Merge pull request #4392 from gilles-peskine-arm/psa-storage-format-test-lifetimes

Backport 2.x: PSA storage format: test lifetimes
2025-07-28 00:21:48 +03:00 · 2021-06-23 15:22:24 +02:00
parent 53d1cf8e2b 2bfbb17f30
commit eaacabf98d
15 changed files with 272 additions and 20 deletions
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@ -1133,6 +1133,17 @@ psa_status_t psa_destroy_key( mbedtls_svc_key_id_t key )
       return( PSA_ERROR_GENERIC_ERROR );
    }

+    if( PSA_KEY_LIFETIME_IS_READ_ONLY( slot->attr.lifetime ) )
+    {
+        /* Refuse the destruction of a read-only key (which may or may not work
+         * if we attempt it, depending on whether the key is merely read-only
+         * by policy or actually physically read-only).
+         * Just do the best we can, which is to wipe the copy in memory
+         * (done in this function's cleanup code). */
+        overall_status = PSA_ERROR_NOT_PERMITTED;
+        goto exit;
+    }
+
 #if defined(MBEDTLS_PSA_CRYPTO_SE_C)
    driver = psa_get_se_driver_entry( slot->attr.lifetime );
    if( driver != NULL )
@ -1194,12 +1205,10 @@ psa_status_t psa_destroy_key( mbedtls_svc_key_id_t key )
    }
 #endif /* MBEDTLS_PSA_CRYPTO_SE_C */

-#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
 exit:
-#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
    status = psa_wipe_key_slot( slot );
    /* Prioritize CORRUPTION_DETECTED from wiping over a storage error */
-    if( overall_status == PSA_SUCCESS )
+    if( status != PSA_SUCCESS )
        overall_status = status;
    return( overall_status );
 }
--- a/library/psa_crypto_slot_management.c
+++ b/library/psa_crypto_slot_management.c
@ -466,7 +466,10 @@ psa_status_t psa_validate_key_persistence( psa_key_lifetime_t lifetime )
    {
        /* Persistent keys require storage support */
 #if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
-        return( PSA_SUCCESS );
+        if( PSA_KEY_LIFETIME_IS_READ_ONLY( lifetime ) )
+            return( PSA_ERROR_INVALID_ARGUMENT );
+        else
+            return( PSA_SUCCESS );
 #else /* MBEDTLS_PSA_CRYPTO_STORAGE_C */
        return( PSA_ERROR_NOT_SUPPORTED );
 #endif /* !MBEDTLS_PSA_CRYPTO_STORAGE_C */
@ -556,16 +559,17 @@ void mbedtls_psa_get_stats( mbedtls_psa_stats_t *stats )
            ++stats->empty_slots;
            continue;
        }
-        if( slot->attr.lifetime == PSA_KEY_LIFETIME_VOLATILE )
+        if( PSA_KEY_LIFETIME_IS_VOLATILE( slot->attr.lifetime ) )
            ++stats->volatile_slots;
-        else if( slot->attr.lifetime == PSA_KEY_LIFETIME_PERSISTENT )
+        else
        {
            psa_key_id_t id = MBEDTLS_SVC_KEY_ID_GET_KEY_ID( slot->attr.id );
            ++stats->persistent_slots;
            if( id > stats->max_open_internal_key_id )
                stats->max_open_internal_key_id = id;
        }
-        else
+        if( PSA_KEY_LIFETIME_GET_LOCATION( slot->attr.lifetime ) !=
+            PSA_KEY_LOCATION_LOCAL_STORAGE )
        {
            psa_key_id_t id = MBEDTLS_SVC_KEY_ID_GET_KEY_ID( slot->attr.id );
            ++stats->external_slots;