From c70ce576bd8856a8efa99d4353700bd3130d000b Mon Sep 17 00:00:00 2001
From: Ryan Everett <ryan.everett@arm.com>
Date: Wed, 3 Jan 2024 16:04:33 +0000
Subject: [PATCH] Update psa_destroy_key, psa_purge_key and psa_close_key

This does not yet implement destruction while a key is in use for psa_destroy_key;
that will be implemented in a separate pr.
(I am not sure if I am allowed to change the documentation in the include files.)

Signed-off-by: Ryan Everett <ryan.everett@arm.com>
---
 include/psa/crypto.h                 |  8 ++++++--
 include/psa/crypto_compat.h          |  4 +++-
 library/psa_crypto.c                 |  8 +++++---
 library/psa_crypto_slot_management.c | 19 +++++++++++--------
 4 files changed, 25 insertions(+), 14 deletions(-)

diff --git a/include/psa/crypto.h b/include/psa/crypto.h
index fe10ee0e4..fd1928a65 100644
--- a/include/psa/crypto.h
+++ b/include/psa/crypto.h
@@ -415,7 +415,9 @@ void psa_reset_key_attributes(psa_key_attributes_t *attributes);
  * \retval #PSA_ERROR_BAD_STATE
  *         The library has not been previously initialized by psa_crypto_init().
  *         It is implementation-dependent whether a failure to initialize
- *         results in this error code.
+ *         results in this error code. Or,
+ *         this call was operating on a key slot and found the slot in
+ *         an invalid state for the operation.
  */
 psa_status_t psa_purge_key(mbedtls_svc_key_id_t key);
 
@@ -555,7 +557,9 @@ psa_status_t psa_copy_key(mbedtls_svc_key_id_t source_key,
  * \retval #PSA_ERROR_BAD_STATE
  *         The library has not been previously initialized by psa_crypto_init().
  *         It is implementation-dependent whether a failure to initialize
- *         results in this error code.
+ *         results in this error code. Or,
+ *         this call was operating on a key slot and found the slot in
+ *         an invalid state for the operation.
  */
 psa_status_t psa_destroy_key(mbedtls_svc_key_id_t key);
 
diff --git a/include/psa/crypto_compat.h b/include/psa/crypto_compat.h
index f896fae1c..bfc00164b 100644
--- a/include/psa/crypto_compat.h
+++ b/include/psa/crypto_compat.h
@@ -142,7 +142,9 @@ psa_status_t psa_open_key(mbedtls_svc_key_id_t key,
  * \retval #PSA_ERROR_BAD_STATE
  *         The library has not been previously initialized by psa_crypto_init().
  *         It is implementation-dependent whether a failure to initialize
- *         results in this error code.
+ *         results in this error code. Or,
+ *         this call was operating on a key slot and found the slot in
+ *         an invalid state for the operation.
  */
 psa_status_t psa_close_key(psa_key_handle_t handle);
 
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index a27fd42c4..3e49d0a75 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1048,11 +1048,13 @@ psa_status_t psa_destroy_key(mbedtls_svc_key_id_t key)
      * implemented), the key should be destroyed when all accesses have
      * stopped.
      */
-    if (slot->lock_count > 1) {
-        psa_unlock_key_slot(slot);
+    if (slot->registered_readers > 1) {
+        psa_unregister_read(slot);
         return PSA_ERROR_GENERIC_ERROR;
     }
 
+    slot->state = PSA_SLOT_PENDING_DELETION;
+
     if (PSA_KEY_LIFETIME_IS_READ_ONLY(slot->attr.lifetime)) {
         /* Refuse the destruction of a read-only key (which may or may not work
          * if we attempt it, depending on whether the key is merely read-only
@@ -1126,7 +1128,7 @@ psa_status_t psa_destroy_key(mbedtls_svc_key_id_t key)
 
 exit:
     status = psa_wipe_key_slot(slot);
-    /* Prioritize CORRUPTION_DETECTED from wiping over a storage error */
+    /* Prioritize an error from wiping over a storage error */
     if (status != PSA_SUCCESS) {
         overall_status = status;
     }
diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c
index 4846e33ea..a21388a0b 100644
--- a/library/psa_crypto_slot_management.c
+++ b/library/psa_crypto_slot_management.c
@@ -539,11 +539,14 @@ psa_status_t psa_close_key(psa_key_handle_t handle)
 
         return status;
     }
-    if (slot->lock_count <= 1) {
-        return psa_wipe_key_slot(slot);
-    } else {
-        return psa_unlock_key_slot(slot);
+    if (slot->registered_readers == 1) {
+        status = psa_key_slot_state_transition(slot, PSA_SLOT_FULL,
+                                               PSA_SLOT_PENDING_DELETION);
+        if (status != PSA_SUCCESS) {
+            return status;
+        }
     }
+    return psa_unregister_read(slot);
 }
 
 psa_status_t psa_purge_key(mbedtls_svc_key_id_t key)
@@ -557,11 +560,11 @@ psa_status_t psa_purge_key(mbedtls_svc_key_id_t key)
     }
 
     if ((!PSA_KEY_LIFETIME_IS_VOLATILE(slot->attr.lifetime)) &&
-        (slot->lock_count <= 1)) {
-        return psa_wipe_key_slot(slot);
-    } else {
-        return psa_unlock_key_slot(slot);
+        (slot->registered_readers == 1)) {
+        psa_key_slot_state_transition(slot, PSA_SLOT_FULL,
+                                      PSA_SLOT_PENDING_DELETION);
     }
+    return psa_unregister_read(slot);
 }
 
 void mbedtls_psa_get_stats(mbedtls_psa_stats_t *stats)