Backport 2.28: prepare for dynamically sized key store #9256
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
gilles-peskine-arm
added
bug
component-psa
5 tasks
5 tasks
gilles-peskine-arm
changed the title
gilles-peskine-arm
added
needs-ci
At the top level, the macro would have had to be used without a following semicolon (except with permissive compilers that accept spurious semicolons outside of a function), which is confusing to humans and indenters. Fix that. Signed-off-by: Gilles Peskine <[email protected]>
mbedtls_psa_register_se_key() is not usable with volatile keys, since there is no way to return the implementation-chosen key identifier which would be needed to use the key. Document this limitation. Reject an attempt to create such an unusable key. Fixes Mbed-TLS#9253. Signed-off-by: Gilles Peskine <[email protected]>
Restricting the built-in key range would be an API break since applications can hard-code a built-in key value and expect that it won't clash with anything else. Make it harder to accidentally break the API. Signed-off-by: Gilles Peskine <[email protected]>
Ensure that a key ID can't be in range for more than one of volatile keys, persistent (i.e. user-chosen) keys or built-in keys. Signed-off-by: Gilles Peskine <[email protected]>
Signed-off-by: Gilles Peskine <[email protected]>
The description was misleading: setting the option doesn't “restrict” the number of slots, that restriction exists anyway. Setting the option merely determines the value of the limit. Signed-off-by: Gilles Peskine <[email protected]>
Split the "many transient keys" test function in two: one that expects to successfully create many keys, and one that expects to fill the key store. This will make things easier when we add a dynamic key store where filling the key store is not practical unless artificially limited. Signed-off-by: Gilles Peskine <[email protected]>
gilles-peskine-arm
force-pushed
the
psa-keystore-dynamic-backport-2.28
branch
from
af6f624 to
3a51fdc
Compare
gilles-peskine-arm
added
needs-review
5 tasks
Signed-off-by: Gilles Peskine <[email protected]>
Signed-off-by: Gilles Peskine <[email protected]>
davidhorstmann-arm
approved these changes
Aug 8, 2024
valeriosetti
approved these changes
Aug 9, 2024
gilles-peskine-arm
added
approved
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Partial backport of #9403.
MBEDTLS_STATIC_ASSERTMBEDTLS_PSA_KEY_SLOT_COUNT > 4096andMBEDTLS_PSA_CRYPTO_BUILTIN_KEYSis enabled. That seems unlikely, and nobody complained in the three years since we introducedMBEDTLS_PSA_CRYPTO_BUILTIN_KEYSin Mbed TLS 2.27.0. It's a less unlikely configuration in 3.6, which is more PSA (especially due to TLS 1.3), which is why I wanted to fix it even if the change is a bit disruptive for an LTS (but still not breaking any documented behavior). At the moment, the 2.28 backport doesn't have this fix.PR checklist
Please tick as appropriate and edit the reasons (e.g.: "backport: not needed because this is a new feature")