mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-26 11:35:38 +01:00
Persistent storage implementation: psa_key_slot_t -> psa_key_id_t
Move the persistent storage implementation from psa_key_slot_t to psa_key_id_t. For the most part, this just means changing the types of function arguments. Update the documentation of some functions to reflect the fact that the slot identifier is purely a storage identifier and is not related to how the slot is designated in memory.
This commit is contained in:
parent
b0edfb513b
commit
8d4919bc6a
@ -147,7 +147,7 @@ psa_status_t psa_parse_key_data_from_storage( const uint8_t *storage_data,
|
||||
return( PSA_SUCCESS );
|
||||
}
|
||||
|
||||
psa_status_t psa_save_persistent_key( const psa_key_slot_t key,
|
||||
psa_status_t psa_save_persistent_key( const psa_key_id_t key,
|
||||
const psa_key_type_t type,
|
||||
const psa_key_policy_t *policy,
|
||||
const uint8_t *data,
|
||||
@ -185,7 +185,7 @@ void psa_free_persistent_key_data( uint8_t *key_data, size_t key_data_length )
|
||||
mbedtls_free( key_data );
|
||||
}
|
||||
|
||||
psa_status_t psa_load_persistent_key( psa_key_slot_t key,
|
||||
psa_status_t psa_load_persistent_key( psa_key_id_t key,
|
||||
psa_key_type_t *type,
|
||||
psa_key_policy_t *policy,
|
||||
uint8_t **data,
|
||||
|
@ -56,20 +56,20 @@ extern "C" {
|
||||
* already occupied non-persistent key, as well as validating the key data.
|
||||
*
|
||||
*
|
||||
* \param key Slot number of the key to be stored. This must be a
|
||||
* valid slot for a key of the chosen type. This should be
|
||||
* an occupied key slot with an unoccupied corresponding
|
||||
* storage location.
|
||||
* \param key Persistent identifier of the key to be stored. This
|
||||
* should be an unoccupied storage location.
|
||||
* \param type Key type (a \c PSA_KEY_TYPE_XXX value).
|
||||
* \param[in] policy The key policy to save.
|
||||
* \param[in] data Buffer containing the key data.
|
||||
* \param data_length The number of bytes that make up the key data.
|
||||
*
|
||||
* \retval PSA_SUCCESS
|
||||
* \retval PSA_ERROR_INSUFFICIENT_MEMORY
|
||||
* \retval PSA_ERROR_INSUFFICIENT_STORAGE
|
||||
* \retval PSA_ERROR_STORAGE_FAILURE
|
||||
* \retval PSA_ERROR_OCCUPIED_SLOT
|
||||
*/
|
||||
psa_status_t psa_save_persistent_key( const psa_key_slot_t key,
|
||||
psa_status_t psa_save_persistent_key( const psa_key_id_t key,
|
||||
const psa_key_type_t type,
|
||||
const psa_key_policy_t *policy,
|
||||
const uint8_t *data,
|
||||
@ -87,10 +87,8 @@ psa_status_t psa_save_persistent_key( const psa_key_slot_t key,
|
||||
* this function to zeroize and free this buffer, regardless of whether this
|
||||
* function succeeds or fails.
|
||||
*
|
||||
* \param key Slot number whose content is to be loaded. This
|
||||
* must be an unoccupied key slot with an occupied
|
||||
* corresponding storage location. The key slot
|
||||
* lifetime must be set to persistent.
|
||||
* \param key Persistent identifier of the key to be loaded. This
|
||||
* should be an occupied storage location.
|
||||
* \param[out] type On success, the key type (a \c PSA_KEY_TYPE_XXX
|
||||
* value).
|
||||
* \param[out] policy On success, the key's policy.
|
||||
@ -100,8 +98,9 @@ psa_status_t psa_save_persistent_key( const psa_key_slot_t key,
|
||||
* \retval PSA_SUCCESS
|
||||
* \retval PSA_ERROR_INSUFFICIENT_MEMORY
|
||||
* \retval PSA_ERROR_STORAGE_FAILURE
|
||||
* \retval PSA_ERROR_EMPTY_SLOT
|
||||
*/
|
||||
psa_status_t psa_load_persistent_key( psa_key_slot_t key,
|
||||
psa_status_t psa_load_persistent_key( psa_key_id_t key,
|
||||
psa_key_type_t *type,
|
||||
psa_key_policy_t *policy,
|
||||
uint8_t **data,
|
||||
@ -110,16 +109,18 @@ psa_status_t psa_load_persistent_key( psa_key_slot_t key,
|
||||
/**
|
||||
* \brief Remove persistent data for the given key slot number.
|
||||
*
|
||||
* \param key Slot number whose content is to be removed
|
||||
* \param key Persistent identifier of the key to remove
|
||||
* from persistent storage.
|
||||
*
|
||||
* \retval PSA_SUCCESS
|
||||
* The key was successfully removed,
|
||||
* or the key did not exist.
|
||||
* \retval PSA_ERROR_STORAGE_FAILURE
|
||||
*/
|
||||
psa_status_t psa_destroy_persistent_key( const psa_key_slot_t key );
|
||||
psa_status_t psa_destroy_persistent_key( const psa_key_id_t key );
|
||||
|
||||
/**
|
||||
* \brief Zeroizes and frees the given buffer.
|
||||
* \brief Free the temporary buffer allocated by psa_load_persistent_key().
|
||||
*
|
||||
* This function must be called at some point after psa_load_persistent_key()
|
||||
* to zeroize and free the memory allocated to the buffer in that function.
|
||||
|
@ -47,15 +47,16 @@ extern "C" {
|
||||
* This function reads data from a storage backend and returns the data in a
|
||||
* buffer.
|
||||
*
|
||||
* \param key Slot number whose content is to be loaded. This must
|
||||
* be a key slot whose lifetime is set to persistent.
|
||||
* \param[out] data Buffer where the data is to be written.
|
||||
* \param data_size Size of the \c data buffer in bytes.
|
||||
* \param key Persistent identifier of the key to be loaded. This
|
||||
* should be an occupied storage location.
|
||||
* \param[out] data Buffer where the data is to be written.
|
||||
* \param data_size Size of the \c data buffer in bytes.
|
||||
*
|
||||
* \retval PSA_SUCCESS
|
||||
* \retval PSA_ERROR_STORAGE_FAILURE
|
||||
* \retval PSA_ERROR_EMPTY_SLOT
|
||||
*/
|
||||
psa_status_t psa_crypto_storage_load( const psa_key_slot_t key, uint8_t *data,
|
||||
psa_status_t psa_crypto_storage_load( const psa_key_id_t key, uint8_t *data,
|
||||
size_t data_size );
|
||||
|
||||
/**
|
||||
@ -63,7 +64,8 @@ psa_status_t psa_crypto_storage_load( const psa_key_slot_t key, uint8_t *data,
|
||||
*
|
||||
* This function stores the given data buffer to a persistent storage.
|
||||
*
|
||||
* \param key Slot number whose content is to be stored.
|
||||
* \param key Persistent identifier of the key to be stored. This
|
||||
* should be an unoccupied storage location.
|
||||
* \param[in] data Buffer containing the data to be stored.
|
||||
* \param data_length The number of bytes
|
||||
* that make up the data.
|
||||
@ -71,8 +73,9 @@ psa_status_t psa_crypto_storage_load( const psa_key_slot_t key, uint8_t *data,
|
||||
* \retval PSA_SUCCESS
|
||||
* \retval PSA_ERROR_INSUFFICIENT_STORAGE
|
||||
* \retval PSA_ERROR_STORAGE_FAILURE
|
||||
* \retval PSA_ERROR_OCCUPIED_SLOT
|
||||
*/
|
||||
psa_status_t psa_crypto_storage_store( const psa_key_slot_t key,
|
||||
psa_status_t psa_crypto_storage_store( const psa_key_id_t key,
|
||||
const uint8_t *data,
|
||||
size_t data_length );
|
||||
|
||||
@ -82,26 +85,26 @@ psa_status_t psa_crypto_storage_store( const psa_key_slot_t key,
|
||||
* This function checks if any key data or metadata exists for the key slot in
|
||||
* the persistent storage.
|
||||
*
|
||||
* \param key Slot number whose content is to be checked.
|
||||
* \param key Persistent identifier to check.
|
||||
*
|
||||
* \retval 0
|
||||
* No persistent data present for slot number
|
||||
* \retval 1
|
||||
* Persistent data present for slot number
|
||||
*/
|
||||
int psa_is_key_present_in_storage( const psa_key_slot_t key );
|
||||
int psa_is_key_present_in_storage( const psa_key_id_t key );
|
||||
|
||||
/**
|
||||
* \brief Get data length for given key slot number.
|
||||
*
|
||||
* \param key Slot number whose stored data length is to be obtained.
|
||||
* \param[out] data_length The number of bytes
|
||||
* that make up the data.
|
||||
* \param key Persistent identifier whose stored data length
|
||||
* is to be obtained.
|
||||
* \param[out] data_length The number of bytes that make up the data.
|
||||
*
|
||||
* \retval PSA_SUCCESS
|
||||
* \retval PSA_ERROR_STORAGE_FAILURE
|
||||
*/
|
||||
psa_status_t psa_crypto_storage_get_data_length( const psa_key_slot_t key,
|
||||
psa_status_t psa_crypto_storage_get_data_length( const psa_key_id_t key,
|
||||
size_t *data_length );
|
||||
|
||||
|
||||
|
@ -48,15 +48,15 @@
|
||||
|
||||
enum { MAX_LOCATION_LEN = sizeof(CRYPTO_STORAGE_FILE_LOCATION) + 40 };
|
||||
|
||||
static void key_slot_to_location( const psa_key_slot_t key,
|
||||
char *location,
|
||||
size_t location_size )
|
||||
static void key_id_to_location( const psa_key_id_t key,
|
||||
char *location,
|
||||
size_t location_size )
|
||||
{
|
||||
mbedtls_snprintf( location, location_size,
|
||||
CRYPTO_STORAGE_FILE_LOCATION "psa_key_slot_%d", key );
|
||||
}
|
||||
|
||||
psa_status_t psa_crypto_storage_load( const psa_key_slot_t key, uint8_t *data,
|
||||
psa_status_t psa_crypto_storage_load( const psa_key_id_t key, uint8_t *data,
|
||||
size_t data_size )
|
||||
{
|
||||
psa_status_t status = PSA_SUCCESS;
|
||||
@ -64,7 +64,7 @@ psa_status_t psa_crypto_storage_load( const psa_key_slot_t key, uint8_t *data,
|
||||
size_t num_read;
|
||||
char slot_location[MAX_LOCATION_LEN];
|
||||
|
||||
key_slot_to_location( key, slot_location, MAX_LOCATION_LEN );
|
||||
key_id_to_location( key, slot_location, MAX_LOCATION_LEN );
|
||||
file = fopen( slot_location, "rb" );
|
||||
if( file == NULL )
|
||||
{
|
||||
@ -81,12 +81,12 @@ exit:
|
||||
return( status );
|
||||
}
|
||||
|
||||
int psa_is_key_present_in_storage( const psa_key_slot_t key )
|
||||
int psa_is_key_present_in_storage( const psa_key_id_t key )
|
||||
{
|
||||
char slot_location[MAX_LOCATION_LEN];
|
||||
FILE *file;
|
||||
|
||||
key_slot_to_location( key, slot_location, MAX_LOCATION_LEN );
|
||||
key_id_to_location( key, slot_location, MAX_LOCATION_LEN );
|
||||
|
||||
file = fopen( slot_location, "r" );
|
||||
if( file == NULL )
|
||||
@ -99,7 +99,7 @@ int psa_is_key_present_in_storage( const psa_key_slot_t key )
|
||||
return( 1 );
|
||||
}
|
||||
|
||||
psa_status_t psa_crypto_storage_store( const psa_key_slot_t key,
|
||||
psa_status_t psa_crypto_storage_store( const psa_key_id_t key,
|
||||
const uint8_t *data,
|
||||
size_t data_length )
|
||||
{
|
||||
@ -114,7 +114,7 @@ psa_status_t psa_crypto_storage_store( const psa_key_slot_t key,
|
||||
* affect actual keys. */
|
||||
const char *temp_location = CRYPTO_STORAGE_FILE_LOCATION "psa_key_slot_0";
|
||||
|
||||
key_slot_to_location( key, slot_location, MAX_LOCATION_LEN );
|
||||
key_id_to_location( key, slot_location, MAX_LOCATION_LEN );
|
||||
|
||||
if( psa_is_key_present_in_storage( key ) == 1 )
|
||||
return( PSA_ERROR_OCCUPIED_SLOT );
|
||||
@ -154,12 +154,12 @@ exit:
|
||||
return( status );
|
||||
}
|
||||
|
||||
psa_status_t psa_destroy_persistent_key( const psa_key_slot_t key )
|
||||
psa_status_t psa_destroy_persistent_key( const psa_key_id_t key )
|
||||
{
|
||||
FILE *file;
|
||||
char slot_location[MAX_LOCATION_LEN];
|
||||
|
||||
key_slot_to_location( key, slot_location, MAX_LOCATION_LEN );
|
||||
key_id_to_location( key, slot_location, MAX_LOCATION_LEN );
|
||||
|
||||
/* Only try remove the file if it exists */
|
||||
file = fopen( slot_location, "rb" );
|
||||
@ -173,7 +173,7 @@ psa_status_t psa_destroy_persistent_key( const psa_key_slot_t key )
|
||||
return( PSA_SUCCESS );
|
||||
}
|
||||
|
||||
psa_status_t psa_crypto_storage_get_data_length( const psa_key_slot_t key,
|
||||
psa_status_t psa_crypto_storage_get_data_length( const psa_key_id_t key,
|
||||
size_t *data_length )
|
||||
{
|
||||
psa_status_t status = PSA_SUCCESS;
|
||||
@ -181,7 +181,7 @@ psa_status_t psa_crypto_storage_get_data_length( const psa_key_slot_t key,
|
||||
long file_size;
|
||||
char slot_location[MAX_LOCATION_LEN];
|
||||
|
||||
key_slot_to_location( key, slot_location, MAX_LOCATION_LEN );
|
||||
key_id_to_location( key, slot_location, MAX_LOCATION_LEN );
|
||||
|
||||
file = fopen( slot_location, "rb" );
|
||||
if( file == NULL )
|
||||
|
@ -68,12 +68,12 @@ static psa_status_t its_to_psa_error( psa_its_status_t ret )
|
||||
}
|
||||
}
|
||||
|
||||
static uint32_t psa_its_identifier_of_slot( psa_key_slot_t key )
|
||||
static uint32_t psa_its_identifier_of_slot( psa_key_id_t key )
|
||||
{
|
||||
return( key );
|
||||
}
|
||||
|
||||
psa_status_t psa_crypto_storage_load( const psa_key_slot_t key, uint8_t *data,
|
||||
psa_status_t psa_crypto_storage_load( const psa_key_id_t key, uint8_t *data,
|
||||
size_t data_size )
|
||||
{
|
||||
psa_its_status_t ret;
|
||||
@ -92,7 +92,7 @@ psa_status_t psa_crypto_storage_load( const psa_key_slot_t key, uint8_t *data,
|
||||
return( status );
|
||||
}
|
||||
|
||||
int psa_is_key_present_in_storage( const psa_key_slot_t key )
|
||||
int psa_is_key_present_in_storage( const psa_key_id_t key )
|
||||
{
|
||||
psa_its_status_t ret;
|
||||
uint32_t data_identifier = psa_its_identifier_of_slot( key );
|
||||
@ -105,7 +105,7 @@ int psa_is_key_present_in_storage( const psa_key_slot_t key )
|
||||
return( 1 );
|
||||
}
|
||||
|
||||
psa_status_t psa_crypto_storage_store( const psa_key_slot_t key,
|
||||
psa_status_t psa_crypto_storage_store( const psa_key_id_t key,
|
||||
const uint8_t *data,
|
||||
size_t data_length )
|
||||
{
|
||||
@ -143,7 +143,7 @@ exit:
|
||||
return( status );
|
||||
}
|
||||
|
||||
psa_status_t psa_destroy_persistent_key( const psa_key_slot_t key )
|
||||
psa_status_t psa_destroy_persistent_key( const psa_key_id_t key )
|
||||
{
|
||||
psa_its_status_t ret;
|
||||
uint32_t data_identifier = psa_its_identifier_of_slot( key );
|
||||
@ -163,7 +163,7 @@ psa_status_t psa_destroy_persistent_key( const psa_key_slot_t key )
|
||||
return( PSA_SUCCESS );
|
||||
}
|
||||
|
||||
psa_status_t psa_crypto_storage_get_data_length( const psa_key_slot_t key,
|
||||
psa_status_t psa_crypto_storage_get_data_length( const psa_key_id_t key,
|
||||
size_t *data_length )
|
||||
{
|
||||
psa_its_status_t ret;
|
||||
|
Loading…
Reference in New Issue
Block a user