Move attribute fields to a substructure

Move the "core attributes" to a substructure of psa_key_attribute_t.
The motivation is to be able to use the new structure
psa_core_key_attributes_t internally.
This commit is contained in:
Gilles Peskine 2019-07-30 13:48:52 +02:00
parent fc321f1a5e
commit 7e0cff90b9
8 changed files with 59 additions and 52 deletions

View File

@ -89,7 +89,7 @@ static inline void psa_set_key_enrollment_algorithm(
psa_key_attributes_t *attributes,
psa_algorithm_t alg2)
{
attributes->policy.alg2 = alg2;
attributes->core.policy.alg2 = alg2;
}
/** Retrieve the enrollment algorithm policy from key attributes.
@ -101,7 +101,7 @@ static inline void psa_set_key_enrollment_algorithm(
static inline psa_algorithm_t psa_get_key_enrollment_algorithm(
const psa_key_attributes_t *attributes)
{
return( attributes->policy.alg2 );
return( attributes->core.policy.alg2 );
}
/**@}*/

View File

@ -309,18 +309,25 @@ static inline struct psa_key_policy_s psa_key_policy_init( void )
return( v );
}
typedef struct
{
psa_key_type_t type;
psa_key_lifetime_t lifetime;
psa_key_id_t id;
psa_key_policy_t policy;
size_t bits;
} psa_core_key_attributes_t;
#define PSA_CORE_KEY_ATTRIBUTES_INIT {0, 0, 0, {0, 0, 0}, 0}
struct psa_key_attributes_s
{
psa_key_id_t id;
psa_key_lifetime_t lifetime;
psa_key_policy_t policy;
psa_key_type_t type;
size_t bits;
psa_core_key_attributes_t core;
void *domain_parameters;
size_t domain_parameters_size;
};
#define PSA_KEY_ATTRIBUTES_INIT {0, 0, {0, 0, 0}, 0, 0, NULL, 0}
#define PSA_KEY_ATTRIBUTES_INIT {PSA_CORE_KEY_ATTRIBUTES_INIT, NULL, 0}
static inline struct psa_key_attributes_s psa_key_attributes_init( void )
{
const struct psa_key_attributes_s v = PSA_KEY_ATTRIBUTES_INIT;
@ -330,53 +337,53 @@ static inline struct psa_key_attributes_s psa_key_attributes_init( void )
static inline void psa_set_key_id(psa_key_attributes_t *attributes,
psa_key_id_t id)
{
attributes->id = id;
if( attributes->lifetime == PSA_KEY_LIFETIME_VOLATILE )
attributes->lifetime = PSA_KEY_LIFETIME_PERSISTENT;
attributes->core.id = id;
if( attributes->core.lifetime == PSA_KEY_LIFETIME_VOLATILE )
attributes->core.lifetime = PSA_KEY_LIFETIME_PERSISTENT;
}
static inline psa_key_id_t psa_get_key_id(
const psa_key_attributes_t *attributes)
{
return( attributes->id );
return( attributes->core.id );
}
static inline void psa_set_key_lifetime(psa_key_attributes_t *attributes,
psa_key_lifetime_t lifetime)
{
attributes->lifetime = lifetime;
attributes->core.lifetime = lifetime;
if( lifetime == PSA_KEY_LIFETIME_VOLATILE )
attributes->id = 0;
attributes->core.id = 0;
}
static inline psa_key_lifetime_t psa_get_key_lifetime(
const psa_key_attributes_t *attributes)
{
return( attributes->lifetime );
return( attributes->core.lifetime );
}
static inline void psa_set_key_usage_flags(psa_key_attributes_t *attributes,
psa_key_usage_t usage_flags)
{
attributes->policy.usage = usage_flags;
attributes->core.policy.usage = usage_flags;
}
static inline psa_key_usage_t psa_get_key_usage_flags(
const psa_key_attributes_t *attributes)
{
return( attributes->policy.usage );
return( attributes->core.policy.usage );
}
static inline void psa_set_key_algorithm(psa_key_attributes_t *attributes,
psa_algorithm_t alg)
{
attributes->policy.alg = alg;
attributes->core.policy.alg = alg;
}
static inline psa_algorithm_t psa_get_key_algorithm(
const psa_key_attributes_t *attributes)
{
return( attributes->policy.alg );
return( attributes->core.policy.alg );
}
/* This function is declared in crypto_extra.h, which comes after this
@ -392,7 +399,7 @@ static inline void psa_set_key_type(psa_key_attributes_t *attributes,
if( attributes->domain_parameters == NULL )
{
/* Common case: quick path */
attributes->type = type;
attributes->core.type = type;
}
else
{
@ -407,19 +414,19 @@ static inline void psa_set_key_type(psa_key_attributes_t *attributes,
static inline psa_key_type_t psa_get_key_type(
const psa_key_attributes_t *attributes)
{
return( attributes->type );
return( attributes->core.type );
}
static inline void psa_set_key_bits(psa_key_attributes_t *attributes,
size_t bits)
{
attributes->bits = bits;
attributes->core.bits = bits;
}
static inline size_t psa_get_key_bits(
const psa_key_attributes_t *attributes)
{
return( attributes->bits );
return( attributes->core.bits );
}
#endif /* PSA_CRYPTO_STRUCT_H */

View File

@ -1086,7 +1086,7 @@ psa_status_t psa_set_key_domain_parameters( psa_key_attributes_t *attributes,
attributes->domain_parameters = copy;
attributes->domain_parameters_size = data_length;
attributes->type = type;
attributes->core.type = type;
return( PSA_SUCCESS );
}
@ -1153,11 +1153,11 @@ exit:
static void psa_get_key_slot_attributes( psa_key_slot_t *slot,
psa_key_attributes_t *attributes )
{
attributes->id = slot->persistent_storage_id;
attributes->lifetime = slot->lifetime;
attributes->policy = slot->policy;
attributes->type = slot->type;
attributes->bits = psa_get_key_slot_bits( slot );
attributes->core.id = slot->persistent_storage_id;
attributes->core.lifetime = slot->lifetime;
attributes->core.policy = slot->policy;
attributes->core.type = slot->type;
attributes->core.bits = psa_get_key_slot_bits( slot );
}
/** Retrieve all the publicly-accessible attributes of a key.
@ -1454,21 +1454,21 @@ static psa_status_t psa_start_key_creation(
return( status );
slot = *p_slot;
status = psa_set_key_policy_internal( slot, &attributes->policy );
status = psa_set_key_policy_internal( slot, &attributes->core.policy );
if( status != PSA_SUCCESS )
return( status );
slot->lifetime = attributes->lifetime;
slot->lifetime = attributes->core.lifetime;
if( attributes->lifetime != PSA_KEY_LIFETIME_VOLATILE )
if( attributes->core.lifetime != PSA_KEY_LIFETIME_VOLATILE )
{
status = psa_validate_persistent_key_parameters( attributes->lifetime,
attributes->id,
status = psa_validate_persistent_key_parameters( attributes->core.lifetime,
attributes->core.id,
p_drv, 1 );
if( status != PSA_SUCCESS )
return( status );
slot->persistent_storage_id = attributes->id;
slot->persistent_storage_id = attributes->core.id;
}
slot->type = attributes->type;
slot->type = attributes->core.type;
#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
/* For a key in a secure element, we need to do three things:
@ -1628,9 +1628,9 @@ static psa_status_t psa_check_key_slot_attributes(
const psa_key_slot_t *slot,
const psa_key_attributes_t *attributes )
{
if( attributes->type != 0 )
if( attributes->core.type != 0 )
{
if( attributes->type != slot->type )
if( attributes->core.type != slot->type )
return( PSA_ERROR_INVALID_ARGUMENT );
}
@ -1667,9 +1667,9 @@ static psa_status_t psa_check_key_slot_attributes(
}
}
if( attributes->bits != 0 )
if( attributes->core.bits != 0 )
{
if( attributes->bits != psa_get_key_slot_bits( slot ) )
if( attributes->core.bits != psa_get_key_slot_bits( slot ) )
return( PSA_ERROR_INVALID_ARGUMENT );
}
@ -1772,7 +1772,7 @@ psa_status_t psa_copy_key( psa_key_handle_t source_handle,
if( status != PSA_SUCCESS )
goto exit;
status = psa_restrict_key_policy( &actual_attributes.policy,
status = psa_restrict_key_policy( &actual_attributes.core.policy,
&source_slot->policy );
if( status != PSA_SUCCESS )
goto exit;
@ -4706,7 +4706,7 @@ psa_status_t psa_key_derivation_output_key( const psa_key_attributes_t *attribut
if( status == PSA_SUCCESS )
{
status = psa_generate_derived_key_internal( slot,
attributes->bits,
attributes->core.bits,
operation );
}
if( status == PSA_SUCCESS )
@ -5744,7 +5744,7 @@ psa_status_t psa_generate_key( const psa_key_attributes_t *attributes,
if( status == PSA_SUCCESS )
{
status = psa_generate_key_internal(
slot, attributes->bits,
slot, attributes->core.bits,
attributes->domain_parameters, attributes->domain_parameters_size );
}
if( status == PSA_SUCCESS )

View File

@ -40,9 +40,9 @@
typedef struct
{
psa_key_type_t type;
psa_key_policy_t policy;
psa_key_lifetime_t lifetime;
psa_key_file_id_t persistent_storage_id;
psa_key_policy_t policy;
unsigned allocated : 1;
union
{

View File

@ -198,7 +198,7 @@ psa_status_t psa_find_se_slot_for_key(
psa_drv_se_allocate_key_t p_allocate = NULL;
/* If the lifetime is wrong, it's a bug in the library. */
if( driver->lifetime != attributes->lifetime )
if( driver->lifetime != psa_get_key_lifetime( attributes ) )
return( PSA_ERROR_CORRUPTION_DETECTED );
/* If the driver doesn't support key creation in any way, give up now. */

View File

@ -133,7 +133,7 @@ static psa_status_t psa_load_persistent_key_into_slot( psa_key_slot_t *p_slot )
goto exit;
p_slot->lifetime = psa_get_key_lifetime( &attributes );
p_slot->type = psa_get_key_type( &attributes );
p_slot->policy = attributes.policy;
p_slot->policy = attributes.core.policy;
#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
if( psa_key_lifetime_is_external( p_slot->lifetime ) )

View File

@ -328,11 +328,11 @@ psa_status_t psa_parse_key_data_from_storage( const uint8_t *storage_data,
memcpy( *key_data, storage_format->key_data, *key_data_length );
}
GET_UINT32_LE( attributes->lifetime, storage_format->lifetime, 0 );
GET_UINT32_LE( attributes->type, storage_format->type, 0 );
GET_UINT32_LE( attributes->policy.usage, storage_format->policy, 0 );
GET_UINT32_LE( attributes->policy.alg, storage_format->policy, sizeof( uint32_t ) );
GET_UINT32_LE( attributes->policy.alg2, storage_format->policy, 2 * sizeof( uint32_t ) );
GET_UINT32_LE( attributes->core.lifetime, storage_format->lifetime, 0 );
GET_UINT32_LE( attributes->core.type, storage_format->type, 0 );
GET_UINT32_LE( attributes->core.policy.usage, storage_format->policy, 0 );
GET_UINT32_LE( attributes->core.policy.alg, storage_format->policy, sizeof( uint32_t ) );
GET_UINT32_LE( attributes->core.policy.alg2, storage_format->policy, 2 * sizeof( uint32_t ) );
return( PSA_SUCCESS );
}

View File

@ -1225,7 +1225,7 @@ void import( data_t *data, int type_arg,
PSA_ASSERT( psa_get_key_attributes( handle, &got_attributes ) );
TEST_EQUAL( psa_get_key_type( &got_attributes ), type );
if( attr_bits != 0 )
TEST_EQUAL( attr_bits, got_attributes.bits );
TEST_EQUAL( attr_bits, psa_get_key_bits( &got_attributes ) );
PSA_ASSERT( psa_destroy_key( handle ) );
test_operations_on_invalid_handle( handle );