psa: Return in error when requested to copy a key to an opaque driver

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Mbed-TLS · Apr 2, 2021 · aabe234 · aabe234
1 parent 4a02442
commit aabe234
Showing 1 changed file with 11 additions and 0 deletions.
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
@@ -2149,6 +2149,17 @@ psa_status_t psa_copy_key( mbedtls_svc_key_id_t source_key,
     }
 #endif /* MBEDTLS_PSA_CRYPTO_SE_C */
 
+    if( psa_key_lifetime_is_external( actual_attributes.core.lifetime ) )
+    {
+        /*
+         * Copying through an opaque driver is not implemented yet, consider
+         * a lifetime with an external location as an invalid parameter for
+         * now.
+         */
+        status = PSA_ERROR_INVALID_ARGUMENT;
+        goto exit;
+    }
+
     status = psa_copy_key_material( source_slot, target_slot );
     if( status != PSA_SUCCESS )
         goto exit;