Replace psa_make_key_persistent by id/lifetime setters

Use individual setters for the id and lifetime fields of an attribute structure, like the other attributes. This commit updates the specification and adds an implementation of the new setters.
2019-05-15 16:11:15 +02:00 · 2019-05-15 16:11:15 +02:00 · dc8219a10d
commit dc8219a10d
parent 80b39ae753
2 changed files with 51 additions and 11 deletions
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@ -132,7 +132,8 @@ psa_status_t psa_crypto_init(void);
 * psa_reset_key_attributes() on an attribute structure is optional if
 * the structure has only been modified by the following functions
 * since it was initialized or last reset with psa_reset_key_attributes():
- * - psa_make_key_persistent()
+ * - psa_set_key_id()
+ * - psa_set_key_lifetime()
 * - psa_set_key_type()
 * - psa_set_key_bits()
 * - psa_set_key_usage_flags()
@ -173,7 +174,9 @@ psa_status_t psa_crypto_init(void);
 *
 * A typical sequence to create a key is as follows:
 * -# Create and initialize an attribute structure.
- * -# If the key is persistent, call psa_make_key_persistent().
+ * -# If the key is persistent, call psa_set_key_id().
+ *    Also call psa_set_key_lifetime() to place the key in a non-default
+ *    location.
 * -# Set the key policy with psa_set_key_usage_flags() and
 *    psa_set_key_algorithm().
 * -# Set the key type with psa_set_key_type(). If the key type requires
@ -203,30 +206,51 @@ psa_status_t psa_crypto_init(void);
 */
 typedef struct psa_key_attributes_s psa_key_attributes_t;

-/** Declare a key as persistent.
+/** Declare a key as persistent and set its key identifier.
+ *
+ * If the attribute structure declares the key as volatile (which is
+ * the default content of an attribute structure), this function sets
+ * the lifetime attribute to #PSA_KEY_LIFETIME_PERSISTENT.
 *
 * This function does not access storage, it merely fills the attribute
- * structure with given values. The persistent key will be written to
+ * structure with given value. The persistent key will be written to
 * storage when the attribute structure is passed to a key creation
 * function such as psa_import_key(), psa_generate_random_key(),
 * psa_generate_derived_key() or psa_copy_key().
 *
- * This function overwrites any identifier and lifetime values
- * previously set in \p attributes.
- *
 * This function may be declared as `static` (i.e. without external
 * linkage). This function may be provided as a function-like macro,
 * but in this case it must evaluate each of its arguments exactly once.
 *
 * \param[out] attributes       The attribute structure to write to.
 * \param id                    The persistent identifier for the key.
+ */
+static void psa_set_key_id(psa_key_attributes_t *attributes,
+                           psa_key_id_t id);
+
+/** Set the location of a persistent key.
+ *
+ * To make a key persistent, you must give it a persistent key identifier
+ * with psa_set_key_id().
+ *
+ * This function does not access storage, it merely fills the attribute
+ * structure with given value. The persistent key will be written to
+ * storage when the attribute structure is passed to a key creation
+ * function such as psa_import_key(), psa_generate_random_key(),
+ * psa_generate_derived_key() or psa_copy_key().
+ *
+ * This function may be declared as `static` (i.e. without external
+ * linkage). This function may be provided as a function-like macro,
+ * but in this case it must evaluate each of its arguments exactly once.
+ *
+ * \param[out] attributes       The attribute structure to write to.
 * \param lifetime              The lifetime for the key.
 *                              If this is #PSA_KEY_LIFETIME_VOLATILE, the
- *                              key will be volatile, and \p id is ignored.
+ *                              key will be volatile, and the key identifier
+ *                              attribute is reset to 0.
 */
-static void psa_make_key_persistent(psa_key_attributes_t *attributes,
-                                    psa_key_id_t id,
-                                    psa_key_lifetime_t lifetime);
+static void psa_set_key_lifetime(psa_key_attributes_t *attributes,
+                                 psa_key_lifetime_t lifetime);

 /** Retrieve the key identifier from key attributes.
 *
--- a/include/psa/crypto_struct.h
+++ b/include/psa/crypto_struct.h
@ -287,12 +287,28 @@ static inline void psa_make_key_persistent(psa_key_attributes_t *attributes,
    attributes->lifetime = lifetime;
 }

+static inline void psa_set_key_id(psa_key_attributes_t *attributes,
+                                  psa_key_id_t id)
+{
+    attributes->id = id;
+    if( attributes->lifetime == PSA_KEY_LIFETIME_VOLATILE )
+        attributes->lifetime = PSA_KEY_LIFETIME_PERSISTENT;
+}
+
 static inline psa_key_id_t psa_get_key_id(
    const psa_key_attributes_t *attributes)
 {
    return( attributes->id );
 }

+static inline void psa_set_key_lifetime(psa_key_attributes_t *attributes,
+                                        psa_key_lifetime_t lifetime)
+{
+    attributes->lifetime = lifetime;
+    if( lifetime == PSA_KEY_LIFETIME_VOLATILE )
+        attributes->id = 0;
+}
+
 static inline psa_key_lifetime_t psa_get_key_lifetime(
    const psa_key_attributes_t *attributes)
 {