commit a5f8749812db2ccde29b3e1ecb4bd4709eb7bf28
author Gilles Peskine <Gilles.Peskine@arm.com> Mon Aug 05 16:46:18 2019 +0200
committer Gilles Peskine <Gilles.Peskine@arm.com> Fri Aug 09 15:05:32 2019 +0200
tree 8fbc99407f0a71b25d078ad7e5e62a503dd33fae
parent d772958ffc8c500af436ca700d83815244789e43

SE key registration: call p_validate_slot_number

When registering a key in a secure element, if the driver has a
p_validate_slot_number method, call it.

library/psa_crypto.c

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 086ba82..87ac037 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1902,6 +1902,21 @@
         goto exit;
     }
 
+    /* If the driver has a slot number validation method, call it.
+     * If it doesn't, it means the secure element is unable to validate
+     * anything and so we have to trust the application. */
+    if( drv->key_management != NULL &&
+        drv->key_management->p_validate_slot_number != NULL )
+    {
+        status = drv->key_management->p_validate_slot_number(
+            psa_get_se_driver_context( driver ),
+            attributes,
+            PSA_KEY_CREATION_REGISTER,
+            slot->data.se.slot_number );
+        if( status != PSA_SUCCESS )
+            goto exit;
+    }
+
     status = psa_finish_key_creation( slot, driver );
 
 exit: