From 5e7494ea750ea08915748ccd28ebddc2a442c48a Mon Sep 17 00:00:00 2001
From: Valerio Setti <valerio.setti@nordicsemi.no>
Date: Thu, 27 Apr 2023 10:05:03 +0200
Subject: [PATCH] pk: fix position for mbedtls_platform_zeroize

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
---
 library/pk.c | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/library/pk.c b/library/pk.c
index dcdfd1a5fc..97984f3b9b 100644
--- a/library/pk.c
+++ b/library/pk.c
@@ -646,6 +646,7 @@ int mbedtls_pk_wrap_as_opaque(mbedtls_pk_context *pk,
     psa_key_type_t key_type;
     size_t bits;
     int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
+    psa_status_t status;
 
     /* export the private key material in the format PSA wants */
     if (mbedtls_pk_get_type(pk) != MBEDTLS_PK_ECKEY) {
@@ -668,11 +669,11 @@ int mbedtls_pk_wrap_as_opaque(mbedtls_pk_context *pk,
     psa_set_key_algorithm(&attributes, PSA_ALG_ECDSA(hash_alg));
 
     /* import private key into PSA */
-    if (PSA_SUCCESS != psa_import_key(&attributes, d, d_len, key)) {
-        return MBEDTLS_ERR_PK_HW_ACCEL_FAILED;
-    }
-
+    status = psa_import_key(&attributes, d, d_len, key);
     mbedtls_platform_zeroize(d, sizeof(d));
+    if (status != PSA_SUCCESS) {
+        return PSA_PK_TO_MBEDTLS_ERR(status);
+    }
 
     /* make PK context wrap the key slot */
     mbedtls_pk_free(pk);