commit 105b4872fc9d1b3171a87a473727bdda153c255e
author David Hu <david.hu@arm.com> Wed May 19 16:43:19 2021 +0800
committer David Hu <david.hu@arm.com> Thu Jun 24 12:16:06 2021 +0200
tree 79ef708a8fd5b4a2a64c17344b4394e1264c4c07
parent d0f6ceb0559af6ef08f4624eeac079cc07a1f077

Crypto: Support key ID without encoding key owner ID

Enable dealing with Mbed TLS key ID without encoding key owner ID when
MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER is deselected.

Deselect MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER in TF-M Profile Small.
It is usually not enforced to isolate clients in non-secure or secure
side in very simple usage scenario on platforms with ultra-constrainted
resource.

Also disable handle_owner[] if MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
is deselected. Modify the crypto_key.c implementation accordingly.

Change-Id: Ie890473126be62d9f07c618b757d3818dfc4f8dd
Signed-off-by: David Hu <david.hu@arm.com>

secure_fw/partitions/crypto/crypto_cipher.c

diff --git a/secure_fw/partitions/crypto/crypto_cipher.c b/secure_fw/partitions/crypto/crypto_cipher.c
index 5a318ef..6318d0f 100644
--- a/secure_fw/partitions/crypto/crypto_cipher.c
+++ b/secure_fw/partitions/crypto/crypto_cipher.c
@@ -123,7 +123,7 @@
     psa_algorithm_t alg = iov->alg;
     mbedtls_svc_key_id_t encoded_key;
 
-    status = tfm_crypto_check_handle_owner(key_id, NULL);
+    status = tfm_crypto_check_handle_owner(key_id);
     if (status != PSA_SUCCESS) {
         return status;
     }
@@ -180,7 +180,7 @@
     psa_algorithm_t alg = iov->alg;
     mbedtls_svc_key_id_t encoded_key;
 
-    status = tfm_crypto_check_handle_owner(key_id, NULL);
+    status = tfm_crypto_check_handle_owner(key_id);
     if (status != PSA_SUCCESS) {
         return status;
     }