mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-12-27 03:45:27 +00:00
Use remove_key_data_from_memory instead of wipe_key_slot
Since the loading attempt of a builtin key might be followed by trying to load a persistent key, we can only wipe the allocated key data, not the associated metadata. Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
This commit is contained in:
parent
7609b1ff6c
commit
7ddee7f7c5
|
@ -1063,8 +1063,7 @@ static psa_status_t psa_get_and_lock_transparent_key_slot_with_policy(
|
||||||
psa_get_and_lock_key_slot_with_policy( key, p_slot, usage, alg )
|
psa_get_and_lock_key_slot_with_policy( key, p_slot, usage, alg )
|
||||||
#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
|
#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
|
||||||
|
|
||||||
/** Wipe key data from a slot. Preserve metadata such as the policy. */
|
psa_status_t psa_remove_key_data_from_memory( psa_key_slot_t *slot )
|
||||||
static psa_status_t psa_remove_key_data_from_memory( psa_key_slot_t *slot )
|
|
||||||
{
|
{
|
||||||
/* Data pointer will always be either a valid pointer or NULL in an
|
/* Data pointer will always be either a valid pointer or NULL in an
|
||||||
* initialized slot, so we can just free it. */
|
* initialized slot, so we can just free it. */
|
||||||
|
|
|
@ -195,6 +195,9 @@ psa_status_t psa_wipe_key_slot( psa_key_slot_t *slot );
|
||||||
psa_status_t psa_allocate_buffer_to_slot( psa_key_slot_t *slot,
|
psa_status_t psa_allocate_buffer_to_slot( psa_key_slot_t *slot,
|
||||||
size_t buffer_length );
|
size_t buffer_length );
|
||||||
|
|
||||||
|
/** Wipe key data from a slot. Preserves metadata such as the policy. */
|
||||||
|
psa_status_t psa_remove_key_data_from_memory( psa_key_slot_t *slot );
|
||||||
|
|
||||||
/** Copy key data (in export format) into an empty key slot.
|
/** Copy key data (in export format) into an empty key slot.
|
||||||
*
|
*
|
||||||
* This function assumes that the slot does not contain
|
* This function assumes that the slot does not contain
|
||||||
|
|
|
@ -327,7 +327,7 @@ static psa_status_t psa_load_builtin_key_into_slot( psa_key_slot_t *slot )
|
||||||
|
|
||||||
exit:
|
exit:
|
||||||
if( status != PSA_SUCCESS )
|
if( status != PSA_SUCCESS )
|
||||||
psa_wipe_key_slot( slot );
|
psa_remove_key_data_from_memory( slot );
|
||||||
return( status );
|
return( status );
|
||||||
}
|
}
|
||||||
#endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */
|
#endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */
|
||||||
|
|
Loading…
Reference in a new issue