psa: Use psa_key_file_id_t as the key id type
The purpose of this commit and the following is for
psa_key_id_t to always be as defined by the PSA
Cryptography API specification.
Currently psa_key_id_t departs from its specification
definition when MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER
configuration flag is set. In that configuration, it is set
to be equal to psa_key_file_id_t which in that configuration
encodes an owner identifier along the key identifier.
Type psa_key_file_id_t was meant to be the key identifier type
used throughout the library code. If
MBEDTLS_PSA_CRYPTO_KEY_FILE_ID_ENCODES_OWNER is set it
includes both a key and owner identifier, otherwise it is
equal to psa_key_id_t.
It has not been the key identifier type throughout the
library so far because when the PSA Cryptography
specification was developped the library Doxygen
documentation was used to generate the PSA Cryptography API
specification thus the need to use psa_key_id_t and not
psa_key_file_id_t.
As this constraint does not hold anymore, move
to psa_key_file_id_t as the key identifier type throughout
the library code.
By the way, this commit updates the key identifier
initialization in the tests to be compatible with a
composit key identifier. A psa_key_id_make()
inline function is introduced to initialize key
identifiers (composit ot not) at runtime.
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index a316166..c8eb08b 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -146,11 +146,11 @@
* linkage). This function may be provided as a function-like macro,
* but in this case it must evaluate each of its arguments exactly once.
*
- * \param[out] attributes The attribute structure to write to.
- * \param id The persistent identifier for the key.
+ * \param[out] attributes The attribute structure to write to.
+ * \param key The persistent identifier for the key.
*/
static void psa_set_key_id(psa_key_attributes_t *attributes,
- psa_key_id_t id);
+ psa_key_file_id_t key);
/** Set the location of a persistent key.
*
@@ -192,7 +192,7 @@
* This value is unspecified if the attribute structure declares
* the key as volatile.
*/
-static psa_key_id_t psa_get_key_id(const psa_key_attributes_t *attributes);
+static psa_key_file_id_t psa_get_key_id(const psa_key_attributes_t *attributes);
/** Retrieve the lifetime from key attributes.
*
@@ -392,8 +392,9 @@
* with a lifetime other than #PSA_KEY_LIFETIME_VOLATILE. A persistent key
* always has a nonzero key identifier, set with psa_set_key_id() when
* creating the key. Implementations may provide additional pre-provisioned
- * keys that can be opened with psa_open_key(). Such keys have a key identifier
- * in the vendor range, as documented in the description of #psa_key_id_t.
+ * keys that can be opened with psa_open_key(). Such keys have an application
+ * key identifier in the vendor range, as documented in the description of
+ * #psa_key_id_t.
*
* The application must eventually close the handle with psa_close_key() or
* psa_destroy_key() to release associated resources. If the application dies
@@ -408,7 +409,7 @@
* portable to implementations that only permit a single key handle to be
* opened. See also :ref:\`key-handles\`.
*
- * \param id The persistent identifier of the key.
+ * \param key The persistent identifier of the key.
* \param[out] handle On success, a handle to the key.
*
* \retval #PSA_SUCCESS
@@ -436,8 +437,7 @@
* It is implementation-dependent whether a failure to initialize
* results in this error code.
*/
-psa_status_t psa_open_key(psa_key_id_t id,
- psa_key_handle_t *handle);
+psa_status_t psa_open_key(psa_key_file_id_t key, psa_key_handle_t *handle);
/** Close a key handle.