From 68a85e24fc27944712170f572668c4a9ad694e3d Mon Sep 17 00:00:00 2001 From: Ryan Everett Date: Thu, 16 Nov 2023 16:44:13 +0000 Subject: [PATCH 1/2] Fix secure element key error handling Signed-off-by: Ryan Everett --- ChangeLog.d/fix-secure-element-key-creation.txt | 5 +++++ library/psa_crypto.c | 3 +++ 2 files changed, 8 insertions(+) create mode 100644 ChangeLog.d/fix-secure-element-key-creation.txt diff --git a/ChangeLog.d/fix-secure-element-key-creation.txt b/ChangeLog.d/fix-secure-element-key-creation.txt new file mode 100644 index 0000000000..23a46c068d --- /dev/null +++ b/ChangeLog.d/fix-secure-element-key-creation.txt @@ -0,0 +1,5 @@ +Bugfix + * Fix error handling when creating a key in a dynamic secure element + (feature enabled by MBEDTLS_PSA_CRYPTO_SE_C). In a low memory condition, + the creation could return PSA_SUCCESS but using or destroying the key + would not work. Fixes #8537. diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 533ded6ff9..ae35efc49e 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1710,6 +1710,9 @@ static psa_status_t psa_start_key_creation( status = psa_copy_key_material_into_slot( slot, (uint8_t *) (&slot_number), sizeof(slot_number)); + if (status != PSA_SUCCESS) { + return status; + } } if (*p_drv == NULL && method == PSA_KEY_CREATION_REGISTER) { From 167ecbaa9091514ca671d359dec498455fe7069c Mon Sep 17 00:00:00 2001 From: Ryan Everett Date: Mon, 20 Nov 2023 12:16:18 +0000 Subject: [PATCH 2/2] Fix indentation causing code style failure Signed-off-by: Ryan Everett --- library/psa_crypto.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index ae35efc49e..379648c5c0 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1711,7 +1711,7 @@ static psa_status_t psa_start_key_creation( status = psa_copy_key_material_into_slot( slot, (uint8_t *) (&slot_number), sizeof(slot_number)); if (status != PSA_SUCCESS) { - return status; + return status; } }