SE keys: store the slot number in the memory slot
This commit is contained in:
parent
8abe6a2d5c
commit
73167e128f
2 changed files with 23 additions and 0 deletions
|
@ -363,6 +363,13 @@ static psa_status_t mbedtls_to_psa_error( int ret )
|
||||||
/* Key management */
|
/* Key management */
|
||||||
/****************************************************************/
|
/****************************************************************/
|
||||||
|
|
||||||
|
#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
|
||||||
|
static inline int psa_key_slot_is_external( const psa_key_slot_t *slot )
|
||||||
|
{
|
||||||
|
return( psa_key_lifetime_is_external( slot->lifetime ) );
|
||||||
|
}
|
||||||
|
#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
|
||||||
|
|
||||||
#if defined(MBEDTLS_ECP_C)
|
#if defined(MBEDTLS_ECP_C)
|
||||||
static psa_ecc_curve_t mbedtls_ecc_group_to_psa( mbedtls_ecp_group_id grpid )
|
static psa_ecc_curve_t mbedtls_ecc_group_to_psa( mbedtls_ecp_group_id grpid )
|
||||||
{
|
{
|
||||||
|
@ -867,6 +874,13 @@ static psa_status_t psa_get_key_from_slot( psa_key_handle_t handle,
|
||||||
/** Wipe key data from a slot. Preserve metadata such as the policy. */
|
/** Wipe key data from a slot. Preserve metadata such as the policy. */
|
||||||
static psa_status_t psa_remove_key_data_from_memory( psa_key_slot_t *slot )
|
static psa_status_t psa_remove_key_data_from_memory( psa_key_slot_t *slot )
|
||||||
{
|
{
|
||||||
|
#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
|
||||||
|
if( psa_key_slot_is_external( slot ) )
|
||||||
|
{
|
||||||
|
/* No key material to clean. */
|
||||||
|
}
|
||||||
|
else
|
||||||
|
#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
|
||||||
if( slot->type == PSA_KEY_TYPE_NONE )
|
if( slot->type == PSA_KEY_TYPE_NONE )
|
||||||
{
|
{
|
||||||
/* No key material to clean. */
|
/* No key material to clean. */
|
||||||
|
|
|
@ -29,6 +29,7 @@
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#include "psa/crypto.h"
|
#include "psa/crypto.h"
|
||||||
|
#include "psa/crypto_se_driver.h"
|
||||||
|
|
||||||
#include "mbedtls/ecp.h"
|
#include "mbedtls/ecp.h"
|
||||||
#include "mbedtls/rsa.h"
|
#include "mbedtls/rsa.h"
|
||||||
|
@ -45,17 +46,25 @@ typedef struct
|
||||||
unsigned allocated : 1;
|
unsigned allocated : 1;
|
||||||
union
|
union
|
||||||
{
|
{
|
||||||
|
/* Raw-data key (key_type_is_raw_bytes() in psa_crypto.c) */
|
||||||
struct raw_data
|
struct raw_data
|
||||||
{
|
{
|
||||||
uint8_t *data;
|
uint8_t *data;
|
||||||
size_t bytes;
|
size_t bytes;
|
||||||
} raw;
|
} raw;
|
||||||
#if defined(MBEDTLS_RSA_C)
|
#if defined(MBEDTLS_RSA_C)
|
||||||
|
/* RSA public key or key pair */
|
||||||
mbedtls_rsa_context *rsa;
|
mbedtls_rsa_context *rsa;
|
||||||
#endif /* MBEDTLS_RSA_C */
|
#endif /* MBEDTLS_RSA_C */
|
||||||
#if defined(MBEDTLS_ECP_C)
|
#if defined(MBEDTLS_ECP_C)
|
||||||
|
/* EC public key or key pair */
|
||||||
mbedtls_ecp_keypair *ecp;
|
mbedtls_ecp_keypair *ecp;
|
||||||
#endif /* MBEDTLS_ECP_C */
|
#endif /* MBEDTLS_ECP_C */
|
||||||
|
/* Any key type in a secure element */
|
||||||
|
struct se
|
||||||
|
{
|
||||||
|
psa_key_slot_number_t slot_number;
|
||||||
|
} se;
|
||||||
} data;
|
} data;
|
||||||
} psa_key_slot_t;
|
} psa_key_slot_t;
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue