Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Clarify the documented behavior and lifetime of key handles [v2] #235

Merged
merged 6 commits into from
Aug 23, 2019
Merged

Clarify the documented behavior and lifetime of key handles [v2] #235

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
203491c
Remove duplicated information in psa_open_key
athoelke Aug 21, 2019
9741b11
Update psa_open_key documentation
athoelke Aug 21, 2019
3daba81
Update documentation for psa_close_key
athoelke Aug 21, 2019
07f16b7
Update documentation for psa_destroy_key
athoelke Aug 21, 2019
3c2b803
Cross reference 'key handles' from INVALID_HANDLE
athoelke Aug 22, 2019
8824dae
Editorial fixes.
athoelke Aug 22, 2019
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
41 changes: 28 additions & 13 deletions include/psa/crypto.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -358,17 +358,18 @@ void psa_reset_key_attributes(psa_key_attributes_t *attributes);
* with a lifetime other than #PSA_KEY_LIFETIME_VOLATILE. A persistent key
* always has a nonzero key identifier, set with psa_set_key_id() when
* creating the key. Implementations may provide additional pre-provisioned
* keys with identifiers in the range
* #PSA_KEY_ID_VENDOR_MIN–#PSA_KEY_ID_VENDOR_MAX.
* keys that can be opened with psa_open_key(). Such keys have a key identifier
* in the vendor range, as documented in the description of #psa_key_id_t.
*
* The application must eventually close the handle with psa_close_key()
* to release associated resources. If the application dies without calling
* psa_close_key(), the implementation should perform the equivalent of a
* call to psa_close_key().
*
* Implementations may provide additional keys that can be opened with
* psa_open_key(). Such keys have a key identifier in the vendor range,
* as documented in the description of #psa_key_id_t.
* Some implementations permit an application to open the same key multiple
* times. Applications that rely on this behavior will not be portable to
* implementations that only permit a single key handle to be opened. See
* also :ref:\`key-handles\`.
*
* \param id The persistent identifier of the key.
* \param[out] handle On success, a handle to the key.
Expand All @@ -377,9 +378,14 @@ void psa_reset_key_attributes(psa_key_attributes_t *attributes);
* Success. The application can now use the value of `*handle`
* to access the key.
* \retval #PSA_ERROR_INSUFFICIENT_MEMORY
* The implementation does not have sufficient resources to open the
* key. This can be due to reaching an implementation limit on the
* number of open keys, the number of open key handles, or available
* memory.
* \retval #PSA_ERROR_DOES_NOT_EXIST
* There is no persistent key with key identifier \p id.
* \retval #PSA_ERROR_INVALID_ARGUMENT
* \p id is invalid.
* \p id is not a valid persistent key identifier.
* \retval #PSA_ERROR_NOT_PERMITTED
* The specified key exists, but the application does not have the
* permission to access it. Note that this specification does not
Expand All @@ -394,15 +400,19 @@ psa_status_t psa_open_key(psa_key_id_t id,

/** Close a key handle.
*
* If the handle designates a volatile key, destroy the key material and
* free all associated resources, just like psa_destroy_key().
* If the handle designates a volatile key, this will destroy the key material
* and free all associated resources, just like psa_destroy_key().
*
* If the handle designates a persistent key, free all resources associated
* with the key in volatile memory. The key in persistent storage is
* not affected and can be opened again later with psa_open_key().
* If this is the last open handle to a persistent key, then closing the handle
* will free all resources associated with the key in volatile memory. The key
* data in persistent storage is not affected and can be opened again later
* with a call to psa_open_key().
*
* If the key is currently in use in a multipart operation,
* the multipart operation is aborted.
* Closing the key handle makes the handle invalid, and the key handle
* must not be used again by the application.
*
* If the key is currently in use in a multipart operation, then closing the
* last remaining handle to the key will abort the multipart operation.
*
* \param handle The key handle to close.
*
Expand Down Expand Up @@ -496,6 +506,11 @@ psa_status_t psa_import_key(const psa_key_attributes_t *attributes,
* This function also erases any metadata such as policies and frees all
* resources associated with the key.
*
* Destroying a key will invalidate all existing handles to the key.
*
* If the key is currently in use in a multipart operation, then destroying the
* key will abort the multipart operation.
*
* \param handle Handle to the key to erase.
*
* \retval #PSA_SUCCESS
Expand Down
2 changes: 1 addition & 1 deletion include/psa/crypto_values.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -268,7 +268,7 @@
* to read from a resource. */
#define PSA_ERROR_INSUFFICIENT_DATA ((psa_status_t)-143)

/** The key handle is not valid.
/** The key handle is not valid. See also :ref:\`key-handles\`.
*/
#define PSA_ERROR_INVALID_HANDLE ((psa_status_t)-136)

Expand Down