From 5ec3a30edb344760738f565f83d193a2fe6bad79 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Tue, 1 Oct 2019 14:27:23 +0200 Subject: [PATCH] SE driver: validate_slot_number: support changing persistent data Add a parameter to the p_validate_slot_number method to allow the driver to modify the persistent data. With the current structure of the core, the persistent data is already updated. All it took was adding a way to modify it. --- include/psa/crypto_se_driver.h | 8 ++++++++ library/psa_crypto_se.c | 1 + tests/suites/test_suite_psa_crypto_se_driver_hal.function | 4 ++++ 3 files changed, 13 insertions(+) diff --git a/include/psa/crypto_se_driver.h b/include/psa/crypto_se_driver.h index a43e0db48c..7ac1ed1c41 100644 --- a/include/psa/crypto_se_driver.h +++ b/include/psa/crypto_se_driver.h @@ -927,7 +927,14 @@ typedef psa_status_t (*psa_drv_se_allocate_key_t)( * sake of initial device provisioning or onboarding. Such a mechanism may * be added to a future version of the PSA Cryptography API specification. * + * This function may update the driver's persistent data through + * \p persistent_data. The core will save the updated persistent data at the + * end of the key creation process. See the description of + * ::psa_drv_se_allocate_key_t for more information. + * * \param[in,out] drv_context The driver context structure. + * \param[in,out] persistent_data A pointer to the persistent data + * that allows writing. * \param[in] attributes Attributes of the key. * \param method The way in which the key is being created. * \param[in] key_slot Slot where the key is to be stored. @@ -946,6 +953,7 @@ typedef psa_status_t (*psa_drv_se_allocate_key_t)( */ typedef psa_status_t (*psa_drv_se_validate_slot_number_t)( psa_drv_se_context_t *drv_context, + void *persistent_data, const psa_key_attributes_t *attributes, psa_key_creation_method_t method, psa_key_slot_number_t key_slot); diff --git a/library/psa_crypto_se.c b/library/psa_crypto_se.c index 2cda4ccdcc..81b310367e 100644 --- a/library/psa_crypto_se.c +++ b/library/psa_crypto_se.c @@ -222,6 +222,7 @@ psa_status_t psa_find_se_slot_for_key( if( p_validate_slot_number == NULL ) return( PSA_ERROR_NOT_SUPPORTED ); status = p_validate_slot_number( &driver->context, + driver->internal.persistent_data, attributes, method, *slot_number ); } diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal.function b/tests/suites/test_suite_psa_crypto_se_driver_hal.function index fc6f668161..539c563c46 100644 --- a/tests/suites/test_suite_psa_crypto_se_driver_hal.function +++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.function @@ -90,11 +90,13 @@ static validate_slot_number_directions_t validate_slot_number_directions; /* Validate a choice of slot number as directed. */ static psa_status_t validate_slot_number_as_directed( psa_drv_se_context_t *context, + void *persistent_data, const psa_key_attributes_t *attributes, psa_key_creation_method_t method, psa_key_slot_number_t slot_number ) { (void) context; + (void) persistent_data; (void) attributes; DRIVER_ASSERT_RETURN( slot_number == validate_slot_number_directions.slot_number ); @@ -367,11 +369,13 @@ static psa_status_t ram_allocate( psa_drv_se_context_t *context, static psa_status_t ram_validate_slot_number( psa_drv_se_context_t *context, + void *persistent_data, const psa_key_attributes_t *attributes, psa_key_creation_method_t method, psa_key_slot_number_t slot_number ) { (void) context; + (void) persistent_data; (void) attributes; (void) method; if( slot_number >= ARRAY_LENGTH( ram_slots ) )