commit 65f38a3c2e5c22d7f8a008914dc90141f17b6336
author Ronald Cron <ronald.cron@arm.com> Fri Oct 23 17:11:13 2020 +0200
committer Ronald Cron <ronald.cron@arm.com> Tue Nov 10 18:19:59 2020 +0100
tree 610b093fc666c13a0620269cbb082d15cfb1d1ad
parent d98059d599dc4745d480b052626718d70bae8ad7

Add key id check when creating a volatile key

Signed-off-by: Ronald Cron <ronald.cron@arm.com>

library/psa_crypto.c

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 82e2549..e45c52e 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1777,6 +1777,7 @@
 {
     psa_status_t status = PSA_ERROR_INVALID_ARGUMENT;
     psa_key_lifetime_t lifetime = psa_get_key_lifetime( attributes );
+    mbedtls_svc_key_id_t key = psa_get_key_id( attributes );
 
     status = psa_validate_key_location( psa_get_key_lifetime( attributes ),
                                         p_drv );
@@ -1787,8 +1788,12 @@
     if( status != PSA_SUCCESS )
         return( status );
 
-    /* Validate the key identifier only in the case of a persistent key. */
-    if ( ! PSA_KEY_LIFETIME_IS_VOLATILE( lifetime ) )
+    if ( PSA_KEY_LIFETIME_IS_VOLATILE( lifetime ) )
+    {
+        if( MBEDTLS_SVC_KEY_ID_GET_KEY_ID( key ) != 0 )
+            return( PSA_ERROR_INVALID_ARGUMENT );
+    }
+    else
     {
         status = psa_validate_key_id(
             psa_get_key_id( attributes ),