ARMmbed
/
mbed-os
mirror of https://github.com/ARMmbed/mbed-os.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

attestation: Don't create attestation key twice 

If psa_attestation_inject_key() is called twice, exit with a non-fatal
error status without attempting to create another attestation key. The
key already exists and doesn't need to be added again.
pull/11315/head
Jaeden Amero 2019-08-28 19:13:49 +01:00 committed by Darryl Green
parent 5c81d19bc1
commit 43af68d630
1 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
components/TARGET_PSA/services/attestation/COMPONENT_PSA_SRV_IMPL/psa_inject_attestation_key_impl.c
View File

@ -42,6 +42,12 @@ psa_attestation_inject_key_impl(const uint8_t *key_data,
#if defined(MBEDTLS_ECP_C)
status = psa_open_key(key_id, &handle);
if (status == PSA_SUCCESS) {
/* The key already has been injected */
goto exit;
}
psa_set_key_usage_flags(&attributes, usage);
psa_set_key_algorithm(&attributes, PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256));
psa_set_key_type(&attributes, type);