pk: manage allocate and free space when working with PSA private key Allocation does not need to perform any action since the priv_id field is already present on the pk_context. Free should destroy the key. Of course this is true only if the key is not opaque (because in that case it's the user responsibility to do so). Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>

commit: b536126183e1ae58f3b44990b4ef98e964e26aac [log] [tgz]
author: Valerio Setti <valerio.setti@nordicsemi.no> Thu May 18 18:51:58 2023 +0200
committer: Valerio Setti <valerio.setti@nordicsemi.no> Tue May 23 15:12:07 2023 +0200
tree: 71ebf094582a6ebe1c596fca058c79545f870fb0
parent: e0e6311b64223e55214897ea1057b1bd42b57070 [diff] [blame]
diff --git a/library/pk.c b/library/pk.c
index 5ed485b..77012e1 100644
--- a/library/pk.c
+++ b/library/pk.c

@@ -78,6 +78,14 @@
         ctx->pk_info->ctx_free_func(ctx->pk_ctx);
     }
 
+#if defined(MBEDTLS_PK_USE_PSA_EC_DATA)
+    /* The ownership of the priv_id key for opaque keys is external of the PK
+     * module. It's the user responsibility to clear it after use. */
+    if ((ctx->pk_info != NULL) && (ctx->pk_info->type != MBEDTLS_PK_OPAQUE)) {
+        psa_destroy_key(ctx->priv_id);
+    }
+#endif /* MBEDTLS_PK_USE_PSA_EC_DATA */
+
     mbedtls_platform_zeroize(ctx, sizeof(mbedtls_pk_context));
 }
 
@@ -143,7 +151,7 @@
         return MBEDTLS_ERR_PK_BAD_INPUT_DATA;
     }
 
-    if ((info->ctx_alloc_func == NULL) ||
+    if ((info->ctx_alloc_func != NULL) &&
         ((ctx->pk_ctx = info->ctx_alloc_func()) == NULL)) {
         return MBEDTLS_ERR_PK_ALLOC_FAILED;
     }
commit	b536126183e1ae58f3b44990b4ef98e964e26aac	[log] [tgz]
author	Valerio Setti <valerio.setti@nordicsemi.no>	Thu May 18 18:51:58 2023 +0200
committer	Valerio Setti <valerio.setti@nordicsemi.no>	Tue May 23 15:12:07 2023 +0200
tree	71ebf094582a6ebe1c596fca058c79545f870fb0
parent	e0e6311b64223e55214897ea1057b1bd42b57070 [diff] [blame]