ARMmbed
/
mbed-os
mirror of https://github.com/ARMmbed/mbed-os.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Attestation: Add close key after open key

pull/9668/head
Moran Peker 2019-02-19 15:45:53 +02:00
parent 715305accf
commit bd7061eaba
2 changed files with 12 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
components/TARGET_PSA/services/attestation/COMPONENT_PSA_SRV_IMPL/attest_crypto_keys.c
View File

@ -111,10 +111,12 @@ tfm_plat_get_initial_attest_key(uint8_t *key_buf,
crypto_ret = psa_get_key_information(handle, &type, &bits); crypto_ret = psa_get_key_information(handle, &type, &bits);
if (crypto_ret != PSA_SUCCESS) if (crypto_ret != PSA_SUCCESS)
{ {
psa_close_key(handle);
return TFM_PLAT_ERR_SYSTEM_ERR; return TFM_PLAT_ERR_SYSTEM_ERR;
} }
if (!PSA_KEY_TYPE_IS_ECC(type)) if (!PSA_KEY_TYPE_IS_ECC(type))
{ {
psa_close_key(handle);
return TFM_PLAT_ERR_SYSTEM_ERR; return TFM_PLAT_ERR_SYSTEM_ERR;
} }
public_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type); public_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type);
@ -122,6 +124,7 @@ tfm_plat_get_initial_attest_key(uint8_t *key_buf,
public_key = (uint8_t *) malloc(public_key_size); public_key = (uint8_t *) malloc(public_key_size);
if (public_key == NULL) if (public_key == NULL)
{ {
psa_close_key(handle);
return TFM_PLAT_ERR_SYSTEM_ERR; return TFM_PLAT_ERR_SYSTEM_ERR;
} }
@ -131,6 +134,7 @@ tfm_plat_get_initial_attest_key(uint8_t *key_buf,
if (crypto_ret != PSA_SUCCESS) if (crypto_ret != PSA_SUCCESS)
{ {
free(public_key); free(public_key);
psa_close_key(handle);
return TFM_PLAT_ERR_SYSTEM_ERR; return TFM_PLAT_ERR_SYSTEM_ERR;
} }
@ -139,6 +143,7 @@ tfm_plat_get_initial_attest_key(uint8_t *key_buf,
if (crypto_ret != PSA_SUCCESS) if (crypto_ret != PSA_SUCCESS)
{ {
free(public_key); free(public_key);
psa_close_key(handle);
return TFM_PLAT_ERR_SYSTEM_ERR; return TFM_PLAT_ERR_SYSTEM_ERR;
} }
@ -185,5 +190,6 @@ tfm_plat_get_initial_attest_key(uint8_t *key_buf,
} }
free(public_key); free(public_key);
psa_close_key(handle);
return TFM_PLAT_ERR_SUCCESS; return TFM_PLAT_ERR_SUCCESS;
} }

6
components/TARGET_PSA/services/attestation/COMPONENT_PSA_SRV_IMPL/attest_iat_claims_loader.c
View File

@ -83,9 +83,11 @@ static enum tfm_plat_err_t attest_public_key_sha256(uint32_t *size, uint8_t *buf
crypto_ret = psa_get_key_information(handle, &type, &bits); crypto_ret = psa_get_key_information(handle, &type, &bits);
if (crypto_ret != PSA_SUCCESS) { if (crypto_ret != PSA_SUCCESS) {
psa_close_key(handle);
return TFM_PLAT_ERR_SYSTEM_ERR; return TFM_PLAT_ERR_SYSTEM_ERR;
} }
if (!PSA_KEY_TYPE_IS_ECC(type)) { if (!PSA_KEY_TYPE_IS_ECC(type)) {
psa_close_key(handle);
return TFM_PLAT_ERR_SYSTEM_ERR; return TFM_PLAT_ERR_SYSTEM_ERR;
} }
public_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type); public_type = PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type);
@ -100,12 +102,14 @@ static enum tfm_plat_err_t attest_public_key_sha256(uint32_t *size, uint8_t *buf
&public_key_length); &public_key_length);
if (crypto_ret != PSA_SUCCESS) { if (crypto_ret != PSA_SUCCESS) {
free(public_key); free(public_key);
psa_close_key(handle);
return TFM_PLAT_ERR_SYSTEM_ERR; return TFM_PLAT_ERR_SYSTEM_ERR;
} }
crypto_ret = psa_hash_setup(&hash_handle, PSA_ALG_SHA_256); crypto_ret = psa_hash_setup(&hash_handle, PSA_ALG_SHA_256);
if (crypto_ret != PSA_SUCCESS) { if (crypto_ret != PSA_SUCCESS) {
free(public_key); free(public_key);
psa_close_key(handle);
return TFM_PLAT_ERR_SYSTEM_ERR; return TFM_PLAT_ERR_SYSTEM_ERR;
} }
@ -117,10 +121,12 @@ static enum tfm_plat_err_t attest_public_key_sha256(uint32_t *size, uint8_t *buf
(size_t *) size); (size_t *) size);
if (crypto_ret != PSA_SUCCESS) { if (crypto_ret != PSA_SUCCESS) {
free(public_key); free(public_key);
psa_close_key(handle);
return TFM_PLAT_ERR_SYSTEM_ERR; return TFM_PLAT_ERR_SYSTEM_ERR;
} }
free(public_key); free(public_key);
psa_close_key(handle);
return TFM_PLAT_ERR_SUCCESS; return TFM_PLAT_ERR_SUCCESS;
} }