SE keys: store the bit size internally (partial implementation)

This commit blindingly copies the size from the attributes. This is
not correct for copy and import.
This commit is contained in:
Gilles Peskine 2019-07-15 21:59:53 +02:00
parent adb1c52149
commit 424f89453b
2 changed files with 10 additions and 0 deletions

View file

@ -1035,6 +1035,11 @@ psa_status_t psa_destroy_key( psa_key_handle_t handle )
/* Return the size of the key in the given slot, in bits. */
static size_t psa_get_key_slot_bits( const psa_key_slot_t *slot )
{
#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
if( psa_get_se_driver( slot->lifetime, NULL, NULL ) )
return( slot->data.se.bits );
#endif /* defined(MBEDTLS_PSA_CRYPTO_SE_C) */
if( key_type_is_raw_bytes( slot->type ) )
return( slot->data.raw.bytes * 8 );
#if defined(MBEDTLS_RSA_C)
@ -1489,6 +1494,10 @@ static psa_status_t psa_start_key_creation(
(void) psa_crypto_stop_transaction( );
return( status );
}
/* TOnogrepDO: validate bits. How to do this depends on the key
* creation method, so setting bits might not belong here. */
slot->data.se.bits = psa_get_key_bits( attributes );
}
#endif /* MBEDTLS_PSA_CRYPTO_SE_C */

View file

@ -64,6 +64,7 @@ typedef struct
struct se
{
psa_key_slot_number_t slot_number;
size_t bits;
} se;
} data;
} psa_key_slot_t;