If starting a transaction fails, wipe the transaction data

gilles-peskine-arm · gilles-peskine-arm · commit 66be51c35d2e · 2019-07-26T13:23:51.000+02:00
Nothing has been saved to disk yet, but there is stale data in
psa_crypto_transaction. This stale data should not be reused, but do
wipe it to reduce the risk of it mattering somehow in the future.
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
@@ -993,6 +993,7 @@ psa_status_t psa_destroy_key( psa_key_handle_t handle )
         status = psa_crypto_save_transaction( );
         if( status != PSA_SUCCESS )
         {
+            (void) psa_crypto_stop_transaction( );
             /* TOnogrepDO: destroy what can be destroyed anyway */
             return( status );
         }
@@ -1484,7 +1485,10 @@ static psa_status_t psa_start_key_creation(
         psa_crypto_transaction.key.id = slot->persistent_storage_id;
         status = psa_crypto_save_transaction( );
         if( status != PSA_SUCCESS )
+        {
+            (void) psa_crypto_stop_transaction( );
             return( status );
+        }
     }
 #endif /* MBEDTLS_PSA_CRYPTO_SE_C */
 

Original file line number	Diff line number	Diff line change
`@@ -993,6 +993,7 @@ psa_status_t psa_destroy_key( psa_key_handle_t handle )`
`993`	`993`	`status = psa_crypto_save_transaction( );`
`994`	`994`	`if( status != PSA_SUCCESS )`
`995`	`995`	`{`
	`996`	`+ (void) psa_crypto_stop_transaction( );`
`996`	`997`	`/* TOnogrepDO: destroy what can be destroyed anyway */`
`997`	`998`	`return( status );`
`998`	`999`	`}`
`@@ -1484,7 +1485,10 @@ static psa_status_t psa_start_key_creation(`
`1484`	`1485`	`psa_crypto_transaction.key.id = slot->persistent_storage_id;`
`1485`	`1486`	`status = psa_crypto_save_transaction( );`
`1486`	`1487`	`if( status != PSA_SUCCESS )`
	`1488`	`+ {`
	`1489`	`+ (void) psa_crypto_stop_transaction( );`
`1487`	`1490`	`return( status );`
	`1491`	`+ }`
`1488`	`1492`	`}`
`1489`	`1493`	`#endif /* MBEDTLS_PSA_CRYPTO_SE_C */`
`1490`	`1494`