lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-29 11:41:15 +03:00
Code Activity

Document that destroying a key aborts any ongoing operation

Browse Source 
Document that psa_close_key() and psa_destroy_key() abort any ongoing
multipart operation that is using the key. This is not implemented
yet.
This commit is contained in:
Gilles Peskine
2019-01-14 18:24:53 +01:00
parent 8d4be19517
commit 5f25dd00c0
2 changed files with 21 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
library/psa_crypto.c
View File

@ -784,11 +784,18 @@ static psa_status_t psa_remove_key_data_from_memory( psa_key_slot_t *slot )
return( PSA_SUCCESS );
}
static void psa_abort_operations_using_key( psa_key_slot_t *slot )
{
/*TODO*/
(void) slot;
}
/** Completely wipe a slot in memory, including its policy.
* Persistent storage is not affected. */
psa_status_t psa_wipe_key_slot( psa_key_slot_t *slot )
{
psa_status_t status = psa_remove_key_data_from_memory( slot );
psa_abort_operations_using_key( slot );
/* At this point, key material and other type-specific content has
* been wiped. Clear remaining metadata. We can call memset and not
* zeroize because the metadata is not particularly sensitive. */