Move key id validity check into its own function

This commit is contained in:
Gilles Peskine 2019-02-19 13:04:02 +01:00
parent 9654e11b1d
commit c8569bc5c2

View file

@ -182,6 +182,29 @@ exit:
psa_free_persistent_key_data( key_data, key_data_length ); psa_free_persistent_key_data( key_data, key_data_length );
return( status ); return( status );
} }
/** Check whether a key identifier is acceptable.
*
* For backward compatibility, key identifiers that were valid in a
* past released version must remain valid, unless a migration path
* is provided.
*
* \param key_id The key identifier to check.
*
* \return 1 if \p key_id is acceptable, otherwise 0.
*/
static int psa_is_key_id_valid( psa_key_id_t key_id )
{
/* Reject id=0 because by general library conventions, 0 is an invalid
* value wherever possible. */
if( key_id == 0 )
return( 0 );
/* Reject high values because the file names are reserved for the
* library's internal use. */
if( key_id >= PSA_MAX_PERSISTENT_KEY_IDENTIFIER )
return( 0 );
return( 1 );
}
#endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */ #endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */
/** Declare a slot as persistent and load it from storage. /** Declare a slot as persistent and load it from storage.
@ -209,13 +232,7 @@ static psa_status_t psa_internal_make_key_persistent( psa_key_handle_t handle,
psa_key_slot_t *slot; psa_key_slot_t *slot;
psa_status_t status; psa_status_t status;
/* Reject id=0 because by general library conventions, 0 is an invalid if( ! psa_is_key_id_valid( id ) )
* value wherever possible. */
if( id == 0 )
return( PSA_ERROR_INVALID_ARGUMENT );
/* Reject high values because the file names are reserved for the
* library's internal use. */
if( id >= PSA_MAX_PERSISTENT_KEY_IDENTIFIER )
return( PSA_ERROR_INVALID_ARGUMENT ); return( PSA_ERROR_INVALID_ARGUMENT );
status = psa_get_key_slot( handle, &slot ); status = psa_get_key_slot( handle, &slot );