Don't require a type and size when creating a key slot

Remove the type and bits arguments to psa_allocate_key() and
psa_create_key(). They can be useful if the implementation wants to
know exactly how much space to allocate for the slot, but many
implementations (including ours) don't care, and it's possible to work
around their lack by deferring size-dependent actions to the time when
the key material is created. They are a burden to applications and
make the API more complex, and the benefits aren't worth it.

Change the API and adapt the implementation, the units test and the
sample code accordingly.

Author: gilles-peskine-arm

include/psa/crypto.h

@@ -124,14 +124,6 @@ psa_status_t psa_get_key_lifetime(psa_key_handle_t handle,
  * application calls psa_close_key() or psa_destroy_key() or until the
  * application terminates.
  *
- * This function takes a key type and maximum size as arguments so that
- * the implementation can reserve a corresponding amount of memory.
- * Implementations are not required to enforce this limit: if the application
- * later tries to create a larger key or a key of a different type, it
- * is implementation-defined whether this may succeed.
- *
- * \param type          The type of key that the slot will contain.
- * \param max_bits      The maximum key size that the slot will contain.
  * \param[out] handle   On success, a handle to a volatile key slot.
  *
  * \retval #PSA_SUCCESS
@@ -140,13 +132,8 @@ psa_status_t psa_get_key_lifetime(psa_key_handle_t handle,
  * \retval #PSA_ERROR_INSUFFICIENT_MEMORY
  *         There was not enough memory, or the maximum number of key slots
  *         has been reached.
- * \retval #PSA_ERROR_INVALID_ARGUMENT
- *         This implementation does not support this key type.
  */
-
-psa_status_t psa_allocate_key(psa_key_type_t type,
-                              size_t max_bits,
-                              psa_key_handle_t *handle);
+psa_status_t psa_allocate_key(psa_key_handle_t *handle);
 
 /** Open a handle to an existing persistent key.
  *
@@ -192,8 +179,6 @@ psa_status_t psa_open_key(psa_key_lifetime_t lifetime,
  *                      area where the key material is stored. This must not
  *                      be #PSA_KEY_LIFETIME_VOLATILE.
  * \param id            The persistent identifier of the key.
- * \param type          The type of key that the slot will contain.
- * \param max_bits      The maximum key size that the slot will contain.
  * \param[out] handle   On success, a handle to the newly created key slot.
  *                      When key material is later created in this key slot,
  *                      it will be saved to the specified persistent location.
@@ -218,8 +203,6 @@ psa_status_t psa_open_key(psa_key_lifetime_t lifetime,
  */
 psa_status_t psa_create_key(psa_key_lifetime_t lifetime,
                             psa_key_id_t id,
-                            psa_key_type_t type,
-                            size_t max_bits,
                             psa_key_handle_t *handle);
 
 /** Close a key handle.
@@ -261,11 +244,9 @@ psa_status_t psa_close_key(psa_key_handle_t handle);
  * according to a different format.
  *
  * \param handle      Handle to the slot where the key will be stored.
- *                    This must be a valid slot for a key of the chosen
- *                    type: it must have been obtained by calling
- *                    psa_allocate_key() or psa_create_key() with the
- *                    correct \p type and with a maximum size that is
- *                    compatible with \p data.
+ *                    It must have been obtained by calling
+ *                    psa_allocate_key() or psa_create_key() and must
+ *                    not contain key material yet.
  * \param type        Key type (a \c PSA_KEY_TYPE_XXX value). On a successful
  *                    import, the key slot will contain a key of this type.
  * \param[in] data    Buffer containing the key data. The content of this
@@ -2005,12 +1986,9 @@ psa_status_t psa_generator_read(psa_crypto_generator_t *generator,
  * the key material is not exposed outside the isolation boundary.
  *
  * \param handle            Handle to the slot where the key will be stored.
- *                          This must be a valid slot for a key of the chosen
- *                          type: it must have been obtained by calling
- *                          psa_allocate_key() or psa_create_key() with the
- *                          correct \p type and with a maximum size that is
- *                          compatible with \p bits.
- *                          It must not contain any key material yet.
+ *                          It must have been obtained by calling
+ *                          psa_allocate_key() or psa_create_key() and must
+ *                          not contain key material yet.
  * \param type              Key type (a \c PSA_KEY_TYPE_XXX value).
  *                          This must be a symmetric key type.
  * \param bits              Key size in bits.
@@ -2232,12 +2210,9 @@ typedef struct {
  * \brief Generate a key or key pair.
  *
  * \param handle            Handle to the slot where the key will be stored.
- *                          This must be a valid slot for a key of the chosen
- *                          type: it must have been obtained by calling
- *                          psa_allocate_key() or psa_create_key() with the
- *                          correct \p type and with a maximum size that is
- *                          compatible with \p bits.
- *                          It must not contain any key material yet.
+ *                          It must have been obtained by calling
+ *                          psa_allocate_key() or psa_create_key() and must
+ *                          not contain key material yet.
  * \param type              Key type (a \c PSA_KEY_TYPE_XXX value).
  * \param bits              Key size in bits.
  * \param[in] extra         Extra parameters for key generation. The

library/psa_crypto_slot_management.c

@@ -142,13 +142,8 @@ static psa_status_t psa_internal_release_key_slot( psa_key_handle_t handle )
     return( psa_wipe_key_slot( slot ) );
 }
 
-psa_status_t psa_allocate_key( psa_key_type_t type,
-                               size_t max_bits,
-                               psa_key_handle_t *handle )
+psa_status_t psa_allocate_key( psa_key_handle_t *handle )
 {
-    /* This implementation doesn't reserve memory for the keys. */
-    (void) type;
-    (void) max_bits;
     *handle = 0;
     return( psa_internal_allocate_key_slot( handle ) );
 }
@@ -259,16 +254,10 @@ psa_status_t psa_open_key( psa_key_lifetime_t lifetime,
 
 psa_status_t psa_create_key( psa_key_lifetime_t lifetime,
                              psa_key_id_t id,
-                             psa_key_type_t type,
-                             size_t max_bits,
                              psa_key_handle_t *handle )
 {
     psa_status_t status;
 
-    /* This implementation doesn't reserve memory for the keys. */
-    (void) type;
-    (void) max_bits;
-
     status = persistent_key_setup( lifetime, id, handle,
                                    PSA_ERROR_EMPTY_SLOT );
     switch( status )

programs/psa/crypto_examples.c

@@ -176,7 +176,7 @@ cipher_example_encrypt_decrypt_aes_cbc_nopad_1_block( void )
     status = psa_generate_random( input, sizeof( input ) );
     ASSERT_STATUS( status, PSA_SUCCESS );
 
-    status = psa_allocate_key( PSA_KEY_TYPE_AES, key_bits, &key_handle );
+    status = psa_allocate_key( &key_handle );
     ASSERT_STATUS( status, PSA_SUCCESS );
 
     status = set_key_policy( key_handle,
@@ -226,7 +226,7 @@ static psa_status_t cipher_example_encrypt_decrypt_aes_cbc_pkcs7_multi( void )
     status = psa_generate_random( input, sizeof( input ) );
     ASSERT_STATUS( status, PSA_SUCCESS );
 
-    status = psa_allocate_key( PSA_KEY_TYPE_AES, key_bits, &key_handle );
+    status = psa_allocate_key( &key_handle );
     ASSERT_STATUS( status, PSA_SUCCESS );
 
     status = set_key_policy( key_handle,
@@ -275,7 +275,7 @@ static psa_status_t cipher_example_encrypt_decrypt_aes_ctr_multi( void )
     status = psa_generate_random( input, sizeof( input ) );
     ASSERT_STATUS( status, PSA_SUCCESS );
 
-    status = psa_allocate_key( PSA_KEY_TYPE_AES, key_bits, &key_handle );
+    status = psa_allocate_key( &key_handle );
     ASSERT_STATUS( status, PSA_SUCCESS );
     status = set_key_policy( key_handle,
                              PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT,

programs/psa/key_ladder_demo.c

@@ -211,9 +211,7 @@ static psa_status_t generate( const char *key_file_name )
     psa_key_handle_t key_handle = 0;
     psa_key_policy_t policy = PSA_KEY_POLICY_INIT;
 
-    PSA_CHECK( psa_allocate_key( PSA_KEY_TYPE_DERIVE,
-                                 PSA_BYTES_TO_BITS( KEY_SIZE_BYTES ),
-                                 &key_handle ) );
+    PSA_CHECK( psa_allocate_key( &key_handle ) );
     psa_key_policy_set_usage( &policy,
                               PSA_KEY_USAGE_DERIVE | PSA_KEY_USAGE_EXPORT,
                               KDF_ALG );
@@ -263,9 +261,7 @@ static psa_status_t import_key_from_file( psa_key_usage_t usage,
     SYS_CHECK( fclose( key_file ) == 0 );
     key_file = NULL;
 
-    PSA_CHECK( psa_allocate_key( PSA_KEY_TYPE_DERIVE,
-                                 PSA_BYTES_TO_BITS( key_size ),
-                                 master_key_handle ) );
+    PSA_CHECK( psa_allocate_key( master_key_handle ) );
     psa_key_policy_set_usage( &policy, usage, alg );
     PSA_CHECK( psa_set_key_policy( *master_key_handle, &policy ) );
     PSA_CHECK( psa_import_key( *master_key_handle,
@@ -318,9 +314,7 @@ static psa_status_t derive_key_ladder( const char *ladder[],
          * since it is no longer needed. */
         PSA_CHECK( psa_close_key( *key_handle ) );
         *key_handle = 0;
-        PSA_CHECK( psa_allocate_key( PSA_KEY_TYPE_DERIVE,
-                                     PSA_BYTES_TO_BITS( KEY_SIZE_BYTES ),
-                                     key_handle ) );
+        PSA_CHECK( psa_allocate_key( key_handle ) );
         PSA_CHECK( psa_set_key_policy( *key_handle, &policy ) );
         /* Use the generator obtained from the parent key to create
          * the next intermediate key. */
@@ -352,8 +346,7 @@ static psa_status_t derive_wrapping_key( psa_key_usage_t usage,
     psa_crypto_generator_t generator = PSA_CRYPTO_GENERATOR_INIT;
 
     *wrapping_key_handle = 0;
-    PSA_CHECK( psa_allocate_key( PSA_KEY_TYPE_AES, WRAPPING_KEY_BITS,
-                                 wrapping_key_handle ) );
+    PSA_CHECK( psa_allocate_key( wrapping_key_handle ) );
     psa_key_policy_set_usage( &policy, usage, WRAPPING_ALG );
     PSA_CHECK( psa_set_key_policy( *wrapping_key_handle, &policy ) );