Don't require a type and size when creating a key slot #19
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Remove the type and bits arguments to psa_allocate_key() and psa_create_key(). They can be useful if the implementation wants to know exactly how much space to allocate for the slot, but many implementations (including ours) don't care, and it's possible to work around their lack by deferring size-dependent actions to the time when the key material is created. They are a burden to applications and make the API more complex, and the benefits aren't worth it. Change the API and adapt the implementation, the units test and the sample code accordingly.
gilles-peskine-arm
added
enhancement
| @@ -350,16 +341,14 @@ void many_transient_handles( int max_handles_arg ) | |||
| psa_key_policy_t policy = PSA_KEY_POLICY_INIT; | |||
| uint8_t exported[sizeof( size_t )]; | |||
| size_t exported_length; | |||
| size_t max_bits = PSA_BITS_TO_BYTES( sizeof( exported ) ); | |||
There was a problem hiding this comment.
This was a typo, but isn't present anywhere else in the test suite.
hanno-becker
approved these changes
Jan 21, 2019
yanesca
approved these changes
Jan 22, 2019
| @@ -124,14 +124,6 @@ psa_status_t psa_get_key_lifetime(psa_key_handle_t handle, | |||
| * application calls psa_close_key() or psa_destroy_key() or until the | |||
| * application terminates. | |||
There was a problem hiding this comment.
How can we detect that the application has terminated and we can free the allocated key slot?
There was a problem hiding this comment.
That depends on the integration. For a library integration, when the application terminates, this frees all the runtime resources held by the crypto library. For a service integration, the access control layer in the service knows who each handle belongs to and should close a handle if it loses contact with the owner of that handle.
yanesca
removed
the
needs: review
AndrzejKurek
pushed a commit
to AndrzejKurek/mbed-crypto
that referenced
this pull request
Feb 7, 2019
Includes PRs ARMmbed#6, ARMmbed#18, ARMmbed#19.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Remove the type and bits arguments to psa_allocate_key() and
psa_create_key(). They can be useful if the implementation wants to
know exactly how much space to allocate for the slot, but many
implementations (including ours) don't care, and it's possible to work
around their lack by deferring size-dependent actions to the time when
the key material is created. They are a burden to applications and
make the API more complex, and the benefits aren't worth it.
Change the API and adapt the implementation, the units test and the
sample code accordingly.