psa-core: properly set PSA_CRYPTO_MAX_STORAGE_SIZE

If MBEDTLS_PSA_STATIC_KEY_SLOTS is set then limit PSA_CRYPTO_MAX_STORAGE_SIZE to MBEDTLS_PSA_STATIC_KEY_SLOT_BUFFER_SIZE, otherwise keep the previous PSA_BITS_TO_BYTES(PSA_MAX_KEY_BITS) size. This commit also removes changes to test_suite_psa_crypto_persistent_key.data done previously since MBEDTLS_PSA_STATIC_KEY_SLOTS is always up to date with key buffer size. Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
2025-07-30 22:43:08 +03:00 · 2024-08-13 14:35:30 +02:00
parent f7485fbba1
commit 1980bb781e
2 changed files with 11 additions and 11 deletions
--- a/library/psa_crypto_storage.h
+++ b/library/psa_crypto_storage.h
@ -17,13 +17,21 @@ extern "C" {

 #include "psa/crypto.h"
 #include "psa/crypto_se_driver.h"
+#include "psa_crypto_core.h"

 #include <stdint.h>
 #include <string.h>

-/* Limit the maximum key size in storage. This should have no effect
- * since the key size is limited in memory. */
+/* Limit the maximum key size in storage. */
+#if defined(MBEDTLS_PSA_STATIC_KEY_SLOTS)
+/* Reflect the maximum size for the key buffer. */
+#define PSA_CRYPTO_MAX_STORAGE_SIZE (MBEDTLS_PSA_STATIC_KEY_SLOT_BUFFER_SIZE)
+#else
+/* Just set an upper boundary but it should have no effect since the key size
+ * is limited in memory. */
 #define PSA_CRYPTO_MAX_STORAGE_SIZE (PSA_BITS_TO_BYTES(PSA_MAX_KEY_BITS))
+#endif
+
 /* Sanity check: a file size must fit in 32 bits. Allow a generous
 * 64kB of metadata. */
 #if PSA_CRYPTO_MAX_STORAGE_SIZE > 0xffff0000