From 6b5ff53c01407238bb0bf8d2dfe1a50e626b5f25 Mon Sep 17 00:00:00 2001
From: Ronald Cron <ronald.cron@arm.com>
Date: Fri, 16 Oct 2020 14:38:19 +0200
Subject: [PATCH] Add mbedtls_set_key_owner_id API

Add the mbedtls_set_key_owner_id API,
API specific to the MbedTLS PSA implementation.
The API allows to define the owner of
volatile keys.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
---
 include/psa/crypto.h        | 19 +++++++++++++++++++
 include/psa/crypto_struct.h |  8 ++++++++
 2 files changed, 27 insertions(+)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 15ffe2271f..f1f5bd896a 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -152,6 +152,25 @@ static psa_key_attributes_t psa_key_attributes_init(void);
 static void psa_set_key_id( psa_key_attributes_t *attributes,
                             mbedtls_svc_key_id_t key );
 
+#ifdef MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
+/** Set the owner identifier of a key.
+ *
+ * When key identifiers encode key owner identifiers, psa_set_key_id() does
+ * not allow to define in key attributes the owner of volatile keys as
+ * psa_set_key_id() enforces the key to be persistent.
+ *
+ * This function allows to set in key attributes the owner identifier of a
+ * key. It is intended to be used for volatile keys. For persistent keys,
+ * it is recommended to use the PSA Cryptography API psa_set_key_id() to define
+ * the owner of a key.
+ *
+ * \param[out] attributes  The attribute structure to write to.
+ * \param owner_id         The key owner identifier.
+ */
+static void mbedtls_set_key_owner_id( psa_key_attributes_t *attributes,
+                                      mbedtls_key_owner_id_t owner_id );
+#endif
+
 /** Set the location of a persistent key.
  *
  * To make a key persistent, you must give it a persistent key identifier
diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h
index be0e28015b..bf178ec6e0 100644
--- a/include/psa/crypto_struct.h
+++ b/include/psa/crypto_struct.h
@@ -385,6 +385,14 @@ static inline mbedtls_svc_key_id_t psa_get_key_id(
     return( attributes->core.id );
 }
 
+#ifdef MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
+static inline void mbedtls_set_key_owner_id( psa_key_attributes_t *attributes,
+                                             mbedtls_key_owner_id_t owner )
+{
+    attributes->core.id.owner = owner;
+}
+#endif
+
 static inline void psa_set_key_lifetime(psa_key_attributes_t *attributes,
                                         psa_key_lifetime_t lifetime)
 {