Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SE keys: fix psa_destroy_key; add Github issue numbers for missing code #221

Merged
merged 8 commits into from
Aug 14, 2019
Merged

SE keys: fix psa_destroy_key; add Github issue numbers for missing code #221

merged 8 commits into from
Aug 14, 2019

Commits on Aug 13, 2019

  1. Add some design notes about multipart operation structures

    @gilles-peskine-arm
    gilles-peskine-arm committed Aug 13, 2019
    Configuration menu
    Copy the full SHA
    b4e73e9 View commit details
    Browse the repository at this point in the history

  2. Document better what wiping a key slot does not do 

    When a key slot is wiped, a copy of the key material may remain in
operations. This is undesirable, but does not violate the safety of
the code. Tracked in https://github.com/ARMmbed/mbed-crypto/issues/86
    @gilles-peskine-arm
    gilles-peskine-arm committed Aug 13, 2019
    Configuration menu
    Copy the full SHA
    3f7cd62 View commit details
    Browse the repository at this point in the history

  3. SE keys: test that psa_destroy_key removes the key from storage

    @gilles-peskine-arm
    gilles-peskine-arm committed Aug 13, 2019
    Configuration menu
    Copy the full SHA
    8fe253a View commit details
    Browse the repository at this point in the history

  4. SE keys: make psa_destroy_key remove the key from storage

    @gilles-peskine-arm
    gilles-peskine-arm committed Aug 13, 2019
    Configuration menu
    Copy the full SHA
    caec278 View commit details
    Browse the repository at this point in the history

  5. Note about destroying a key with other open handles 

    ARMmbed#214
    @gilles-peskine-arm
    gilles-peskine-arm committed Aug 13, 2019
    Configuration menu
    Copy the full SHA
    9ce31c4 View commit details
    Browse the repository at this point in the history

  6. Clean up status code handling inside psa_destroy_key 

    Adopt a simple method for tracking whether there was a failure: each
fallible operation sets overall_status, unless overall_status is
already non-successful. Thus in case of multiple failures, the
function always reports whatever failed first. This may not always be
the right thing, but it's simple.

This revealed a bug whereby if the only failure was the call to
psa_destroy_se_key(), i.e. if the driver reported a failure or if the
driver lacked support for destroying keys, psa_destroy_key() would
ignore that failure.

For a key in a secure element, if creating a transaction file fails,
don't touch storage, but close the key in memory. This may not be
right, but it's no wronger than it was before. Tracked in
ARMmbed#215
    @gilles-peskine-arm
    gilles-peskine-arm committed Aug 13, 2019
    Configuration menu
    Copy the full SHA
    4b7f340 View commit details
    Browse the repository at this point in the history

  7. Drivers must have a psa_destroy_key method 

    Drivers that allow destroying a key must have a destroy method. This
test bug was previously not caught because of an implementation bug
that lost the error triggered by the missing destroy method.
    @gilles-peskine-arm
    gilles-peskine-arm committed Aug 13, 2019
    Configuration menu
    Copy the full SHA
    5da7b3e View commit details
    Browse the repository at this point in the history

  8. Add issue numbers for some missing parts of secure element support

    @gilles-peskine-arm
    gilles-peskine-arm committed Aug 13, 2019
    Configuration menu
    Copy the full SHA
    c9d7f94 View commit details
    Browse the repository at this point in the history