Limit keys to 65528 bits

65528 bits is more than any reasonable key until we start supporting post-quantum cryptography. This limit is chosen to allow bit-sizes to be stored in 16 bits, with 65535 left to indicate an invalid value. It's a whole number of bytes, which facilitates some calculations, in particular allowing a key of exactly PSA_CRYPTO_MAX_STORAGE_SIZE to be created but not one bit more. As a resource usage limit, this is arguably too large, but that's out of scope of the current commit. Test that key import, generation and derivation reject overly large sizes.
2019-07-30 17:26:54 +02:00 · 2019-07-30 17:26:54 +02:00 · c744d99386
commit c744d99386
parent 7e0cff90b9
7 changed files with 158 additions and 14 deletions
--- a/include/psa/crypto_struct.h
+++ b/include/psa/crypto_struct.h
@ -309,6 +309,12 @@ static inline struct psa_key_policy_s psa_key_policy_init( void )
    return( v );
 }

+/* The maximum size of a key in bits.
+ * This is a whole number of bytes, to facilitate some calculations
+ * such as the maximum size of key data in storage.
+ */
+#define PSA_MAX_KEY_BITS 0xfff8
+
 typedef struct
 {
    psa_key_type_t type;