1
0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-30 22:43:08 +03:00

Remove "allocated" flag from key slots

The flag to mark key slots as allocated was introduced to mark slots
that are claimed and in use, but do not have key material yet, at a
time when creating a key used several API functions: allocate a slot,
then progressively set its metadata, and finally create the key
material. Now that all of these steps are combined into a single
API function call, the notion of allocated-but-not-filled slot is no
longer relevant. So remove the corresponding flag.

A slot is occupied iff there is a key in it. (For a key in a secure
element, the key material is not present, but the slot contains the
key metadata.) This key must have a type which is nonzero, so use this
as an indicator that a slot is in use.
This commit is contained in:
Gilles Peskine
2019-07-31 15:01:55 +02:00
parent 76aa09c9a9
commit 41e50d26ea
4 changed files with 24 additions and 26 deletions

View File

@ -897,8 +897,6 @@ static psa_status_t psa_get_key_from_slot( psa_key_handle_t handle,
status = psa_get_key_slot( handle, &slot );
if( status != PSA_SUCCESS )
return( status );
if( slot->attr.type == PSA_KEY_TYPE_NONE )
return( PSA_ERROR_DOES_NOT_EXIST );
/* Enforce that usage policy for the key slot contains all the flags
* required by the usage parameter. There is one exception: public
@ -1488,9 +1486,6 @@ static psa_status_t psa_start_key_creation(
* is optional (import, copy). */
slot->attr = attributes->core;
/* This is awkward... Copying the attributes has overwritten the
* flag that marks this slot as used. Restore it. */
psa_key_slot_set_bits_in_flags( slot, PSA_KEY_SLOT_FLAG_ALLOCATED );
#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
/* For a key in a secure element, we need to do three things: