eden-emu/mbedtls
15
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Support slot_number attribute when creating a key

Browse source 
Allow the application to choose the slot number in a secure element,
rather than always letting the driver choose.

With this commit, any application may request any slot. In an
implementation with isolation, it's up to the service to filter key
creation requests and apply policies to limit which applications can
request which slot.
This commit is contained in:
Gilles Peskine 2019-08-05 14:55:50 +02:00
parent ae9964d3ef
commit 46d9439a5e
4 changed files with 105 additions and 15 deletions
Download patch file Download diff file Expand all files Collapse all files

4
library/psa_crypto.c
View file

@ -1582,10 +1582,6 @@ static psa_status_t psa_start_key_creation(
* we can roll back to a state where the key doesn't exist. */
if( *p_drv != NULL )
{
/* Choosing a slot number is not supported yet. */
if( attributes->core.flags & MBEDTLS_PSA_KA_FLAG_HAS_SLOT_NUMBER )
return( PSA_ERROR_NOT_SUPPORTED );
status = psa_find_se_slot_for_key( attributes, *p_drv,
&slot->data.se.slot_number );
if( status != PSA_SUCCESS )