Dynamic key store: implementation

When MBEDTLS_PSA_KEY_STORE_DYNAMIC is enabled, key slots are now organized in multiple slices. The slices are allocated on demand, which allows the key store to grow. The size of slices grows exponentially, which allows reaching a large number of slots with a small (static) number of slices without too much overhead. Maintain a linked list of free slots in each slice. This way, allocating a slot takes O(1) time unless a slice needs to be allocated. In this commit, slices are only ever freed when deinitializing the key store. This should be improved in the future to free empty slices. To avoid growing the persistent key cache without control, the persistent key cache has a fixed size (reusing MBEDTLS_PSA_KEY_SLOT_COUNT to avoid creating yet another option). When MBEDTLS_PSA_KEY_STORE_DYNAMIC is disabled. no semantic change and minimal changes to the code. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2025-07-30 22:43:08 +03:00 · 2024-06-10 11:53:33 +02:00
parent 47ad2f7484
commit e8199f574c
4 changed files with 398 additions and 20 deletions
--- a/library/psa_crypto_core.h
+++ b/library/psa_crypto_core.h
@ -80,10 +80,38 @@ typedef struct {
     * slots that are in a suitable state for the function.
     * For example, psa_get_and_lock_key_slot_in_memory, which finds a slot
     * containing a given key ID, will only check slots whose state variable is
-     * PSA_SLOT_FULL. */
+     * PSA_SLOT_FULL.
+     */
    psa_key_slot_state_t state;

+#if defined(MBEDTLS_PSA_KEY_STORE_DYNAMIC)
+    /* The index of the slice containing this slot.
+     * This field must be filled if the slot contains a key
+     * (including keys being created or destroyed), and can be either
+     * filled or 0 when the slot is free. */
+    uint8_t slice_index;
+#endif /* MBEDTLS_PSA_KEY_STORE_DYNAMIC */
+
    union {
+        struct {
+            /* The index of the next slot in the free list for this
+             * slice, relative * to the next array element.
+             *
+             * That is, 0 means the next slot, 1 means the next slot
+             * but one, etc. -1 would mean the slot itself. -2 means
+             * the previous slot, etc.
+             *
+             * If this is beyond the array length, the free list ends with the
+             * current element.
+             *
+             * The reason for this strange encoding is that 0 means the next
+             * element. This way, when we allocate a slice and initialize it
+             * to all-zero, the slice is ready for use, with a free list that
+             * consists of all the slots in order.
+             */
+            int32_t next_free_relative_to_next;
+        } free;
+
        struct {
            /*
             * Number of functions registered as reading the material in the key slot.