mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2025-01-25 18:31:06 +00:00
SE keys: support destroy
When destroying a key in a secure element, call the driver's destroy method and update the driver's persistent data in storage.
This commit is contained in:
parent
cbaff467ef
commit
354f7671f4
|
@ -939,10 +939,20 @@ psa_status_t psa_destroy_key( psa_key_handle_t handle )
|
|||
psa_key_slot_t *slot;
|
||||
psa_status_t status = PSA_SUCCESS;
|
||||
psa_status_t storage_status = PSA_SUCCESS;
|
||||
#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
|
||||
psa_se_drv_table_entry_t *driver;
|
||||
#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
|
||||
|
||||
status = psa_get_key_slot( handle, &slot );
|
||||
if( status != PSA_SUCCESS )
|
||||
return( status );
|
||||
|
||||
#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
|
||||
driver = psa_get_se_driver_entry( slot->lifetime );
|
||||
if( driver != NULL )
|
||||
status = psa_destroy_se_key( driver, slot->data.se.slot_number );
|
||||
#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
|
||||
|
||||
#if defined(MBEDTLS_PSA_CRYPTO_STORAGE_C)
|
||||
if( slot->lifetime == PSA_KEY_LIFETIME_PERSISTENT )
|
||||
{
|
||||
|
@ -950,6 +960,7 @@ psa_status_t psa_destroy_key( psa_key_handle_t handle )
|
|||
psa_destroy_persistent_key( slot->persistent_storage_id );
|
||||
}
|
||||
#endif /* defined(MBEDTLS_PSA_CRYPTO_STORAGE_C) */
|
||||
|
||||
status = psa_wipe_key_slot( slot );
|
||||
if( status != PSA_SUCCESS )
|
||||
return( status );
|
||||
|
|
|
@ -159,6 +159,22 @@ psa_status_t psa_find_se_slot_for_key(
|
|||
return( status );
|
||||
}
|
||||
|
||||
psa_status_t psa_destroy_se_key( psa_se_drv_table_entry_t *driver,
|
||||
psa_key_slot_number_t slot_number )
|
||||
{
|
||||
psa_status_t status;
|
||||
psa_status_t storage_status;
|
||||
if( driver->methods->key_management == NULL ||
|
||||
driver->methods->key_management->p_destroy == NULL )
|
||||
return( PSA_ERROR_NOT_PERMITTED );
|
||||
status = driver->methods->key_management->p_destroy(
|
||||
&driver->context,
|
||||
driver->internal.persistent_data,
|
||||
slot_number );
|
||||
storage_status = psa_save_se_persistent_data( driver );
|
||||
return( status == PSA_SUCCESS ? storage_status : status );
|
||||
}
|
||||
|
||||
|
||||
|
||||
/****************************************************************/
|
||||
|
|
|
@ -114,6 +114,14 @@ psa_status_t psa_find_se_slot_for_key(
|
|||
psa_se_drv_table_entry_t *driver,
|
||||
psa_key_slot_number_t *slot_number );
|
||||
|
||||
/** Destoy a key in a secure element.
|
||||
*
|
||||
* This function calls the relevant driver method to destroy a key
|
||||
* and updates the driver's persistent data.
|
||||
*/
|
||||
psa_status_t psa_destroy_se_key( psa_se_drv_table_entry_t *driver,
|
||||
psa_key_slot_number_t slot_number );
|
||||
|
||||
/** Load the persistent data of a secure element driver.
|
||||
*
|
||||
* \param driver The driver table entry containing the persistent
|
||||
|
|
Loading…
Reference in a new issue