *
- * For backward compatibility, key identifiers that were valid in a
- * past released version must remain valid, unless a migration path
- * is provided.
- *
- * \param key The key identifier to check.
- * \param vendor_ok Nonzero to allow key ids in the vendor range.
- * 0 to allow only key ids in the application range.
- *
- * \return 1 if \p key is acceptable, otherwise 0.
- */
-static int psa_is_key_id_valid( mbedtls_svc_key_id_t key, int vendor_ok )
-{
- psa_key_id_t key_id = MBEDTLS_SVC_KEY_ID_GET_KEY_ID( key );
- if( PSA_KEY_ID_USER_MIN <= key_id && key_id <= PSA_KEY_ID_USER_MAX )
- return( 1 );
- else if( vendor_ok &&
- PSA_KEY_ID_VENDOR_MIN <= key_id &&
- key_id <= PSA_KEY_ID_VENDOR_MAX )
- return( 1 );
- else
- return( 0 );
-}
#endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */
psa_status_t psa_validate_key_location( psa_key_lifetime_t lifetime,
@@ -202,8 +193,7 @@
return( PSA_SUCCESS );
}
-psa_status_t psa_validate_key_persistence( psa_key_lifetime_t lifetime,
- mbedtls_svc_key_id_t key )
+psa_status_t psa_validate_key_persistence( psa_key_lifetime_t lifetime )
{
if ( PSA_KEY_LIFETIME_IS_VOLATILE( lifetime ) )
{
@@ -214,13 +204,8 @@
{
/* Persistent keys require storage support */
#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
- if( psa_is_key_id_valid( key,
- psa_key_lifetime_is_external( lifetime ) ) )
- return( PSA_SUCCESS );
- else
- return( PSA_ERROR_INVALID_ARGUMENT );
+ return( PSA_SUCCESS );
#else /* MBEDTLS_PSA_CRYPTO_STORAGE_C */
- (void) key;
return( PSA_ERROR_NOT_SUPPORTED );
#endif /* !MBEDTLS_PSA_CRYPTO_STORAGE_C */
}
@@ -234,8 +219,9 @@
*handle = 0;
- if( ! psa_is_key_id_valid( key, 1 ) )
- return( PSA_ERROR_INVALID_ARGUMENT );
+ status = psa_validate_key_id( key, 1 );
+ if( status != PSA_SUCCESS )
+ return( status );
status = psa_get_empty_key_slot( handle, &slot );
if( status != PSA_SUCCESS )
diff --git a/library/psa_crypto_slot_management.h b/library/psa_crypto_slot_management.h
index c6fecbb..6c2e549 100644
--- a/library/psa_crypto_slot_management.h
+++ b/library/psa_crypto_slot_management.h
@@ -108,18 +108,25 @@
psa_status_t psa_validate_key_location( psa_key_lifetime_t lifetime,
psa_se_drv_table_entry_t **p_drv );
-/** Validate that a key's persistence attributes are valid.
- *
- * This function checks whether a key's declared persistence level and key ID
- * attributes are valid and known to the PSA Core in its actual configuration.
+/** Validate the persistence of a key.
*
* \param[in] lifetime The key lifetime attribute.
- * \param[in] key The key identifier.
*
* \retval #PSA_SUCCESS
- * \retval #PSA_ERROR_INVALID_ARGUMENT
+ * \retval #PSA_ERROR_INVALID_ARGUMENT The key is persistent but persistent
+ * keys are not supported.
*/
-psa_status_t psa_validate_key_persistence( psa_key_lifetime_t lifetime,
- mbedtls_svc_key_id_t key );
+psa_status_t psa_validate_key_persistence( psa_key_lifetime_t lifetime );
+
+/** Validate a key identifier.
+ *
+ * \param[in] key The key identifier.
+ * \param[in] vendor_ok Non-zero to indicate that key identifiers in the
+ * vendor range are allowed, \c 0 otherwise.
+ *
+ * \retval #PSA_SUCCESS The identifier is valid.
+ * \retval #PSA_ERROR_INVALID_ARGUMENT The key identifier is not valid.
+ */
+psa_status_t psa_validate_key_id( mbedtls_svc_key_id_t key, int vendor_ok );
#endif /* PSA_CRYPTO_SLOT_MANAGEMENT_H */