Declare key id 0 as invalid

In keeping with other integral types, declare 0 to be an invalid key identifier. Documented, implemented and tested.
2025-07-29 11:41:15 +03:00 · 2019-05-15 18:42:09 +02:00
parent f9666595e1
commit f9fbc38e66
4 changed files with 18 additions and 11 deletions
--- a/include/psa/crypto_types.h
+++ b/include/psa/crypto_types.h
@ -107,8 +107,8 @@ typedef uint32_t psa_key_lifetime_t;
 *   #PSA_KEY_ID_USER_MIN to #PSA_KEY_ID_USER_MAX.
 * - Implementations may define additional key identifiers in the range
 *   #PSA_KEY_ID_VENDOR_MIN to #PSA_KEY_ID_VENDOR_MAX.
- * - Key identifiers outside these ranges are reserved for future use
- *   in future versions of this specification.
+ * - 0 is reserved as an invalid key identifier.
+ * - Key identifiers outside these ranges are reserved for future use.
 */
 /* Implementation-specific quirk: The Mbed Crypto library can be built as
 * part of a multi-client service that exposes the PSA Crypto API in each
--- a/include/psa/crypto_values.h
+++ b/include/psa/crypto_values.h
@ -1442,7 +1442,7 @@

 /** The minimum value for a key identifier chosen by the application.
 */
-#define PSA_KEY_ID_USER_MIN                     ((psa_key_id_t)0x00000000)
+#define PSA_KEY_ID_USER_MIN                     ((psa_key_id_t)0x00000001)
 /** The minimum value for a key identifier chosen by the application.
 */
 #define PSA_KEY_ID_USER_MAX                     ((psa_key_id_t)0x3fffffff)