Define always psa_key_id_t as defined in PSA crypto spec
Define always psa_key_id_t as defined in the PSA
Cryptography API specification independently of
whether the MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER
configuration file is set or not.
As a consequence, get rid of `psa_app_key_id_t` that is
not needed anymore.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
diff --git a/include/psa/crypto_extra.h b/include/psa/crypto_extra.h
index f0c7979..71adb93 100644
--- a/include/psa/crypto_extra.h
+++ b/include/psa/crypto_extra.h
@@ -232,9 +232,9 @@
/** Number of slots that are not used for anything. */
size_t empty_slots;
/** Largest key id value among open keys in internal persistent storage. */
- psa_app_key_id_t max_open_internal_key_id;
+ psa_key_id_t max_open_internal_key_id;
/** Largest key id value among open keys in secure elements. */
- psa_app_key_id_t max_open_external_key_id;
+ psa_key_id_t max_open_external_key_id;
} mbedtls_psa_stats_t;
/** \brief Get statistics about
diff --git a/include/psa/crypto_platform.h b/include/psa/crypto_platform.h
index bd3dc10..0bebb08 100644
--- a/include/psa/crypto_platform.h
+++ b/include/psa/crypto_platform.h
@@ -47,25 +47,6 @@
/* Integral type representing a key handle. */
typedef uint16_t psa_key_handle_t;
-/* This implementation distinguishes *application key identifiers*, which
- * are the key identifiers specified by the application, from
- * *key file identifiers*, which are the key identifiers that the library
- * sees internally. The two types can be different if there is a remote
- * call layer between the application and the library which supports
- * multiple client applications that do not have access to each others'
- * keys. The point of having different types is that the key file
- * identifier may encode not only the key identifier specified by the
- * application, but also the the identity of the application.
- *
- * Note that this is an internal concept of the library and the remote
- * call layer. The application itself never sees anything other than
- * #psa_app_key_id_t with its standard definition.
- */
-
-/* The application key identifier is always what the application sees as
- * #psa_key_id_t. */
-typedef uint32_t psa_app_key_id_t;
-
#if defined(MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER)
#if defined(PSA_CRYPTO_SECURE)
diff --git a/include/psa/crypto_types.h b/include/psa/crypto_types.h
index 4603a1d..a8becb7 100644
--- a/include/psa/crypto_types.h
+++ b/include/psa/crypto_types.h
@@ -233,14 +233,10 @@
* - 0 is reserved as an invalid key identifier.
* - Key identifiers outside these ranges are reserved for future use.
*/
-/* Implementation-specific quirk: The Mbed Crypto library can be built as
- * part of a multi-client service that exposes the PSA Crypto API in each
- * client and encodes the client identity in the key id argument of functions
- * such as psa_open_key(). */
-#if !defined(MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER)
typedef uint32_t psa_key_id_t;
-typedef psa_key_id_t psa_key_file_id_t;
+#if !defined(MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER)
+typedef psa_key_id_t psa_key_file_id_t;
#define PSA_KEY_ID_INIT 0
#define PSA_KEY_FILE_GET_KEY_ID( id ) ( id )
@@ -258,9 +254,14 @@
}
#else /* MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER */
+/* Implementation-specific: The Mbed Crypto library can be built as
+ * part of a multi-client service that exposes the PSA Crypto API in each
+ * client and encodes the client identity in the key id argument of functions
+ * such as psa_open_key().
+ */
typedef struct
{
- uint32_t key_id;
+ psa_key_id_t key_id;
psa_key_owner_id_t owner;
} psa_key_file_id_t;
@@ -273,7 +274,7 @@
* \param key_id Identifier of the key.
*/
static inline psa_key_file_id_t psa_key_file_id_make(
- psa_key_owner_id_t owner_id, uint32_t key_id )
+ psa_key_owner_id_t owner_id, psa_key_id_t key_id )
{
return( (psa_key_file_id_t){ .key_id = key_id,
.owner = owner_id } );
diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h
index a940711..02e9c00 100644
--- a/include/psa/crypto_values.h
+++ b/include/psa/crypto_values.h
@@ -1636,16 +1636,16 @@
/** The minimum value for a key identifier chosen by the application.
*/
-#define PSA_KEY_ID_USER_MIN ((psa_app_key_id_t)0x00000001)
+#define PSA_KEY_ID_USER_MIN ((psa_key_id_t)0x00000001)
/** The maximum value for a key identifier chosen by the application.
*/
-#define PSA_KEY_ID_USER_MAX ((psa_app_key_id_t)0x3fffffff)
+#define PSA_KEY_ID_USER_MAX ((psa_key_id_t)0x3fffffff)
/** The minimum value for a key identifier chosen by the implementation.
*/
-#define PSA_KEY_ID_VENDOR_MIN ((psa_app_key_id_t)0x40000000)
+#define PSA_KEY_ID_VENDOR_MIN ((psa_key_id_t)0x40000000)
/** The maximum value for a key identifier chosen by the implementation.
*/
-#define PSA_KEY_ID_VENDOR_MAX ((psa_app_key_id_t)0x7fffffff)
+#define PSA_KEY_ID_VENDOR_MAX ((psa_key_id_t)0x7fffffff)
/**@}*/
diff --git a/library/psa_crypto_se.h b/library/psa_crypto_se.h
index 258c211..5691738 100644
--- a/library/psa_crypto_se.h
+++ b/library/psa_crypto_se.h
@@ -51,7 +51,7 @@
* actually not used since it corresponds to #PSA_KEY_LOCATION_LOCAL_STORAGE
* which doesn't have a driver.
*/
-#define PSA_CRYPTO_SE_DRIVER_ITS_UID_BASE ( (psa_app_key_id_t) 0xfffffe00 )
+#define PSA_CRYPTO_SE_DRIVER_ITS_UID_BASE ( (psa_key_id_t) 0xfffffe00 )
/** The maximum number of registered secure element driver locations. */
#define PSA_MAX_SE_DRIVERS 4
diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c
index 3600e1a..a9b8624 100644
--- a/library/psa_crypto_slot_management.c
+++ b/library/psa_crypto_slot_management.c
@@ -166,7 +166,7 @@
static int psa_is_key_id_valid( psa_key_file_id_t file_id,
int vendor_ok )
{
- psa_app_key_id_t key_id = PSA_KEY_FILE_GET_KEY_ID( file_id );
+ psa_key_id_t key_id = PSA_KEY_FILE_GET_KEY_ID( file_id );
if( PSA_KEY_ID_USER_MIN <= key_id && key_id <= PSA_KEY_ID_USER_MAX )
return( 1 );
else if( vendor_ok &&
@@ -291,14 +291,14 @@
++stats->volatile_slots;
else if( slot->attr.lifetime == PSA_KEY_LIFETIME_PERSISTENT )
{
- psa_app_key_id_t id = PSA_KEY_FILE_GET_KEY_ID(slot->attr.id);
+ psa_key_id_t id = PSA_KEY_FILE_GET_KEY_ID(slot->attr.id);
++stats->persistent_slots;
if( id > stats->max_open_internal_key_id )
stats->max_open_internal_key_id = id;
}
else
{
- psa_app_key_id_t id = PSA_KEY_FILE_GET_KEY_ID(slot->attr.id);
+ psa_key_id_t id = PSA_KEY_FILE_GET_KEY_ID(slot->attr.id);
++stats->external_slots;
if( id > stats->max_open_external_key_id )
stats->max_open_external_key_id = id;
diff --git a/library/psa_crypto_storage.h b/library/psa_crypto_storage.h
index 6fcae27..c9270a9 100644
--- a/library/psa_crypto_storage.h
+++ b/library/psa_crypto_storage.h
@@ -361,7 +361,7 @@
*
* 0xffffffNN = special file; 0x74 = 't' for transaction.
*/
-#define PSA_CRYPTO_ITS_TRANSACTION_UID ( (psa_app_key_id_t) 0xffffff74 )
+#define PSA_CRYPTO_ITS_TRANSACTION_UID ( (psa_key_id_t) 0xffffff74 )
#endif /* PSA_CRYPTO_STORAGE_HAS_TRANSACTIONS */
diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal.function b/tests/suites/test_suite_psa_crypto_se_driver_hal.function
index e7c26d2..992e5df 100644
--- a/tests/suites/test_suite_psa_crypto_se_driver_hal.function
+++ b/tests/suites/test_suite_psa_crypto_se_driver_hal.function
@@ -760,7 +760,7 @@
#define MAX_KEY_ID_FOR_TEST 10
static void psa_purge_storage( void )
{
- psa_app_key_id_t id;
+ psa_key_id_t id;
psa_key_location_t location;
/* The tests may have potentially created key ids from 1 to
* MAX_KEY_ID_FOR_TEST. In addition, run the destroy function on key id
diff --git a/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function
index 618bd15..8f1f968 100644
--- a/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function
+++ b/tests/suites/test_suite_psa_crypto_se_driver_hal_mocks.function
@@ -89,7 +89,7 @@
#define MAX_KEY_ID_FOR_TEST 10
static void psa_purge_storage( void )
{
- psa_app_key_id_t id;
+ psa_key_id_t id;
psa_key_location_t location;
/* The tests may have potentially created key ids from 1 to
* MAX_KEY_ID_FOR_TEST. In addition, run the destroy function on key id