Keys may allow a second algorithm

Add a second permitted algorithm to key policies. This commit includes smoke tests that do not cover psa_copy_key.
2025-07-29 11:41:15 +03:00 · 2019-05-10 19:33:38 +02:00
parent d3bb7bb2f2
commit 96f0b3b1d3
5 changed files with 118 additions and 16 deletions
--- a/include/psa/crypto_extra.h
+++ b/include/psa/crypto_extra.h
@ -62,6 +62,50 @@ extern "C" {
    MBEDTLS_DEPRECATED_NUMERIC_CONSTANT( PSA_ERROR_INSUFFICIENT_DATA )
 #endif

+/** \addtogroup attributes
+ * @{
+ */
+
+/** \brief Declare the enrollment algorithm for a key.
+ *
+ * An operation on a key may indifferently use the algorithm set with
+ * psa_set_key_algorithm() or with this function.
+ *
+ * \param[out] attributes       The attribute structure to write to.
+ * \param alg2                  A second algorithm that the key may be used
+ *                              for, in addition to the algorithm set with
+ *                              psa_set_key_algorithm().
+ *
+ * \warning Setting an enrollment algorithm is not recommended, because
+ *          using the same key with different algorithms can allow some
+ *          attacks based on arithmetic relations between different
+ *          computations made with the same key, or can escalate harmless
+ *          side channels into exploitable ones. Use this function only
+ *          if it is necessary to support a protocol for which is has been
+ *          verified that the usage of the key with multiple algorithms
+ *          is safe.
+ */
+static inline void psa_set_key_enrollment_algorithm(
+    psa_key_attributes_t *attributes,
+    psa_algorithm_t alg2)
+{
+    attributes->policy.alg2 = alg2;
+}
+
+/** Retrieve the enrollment algorithm policy from key attributes.
+ *
+ * \param[in] attributes        The key attribute structure to query.
+ *
+ * \return The enrollment algorithm stored in the attribute structure.
+ */
+static inline psa_algorithm_t psa_get_key_enrollment_algorithm(
+    const psa_key_attributes_t *attributes)
+{
+    return( attributes->policy.alg2 );
+}
+
+/**@}*/
+
 /**
 * \brief Library deinitialization.
 *
--- a/include/psa/crypto_struct.h
+++ b/include/psa/crypto_struct.h
@ -251,10 +251,11 @@ struct psa_key_policy_s
 {
    psa_key_usage_t usage;
    psa_algorithm_t alg;
+    psa_algorithm_t alg2;
 };
 typedef struct psa_key_policy_s psa_key_policy_t;

-#define PSA_KEY_POLICY_INIT {0, 0}
+#define PSA_KEY_POLICY_INIT {0, 0, 0}
 static inline struct psa_key_policy_s psa_key_policy_init( void )
 {
    const struct psa_key_policy_s v = PSA_KEY_POLICY_INIT;
@ -272,7 +273,7 @@ struct psa_key_attributes_s
    size_t domain_parameters_size;
 };

-#define PSA_KEY_ATTRIBUTES_INIT {0, 0, {0, 0}, 0, 0, NULL, 0}
+#define PSA_KEY_ATTRIBUTES_INIT {0, 0, {0, 0, 0}, 0, 0, NULL, 0}
 static inline struct psa_key_attributes_s psa_key_attributes_init( void )
 {
    const struct psa_key_attributes_s v = PSA_KEY_ATTRIBUTES_INIT;