commit 757f3594741ebf7687fffb79079551836603c7e6
author Valerio Setti <vsetti@baylibre.com> Fri Dec 02 11:07:11 2022 +0100
committer Valerio Setti <vsetti@baylibre.com> Fri Dec 02 11:07:11 2022 +0100
tree c6f099deb5047cdde1b7ee51635605b7ff1d4688
parent e98db0b866996da2fbf71bec92d8cf7e365e4fa8

tls: pake: do not destroy key on errors while setting opaque password

Signed-off-by: Valerio Setti <vsetti@baylibre.com>

library/ssl_tls.c

diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 47c02a6..1438124 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -1950,31 +1950,24 @@
 
     status = psa_pake_setup( &ssl->handshake->psa_pake_ctx, &cipher_suite );
     if( status != PSA_SUCCESS )
-    {
-        psa_destroy_key( ssl->handshake->psa_pake_password );
-        return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
-    }
+        goto error;
 
     status = psa_pake_set_role( &ssl->handshake->psa_pake_ctx, psa_role );
     if( status != PSA_SUCCESS )
-    {
-        psa_destroy_key( ssl->handshake->psa_pake_password );
-        psa_pake_abort( &ssl->handshake->psa_pake_ctx );
-        return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
-    }
+        goto error;
 
     psa_pake_set_password_key( &ssl->handshake->psa_pake_ctx,
                                 ssl->handshake->psa_pake_password );
     if( status != PSA_SUCCESS )
-    {
-        psa_destroy_key( ssl->handshake->psa_pake_password );
-        psa_pake_abort( &ssl->handshake->psa_pake_ctx );
-        return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
-    }
+        goto error;
 
     ssl->handshake->psa_pake_ctx_is_ok = 1;
 
     return( 0 );
+
+error:
+    psa_pake_abort( &ssl->handshake->psa_pake_ctx );
+    return( MBEDTLS_ERR_SSL_HW_ACCEL_FAILED );
 }
 #else /* MBEDTLS_USE_PSA_CRYPTO */
 int mbedtls_ssl_set_hs_ecjpake_password( mbedtls_ssl_context *ssl,