Add volatile key identifiers

Volatile key identifiers are introduced in
PSA Crypto API v1.0.0. They are returned by the APIs
when importing or generating or deriving a volatile key.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>

library/psa_crypto.c

@@ -1851,6 +1851,7 @@ static psa_status_t psa_start_key_creation(
     psa_se_drv_table_entry_t **p_drv )
 {
     psa_status_t status;
+    psa_key_id_t volatile_key_id;
     psa_key_slot_t *slot;
 
     (void) method;
@@ -1860,7 +1861,7 @@ static psa_status_t psa_start_key_creation(
     if( status != PSA_SUCCESS )
         return( status );
 
-    status = psa_get_empty_key_slot( handle, p_slot );
+    status = psa_get_empty_key_slot( handle, &volatile_key_id, p_slot );
     if( status != PSA_SUCCESS )
         return( status );
     slot = *p_slot;

library/psa_crypto_slot_management.c

@@ -114,6 +114,7 @@ void psa_wipe_all_key_slots( void )
 }
 
 psa_status_t psa_get_empty_key_slot( psa_key_handle_t *handle,
+                                     psa_key_id_t *volatile_key_id,
                                      psa_key_slot_t **p_slot )
 {
     if( ! global_data.key_slots_initialized )
@@ -123,8 +124,12 @@ psa_status_t psa_get_empty_key_slot( psa_key_handle_t *handle,
     {
         *p_slot = &global_data.key_slots[*handle - 1];
         if( ! psa_is_key_slot_occupied( *p_slot ) )
+        {
+            *volatile_key_id = PSA_KEY_ID_VOLATILE_MIN + ( *handle ) - 1;
+
             return( PSA_SUCCESS );
         }
+    }
     *p_slot = NULL;
     return( PSA_ERROR_INSUFFICIENT_MEMORY );
 }
@@ -215,6 +220,7 @@ psa_status_t psa_open_key( mbedtls_svc_key_id_t key, psa_key_handle_t *handle )
 {
 #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
     psa_status_t status;
+    psa_key_id_t volatile_key_id;
     psa_key_slot_t *slot;
 
     *handle = 0;
@@ -223,7 +229,7 @@ psa_status_t psa_open_key( mbedtls_svc_key_id_t key, psa_key_handle_t *handle )
     if( status != PSA_SUCCESS )
         return( status );
 
-    status = psa_get_empty_key_slot( handle, &slot );
+    status = psa_get_empty_key_slot( handle, &volatile_key_id, &slot );
     if( status != PSA_SUCCESS )
         return( status );
 

library/psa_crypto_slot_management.h

@@ -28,6 +28,23 @@
  * The value is a compile-time constant for now, for simplicity. */
 #define PSA_KEY_SLOT_COUNT 32
 
+/** Range of volatile key identifiers.
+ *
+ *  The last PSA_KEY_SLOT_COUNT identifiers of the implementation range
+ *  of key identifiers are reserved for volatile key identifiers.
+ *  A volatile key identifier is equal to PSA_KEY_ID_VOLATILE_MIN plus the
+ *  index of the key slot containing the volatile key definition.
+ */
+
+/** The minimum value for a volatile key identifier.
+ */
+#define PSA_KEY_ID_VOLATILE_MIN  ( PSA_KEY_ID_VENDOR_MAX - \
+                                   PSA_KEY_SLOT_COUNT + 1 )
+
+/** The maximum value for a volatile key identifier.
+ */
+#define PSA_KEY_ID_VOLATILE_MAX  PSA_KEY_ID_VENDOR_MAX
+
 /** Access a key slot at the given handle.
  *
  * \param handle        Key handle to query.
@@ -62,8 +79,10 @@ void psa_wipe_all_key_slots( void );
  * This function returns a key slot that is available for use and is in its
  * ground state (all-bits-zero).
  *
- * \param[out] handle   On success, a slot number that can be used as a
+ * \param[out] handle            On success, a slot number that can be used
- *                      handle to the slot.
+ *                               as a handle to the slot.
+ * \param[out] volatile_key_id   On success, volatile key identifier
+ *                               associated to the returned slot.
  * \param[out] p_slot            On success, a pointer to the slot.
  *
  * \retval #PSA_SUCCESS
@@ -71,6 +90,7 @@ void psa_wipe_all_key_slots( void );
  * \retval #PSA_ERROR_BAD_STATE
  */
 psa_status_t psa_get_empty_key_slot( psa_key_handle_t *handle,
+                                     psa_key_id_t *volatile_key_id,
                                      psa_key_slot_t **p_slot );
 
 /** Test whether a lifetime designates a key in an external cryptoprocessor.