Prefer persistent over permanent

For consistency across the code base, prefer
persistent over permanent to qualify a key
stored in persistent storage.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>

library/psa_crypto.c

@@ -1345,7 +1345,7 @@ psa_status_t psa_destroy_key( mbedtls_svc_key_id_t key )
         return( PSA_SUCCESS );
 
     /*
-     * Get the description of the key in a key slot. In case of a permanent
+     * Get the description of the key in a key slot. In case of a persistent
      * key, this will load the key description from persistent memory if not
      * done yet. We cannot avoid this loading as without it we don't know if
      * the key is operated by an SE or not and this information is needed by

library/psa_crypto_core.h

@@ -53,10 +53,10 @@ typedef struct
      * may access it. For example, such control is needed in the following
      * scenarios:
      * . In case of key slot starvation, all key slots contain the description
-     *   of a key, and the library asks for the description of a permanent
+     *   of a key, and the library asks for the description of a persistent
      *   key not present in the key slots, the key slots currently accessed by
      *   the library cannot be reclaimed to free a key slot to load the
-     *   permanent key.
+     *   persistent key.
      * . In case of a multi-threaded application where one thread asks to close
      *   or purge or destroy a key while it is in used by the library through
      *   another thread.

library/psa_crypto_slot_management.c

@@ -175,7 +175,7 @@ psa_status_t psa_get_empty_key_slot( psa_key_id_t *volatile_key_id,
 {
     psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
     size_t slot_idx;
-    psa_key_slot_t *selected_slot, *unaccessed_permanent_key_slot;
+    psa_key_slot_t *selected_slot, *unaccessed_persistent_key_slot;
 
     if( ! global_data.key_slots_initialized )
     {
@@ -183,7 +183,7 @@ psa_status_t psa_get_empty_key_slot( psa_key_id_t *volatile_key_id,
         goto error;
     }
 
-    selected_slot = unaccessed_permanent_key_slot = NULL;
+    selected_slot = unaccessed_persistent_key_slot = NULL;
     for( slot_idx = 0; slot_idx < PSA_KEY_SLOT_COUNT; slot_idx++ )
     {
         psa_key_slot_t *slot = &global_data.key_slots[ slot_idx ];
@@ -193,22 +193,23 @@ psa_status_t psa_get_empty_key_slot( psa_key_id_t *volatile_key_id,
             break;
         }
 
-        if( ( unaccessed_permanent_key_slot == NULL ) &&
+        if( ( unaccessed_persistent_key_slot == NULL ) &&
             ( ! PSA_KEY_LIFETIME_IS_VOLATILE( slot->attr.lifetime ) ) &&
             ( ! psa_is_key_slot_accessed( slot ) ) )
-            unaccessed_permanent_key_slot = slot;
+            unaccessed_persistent_key_slot = slot;
     }
 
     /*
      * If there is no unused key slot and there is at least one unaccessed key
      * slot containing the description of a permament key, recycle the first
      * such key slot we encountered. If we need later on to operate on the
-     * permanent key we evict now, we will reload its description from storage.
+     * persistent key we evict now, we will reload its description from
+     * storage.
      */
     if( ( selected_slot == NULL ) &&
-        ( unaccessed_permanent_key_slot != NULL ) )
+        ( unaccessed_persistent_key_slot != NULL ) )
     {
-        selected_slot = unaccessed_permanent_key_slot;
+        selected_slot = unaccessed_persistent_key_slot;
         selected_slot->access_count = 1;
         psa_wipe_key_slot( selected_slot );
     }

tests/suites/test_suite_psa_crypto_slot_management.data

@@ -187,8 +187,8 @@ invalid_handle:INVALID_HANDLE_HUGE:PSA_ERROR_INVALID_HANDLE:PSA_ERROR_INVALID_HA
 Open many transient keys
 many_transient_keys:42
 
-# Eviction from a key slot to be able to import a new permanent key.
+# Eviction from a key slot to be able to import a new persistent key.
-Key slot eviction to import a new permanent key
+Key slot eviction to import a new persistent key
 key_slot_eviction_to_import_new_key:PSA_KEY_LIFETIME_PERSISTENT
 
 # Eviction from a key slot to be able to import a new volatile key.
@@ -197,12 +197,12 @@ key_slot_eviction_to_import_new_key:PSA_KEY_LIFETIME_VOLATILE
 
 # Check that non reusable key slots are not deleted/overwritten in case of key
 # slot starvation:
-# . An attempt to access a permanent key while all RAM key slots are occupied
+# . An attempt to access a persistent key while all RAM key slots are occupied
 #   by volatile keys fails and does not lead to volatile key data to be
 #   spoiled.
-# . With all key slot in use with one containing a permanent key, an attempt
+# . With all key slot in use with one containing a persistent key, an attempt
-#   to copy the permanent key fails (the permanent key slot cannot be reclaimed
+#   to copy the persistent key fails (the persistent key slot cannot be
-#   as it is accessed by the copy process) without the permament key data and
+#   reclaimed as it is accessed by the copy process) without the persistent key
-#   volatile key data being spoiled.
+#   data and volatile key data being spoiled.
 Non reusable key slots integrity in case of key slot starvation
 non_reusable_key_slots_integrity_in_case_of_key_slot_starvation

tests/suites/test_suite_psa_crypto_slot_management.function

@@ -97,7 +97,7 @@ static int invalidate_key( invalidate_method_t invalidate_method,
 {
     switch( invalidate_method )
     {
-        /* Closing the key invalidate only volatile keys, not permanent ones. */
+        /* Closing the key invalidate only volatile keys, not persistent ones. */
         case INVALIDATE_BY_CLOSING:
         case INVALIDATE_BY_CLOSING_WITH_SHUTDOWN:
             PSA_ASSERT( psa_close_key( key ) );
@@ -960,8 +960,8 @@ void non_reusable_key_slots_integrity_in_case_of_key_slot_starvation( )
     psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
     uint8_t exported[sizeof( size_t )];
     size_t exported_length;
-    mbedtls_svc_key_id_t permanent_key = MBEDTLS_SVC_KEY_ID_INIT;
+    mbedtls_svc_key_id_t persistent_key = MBEDTLS_SVC_KEY_ID_INIT;
-    mbedtls_svc_key_id_t permanent_key2 = MBEDTLS_SVC_KEY_ID_INIT;
+    mbedtls_svc_key_id_t persistent_key2 = MBEDTLS_SVC_KEY_ID_INIT;
     mbedtls_svc_key_id_t returned_key_id = MBEDTLS_SVC_KEY_ID_INIT;
     mbedtls_svc_key_id_t *keys = NULL;
 
@@ -976,15 +976,15 @@ void non_reusable_key_slots_integrity_in_case_of_key_slot_starvation( )
     psa_set_key_type( &attributes, PSA_KEY_TYPE_RAW_DATA );
 
     /*
-     * Create a permanent key
+     * Create a persistent key
      */
-    permanent_key = mbedtls_svc_key_id_make( 0x100, 0x205 );
+    persistent_key = mbedtls_svc_key_id_make( 0x100, 0x205 );
-    psa_set_key_id( &attributes, permanent_key );
+    psa_set_key_id( &attributes, persistent_key );
     PSA_ASSERT( psa_import_key( &attributes,
-                                (uint8_t *) &permanent_key,
+                                (uint8_t *) &persistent_key,
-                                sizeof( permanent_key ),
+                                sizeof( persistent_key ),
                                 &returned_key_id ) );
-    TEST_ASSERT( mbedtls_svc_key_id_equal( returned_key_id, permanent_key ) );
+    TEST_ASSERT( mbedtls_svc_key_id_equal( returned_key_id, persistent_key ) );
 
     /*
      * Create PSA_KEY_SLOT_COUNT volatile keys
@@ -1003,7 +1003,7 @@ void non_reusable_key_slots_integrity_in_case_of_key_slot_starvation( )
      * occupied by volatile keys and the implementation needs to load the
      * persistent key description in a slot to be able to access it.
      */
-    status = psa_get_key_attributes( permanent_key, &attributes );
+    status = psa_get_key_attributes( persistent_key, &attributes );
     TEST_EQUAL( status, PSA_ERROR_INSUFFICIENT_MEMORY );
 
     /*
@@ -1020,18 +1020,18 @@ void non_reusable_key_slots_integrity_in_case_of_key_slot_starvation( )
     /*
      * Check that we can now access the persistent key again.
      */
-    PSA_ASSERT( psa_get_key_attributes( permanent_key, &attributes ) );
+    PSA_ASSERT( psa_get_key_attributes( persistent_key, &attributes ) );
     TEST_ASSERT( mbedtls_svc_key_id_equal( attributes.core.id,
-                                           permanent_key ) );
+                                           persistent_key ) );
 
     /*
      * Check that we cannot copy the persistent key as all slots are occupied
-     * by the permanent key and the volatile keys and the slot containing the
+     * by the persistent key and the volatile keys and the slot containing the
-     * permanent key cannot be reclaimed as it contains the key to copy.
+     * persistent key cannot be reclaimed as it contains the key to copy.
      */
-    permanent_key2 = mbedtls_svc_key_id_make( 0x100, 0x204 );
+    persistent_key2 = mbedtls_svc_key_id_make( 0x100, 0x204 );
-    psa_set_key_id( &attributes, permanent_key2 );
+    psa_set_key_id( &attributes, persistent_key2 );
-    status = psa_copy_key( permanent_key, &attributes, &returned_key_id );
+    status = psa_copy_key( persistent_key, &attributes, &returned_key_id );
     TEST_EQUAL( status, PSA_ERROR_INSUFFICIENT_MEMORY );
 
     /*
@@ -1053,12 +1053,12 @@ void non_reusable_key_slots_integrity_in_case_of_key_slot_starvation( )
      * value.
      */
 
-    PSA_ASSERT( psa_export_key( permanent_key, exported, sizeof( exported ),
+    PSA_ASSERT( psa_export_key( persistent_key, exported, sizeof( exported ),
                                 &exported_length ) );
     ASSERT_COMPARE( exported, exported_length,
-                    (uint8_t *) &permanent_key, sizeof( permanent_key ) );
+                    (uint8_t *) &persistent_key, sizeof( persistent_key ) );
 exit:
-    psa_destroy_key( permanent_key );
+    psa_destroy_key( persistent_key );
     PSA_DONE( );
     mbedtls_free( keys );
 }