Remove duplicate wipe call in psa_destroy_key

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
Gilles Peskine 2021-06-07 23:27:54 +02:00
parent 11794b30f9
commit 2bfbb17f30

View file

@ -1138,11 +1138,10 @@ psa_status_t psa_destroy_key( mbedtls_svc_key_id_t key )
/* Refuse the destruction of a read-only key (which may or may not work /* Refuse the destruction of a read-only key (which may or may not work
* if we attempt it, depending on whether the key is merely read-only * if we attempt it, depending on whether the key is merely read-only
* by policy or actually physically read-only). * by policy or actually physically read-only).
* Just do the best we can, which is to wipe the copy in memory. */ * Just do the best we can, which is to wipe the copy in memory
status = psa_wipe_key_slot( slot ); * (done in this function's cleanup code). */
if( status != PSA_SUCCESS ) overall_status = PSA_ERROR_NOT_PERMITTED;
return( status ); goto exit;
return( PSA_ERROR_NOT_PERMITTED );
} }
#if defined(MBEDTLS_PSA_CRYPTO_SE_C) #if defined(MBEDTLS_PSA_CRYPTO_SE_C)
@ -1206,12 +1205,10 @@ psa_status_t psa_destroy_key( mbedtls_svc_key_id_t key )
} }
#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ #endif /* MBEDTLS_PSA_CRYPTO_SE_C */
#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
exit: exit:
#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
status = psa_wipe_key_slot( slot ); status = psa_wipe_key_slot( slot );
/* Prioritize CORRUPTION_DETECTED from wiping over a storage error */ /* Prioritize CORRUPTION_DETECTED from wiping over a storage error */
if( overall_status == PSA_SUCCESS ) if( status != PSA_SUCCESS )
overall_status = status; overall_status = status;
return( overall_status ); return( overall_status );
} }