commit 06af0cd4a3e40a279a4400c07092a41a0f4d2fad
author Gilles Peskine <Gilles.Peskine@arm.com> Sun Apr 28 11:32:30 2019 +0200
committer Gilles Peskine <Gilles.Peskine@arm.com> Sun Apr 28 11:46:10 2019 +0200
tree c7c012ba775ea884ffda9fb2d52b905d1b2d155b
parent e56e878207c339c60f17e2ef0fef835a50a8efb6

Always require reset after psa_get_key_attributes

There was a guarantee that psa_get_key_attributes() does not require a
subsequent psa_reset_key_attributes() to free resources as long as the
key was created with attributes having this property. This requirement
was hard to pin down because if a key is created with default
parameters, there are cases where it is difficult to ensure that the
domain parameters will be reported without allocating memory. So
remove this guarantee. Now the only case psa_reset_key_attributes() is
not required is if the attribute structure has only been modified with
certain specific setters.

include/psa/crypto.h

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index 9ec3b90..705f2ca 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -151,13 +151,12 @@
  * - psa_set_key_usage_flags()
  * - psa_set_key_algorithm()
  * - psa_reset_key_attributes()
- * - psa_get_key_attributes() on a key which has been created with
- *   attribute structure that itself did not contain auxiliary resources
  *
  * If the attribute structure has been modified with other functions,
  * you must free auxiliary resources by calling psa_reset_key_attributes().
  * The following functions may create auxiliary resouces:
  * - psa_set_key_domain_parameters()
+ * - psa_get_key_attributes()
  */
 typedef struct psa_key_attributes_s psa_key_attributes_t;