Switch key slots to psa_key_attributes_t
Switch `psa_key_slot_t` to the full `psa_key_attributes_t`, now that this
structure only has psa_core_key_attributes_t`.
To minimize the diff without breaking the build much, temporarily make
`psa_key_attributes_t` contain either the `core` field or all the fields.
This allows both things like `slot->attr.core.type` and `slot->attr.type`
to exist. The build breaks with compilers that don't support anonymous
unions and structs, which are only standard C since C11.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h
index a0218e3..e4d85be 100644
--- a/include/psa/crypto_struct.h
+++ b/include/psa/crypto_struct.h
@@ -312,6 +312,34 @@
mbedtls_svc_key_id_t MBEDTLS_PRIVATE(id);
} psa_core_key_attributes_t;
+struct psa_key_attributes_s {
+ union {
+ psa_core_key_attributes_t MBEDTLS_PRIVATE(core);
+ struct {
+#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
+ psa_key_slot_number_t MBEDTLS_PRIVATE(slot_number);
+#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
+ psa_key_type_t MBEDTLS_PRIVATE(type);
+ psa_key_bits_t MBEDTLS_PRIVATE(bits);
+ psa_key_lifetime_t MBEDTLS_PRIVATE(lifetime);
+ psa_key_policy_t MBEDTLS_PRIVATE(policy);
+ psa_key_attributes_flag_t MBEDTLS_PRIVATE(flags);
+ /* This type has a different layout in the client view wrt the
+ * service view of the key id, i.e. in service view usually is
+ * expected to have MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER defined
+ * thus adding an owner field to the standard psa_key_id_t. For
+ * implementations with client/service separation, this means the
+ * object will be marshalled through a transport channel and
+ * interpreted differently at each side of the transport. Placing
+ * it at the end of structures allows to interpret the structure
+ * at the client without reorganizing the memory layout of the
+ * struct
+ */
+ mbedtls_svc_key_id_t MBEDTLS_PRIVATE(id);
+ };
+ };
+};
+
#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
#define PSA_KEY_ATTRIBUTES_MAYBE_SLOT_NUMBER 0,
#else
@@ -323,11 +351,7 @@
PSA_KEY_POLICY_INIT, 0, \
MBEDTLS_SVC_KEY_ID_INIT }
-struct psa_key_attributes_s {
- psa_core_key_attributes_t MBEDTLS_PRIVATE(core);
-};
-
-#define PSA_KEY_ATTRIBUTES_INIT { PSA_CORE_KEY_ATTRIBUTES_INIT }
+#define PSA_KEY_ATTRIBUTES_INIT { { PSA_CORE_KEY_ATTRIBUTES_INIT } }
static inline struct psa_key_attributes_s psa_key_attributes_init(void)
{