mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-04-23 11:42:31 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Clarify psa_get_and_lock_transparent_key_slot_with_policy() purpose

Browse Source 
Clarify the purpose of
psa_get_and_lock_transparent_key_slot_with_policy() and
define it even when MBEDTLS_PSA_CRYPTO_SE_C is disabled
for the purpose of static drivers.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
This commit is contained in:
Ronald Cron 2021-08-24 15:39:44 +02:00 committed by Archana
parent 3c28fd3393
commit ddae0f5642
No known key found for this signature in database
GPG Key ID: 0F162FC9DB6BE502
1 changed files with 6 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
library/psa_crypto.c
View File

@ -944,16 +944,16 @@ error:
/** Get a key slot containing a transparent key and lock it. /** Get a key slot containing a transparent key and lock it.
* *
* A transparent key is a key for which the key material is directly * A transparent key is a key for which the key material is directly
* available, as opposed to a key in a secure element. * available, as opposed to a key in a secure element and/or to be used
* by a secure element.
* *
* This is a temporary function to use instead of * This is a temporary function that may be used instead of
* psa_get_and_lock_key_slot_with_policy() until secure element support is * psa_get_and_lock_key_slot_with_policy() when there is no opaque key support
* fully implemented. * for a cryptographic operation.
* *
* On success, the returned key slot is locked. It is the responsibility of the * On success, the returned key slot is locked. It is the responsibility of the
* caller to unlock the key slot when it does not access it anymore. * caller to unlock the key slot when it does not access it anymore.
*/ */
#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
static psa_status_t psa_get_and_lock_transparent_key_slot_with_policy( static psa_status_t psa_get_and_lock_transparent_key_slot_with_policy(
mbedtls_svc_key_id_t key, mbedtls_svc_key_id_t key,
psa_key_slot_t **p_slot, psa_key_slot_t **p_slot,
@ -965,7 +965,7 @@ static psa_status_t psa_get_and_lock_transparent_key_slot_with_policy(
if( status != PSA_SUCCESS ) if( status != PSA_SUCCESS )
return( status ); return( status );
if( psa_key_slot_is_external( *p_slot ) ) if( psa_key_lifetime_is_external( (*p_slot)->attr.lifetime ) )
{ {
psa_unlock_key_slot( *p_slot ); psa_unlock_key_slot( *p_slot );
*p_slot = NULL; *p_slot = NULL;
@ -974,11 +974,6 @@ static psa_status_t psa_get_and_lock_transparent_key_slot_with_policy(
return( PSA_SUCCESS ); return( PSA_SUCCESS );
} }
#else /* MBEDTLS_PSA_CRYPTO_SE_C */
/* With no secure element support, all keys are transparent. */
#define psa_get_and_lock_transparent_key_slot_with_policy( key, p_slot, usage, alg ) \
psa_get_and_lock_key_slot_with_policy( key, p_slot, usage, alg )
#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
psa_status_t psa_remove_key_data_from_memory( psa_key_slot_t *slot ) psa_status_t psa_remove_key_data_from_memory( psa_key_slot_t *slot )
{ {