Assert that the key ID range for volatile keys is large enough

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2025-07-29 11:41:15 +03:00 · 2024-07-16 20:02:37 +02:00
parent f16263e286
commit 18f659b1e7
1 changed files with 4 additions and 0 deletions
--- a/library/psa_crypto_slot_management.c
+++ b/library/psa_crypto_slot_management.c
@ -64,6 +64,10 @@ typedef struct {

 static psa_global_data_t global_data;

+MBEDTLS_STATIC_ASSERT(ARRAY_LENGTH(global_data.key_slots) <=
+                      PSA_KEY_ID_VOLATILE_MAX - PSA_KEY_ID_VOLATILE_MIN + 1,
+                      "The volatile key range is larger than the key slot array");
+
 int psa_is_valid_key_id(mbedtls_svc_key_id_t key, int vendor_ok)
 {
    psa_key_id_t key_id = MBEDTLS_SVC_KEY_ID_GET_KEY_ID(key);