Extend PSA_USAGE_SIGN/VERIFY_HASH key policies
According to the PSA specification the PSA_USAGE_SIGN_HASH has the permission to sign a message as PSA_USAGE_SIGN_MESSAGE. Similarly the PSA_USAGE_VERIFY_HASH has the permission to verify a message as PSA_USAGE_VERIFY_MESSAGE. These permission will also be present when the application queries the usage flags of the key. Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
This commit is contained in:
parent
8682faeb09
commit
86bf008782
1 changed files with 6 additions and 0 deletions
|
@ -395,6 +395,12 @@ static inline psa_key_lifetime_t psa_get_key_lifetime(
|
|||
static inline void psa_set_key_usage_flags( psa_key_attributes_t *attributes,
|
||||
psa_key_usage_t usage_flags )
|
||||
{
|
||||
if( usage_flags & PSA_KEY_USAGE_SIGN_HASH )
|
||||
usage_flags |= PSA_KEY_USAGE_SIGN_MESSAGE;
|
||||
|
||||
if( usage_flags & PSA_KEY_USAGE_VERIFY_HASH )
|
||||
usage_flags |= PSA_KEY_USAGE_VERIFY_MESSAGE;
|
||||
|
||||
attributes->MBEDTLS_PRIVATE(core).MBEDTLS_PRIVATE(policy).MBEDTLS_PRIVATE(usage) = usage_flags;
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in a new issue