Merge pull request #8745 from adeaarm/trail_key_id_field

Put the id field at the end of the psa_key_attributes_s structure
This commit is contained in:
Dave Rodgman 2024-02-06 15:55:56 +00:00 committed by GitHub
commit 91d5fde944
No known key found for this signature in database
GPG key ID: B5690EEEBB952194

View file

@ -239,18 +239,28 @@ typedef struct {
psa_key_type_t MBEDTLS_PRIVATE(type); psa_key_type_t MBEDTLS_PRIVATE(type);
psa_key_bits_t MBEDTLS_PRIVATE(bits); psa_key_bits_t MBEDTLS_PRIVATE(bits);
psa_key_lifetime_t MBEDTLS_PRIVATE(lifetime); psa_key_lifetime_t MBEDTLS_PRIVATE(lifetime);
mbedtls_svc_key_id_t MBEDTLS_PRIVATE(id);
psa_key_policy_t MBEDTLS_PRIVATE(policy); psa_key_policy_t MBEDTLS_PRIVATE(policy);
psa_key_attributes_flag_t MBEDTLS_PRIVATE(flags); psa_key_attributes_flag_t MBEDTLS_PRIVATE(flags);
/* This type has a different layout in the client view wrt the
* service view of the key id, i.e. in service view usually is
* expected to have MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER defined
* thus adding an owner field to the standard psa_key_id_t. For
* implementations with client/service separation, this means the
* object will be marshalled through a transport channel and
* interpreted differently at each side of the transport. Placing
* it at the end of structures allows to interpret the structure
* at the client without reorganizing the memory layout of the
* struct
*/
mbedtls_svc_key_id_t MBEDTLS_PRIVATE(id);
} psa_core_key_attributes_t; } psa_core_key_attributes_t;
#define PSA_CORE_KEY_ATTRIBUTES_INIT { PSA_KEY_TYPE_NONE, 0, \ #define PSA_CORE_KEY_ATTRIBUTES_INIT { PSA_KEY_TYPE_NONE, 0, \
PSA_KEY_LIFETIME_VOLATILE, \ PSA_KEY_LIFETIME_VOLATILE, \
MBEDTLS_SVC_KEY_ID_INIT, \ PSA_KEY_POLICY_INIT, 0, \
PSA_KEY_POLICY_INIT, 0 } MBEDTLS_SVC_KEY_ID_INIT }
struct psa_key_attributes_s { struct psa_key_attributes_s {
psa_core_key_attributes_t MBEDTLS_PRIVATE(core);
#if defined(MBEDTLS_PSA_CRYPTO_SE_C) #if defined(MBEDTLS_PSA_CRYPTO_SE_C)
psa_key_slot_number_t MBEDTLS_PRIVATE(slot_number); psa_key_slot_number_t MBEDTLS_PRIVATE(slot_number);
#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ #endif /* MBEDTLS_PSA_CRYPTO_SE_C */
@ -268,12 +278,19 @@ struct psa_key_attributes_s {
*/ */
void *MBEDTLS_PRIVATE(domain_parameters); void *MBEDTLS_PRIVATE(domain_parameters);
size_t MBEDTLS_PRIVATE(domain_parameters_size); size_t MBEDTLS_PRIVATE(domain_parameters_size);
/* With client/service separation, struct psa_key_attributes_s is
* marshalled through a transport channel between the client and
* service side implementation of the PSA Crypto APIs, thus having
* the mbedtls_svc_key_id_t id as the last field of this structure
* allows for a more efficient marshalling/unmarshalling of parameters
*/
psa_core_key_attributes_t MBEDTLS_PRIVATE(core);
}; };
#if defined(MBEDTLS_PSA_CRYPTO_SE_C) #if defined(MBEDTLS_PSA_CRYPTO_SE_C)
#define PSA_KEY_ATTRIBUTES_INIT { PSA_CORE_KEY_ATTRIBUTES_INIT, 0, NULL, 0 } #define PSA_KEY_ATTRIBUTES_INIT { 0, NULL, 0, PSA_CORE_KEY_ATTRIBUTES_INIT }
#else #else
#define PSA_KEY_ATTRIBUTES_INIT { PSA_CORE_KEY_ATTRIBUTES_INIT, NULL, 0 } #define PSA_KEY_ATTRIBUTES_INIT { NULL, 0, PSA_CORE_KEY_ATTRIBUTES_INIT }
#endif #endif
static inline struct psa_key_attributes_s psa_key_attributes_init(void) static inline struct psa_key_attributes_s psa_key_attributes_init(void)