leverage psa_allocate_buffer_to_slot from slot management
It makes the implementation of psa_load_builtin_key_into_slot a lot
cleaner.
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 32568b3..068990a 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -604,20 +604,8 @@
return( PSA_ERROR_INVALID_ARGUMENT );
}
-/** Try to allocate a buffer to an empty key slot.
- *
- * \param[in,out] slot Key slot to attach buffer to.
- * \param[in] buffer_length Requested size of the buffer.
- *
- * \retval #PSA_SUCCESS
- * The buffer has been successfully allocated.
- * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
- * Not enough memory was available for allocation.
- * \retval #PSA_ERROR_ALREADY_EXISTS
- * Trying to allocate a buffer to a non-empty key slot.
- */
-static psa_status_t psa_allocate_buffer_to_slot( psa_key_slot_t *slot,
- size_t buffer_length )
+psa_status_t psa_allocate_buffer_to_slot( psa_key_slot_t *slot,
+ size_t buffer_length )
{
if( slot->key.data != NULL )
return( PSA_ERROR_ALREADY_EXISTS );
diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h
index f949c71..eeb0105 100644
--- a/library/psa_crypto_core.h
+++ b/library/psa_crypto_core.h
@@ -180,6 +180,21 @@
*/
psa_status_t psa_wipe_key_slot( psa_key_slot_t *slot );
+/** Try to allocate a buffer to an empty key slot.
+ *
+ * \param[in,out] slot Key slot to attach buffer to.
+ * \param[in] buffer_length Requested size of the buffer.
+ *
+ * \retval #PSA_SUCCESS
+ * The buffer has been successfully allocated.
+ * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
+ * Not enough memory was available for allocation.
+ * \retval #PSA_ERROR_ALREADY_EXISTS
+ * Trying to allocate a buffer to a non-empty key slot.
+ */
+psa_status_t psa_allocate_buffer_to_slot( psa_key_slot_t *slot,
+ size_t buffer_length );
+
/** Copy key data (in export format) into an empty key slot.
*
* This function assumes that the slot does not contain
diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c
index de20fa1..bdb45ee 100644
--- a/library/psa_crypto_slot_management.c
+++ b/library/psa_crypto_slot_management.c
@@ -283,7 +283,6 @@
psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
psa_key_lifetime_t lifetime = PSA_KEY_LIFETIME_VOLATILE;
psa_drv_slot_number_t slot_number = 0;
- uint8_t *key_buffer = NULL;
size_t key_buffer_size = 0;
size_t key_buffer_length = 0;
@@ -303,33 +302,32 @@
/* Set mapped lifetime on the attributes */
psa_set_key_lifetime( &attributes, lifetime );
- /* If the key should exist according to the platform, load it through the
- * driver interface. */
+ /* If the key should exist according to the platform, then ask the driver
+ * what its expected size is. */
status = psa_driver_wrapper_get_key_buffer_size( &attributes,
&key_buffer_size );
if( status != PSA_SUCCESS )
return( status );
- key_buffer = mbedtls_calloc( 1, key_buffer_size );
- if( key_buffer == NULL )
- return( PSA_ERROR_INSUFFICIENT_MEMORY );
+ /* Allocate a buffer of the required size and load the builtin key directly
+ * into the slot buffer. */
+ status = psa_allocate_buffer_to_slot( slot, key_buffer_size );
+ if( status != PSA_SUCCESS )
+ return( status );
status = psa_driver_wrapper_get_builtin_key(
slot_number, &attributes,
- key_buffer, key_buffer_size, &key_buffer_length );
+ slot->key.data, slot->key.bytes, &key_buffer_length );
if( status != PSA_SUCCESS )
goto exit;
- status = psa_copy_key_material_into_slot(
- slot, key_buffer, key_buffer_length );
- if( status != PSA_SUCCESS )
- goto exit;
-
- /* Copy core attributes into the slot on success */
+ /* Copy actual key length and core attributes into the slot on success */
+ slot->key.bytes = key_buffer_length;
slot->attr = attributes.core;
exit:
- mbedtls_free( key_buffer );
+ if( status != PSA_SUCCESS )
+ psa_wipe_key_slot( slot );
return( status );
}
#endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */