yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-07-20 19:48:37 +00:00
Code Issues Packages Projects Releases Wiki Activity

PSA Crypto: Don't skip key data removal when SE driver is not in use

Browse source 
Closing a wrapped key with the new SE driver interface while
MBEDTLS_PSA_CRYPTO_SE_C is also enabled leads to the key material not
being freed, even though an old SE driver is not in use, leading to a
memory leak. This is because a wrapped key is also considered external.

This commit extends the check for skipping by checking whether an
old-style SE driver is registered with the provided slot, in addition to
checking whether the key is external.

Signed-off-by: Fredrik Strupe <fredrik.strupe@silabs.com>
This commit is contained in:
Fredrik Strupe 2020-12-17 10:44:38 +01:00
parent 7829748cd4
commit 462aa575a4
2 changed files with 5 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
ChangeLog.d/psa_close_key_memory_leak_fix.txt Normal file
View file

@ -0,0 +1,3 @@
Bugfix
* Fix memory leak that occured when calling psa_close_key() on a
wrapped key with MBEDTLS_PSA_CRYPTO_SE_C defined.

3
library/psa_crypto.c
View file

@ -1197,7 +1197,8 @@ static psa_status_t psa_get_transparent_key( psa_key_handle_t handle,
static psa_status_t psa_remove_key_data_from_memory( psa_key_slot_t *slot ) static psa_status_t psa_remove_key_data_from_memory( psa_key_slot_t *slot )
{ {
#if defined(MBEDTLS_PSA_CRYPTO_SE_C) #if defined(MBEDTLS_PSA_CRYPTO_SE_C)
if( psa_key_slot_is_external( slot ) ) if( psa_get_se_driver( slot->attr.lifetime, NULL, NULL ) &&
psa_key_slot_is_external( slot ) )
{ {
/* No key material to clean. */ /* No key material to clean. */
} }