commit 2bfbb17f3055cf2b4829864bd17a9f6c2dada48b
author Gilles Peskine <Gilles.Peskine@arm.com> Mon Jun 07 23:27:54 2021 +0200
committer Gilles Peskine <Gilles.Peskine@arm.com> Mon Jun 07 23:27:54 2021 +0200
tree f5f24c3d9b371bc48ec492122839d99e89df6e0d
parent 11794b30f9d10cd0288ec53d53021bbd52df40c9

Remove duplicate wipe call in psa_destroy_key

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>

library/psa_crypto.c

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index f4860e6..33b4433 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1138,11 +1138,10 @@
         /* Refuse the destruction of a read-only key (which may or may not work
          * if we attempt it, depending on whether the key is merely read-only
          * by policy or actually physically read-only).
-         * Just do the best we can, which is to wipe the copy in memory. */
-        status = psa_wipe_key_slot( slot );
-        if( status != PSA_SUCCESS )
-            return( status );
-        return( PSA_ERROR_NOT_PERMITTED );
+         * Just do the best we can, which is to wipe the copy in memory
+         * (done in this function's cleanup code). */
+        overall_status = PSA_ERROR_NOT_PERMITTED;
+        goto exit;
     }
 
 #if defined(MBEDTLS_PSA_CRYPTO_SE_C)
@@ -1206,12 +1205,10 @@
     }
 #endif /* MBEDTLS_PSA_CRYPTO_SE_C */
 
-#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
 exit:
-#endif /* MBEDTLS_PSA_CRYPTO_SE_C */
     status = psa_wipe_key_slot( slot );
     /* Prioritize CORRUPTION_DETECTED from wiping over a storage error */
-    if( overall_status == PSA_SUCCESS )
+    if( status != PSA_SUCCESS )
         overall_status = status;
     return( overall_status );
 }