From ee04e6995629c094a666ac34e166440380dbb768 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Mon, 4 May 2020 18:52:21 +0200 Subject: [PATCH] Rename and clarify the default persistent location and persistence Call persistence "default" because that is genuinely the default that applications should use if they don't know better. It's slightly misleading in that the default persistence when you create a key is volatile, not this: "default" is the default persistence for persistent keys, not the default persistence for keys in general. But we haven't found a better name. Introduce the term "primary local storage" to designate the default storage location. Signed-off-by: Gilles Peskine --- include/psa/crypto_types.h | 10 +++++----- include/psa/crypto_values.h | 4 ++-- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/include/psa/crypto_types.h b/include/psa/crypto_types.h index de72b5944..b45571409 100644 --- a/include/psa/crypto_types.h +++ b/include/psa/crypto_types.h @@ -154,7 +154,7 @@ typedef uint32_t psa_key_lifetime_t; * A volatile key is automatically destroyed by the implementation when * the application instance terminates. In particular, a volatile key * is automatically destroyed on a power reset of the device. - * - \c 1 = #PSA_KEY_PERSISTENCE_PRIMARY: + * - \c 1 = #PSA_KEY_PERSISTENCE_DEFAULT: * persistent key with a default lifetime. * Implementations should support this value if they support persistent * keys at all. @@ -195,15 +195,15 @@ typedef uint8_t psa_key_persistence_t; * the key is stored. * * This specification defines the following values of location indicators: - * - \c 0: default location. + * - \c 0: primary local storage. * All implementations should support this value. - * The default location typically indicates that the key material is - * used and stored within the same security boundary as the key metadata. + * The primary local storage is typically the same storage area that + * contains the key metadata. * - \c 1: primary secure element. * Implementations should support this value if there is a secure element * attached to the operating environment. * As a guideline, secure elements may provide higher resistance against - * side channel and physical attacks than the default location, but may + * side channel and physical attacks than the primary local storage, but may * have restrictions on supported key types, sizes, policies and operations * and may have different performance characteristics. * - \c 2-0x7fffff: other locations defined by a PSA specification. diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h index ded1756e2..48e085c08 100644 --- a/include/psa/crypto_values.h +++ b/include/psa/crypto_values.h @@ -1568,7 +1568,7 @@ #define PSA_KEY_LIFETIME_PERSISTENT ((psa_key_lifetime_t)0x00000001) #define PSA_KEY_PERSISTENCE_VOLATILE ((psa_key_persistence_t)0x00) -#define PSA_KEY_PERSISTENCE_PRIMARY ((psa_key_persistence_t)0x01) +#define PSA_KEY_PERSISTENCE_DEFAULT ((psa_key_persistence_t)0x01) #define PSA_KEY_PERSISTENCE_READ_ONLY ((psa_key_persistence_t)0xff) #define PSA_KEY_LIFETIME_GET_PERSISTENCE(lifetime) \ @@ -1597,7 +1597,7 @@ (PSA_KEY_LIFETIME_GET_PERSISTENCE(lifetime) == \ PSA_KEY_LIFETIME_PERSISTENCE_VOLATILE) -#define PSA_KEY_LOCATION_BUILT_IN ((psa_key_location_t)0x000000) +#define PSA_KEY_LOCATION_LOCAL_STORAGE ((psa_key_location_t)0x000000) #define PSA_KEY_LOCATION_VENDOR_FLAG ((psa_key_location_t)0x800000) /** The minimum value for a key identifier chosen by the application.