Fix overlap between volatile keys and built-in keys

Fix interference between PSA volatile keys and built-in keys when MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS is enabled and MBEDTLS_PSA_KEY_SLOT_COUNT is more than 4096. This overlap used to make it possible that a volatile key would receive the identifier of a built-in key, and is now caught by a static assertion. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2025-02-10 06:40:16 +00:00 · 2024-07-16 21:24:05 +02:00 · 2024-07-16 21:24:05 +02:00 · 7dea096086
commit 7dea096086
parent 708ec09e30
2 changed files with 8 additions and 4 deletions
--- a/ChangeLog.d/dynamic-keystore.txt
+++ b/ChangeLog.d/dynamic-keystore.txt
@ -0,0 +1,4 @@
+Bugfix
+   * Fix interference between PSA volatile keys and built-in keys
+     when MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS is enabled and
+     MBEDTLS_PSA_KEY_SLOT_COUNT is more than 4096.
--- a/library/psa_crypto_slot_management.h
+++ b/library/psa_crypto_slot_management.h
@ -15,7 +15,7 @@

 /** Range of volatile key identifiers.
 *
- *  The last #MBEDTLS_PSA_KEY_SLOT_COUNT identifiers of the implementation
+ *  The first #MBEDTLS_PSA_KEY_SLOT_COUNT identifiers of the implementation
 *  range of key identifiers are reserved for volatile key identifiers.
 *  A volatile key identifier is equal to #PSA_KEY_ID_VOLATILE_MIN plus the
 *  index of the key slot containing the volatile key definition.
@ -23,12 +23,12 @@

 /** The minimum value for a volatile key identifier.
 */
-#define PSA_KEY_ID_VOLATILE_MIN  (PSA_KEY_ID_VENDOR_MAX - \
-                                  MBEDTLS_PSA_KEY_SLOT_COUNT + 1)
+#define PSA_KEY_ID_VOLATILE_MIN  PSA_KEY_ID_VENDOR_MIN

 /** The maximum value for a volatile key identifier.
 */
-#define PSA_KEY_ID_VOLATILE_MAX  PSA_KEY_ID_VENDOR_MAX
+#define PSA_KEY_ID_VOLATILE_MAX                                 \
+    (PSA_KEY_ID_VOLATILE_MIN + MBEDTLS_PSA_KEY_SLOT_COUNT - 1)

 /** Test whether a key identifier is a volatile key identifier.
 *