Make psa_get_and_lock_key_slot_with_policy() static function

psa_get_and_lock_key_slot_with_policy() becomes public temporarily as part of: https://github.com/Mbed-TLS/mbedtls/pull/6608 Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
2025-03-29 13:20:21 +00:00 · 2022-11-30 10:51:35 +01:00 · 2022-11-30 10:51:35 +01:00 · 061f6949fd
commit 061f6949fd
parent 0c78180ee5
2 changed files with 14 additions and 19 deletions
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@ -878,7 +878,20 @@ static psa_status_t psa_restrict_key_policy(
    return PSA_SUCCESS;
 }

-psa_status_t psa_get_and_lock_key_slot_with_policy(
+/** Get the description of a key given its identifier and policy constraints
+ *  and lock it.
+ *
+ * The key must have allow all the usage flags set in \p usage. If \p alg is
+ * nonzero, the key must allow operations with this algorithm. If \p alg is
+ * zero, the algorithm is not checked.
+ *
+ * In case of a persistent key, the function loads the description of the key
+ * into a key slot if not already done.
+ *
+ * On success, the returned key slot is locked. It is the responsibility of
+ * the caller to unlock the key slot when it does not access it anymore.
+ */
+static psa_status_t psa_get_and_lock_key_slot_with_policy(
    mbedtls_svc_key_id_t key,
    psa_key_slot_t **p_slot,
    psa_key_usage_t usage,
--- a/library/psa_crypto_core.h
+++ b/library/psa_crypto_core.h
@ -182,24 +182,6 @@ static inline psa_key_slot_number_t psa_key_slot_get_slot_number(
 }
 #endif

-/** Get the description of a key given its identifier and policy constraints
- *  and lock it.
- *
- * The key must have allow all the usage flags set in \p usage. If \p alg is
- * nonzero, the key must allow operations with this algorithm. If \p alg is
- * zero, the algorithm is not checked.
- *
- * In case of a persistent key, the function loads the description of the key
- * into a key slot if not already done.
- *
- * On success, the returned key slot is locked. It is the responsibility of
- * the caller to unlock the key slot when it does not access it anymore.
- */
-psa_status_t psa_get_and_lock_key_slot_with_policy(mbedtls_svc_key_id_t key,
-                                                   psa_key_slot_t **p_slot,
-                                                   psa_key_usage_t usage,
-                                                   psa_algorithm_t alg);
-
 /** Completely wipe a slot in memory, including its policy.
 *
 * Persistent storage is not affected.