Merge pull request #3969 from frestr/bugfix/psa_close_key_leak

PSA Crypto: Don't skip key data removal when SE driver is not in use
This commit is contained in:
Gilles Peskine 2021-01-05 16:55:52 +01:00 committed by GitHub
commit 73d783244f
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 5 additions and 1 deletions

View file

@ -0,0 +1,3 @@
Bugfix
* Fix memory leak that occured when calling psa_close_key() on a
wrapped key with MBEDTLS_PSA_CRYPTO_SE_C defined.

View file

@ -1316,7 +1316,8 @@ static psa_status_t psa_get_and_lock_transparent_key_slot_with_policy(
static psa_status_t psa_remove_key_data_from_memory( psa_key_slot_t *slot ) static psa_status_t psa_remove_key_data_from_memory( psa_key_slot_t *slot )
{ {
#if defined(MBEDTLS_PSA_CRYPTO_SE_C) #if defined(MBEDTLS_PSA_CRYPTO_SE_C)
if( psa_key_slot_is_external( slot ) ) if( psa_get_se_driver( slot->attr.lifetime, NULL, NULL ) &&
psa_key_slot_is_external( slot ) )
{ {
/* No key material to clean. */ /* No key material to clean. */
} }