yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

If starting a transaction fails, wipe the transaction data

Browse source 
Nothing has been saved to disk yet, but there is stale data in
psa_crypto_transaction. This stale data should not be reused, but do
wipe it to reduce the risk of it mattering somehow in the future.
This commit is contained in:
Gilles Peskine 2019-07-25 18:02:52 +02:00
parent 2ea06fd48d
commit 66be51c35d
1 changed files with 4 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
library/psa_crypto.c
View file

@ -993,6 +993,7 @@ psa_status_t psa_destroy_key( psa_key_handle_t handle )
status = psa_crypto_save_transaction( ); status = psa_crypto_save_transaction( );
if( status != PSA_SUCCESS ) if( status != PSA_SUCCESS )
{ {
(void) psa_crypto_stop_transaction( );
/* TOnogrepDO: destroy what can be destroyed anyway */ /* TOnogrepDO: destroy what can be destroyed anyway */
return( status ); return( status );
} }
@ -1484,7 +1485,10 @@ static psa_status_t psa_start_key_creation(
psa_crypto_transaction.key.id = slot->persistent_storage_id; psa_crypto_transaction.key.id = slot->persistent_storage_id;
status = psa_crypto_save_transaction( ); status = psa_crypto_save_transaction( );
if( status != PSA_SUCCESS ) if( status != PSA_SUCCESS )
{
(void) psa_crypto_stop_transaction( );
return( status ); return( status );
}
} }
#endif /* MBEDTLS_PSA_CRYPTO_SE_C */ #endif /* MBEDTLS_PSA_CRYPTO_SE_C */