lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-29 11:41:15 +03:00
Code Activity

Fix policy validity check on key creation.

Browse Source 
Add a non-regression test.
This commit is contained in:
Gilles Peskine
2019-07-31 15:54:33 +02:00
parent 6edfa293c2
commit 3825e14e65
2 changed files with 7 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
library/psa_crypto.c
View File

@ -1469,10 +1469,6 @@ static psa_status_t psa_start_key_creation(
return( status );
}
status = psa_check_key_slot_policy( slot );
if( status != PSA_SUCCESS )
return( status );
/* Refuse to create overly large keys.
* Note that this doesn't trigger on import if the attributes don't
* explicitly specify a size (so psa_get_key_bits returns 0), so
@ -1487,6 +1483,10 @@ static psa_status_t psa_start_key_creation(
slot->attr = attributes->core;
status = psa_check_key_slot_policy( slot );
if( status != PSA_SUCCESS )
return( status );
#if defined(MBEDTLS_PSA_CRYPTO_SE_C)
/* For a key in a secure element, we need to do three things:
* create the key file in internal storage, create the