psa: Do not reset a key slot under access

When psa_close/destroy/purge_key is called, do not reset a key slot containing the description of a persistent key if it is currently accessed. Signed-off-by: Ronald Cron <ronald.cron@arm.com>
2026-01-06 11:41:12 +03:00 · 2020-10-29 17:51:10 +01:00
parent ddd3d05803
commit f291111007
2 changed files with 28 additions and 4 deletions
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1344,10 +1344,30 @@ psa_status_t psa_destroy_key( mbedtls_svc_key_id_t key )
    if( mbedtls_svc_key_id_is_null( key ) )
        return( PSA_SUCCESS );

+    /*
+     * Get the description of the key in a key slot. In case of a permanent
+     * key, this will load the key description from persistent memory if not
+     * done yet. We cannot avoid this loading as without it we don't know if
+     * the key is operated by an SE or not and this information is needed by
+     * the current implementation.
+     */
    status = psa_get_key_slot( key, &slot );
    if( status != PSA_SUCCESS )
        return( status );

+    /*
+     * If the key slot containing the key description is under access by the
+     * library (apart from the present access), the key cannot be destroyed
+     * yet. For the time being, just return in error. Eventually (to be
+     * implemented), the key should be destroyed when all accesses have
+     * stopped.
+     */
+    if( slot->access_count > 1 )
+    {
+       psa_decrement_key_slot_access_count( slot );
+       return( PSA_ERROR_GENERIC_ERROR );
+    }
+
 #if defined(MBEDTLS_PSA_CRYPTO_SE_C)
    driver = psa_get_se_driver_entry( slot->attr.lifetime );
    if( driver != NULL )