TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / cf56a0a320469a28d8b825f7f028fa5ea01c2ac3^! / . / include / mbedtls / ssl_internal.h
commitcf56a0a320469a28d8b825f7f028fa5ea01c2ac3[log] [tgz]
authorRonald Cron <ronald.cron@arm.com>Tue Aug 04 09:51:30 2020 +0200
committerRonald Cron <ronald.cron@arm.com>Tue Nov 10 16:00:41 2020 +0100
tree0cd43a8e9d659c43019ddb19d76f57b12dd1dc85
parente4f6d5c5fe5b2ac9fa93c067d4553754f6a8a02b [diff] [blame]
psa: Move from key handle to key identifier

Move all the PSA crypto APIs using key handles
to use key identifiers but psa_key_open() and
psa_key_close(). This is done without modifying
any test as key handles and key identifiers are
now the same.

Update the library modules using PSA crypto APIs
to get rid of key handles.

Programs and unit tests are updated to not use
key handles in subsequent commits, not in this
one.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>

diff --git a/include/mbedtls/ssl_internal.h b/include/mbedtls/ssl_internal.h
index 015b53c..9f8d717 100644
--- a/include/mbedtls/ssl_internal.h
+++ b/include/mbedtls/ssl_internal.h

@@ -443,7 +443,7 @@
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
     psa_key_type_t ecdh_psa_type;
     uint16_t ecdh_bits;
-    psa_key_handle_t ecdh_psa_privkey;
+    psa_key_id_t ecdh_psa_privkey;
     unsigned char ecdh_psa_peerkey[MBEDTLS_PSA_MAX_EC_PUBKEY_LENGTH];
     size_t ecdh_psa_peerkey_len;
 #endif /* MBEDTLS_USE_PSA_CRYPTO */
@@ -462,7 +462,7 @@
 #endif
 #if defined(MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED)
 #if defined(MBEDTLS_USE_PSA_CRYPTO)
-    psa_key_handle_t psk_opaque;        /*!< Opaque PSK from the callback   */
+    psa_key_id_t psk_opaque;            /*!< Opaque PSK from the callback   */
 #endif /* MBEDTLS_USE_PSA_CRYPTO */
     unsigned char *psk;                 /*!<  PSK from the callback         */
     size_t psk_len;                     /*!<  Length of PSK from callback   */
@@ -1061,16 +1061,16 @@
  * 2. static PSK configured by \c mbedtls_ssl_conf_psk_opaque()
  * Return an opaque PSK
  */
-static inline psa_key_handle_t mbedtls_ssl_get_opaque_psk(
+static inline psa_key_id_t mbedtls_ssl_get_opaque_psk(
     const mbedtls_ssl_context *ssl )
 {
-    if( ! psa_key_handle_is_null( ssl->handshake->psk_opaque ) )
+    if( ! mbedtls_svc_key_id_is_null( ssl->handshake->psk_opaque ) )
         return( ssl->handshake->psk_opaque );
 
-    if( ! psa_key_handle_is_null( ssl->conf->psk_opaque ) )
+    if( ! mbedtls_svc_key_id_is_null( ssl->conf->psk_opaque ) )
         return( ssl->conf->psk_opaque );
 
-    return( PSA_KEY_HANDLE_INIT );
+    return( MBEDTLS_SVC_KEY_ID_INIT );
 }
 #endif /* MBEDTLS_USE_PSA_CRYPTO */