Make sure software fallback isn't tried on opaque keys Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>

commit: 8d2bde77a1d3e17de9b286b658ddf694358a63dd [log] [tgz]
author: Steven Cooreman <steven.cooreman@silabs.com> Fri Sep 04 13:06:39 2020 +0200
committer: Steven Cooreman <steven.cooreman@silabs.com> Fri Sep 04 14:22:28 2020 +0200
tree: bb61a559f76178b7d86e5ac8b59b2999c70a9cc3
parent: 15f58d28775d455e71fd042a0601cadf3d8ca180 [diff] [blame]
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 03326f7..77e6304 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c

@@ -3664,7 +3664,8 @@
                                            signature,
                                            signature_size,
                                            signature_length );
-    if( status != PSA_ERROR_NOT_SUPPORTED )
+    if( status != PSA_ERROR_NOT_SUPPORTED ||
+        psa_key_lifetime_is_external( slot->attr.lifetime ) )
         goto exit;
 
     /* If the operation was not supported by any accelerator, try fallback. */
@@ -3766,7 +3767,8 @@
                                              hash_length,
                                              signature,
                                              signature_length );
-    if( status != PSA_ERROR_NOT_SUPPORTED )
+    if( status != PSA_ERROR_NOT_SUPPORTED ||
+        psa_key_lifetime_is_external( slot->attr.lifetime ) )
         return status;
 
 #if defined(MBEDTLS_RSA_C)
commit	8d2bde77a1d3e17de9b286b658ddf694358a63dd	[log] [tgz]
author	Steven Cooreman <steven.cooreman@silabs.com>	Fri Sep 04 13:06:39 2020 +0200
committer	Steven Cooreman <steven.cooreman@silabs.com>	Fri Sep 04 14:22:28 2020 +0200
tree	bb61a559f76178b7d86e5ac8b59b2999c70a9cc3
parent	15f58d28775d455e71fd042a0601cadf3d8ca180 [diff] [blame]