Destroy PSA-based temporary opaque PSK key at the end of ssl_client2

This commit is contained in:
Hanno Becker 2018-11-05 13:25:17 +00:00
parent 39eb4274bb
commit 923cd655e0

View file

@ -2230,6 +2230,26 @@ exit:
mbedtls_ctr_drbg_free( &ctr_drbg );
mbedtls_entropy_free( &entropy );
#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) && \
defined(MBEDTLS_USE_PSA_CRYPTO)
if( opt.psk_slot != 0 )
{
/* This is ok even if the slot hasn't been
* initialized (we might have jumed here
* immediately because of bad cmd line params,
* for example). */
status = psa_destroy_key( opt.psk_slot );
if( status != PSA_SUCCESS )
{
mbedtls_printf( "Failed to destroy key slot %u - error was %d",
(unsigned) opt.psk_slot, (int) status );
if( ret == 0 )
ret = MBEDTLS_ERR_SSL_HW_ACCEL_FAILED;
}
}
#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED &&
MBEDTLS_USE_PSA_CRYPTO */
#if defined(_WIN32)
mbedtls_printf( " + Press Enter to exit this program.\n" );
fflush( stdout ); getchar();