mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-22 17:15:38 +01:00
Rename PSA_KEY_SLOT_COUNT to MBEDTLS_PSA_KEY_SLOT_COUNT
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
This commit is contained in:
parent
1f968fdf19
commit
863470a5f9
@ -1,5 +1,5 @@
|
||||
Features
|
||||
* The PSA crypto subsystem can now be configured to use less static RAM by
|
||||
tweaking the setting for the maximum amount of keys simultaneously in RAM.
|
||||
PSA_KEY_SLOT_COUNT sets the maximum number of volatile keys that can
|
||||
exist simultaneously. It has a sensible default if not overridden.
|
||||
MBEDTLS_PSA_KEY_SLOT_COUNT sets the maximum number of volatile keys that
|
||||
can exist simultaneously. It has a sensible default if not overridden.
|
||||
|
@ -3671,7 +3671,7 @@
|
||||
*/
|
||||
//#define MBEDTLS_PSA_HMAC_DRBG_MD_TYPE MBEDTLS_MD_SHA256
|
||||
|
||||
/** \def PSA_KEY_SLOT_COUNT
|
||||
/** \def MBEDTLS_PSA_KEY_SLOT_COUNT
|
||||
* Restrict the PSA library to supporting a maximum amount of simultaneously
|
||||
* loaded keys. A loaded key is a key stored by the PSA Crypto core as a
|
||||
* volatile key, or a persistent key which is loaded temporarily by the
|
||||
@ -3680,7 +3680,7 @@
|
||||
* If this option is unset, the library will fall back to a default value of
|
||||
* 32 keys.
|
||||
*/
|
||||
//#define PSA_KEY_SLOT_COUNT 32
|
||||
//#define MBEDTLS_PSA_KEY_SLOT_COUNT 32
|
||||
|
||||
/* SSL Cache options */
|
||||
//#define MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT 86400 /**< 1 day */
|
||||
|
@ -40,8 +40,8 @@ extern "C" {
|
||||
#define PSA_CRYPTO_ITS_RANDOM_SEED_UID 0xFFFFFF52
|
||||
|
||||
/* See config.h for definition */
|
||||
#if !defined(PSA_KEY_SLOT_COUNT)
|
||||
#define PSA_KEY_SLOT_COUNT 32
|
||||
#if !defined(MBEDTLS_PSA_KEY_SLOT_COUNT)
|
||||
#define MBEDTLS_PSA_KEY_SLOT_COUNT 32
|
||||
#endif
|
||||
|
||||
/** \addtogroup attributes
|
||||
|
@ -45,7 +45,7 @@
|
||||
|
||||
typedef struct
|
||||
{
|
||||
psa_key_slot_t key_slots[PSA_KEY_SLOT_COUNT];
|
||||
psa_key_slot_t key_slots[MBEDTLS_PSA_KEY_SLOT_COUNT];
|
||||
unsigned key_slots_initialized : 1;
|
||||
} psa_global_data_t;
|
||||
|
||||
@ -128,13 +128,13 @@ static psa_status_t psa_get_and_lock_key_slot_in_memory(
|
||||
if( status != PSA_SUCCESS )
|
||||
return( status );
|
||||
|
||||
for( slot_idx = 0; slot_idx < PSA_KEY_SLOT_COUNT; slot_idx++ )
|
||||
for( slot_idx = 0; slot_idx < MBEDTLS_PSA_KEY_SLOT_COUNT; slot_idx++ )
|
||||
{
|
||||
slot = &global_data.key_slots[ slot_idx ];
|
||||
if( mbedtls_svc_key_id_equal( key, slot->attr.id ) )
|
||||
break;
|
||||
}
|
||||
status = ( slot_idx < PSA_KEY_SLOT_COUNT ) ?
|
||||
status = ( slot_idx < MBEDTLS_PSA_KEY_SLOT_COUNT ) ?
|
||||
PSA_SUCCESS : PSA_ERROR_DOES_NOT_EXIST;
|
||||
}
|
||||
|
||||
@ -161,7 +161,7 @@ void psa_wipe_all_key_slots( void )
|
||||
{
|
||||
size_t slot_idx;
|
||||
|
||||
for( slot_idx = 0; slot_idx < PSA_KEY_SLOT_COUNT; slot_idx++ )
|
||||
for( slot_idx = 0; slot_idx < MBEDTLS_PSA_KEY_SLOT_COUNT; slot_idx++ )
|
||||
{
|
||||
psa_key_slot_t *slot = &global_data.key_slots[ slot_idx ];
|
||||
slot->lock_count = 1;
|
||||
@ -184,7 +184,7 @@ psa_status_t psa_get_empty_key_slot( psa_key_id_t *volatile_key_id,
|
||||
}
|
||||
|
||||
selected_slot = unlocked_persistent_key_slot = NULL;
|
||||
for( slot_idx = 0; slot_idx < PSA_KEY_SLOT_COUNT; slot_idx++ )
|
||||
for( slot_idx = 0; slot_idx < MBEDTLS_PSA_KEY_SLOT_COUNT; slot_idx++ )
|
||||
{
|
||||
psa_key_slot_t *slot = &global_data.key_slots[ slot_idx ];
|
||||
if( ! psa_is_key_slot_occupied( slot ) )
|
||||
@ -453,7 +453,7 @@ void mbedtls_psa_get_stats( mbedtls_psa_stats_t *stats )
|
||||
|
||||
memset( stats, 0, sizeof( *stats ) );
|
||||
|
||||
for( slot_idx = 0; slot_idx < PSA_KEY_SLOT_COUNT; slot_idx++ )
|
||||
for( slot_idx = 0; slot_idx < MBEDTLS_PSA_KEY_SLOT_COUNT; slot_idx++ )
|
||||
{
|
||||
const psa_key_slot_t *slot = &global_data.key_slots[ slot_idx ];
|
||||
if( psa_is_key_slot_locked( slot ) )
|
||||
|
@ -27,8 +27,8 @@
|
||||
|
||||
/** Range of volatile key identifiers.
|
||||
*
|
||||
* The last PSA_KEY_SLOT_COUNT identifiers of the implementation range
|
||||
* of key identifiers are reserved for volatile key identifiers.
|
||||
* The last #MBEDTLS_PSA_KEY_SLOT_COUNT identifiers of the implementation
|
||||
* range of key identifiers are reserved for volatile key identifiers.
|
||||
* A volatile key identifier is equal to #PSA_KEY_ID_VOLATILE_MIN plus the
|
||||
* index of the key slot containing the volatile key definition.
|
||||
*/
|
||||
@ -36,7 +36,7 @@
|
||||
/** The minimum value for a volatile key identifier.
|
||||
*/
|
||||
#define PSA_KEY_ID_VOLATILE_MIN ( PSA_KEY_ID_VENDOR_MAX - \
|
||||
PSA_KEY_SLOT_COUNT + 1 )
|
||||
MBEDTLS_PSA_KEY_SLOT_COUNT + 1 )
|
||||
|
||||
/** The maximum value for a volatile key identifier.
|
||||
*/
|
||||
|
@ -49,7 +49,7 @@ extern "C" {
|
||||
* - Using the ITS backend, all key ids are ok except 0xFFFFFF52
|
||||
* (#PSA_CRYPTO_ITS_RANDOM_SEED_UID) for which the file contains the
|
||||
* device's random seed (if this feature is enabled).
|
||||
* - Only key ids from 1 to #PSA_KEY_SLOT_COUNT are actually used.
|
||||
* - Only key ids from 1 to #MBEDTLS_PSA_KEY_SLOT_COUNT are actually used.
|
||||
*
|
||||
* Since we need to preserve the random seed, avoid using that key slot.
|
||||
* Reserve a whole range of key slots just in case something else comes up.
|
||||
|
@ -933,9 +933,9 @@ void key_slot_eviction_to_import_new_key( int lifetime_arg )
|
||||
psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA );
|
||||
|
||||
/*
|
||||
* Create PSA_KEY_SLOT_COUNT persistent keys.
|
||||
* Create MBEDTLS_PSA_KEY_SLOT_COUNT persistent keys.
|
||||
*/
|
||||
for( i = 0; i < PSA_KEY_SLOT_COUNT; i++ )
|
||||
for( i = 0; i < MBEDTLS_PSA_KEY_SLOT_COUNT; i++ )
|
||||
{
|
||||
key = mbedtls_svc_key_id_make( i, i + 1 );
|
||||
psa_set_key_id( &attributes, key );
|
||||
@ -951,7 +951,7 @@ void key_slot_eviction_to_import_new_key( int lifetime_arg )
|
||||
* is removed from the RAM key slots. This makes room to store its
|
||||
* description in RAM.
|
||||
*/
|
||||
i = PSA_KEY_SLOT_COUNT;
|
||||
i = MBEDTLS_PSA_KEY_SLOT_COUNT;
|
||||
key = mbedtls_svc_key_id_make( i, i + 1 );
|
||||
psa_set_key_id( &attributes, key );
|
||||
psa_set_key_lifetime( &attributes, lifetime );
|
||||
@ -966,15 +966,15 @@ void key_slot_eviction_to_import_new_key( int lifetime_arg )
|
||||
MBEDTLS_SVC_KEY_ID_GET_KEY_ID( returned_key_id ) ) );
|
||||
|
||||
/*
|
||||
* Check that we can export all ( PSA_KEY_SLOT_COUNT + 1 ) keys,
|
||||
* Check that we can export all ( MBEDTLS_PSA_KEY_SLOT_COUNT + 1 ) keys,
|
||||
* that they have the expected value and destroy them. In that process,
|
||||
* the description of the persistent key that was evicted from the RAM
|
||||
* slots when creating the last key is restored in a RAM slot to export
|
||||
* its value.
|
||||
*/
|
||||
for( i = 0; i <= PSA_KEY_SLOT_COUNT; i++ )
|
||||
for( i = 0; i <= MBEDTLS_PSA_KEY_SLOT_COUNT; i++ )
|
||||
{
|
||||
if( i < PSA_KEY_SLOT_COUNT )
|
||||
if( i < MBEDTLS_PSA_KEY_SLOT_COUNT )
|
||||
key = mbedtls_svc_key_id_make( i, i + 1 );
|
||||
else
|
||||
key = returned_key_id;
|
||||
@ -1005,9 +1005,9 @@ void non_reusable_key_slots_integrity_in_case_of_key_slot_starvation( )
|
||||
mbedtls_svc_key_id_t returned_key_id = MBEDTLS_SVC_KEY_ID_INIT;
|
||||
mbedtls_svc_key_id_t *keys = NULL;
|
||||
|
||||
TEST_ASSERT( PSA_KEY_SLOT_COUNT >= 1 );
|
||||
TEST_ASSERT( MBEDTLS_PSA_KEY_SLOT_COUNT >= 1 );
|
||||
|
||||
ASSERT_ALLOC( keys, PSA_KEY_SLOT_COUNT );
|
||||
ASSERT_ALLOC( keys, MBEDTLS_PSA_KEY_SLOT_COUNT );
|
||||
PSA_ASSERT( psa_crypto_init( ) );
|
||||
|
||||
psa_set_key_usage_flags( &attributes,
|
||||
@ -1027,10 +1027,10 @@ void non_reusable_key_slots_integrity_in_case_of_key_slot_starvation( )
|
||||
TEST_ASSERT( mbedtls_svc_key_id_equal( returned_key_id, persistent_key ) );
|
||||
|
||||
/*
|
||||
* Create PSA_KEY_SLOT_COUNT volatile keys
|
||||
* Create MBEDTLS_PSA_KEY_SLOT_COUNT volatile keys
|
||||
*/
|
||||
psa_set_key_lifetime( &attributes, PSA_KEY_LIFETIME_VOLATILE );
|
||||
for( i = 0; i < PSA_KEY_SLOT_COUNT; i++ )
|
||||
for( i = 0; i < MBEDTLS_PSA_KEY_SLOT_COUNT; i++ )
|
||||
{
|
||||
PSA_ASSERT( psa_import_key( &attributes,
|
||||
(uint8_t *) &i, sizeof( i ),
|
||||
@ -1050,12 +1050,12 @@ void non_reusable_key_slots_integrity_in_case_of_key_slot_starvation( )
|
||||
* Check we can export the volatile key created last and that it has the
|
||||
* expected value. Then, destroy it.
|
||||
*/
|
||||
PSA_ASSERT( psa_export_key( keys[PSA_KEY_SLOT_COUNT - 1],
|
||||
PSA_ASSERT( psa_export_key( keys[MBEDTLS_PSA_KEY_SLOT_COUNT - 1],
|
||||
exported, sizeof( exported ),
|
||||
&exported_length ) );
|
||||
i = PSA_KEY_SLOT_COUNT - 1;
|
||||
i = MBEDTLS_PSA_KEY_SLOT_COUNT - 1;
|
||||
ASSERT_COMPARE( exported, exported_length, (uint8_t *) &i, sizeof( i ) );
|
||||
PSA_ASSERT( psa_destroy_key( keys[PSA_KEY_SLOT_COUNT - 1] ) );
|
||||
PSA_ASSERT( psa_destroy_key( keys[MBEDTLS_PSA_KEY_SLOT_COUNT - 1] ) );
|
||||
|
||||
/*
|
||||
* Check that we can now access the persistent key again.
|
||||
@ -1078,7 +1078,7 @@ void non_reusable_key_slots_integrity_in_case_of_key_slot_starvation( )
|
||||
* Check we can export the remaining volatile keys and that they have the
|
||||
* expected values.
|
||||
*/
|
||||
for( i = 0; i < ( PSA_KEY_SLOT_COUNT - 1 ); i++ )
|
||||
for( i = 0; i < ( MBEDTLS_PSA_KEY_SLOT_COUNT - 1 ); i++ )
|
||||
{
|
||||
PSA_ASSERT( psa_export_key( keys[i],
|
||||
exported, sizeof( exported ),
|
||||
|
Loading…
Reference in New Issue
Block a user