Add infrastructure for key attribute flags

Add infrastructure for internal, external and dual-use flags, with a compile-time check (if static_assert is available) to ensure that the same numerical value doesn't get declared for two different purposes in crypto_struct.h (external or dual-use) and psa_crypto_core.h (internal).
2019-08-02 19:19:39 +02:00 · 2019-08-02 19:19:39 +02:00 · 91e8c33f48
commit 91e8c33f48
parent 0c77b0e2f9
3 changed files with 45 additions and 1 deletions
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@ -1408,6 +1408,15 @@ psa_status_t psa_export_public_key( psa_key_handle_t handle,
                                     data_length, 1 ) );
 }

+#if defined(static_assert)
+static_assert( ( MBEDTLS_PSA_KA_MASK_EXTERNAL_ONLY & MBEDTLS_PSA_KA_MASK_DUAL_USE ) == 0,
+               "One or more key attribute flag is listed as both external-only and dual-use" );
+static_assert( ( MBEDTLS_PSA_KA_MASK_INTERNAL_ONLY & MBEDTLS_PSA_KA_MASK_DUAL_USE ) == 0,
+               "One or more key attribute flag is listed as both external-only and dual-use" );
+static_assert( ( MBEDTLS_PSA_KA_MASK_INTERNAL_ONLY & MBEDTLS_PSA_KA_MASK_EXTERNAL_ONLY ) == 0,
+               "One or more key attribute flag is listed as both internal-only and external-only" );
+#endif
+
 /** Validate that a key policy is internally well-formed.
 *
 * This function only rejects invalid policies. It does not validate the
@ -1467,6 +1476,11 @@ static psa_status_t psa_validate_key_attributes(
    if( psa_get_key_bits( attributes ) > PSA_MAX_KEY_BITS )
        return( PSA_ERROR_NOT_SUPPORTED );

+    /* Reject invalid flags. These should not be reachable through the API. */
+    if( attributes->core.flags & ~ ( MBEDTLS_PSA_KA_MASK_EXTERNAL_ONLY |
+                                     MBEDTLS_PSA_KA_MASK_DUAL_USE ) )
+        return( PSA_ERROR_INVALID_ARGUMENT );
+
    return( PSA_SUCCESS );
 }

@ -1523,6 +1537,10 @@ static psa_status_t psa_start_key_creation(

    slot->attr = attributes->core;

+    /* Erase external-only flags from the internal copy. To access
+     * external-only flags, query `attributes`. */
+    slot->attr.flags |= ~MBEDTLS_PSA_KA_MASK_EXTERNAL_ONLY;
+
 #if defined(MBEDTLS_PSA_CRYPTO_SE_C)
    /* For a key in a secure element, we need to do three things:
     * create the key file in internal storage, create the
--- a/library/psa_crypto_core.h
+++ b/library/psa_crypto_core.h
@ -64,6 +64,11 @@ typedef struct
    } data;
 } psa_key_slot_t;

+/* A mask of key attribute flags used only internally.
+ * Currently there aren't any. */
+#define MBEDTLS_PSA_KA_MASK_INTERNAL_ONLY (     \
+        0 )
+
 /** Test whether a key slot is occupied.
 *
 * A key slot is occupied iff the key type is nonzero. This works because