TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls.git / f65ed6f25416b6786053658f88be7b3167d389ff^! / . / library / psa_crypto_storage.c
commitf65ed6f25416b6786053658f88be7b3167d389ff[log] [tgz]
authorGilles Peskine <Gilles.Peskine@arm.com>Wed Dec 04 17:18:41 2019 +0100
committerGilles Peskine <Gilles.Peskine@arm.com>Fri Jan 31 10:24:21 2020 +0100
tree3b449cb341d11211cc277cab1c44408bd994531c
parentb87b71946727b06dfb12d288ef52c4176ea475c1 [diff] [blame]
Change key types to a 16-bit encoding

All key types now have an encoding on 32 bits where the bottom 16 bits
are zero. Change to using 16 bits only.

Keep 32 bits for key types in storage, but move the significant
half-word from the top to the bottom.

Likewise, change EC curve and DH group families from 32 bits out of
which the top 8 and bottom 16 bits are zero, to 8 bits only.

Reorder psa_core_key_attributes_t to avoid padding.

diff --git a/library/psa_crypto_storage.c b/library/psa_crypto_storage.c
index 1389fd4..fa1214c 100644
--- a/library/psa_crypto_storage.c
+++ b/library/psa_crypto_storage.c

@@ -259,7 +259,9 @@
     uint8_t magic[PSA_KEY_STORAGE_MAGIC_HEADER_LENGTH];
     uint8_t version[4];
     uint8_t lifetime[sizeof( psa_key_lifetime_t )];
-    uint8_t type[sizeof( psa_key_type_t )];
+    uint8_t type[4]; /* Size=4 for a 2-byte type to keep the structure more
+                      * regular and aligned and to make potential future
+                      * extensibility easier. */
     uint8_t policy[sizeof( psa_key_policy_t )];
     uint8_t data_len[4];
     uint8_t key_data[];
@@ -276,7 +278,7 @@
     memcpy( storage_format->magic, PSA_KEY_STORAGE_MAGIC_HEADER, PSA_KEY_STORAGE_MAGIC_HEADER_LENGTH );
     PUT_UINT32_LE( 0, storage_format->version, 0 );
     PUT_UINT32_LE( attr->lifetime, storage_format->lifetime, 0 );
-    PUT_UINT32_LE( attr->type, storage_format->type, 0 );
+    PUT_UINT32_LE( (uint32_t) attr->type, storage_format->type, 0 );
     PUT_UINT32_LE( attr->policy.usage, storage_format->policy, 0 );
     PUT_UINT32_LE( attr->policy.alg, storage_format->policy, sizeof( uint32_t ) );
     PUT_UINT32_LE( attr->policy.alg2, storage_format->policy, 2 * sizeof( uint32_t ) );
@@ -302,6 +304,7 @@
     const psa_persistent_key_storage_format *storage_format =
         (const psa_persistent_key_storage_format *)storage_data;
     uint32_t version;
+    uint32_t type;
 
     if( storage_data_length < sizeof(*storage_format) )
         return( PSA_ERROR_STORAGE_FAILURE );
@@ -332,7 +335,11 @@
     }
 
     GET_UINT32_LE( attr->lifetime, storage_format->lifetime, 0 );
-    GET_UINT32_LE( attr->type, storage_format->type, 0 );
+    GET_UINT32_LE( type, storage_format->type, 0 );
+    if( type <= (psa_key_type_t) -1 )
+        attr->type = (psa_key_type_t) type;
+    else
+        return( PSA_ERROR_STORAGE_FAILURE );
     GET_UINT32_LE( attr->policy.usage, storage_format->policy, 0 );
     GET_UINT32_LE( attr->policy.alg, storage_format->policy, sizeof( uint32_t ) );
     GET_UINT32_LE( attr->policy.alg2, storage_format->policy, 2 * sizeof( uint32_t ) );