SE keys: store the slot number in the memory slot
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index db6a11f..84b10df 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -363,6 +363,13 @@
/* Key management */
/****************************************************************/
+#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
+static inline int psa_key_slot_is_external( const psa_key_slot_t *slot )
+{
+ return( psa_key_lifetime_is_external( slot->lifetime ) );
+}
+#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
+
#if defined(MBEDTLS_ECP_C)
static psa_ecc_curve_t mbedtls_ecc_group_to_psa( mbedtls_ecp_group_id grpid )
{
@@ -867,6 +874,13 @@
/** Wipe key data from a slot. Preserve metadata such as the policy. */
static psa_status_t psa_remove_key_data_from_memory( psa_key_slot_t *slot )
{
+#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
+ if( psa_key_slot_is_external( slot ) )
+ {
+ /* No key material to clean. */
+ }
+ else
+#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
if( slot->type == PSA_KEY_TYPE_NONE )
{
/* No key material to clean. */
diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h
index 5958972..6096810 100644
--- a/library/psa_crypto_core.h
+++ b/library/psa_crypto_core.h
@@ -29,6 +29,7 @@
#endif
#include "psa/crypto.h"
+#include "psa/crypto_se_driver.h"
#include "mbedtls/ecp.h"
#include "mbedtls/rsa.h"
@@ -45,17 +46,25 @@
unsigned allocated : 1;
union
{
+ /* Raw-data key (key_type_is_raw_bytes() in psa_crypto.c) */
struct raw_data
{
uint8_t *data;
size_t bytes;
} raw;
#if defined(MBEDTLS_RSA_C)
+ /* RSA public key or key pair */
mbedtls_rsa_context *rsa;
#endif /* MBEDTLS_RSA_C */
#if defined(MBEDTLS_ECP_C)
+ /* EC public key or key pair */
mbedtls_ecp_keypair *ecp;
#endif /* MBEDTLS_ECP_C */
+ /* Any key type in a secure element */
+ struct se
+ {
+ psa_key_slot_number_t slot_number;
+ } se;
} data;
} psa_key_slot_t;