From 66be51c35d2e67cdce99fed0bd7636195495afba Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 25 Jul 2019 18:02:52 +0200
Subject: [PATCH] If starting a transaction fails, wipe the transaction data

Nothing has been saved to disk yet, but there is stale data in
psa_crypto_transaction. This stale data should not be reused, but do
wipe it to reduce the risk of it mattering somehow in the future.
---
 library/psa_crypto.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 92c9668d3..b2fc26e1b 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -993,6 +993,7 @@ psa_status_t psa_destroy_key( psa_key_handle_t handle )
         status = psa_crypto_save_transaction( );
         if( status != PSA_SUCCESS )
         {
+            (void) psa_crypto_stop_transaction( );
             /* TOnogrepDO: destroy what can be destroyed anyway */
             return( status );
         }
@@ -1484,7 +1485,10 @@ static psa_status_t psa_start_key_creation(
         psa_crypto_transaction.key.id = slot->persistent_storage_id;
         status = psa_crypto_save_transaction( );
         if( status != PSA_SUCCESS )
+        {
+            (void) psa_crypto_stop_transaction( );
             return( status );
+        }
     }
 #endif /* MBEDTLS_PSA_CRYPTO_SE_C */