psa: se: Create key context in SE key slots

In key slots containing the description of a key of a dynamically registered Secure Element (SE), store the key slot number in a key context as defined in the PSA driver interface for opaque drivers. That way transparent key data and slot numbers are , in a key slot, both stored in a dynamically allocated buffer. The `data` union in structures of type psa_key_slot_t to distinguish between the storage of transparent key data and slot numbers is consequently not necessary anymore and thus removed. This alignement of some part of the code dedicated to dynamically registered SE with the PSA driver interface specification is done to ease the support of both dynamically registered and statically defined secure elements. Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2026-03-20 19:21:09 +01:00 · 2020-11-25 17:52:23 +01:00
parent 0dbbf1e27f
commit ea0f8a6d1a
4 changed files with 153 additions and 152 deletions
--- a/library/psa_crypto_core.h
+++ b/library/psa_crypto_core.h
@@ -62,23 +62,13 @@ typedef struct
     */
    size_t lock_count;

-    union
+    /* Dynamically allocated key data buffer.
+     * Format as specified in psa_export_key(). */
+    struct key_data
    {
-        /* Dynamically allocated key data buffer.
-         * Format as specified in psa_export_key(). */
-        struct key_data
-        {
-            uint8_t *data;
-            size_t bytes;
-        } key;
-#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
-        /* Any key type in a secure element */
-        struct se
-        {
-            psa_key_slot_number_t slot_number;
-        } se;
-#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
-    } data;
+        uint8_t *data;
+        size_t bytes;
+    } key;
 } psa_key_slot_t;

 /* A mask of key attribute flags used only internally.
@@ -163,6 +153,20 @@ static inline void psa_key_slot_clear_bits( psa_key_slot_t *slot,
    slot->attr.flags &= ~mask;
 }

+#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
+/** Get the SE slot number of a key from the key slot storing its description.
+ *
+ * \param[in]  slot  The key slot to query. This must be a key slot storing
+ *                   the description of a key of a dynamically registered
+ *                   secure element, otherwise the behaviour is undefined.
+ */
+static inline psa_key_slot_number_t psa_key_slot_get_slot_number(
+    const psa_key_slot_t *slot )
+{
+    return( *( (psa_key_slot_number_t *)( slot->key.data ) ) );
+}
+#endif
+
 /** Completely wipe a slot in memory, including its policy.
 *
 * Persistent storage is not affected.