psa_destroy_key: return SUCCESS on an empty slot

Do wipe the slot even if it doesn't contain a key, to erase any metadata.
This commit is contained in:
Gilles Peskine 2018-04-19 08:38:16 +02:00 committed by itayzafrir
parent 71bb7b77f0
commit 154bd95131
2 changed files with 16 additions and 4 deletions

View file

@ -539,7 +539,17 @@ psa_status_t psa_import_key(psa_key_slot_t key,
size_t data_length);
/**
* \brief Destroy a key.
* \brief Destroy a key and restore the slot to its default state.
*
* This function destroys the content of the key slot from both volatile
* memory and, if applicable, non-volatile storage. Implementations shall
* make a best effort to ensure that any previous content of the slot is
* unrecoverable.
*
* This function also erases any metadata such as policies. It returns the
* specified slot to its default state.
*
* \param key The key slot to erase.
*
* \retval PSA_SUCCESS
* The slot's content, if any, has been erased.

View file

@ -373,9 +373,11 @@ psa_status_t psa_destroy_key(psa_key_slot_t key)
return( PSA_ERROR_INVALID_ARGUMENT );
slot = &global_data.key_slots[key];
if( slot->type == PSA_KEY_TYPE_NONE )
return( PSA_ERROR_EMPTY_SLOT );
if( PSA_KEY_TYPE_IS_RAW_BYTES( slot->type ) )
{
/* No key material to clean, but do zeroize the slot below to wipe
* metadata such as policies. */
}
else if( PSA_KEY_TYPE_IS_RAW_BYTES( slot->type ) )
{
mbedtls_free( slot->data.raw.data );
}