commit 40225ba70961d8e2e6260a563c1bc7c2290566be
author Darryl Green <darryl.green@arm.com> Thu Nov 15 14:48:15 2018 +0000
committer Darryl Green <darryl.green@arm.com> Tue Nov 20 15:21:22 2018 +0000
tree 89d42c51414b97617f08d23fb5ad3c5665b018a4
parent 06fd18de375f6713763c1bd65c927f0933a6c493

psa: Refactor psa_destroy_key()

Create a new function psa_remove_key_from_memory() from psa_destroy_key().
This is needed as psa_destroy_key() will remove all key data, including
persistent storage. mbedtls_psa_crypto_free() will now only free in-memory
data and not persistent data.

library/psa_crypto.c

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 11621ee..c205e12 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -773,6 +773,42 @@
     return( PSA_SUCCESS );
 }
 
+static psa_status_t psa_remove_key_data_from_memory( key_slot_t *slot )
+{
+    if( slot->type == PSA_KEY_TYPE_NONE )
+    {
+        /* No key material to clean. */
+    }
+    else if( key_type_is_raw_bytes( slot->type ) )
+    {
+        mbedtls_free( slot->data.raw.data );
+    }
+    else
+#if defined(MBEDTLS_RSA_C)
+    if( PSA_KEY_TYPE_IS_RSA( slot->type ) )
+    {
+        mbedtls_rsa_free( slot->data.rsa );
+        mbedtls_free( slot->data.rsa );
+    }
+    else
+#endif /* defined(MBEDTLS_RSA_C) */
+#if defined(MBEDTLS_ECP_C)
+    if( PSA_KEY_TYPE_IS_ECC( slot->type ) )
+    {
+        mbedtls_ecp_keypair_free( slot->data.ecp );
+        mbedtls_free( slot->data.ecp );
+    }
+    else
+#endif /* defined(MBEDTLS_ECP_C) */
+    {
+        /* Shouldn't happen: the key type is not any type that we
+         * put in. */
+        return( PSA_ERROR_TAMPERING_DETECTED );
+    }
+
+    return( PSA_SUCCESS );
+}
+
 psa_status_t psa_import_key( psa_key_slot_t key,
                              psa_key_type_t type,
                              const uint8_t *data,
@@ -805,41 +841,7 @@
     status = psa_get_key_slot( key, &slot );
     if( status != PSA_SUCCESS )
         return( status );
-
-    if( slot->type == PSA_KEY_TYPE_NONE )
-    {
-        /* No key material to clean, but do zeroize the slot below to wipe
-         * metadata such as policies. */
-    }
-    else if( key_type_is_raw_bytes( slot->type ) )
-    {
-        mbedtls_free( slot->data.raw.data );
-    }
-    else
-#if defined(MBEDTLS_RSA_C)
-    if( PSA_KEY_TYPE_IS_RSA( slot->type ) )
-    {
-        mbedtls_rsa_free( slot->data.rsa );
-        mbedtls_free( slot->data.rsa );
-    }
-    else
-#endif /* defined(MBEDTLS_RSA_C) */
-#if defined(MBEDTLS_ECP_C)
-    if( PSA_KEY_TYPE_IS_ECC( slot->type ) )
-    {
-        mbedtls_ecp_keypair_free( slot->data.ecp );
-        mbedtls_free( slot->data.ecp );
-    }
-    else
-#endif /* defined(MBEDTLS_ECP_C) */
-    {
-        /* Shouldn't happen: the key type is not any type that we
-         * put in. */
-        return( PSA_ERROR_TAMPERING_DETECTED );
-    }
-
-    mbedtls_zeroize( slot, sizeof( *slot ) );
-    return( PSA_SUCCESS );
+    return( psa_remove_key_from_memory( slot ) );
 }
 
 /* Return the size of the key in the given slot, in bits. */
@@ -4231,8 +4233,18 @@
 void mbedtls_psa_crypto_free( void )
 {
     psa_key_slot_t key;
+    key_slot_t *slot;
+    psa_status_t status;
+
     for( key = 1; key <= PSA_KEY_SLOT_COUNT; key++ )
-        psa_destroy_key( key );
+    {
+        status = psa_get_key_slot( key, &slot );
+        if( status != PSA_SUCCESS )
+            continue;
+        psa_remove_key_data_from_memory( slot );
+        /* Zeroize the slot to wipe metadata such as policies. */
+        mbedtls_zeroize( slot, sizeof( *slot ) );
+    }
     mbedtls_ctr_drbg_free( &global_data.ctr_drbg );
     mbedtls_entropy_free( &global_data.entropy );
     mbedtls_zeroize( &global_data, sizeof( global_data ) );