Use a key attribute structure in the internal storage interface
Pass information via a key attribute structure rather than as separate
parameters to psa_crypto_storage functions. This makes it easier to
maintain the code when the metadata of a key evolves.
This has negligible impact on code size (+4B with "gcc -Os" on x86_64).
diff --git a/library/psa_crypto_storage.c b/library/psa_crypto_storage.c
index 97b2481..a35808a 100644
--- a/library/psa_crypto_storage.c
+++ b/library/psa_crypto_storage.c
@@ -263,8 +263,7 @@
void psa_format_key_data_for_storage( const uint8_t *data,
const size_t data_length,
- const psa_key_type_t type,
- const psa_key_policy_t *policy,
+ const psa_key_attributes_t *attributes,
uint8_t *storage_data )
{
psa_persistent_key_storage_format *storage_format =
@@ -272,10 +271,10 @@
memcpy( storage_format->magic, PSA_KEY_STORAGE_MAGIC_HEADER, PSA_KEY_STORAGE_MAGIC_HEADER_LENGTH );
PUT_UINT32_LE( 0, storage_format->version, 0 );
- PUT_UINT32_LE( type, storage_format->type, 0 );
- PUT_UINT32_LE( policy->usage, storage_format->policy, 0 );
- PUT_UINT32_LE( policy->alg, storage_format->policy, sizeof( uint32_t ) );
- PUT_UINT32_LE( policy->alg2, storage_format->policy, 2 * sizeof( uint32_t ) );
+ PUT_UINT32_LE( psa_get_key_type( attributes ), storage_format->type, 0 );
+ PUT_UINT32_LE( psa_get_key_usage_flags( attributes ), storage_format->policy, 0 );
+ PUT_UINT32_LE( psa_get_key_algorithm( attributes ), storage_format->policy, sizeof( uint32_t ) );
+ PUT_UINT32_LE( psa_get_key_enrollment_algorithm( attributes ), storage_format->policy, 2 * sizeof( uint32_t ) );
PUT_UINT32_LE( data_length, storage_format->data_len, 0 );
memcpy( storage_format->key_data, data, data_length );
}
@@ -292,8 +291,7 @@
size_t storage_data_length,
uint8_t **key_data,
size_t *key_data_length,
- psa_key_type_t *type,
- psa_key_policy_t *policy )
+ psa_key_attributes_t *attributes )
{
psa_status_t status;
const psa_persistent_key_storage_format *storage_format =
@@ -328,17 +326,15 @@
memcpy( *key_data, storage_format->key_data, *key_data_length );
}
- GET_UINT32_LE( *type, storage_format->type, 0 );
- GET_UINT32_LE( policy->usage, storage_format->policy, 0 );
- GET_UINT32_LE( policy->alg, storage_format->policy, sizeof( uint32_t ) );
- GET_UINT32_LE( policy->alg2, storage_format->policy, 2 * sizeof( uint32_t ) );
+ GET_UINT32_LE( attributes->type, storage_format->type, 0 );
+ GET_UINT32_LE( attributes->policy.usage, storage_format->policy, 0 );
+ GET_UINT32_LE( attributes->policy.alg, storage_format->policy, sizeof( uint32_t ) );
+ GET_UINT32_LE( attributes->policy.alg2, storage_format->policy, 2 * sizeof( uint32_t ) );
return( PSA_SUCCESS );
}
-psa_status_t psa_save_persistent_key( const psa_key_file_id_t key,
- const psa_key_type_t type,
- const psa_key_policy_t *policy,
+psa_status_t psa_save_persistent_key( const psa_key_attributes_t *attributes,
const uint8_t *data,
const size_t data_length )
{
@@ -354,10 +350,10 @@
if( storage_data == NULL )
return( PSA_ERROR_INSUFFICIENT_MEMORY );
- psa_format_key_data_for_storage( data, data_length, type, policy,
+ psa_format_key_data_for_storage( data, data_length, attributes,
storage_data );
- status = psa_crypto_storage_store( key,
+ status = psa_crypto_storage_store( psa_get_key_id( attributes ),
storage_data, storage_data_length );
mbedtls_free( storage_data );
@@ -374,15 +370,14 @@
mbedtls_free( key_data );
}
-psa_status_t psa_load_persistent_key( psa_key_file_id_t key,
- psa_key_type_t *type,
- psa_key_policy_t *policy,
+psa_status_t psa_load_persistent_key( psa_key_attributes_t *attributes,
uint8_t **data,
size_t *data_length )
{
psa_status_t status = PSA_SUCCESS;
uint8_t *loaded_data;
size_t storage_data_length = 0;
+ psa_key_id_t key = psa_get_key_id( attributes );
status = psa_crypto_storage_get_data_length( key, &storage_data_length );
if( status != PSA_SUCCESS )
@@ -398,7 +393,7 @@
goto exit;
status = psa_parse_key_data_from_storage( loaded_data, storage_data_length,
- data, data_length, type, policy );
+ data, data_length, attributes );
exit:
mbedtls_free( loaded_data );