Use remove_key_data_from_memory instead of wipe_key_slot
Since the loading attempt of a builtin key might be followed by trying
to load a persistent key, we can only wipe the allocated key data, not
the associated metadata.
Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 068990a..f58df4a 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1063,8 +1063,7 @@
psa_get_and_lock_key_slot_with_policy( key, p_slot, usage, alg )
#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
-/** Wipe key data from a slot. Preserve metadata such as the policy. */
-static psa_status_t psa_remove_key_data_from_memory( psa_key_slot_t *slot )
+psa_status_t psa_remove_key_data_from_memory( psa_key_slot_t *slot )
{
/* Data pointer will always be either a valid pointer or NULL in an
* initialized slot, so we can just free it. */
diff --git a/library/psa_crypto_core.h b/library/psa_crypto_core.h
index eeb0105..90f9d18 100644
--- a/library/psa_crypto_core.h
+++ b/library/psa_crypto_core.h
@@ -195,6 +195,9 @@
psa_status_t psa_allocate_buffer_to_slot( psa_key_slot_t *slot,
size_t buffer_length );
+/** Wipe key data from a slot. Preserves metadata such as the policy. */
+psa_status_t psa_remove_key_data_from_memory( psa_key_slot_t *slot );
+
/** Copy key data (in export format) into an empty key slot.
*
* This function assumes that the slot does not contain
diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c
index bdb45ee..f9ea369 100644
--- a/library/psa_crypto_slot_management.c
+++ b/library/psa_crypto_slot_management.c
@@ -327,7 +327,7 @@
exit:
if( status != PSA_SUCCESS )
- psa_wipe_key_slot( slot );
+ psa_remove_key_data_from_memory( slot );
return( status );
}
#endif /* MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS */