Switch psa_{get,set}_domain_parameters to attributes

Change psa_get_domain_parameters() and psa_set_domain_parameters() to access a psa_key_attributes_t structure rather than a key handle. In psa_get_key_attributes(), treat the RSA public exponent as a domain parameter and read it out. This is in preparation for removing the `extra` parameter of psa_generate_key() and setting the RSA public exponent for key generation via domain parameters. In this commit, the default public exponent 65537 is not treated specially, which allows us to verify that test code that should be calling psa_reset_key_attributes() after retrieving the attributes of an RSA key is doing so properly (if it wasn't, there would be a memory leak), even if the test data happens to use an RSA key with the default public exponent.
2019-04-26 16:06:02 +02:00 · 2019-04-26 16:06:02 +02:00 · b699f07af0
commit b699f07af0
parent a1ace9c494
3 changed files with 192 additions and 103 deletions
--- a/include/psa/crypto_struct.h
+++ b/include/psa/crypto_struct.h
@ -268,9 +268,11 @@ struct psa_key_attributes_s
    psa_key_policy_t policy;
    psa_key_type_t type;
    size_t bits;
+    void *domain_parameters;
+    size_t domain_parameters_size;
 };

-#define PSA_KEY_ATTRIBUTES_INIT {0, 0, {0, 0}, 0, 0}
+#define PSA_KEY_ATTRIBUTES_INIT {0, 0, {0, 0}, 0, 0, NULL, 0}
 static inline struct psa_key_attributes_s psa_key_attributes_init( void )
 {
    const struct psa_key_attributes_s v = PSA_KEY_ATTRIBUTES_INIT;
@ -324,7 +326,19 @@ static inline psa_algorithm_t psa_get_key_algorithm(
 static inline void psa_set_key_type(psa_key_attributes_t *attributes,
                                    psa_key_type_t type)
 {
-    attributes->type = type;
+    if( attributes->domain_parameters == NULL )
+    {
+        /* Common case: quick path */
+        attributes->type = type;
+    }
+    else
+    {
+        /* Call the bigger function to free the old domain paramteres.
+         * Ignore any errors which may arise due to type requiring
+         * non-default domain parameters, since this function can't
+         * report errors. */
+        (void) psa_set_key_domain_parameters( attributes, type, NULL, 0 );
+    }
 }

 static inline psa_key_type_t psa_get_key_type(