yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-02-24 04:46:49 +00:00
Code Issues Packages Projects Releases Wiki Activity

psa: Decrement slot access count when finalizing key creation

Browse source 
Decrement the slot access count in psa_finish_key_creation()
when the finalization succeeds instead of in functions calling
psa_finish_key_creation(). That way the decrementation cannot
be forgotten and it reduces the code size.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
This commit is contained in:
Ronald Cron 2020-11-14 11:28:25 +01:00
parent cbf6a1d651
commit 5097294be9
1 changed files with 7 additions and 12 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

19
library/psa_crypto.c
View file

@ -2030,6 +2030,10 @@ static psa_status_t psa_start_key_creation(
* See the documentation of psa_start_key_creation() for the intended use * See the documentation of psa_start_key_creation() for the intended use
* of this function. * of this function.
* *
* If the finalization succeeds, the function decreases the slot access
* counter (that was incremented as part of psa_start_key_creation()) and the
* slot cannot be accessed anymore as part of the key creation process.
*
* \param[in,out] slot Pointer to the slot with key material. * \param[in,out] slot Pointer to the slot with key material.
* \param[in] driver The secure element driver for the key, * \param[in] driver The secure element driver for the key,
* or NULL for a transparent key. * or NULL for a transparent key.
@ -2093,11 +2097,12 @@ static psa_status_t psa_finish_key_creation(
return( status ); return( status );
} }
status = psa_crypto_stop_transaction( ); status = psa_crypto_stop_transaction( );
if( status != PSA_SUCCESS )
return( status );
} }
#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ #endif /* MBEDTLS_PSA_CRYPTO_SE_C */
if( status == PSA_SUCCESS )
status = psa_decrement_key_slot_access_count( slot );
return( status ); return( status );
} }
@ -2278,8 +2283,6 @@ exit:
psa_fail_key_creation( slot, driver ); psa_fail_key_creation( slot, driver );
*key = MBEDTLS_SVC_KEY_ID_INIT; *key = MBEDTLS_SVC_KEY_ID_INIT;
} }
else
status = psa_decrement_key_slot_access_count( slot );
return( status ); return( status );
} }
@ -2312,8 +2315,6 @@ psa_status_t mbedtls_psa_register_se_key(
exit: exit:
if( status != PSA_SUCCESS ) if( status != PSA_SUCCESS )
psa_fail_key_creation( slot, driver ); psa_fail_key_creation( slot, driver );
else
status = psa_decrement_key_slot_access_count( slot );
/* Registration doesn't keep the key in RAM. */ /* Registration doesn't keep the key in RAM. */
psa_close_key( key ); psa_close_key( key );
@ -2388,8 +2389,6 @@ exit:
psa_fail_key_creation( target_slot, driver ); psa_fail_key_creation( target_slot, driver );
*target_key = MBEDTLS_SVC_KEY_ID_INIT; *target_key = MBEDTLS_SVC_KEY_ID_INIT;
} }
else
status = psa_decrement_key_slot_access_count( target_slot );
decrement_status = psa_decrement_key_slot_access_count( source_slot ); decrement_status = psa_decrement_key_slot_access_count( source_slot );
@ -5547,8 +5546,6 @@ psa_status_t psa_key_derivation_output_key( const psa_key_attributes_t *attribut
psa_fail_key_creation( slot, driver ); psa_fail_key_creation( slot, driver );
*key = MBEDTLS_SVC_KEY_ID_INIT; *key = MBEDTLS_SVC_KEY_ID_INIT;
} }
else
status = psa_decrement_key_slot_access_count( slot );
return( status ); return( status );
} }
@ -6405,8 +6402,6 @@ exit:
psa_fail_key_creation( slot, driver ); psa_fail_key_creation( slot, driver );
*key = MBEDTLS_SVC_KEY_ID_INIT; *key = MBEDTLS_SVC_KEY_ID_INIT;
} }
else
status = psa_decrement_key_slot_access_count( slot );
return( status ); return( status );
} }