Add policy usage flag to copy a key #108
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Document the new flag and allow its use.
Pass the new flag to the existing tests and add a few more test cases to explore more variations of flag sets.
Implement the check and add a negative test.
gilles-peskine-arm
added
enhancement
athoelke
reviewed
May 14, 2019
include/psa/crypto.h
Outdated
| * The policy on the source key must have the usage flag | ||
| * #PSA_KEY_USAGE_COPY set. | ||
| * In addition, some lifetimes also require the source key to have the | ||
| * usage flag #PSA_KEY_USAGE_EXPORT, because otherwise the source key |
There was a problem hiding this comment.
The wording isn't completely clear, for example:
- who is doing the "locking inside"? - presume this is the SE designer, but better to avoid unnamed actors in the documentation.
- Is the use case here one where a key is being copied out of the SE into a volatile key (for example), and the SE design defaults to denying this operation unless the key is extractable? - presumably a copy within the SE would only require COPY policy in this set up?
There was a problem hiding this comment.
I updated the documentation.
include/psa/crypto_values.h
Outdated
| @@ -1459,6 +1459,20 @@ | |||
| */ | |||
| #define PSA_KEY_USAGE_EXPORT ((psa_key_usage_t)0x00000001) | |||
|
|
|||
| /** Whether the key may be copied. | |||
| * | |||
| * This flag allows the use of psa_crypto_copy() to make a copy of the key | |||
include/psa/crypto_values.h
Outdated
| * | ||
| * For some lifetimes, copying a key also requires the usage flag | ||
| * #PSA_KEY_USAGE_EXPORT, because otherwise the source key | ||
| * is locked inside a secure processing environment and cannot be |
There was a problem hiding this comment.
Clarify use case? - as above
Be more clear about when EXPORT is also required.
yanesca
removed
the
needs: review
|
CI failure is ABI job (known to fail until Mbed-TLS/mbedtls#2636 lands in the development branch) and |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Require
PSA_KEY_USAGE_COPYinpsa_copy_key.