mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-02-11 09:40:38 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge pull request #8500 from Ryan-Everett-arm/8409-make-empty-key-slots-explicit

Browse Source 
Make empty key slots explicit
This commit is contained in:
Janos Follath 2023-11-24 08:52:01 +00:00 committed by GitHub
commit 905409abe2
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 20 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
library/psa_crypto.c
View File

@ -1849,6 +1849,8 @@ static psa_status_t psa_start_key_creation(
} }
#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ #endif /* MBEDTLS_PSA_CRYPTO_SE_C */
slot->status = PSA_SLOT_OCCUPIED;
return PSA_SUCCESS; return PSA_SUCCESS;
} }

9
library/psa_crypto_core.h
View File

@ -33,12 +33,19 @@
*/ */
int psa_can_do_hash(psa_algorithm_t hash_alg); int psa_can_do_hash(psa_algorithm_t hash_alg);
typedef enum {
PSA_SLOT_EMPTY = 0,
PSA_SLOT_OCCUPIED,
} psa_key_slot_status_t;
/** The data structure representing a key slot, containing key material /** The data structure representing a key slot, containing key material
* and metadata for one key. * and metadata for one key.
*/ */
typedef struct { typedef struct {
psa_core_key_attributes_t attr; psa_core_key_attributes_t attr;
psa_key_slot_status_t status;
/* /*
* Number of locks on the key slot held by the library. * Number of locks on the key slot held by the library.
* *
@ -88,7 +95,7 @@ typedef struct {
*/ */
static inline int psa_is_key_slot_occupied(const psa_key_slot_t *slot) static inline int psa_is_key_slot_occupied(const psa_key_slot_t *slot)
{ {
return slot->attr.type != 0; return slot->status == PSA_SLOT_OCCUPIED;
} }
/** Test whether a key slot is locked. /** Test whether a key slot is locked.

10
library/psa_crypto_slot_management.c
View File

@ -237,11 +237,20 @@ static psa_status_t psa_load_persistent_key_into_slot(psa_key_slot_t *slot)
data = (psa_se_key_data_storage_t *) key_data; data = (psa_se_key_data_storage_t *) key_data;
status = psa_copy_key_material_into_slot( status = psa_copy_key_material_into_slot(
slot, data->slot_number, sizeof(data->slot_number)); slot, data->slot_number, sizeof(data->slot_number));
if (status == PSA_SUCCESS) {
slot->status = PSA_SLOT_OCCUPIED;
}
goto exit; goto exit;
} }
#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ #endif /* MBEDTLS_PSA_CRYPTO_SE_C */
status = psa_copy_key_material_into_slot(slot, key_data, key_data_length); status = psa_copy_key_material_into_slot(slot, key_data, key_data_length);
if (status != PSA_SUCCESS) {
goto exit;
}
slot->status = PSA_SLOT_OCCUPIED;
exit: exit:
psa_free_persistent_key_data(key_data, key_data_length); psa_free_persistent_key_data(key_data, key_data_length);
@ -315,6 +324,7 @@ static psa_status_t psa_load_builtin_key_into_slot(psa_key_slot_t *slot)
/* Copy actual key length and core attributes into the slot on success */ /* Copy actual key length and core attributes into the slot on success */
slot->key.bytes = key_buffer_length; slot->key.bytes = key_buffer_length;
slot->attr = attributes.core; slot->attr = attributes.core;
slot->status = PSA_SLOT_OCCUPIED;
exit: exit:
if (status != PSA_SUCCESS) { if (status != PSA_SUCCESS) {