From eeaeef4d58b6e89ba899407d568da43beb4b90be Mon Sep 17 00:00:00 2001
From: gabor-mezei-arm <gabor.mezei@arm.com>
Date: Thu, 29 Apr 2021 15:57:57 +0200
Subject: [PATCH] Extend PSA_USAGE_SIGN/VERIFY_HASH key policies

According to the PSA specification the PSA_USAGE_SIGN_HASH has the
permission to sign a message as PSA_USAGE_SIGN_MESSAGE. Similarly the
PSA_USAGE_VERIFY_HASH has the permission to verify a message as
PSA_USAGE_VERIFY_MESSAGE. These permission will also be present when
the application queries the usage flags of the key.

Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
---
 include/psa/crypto_struct.h | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h
index 47012fdd00..aee4002e8e 100644
--- a/include/psa/crypto_struct.h
+++ b/include/psa/crypto_struct.h
@@ -394,6 +394,12 @@ static inline psa_key_lifetime_t psa_get_key_lifetime(
 static inline void psa_set_key_usage_flags(psa_key_attributes_t *attributes,
                                            psa_key_usage_t usage_flags)
 {
+    if( usage_flags & PSA_KEY_USAGE_SIGN_HASH )
+        usage_flags |= PSA_KEY_USAGE_SIGN_MESSAGE;
+
+    if( usage_flags & PSA_KEY_USAGE_VERIFY_HASH )
+        usage_flags |= PSA_KEY_USAGE_VERIFY_MESSAGE;
+
     attributes->core.policy.usage = usage_flags;
 }