Address PR comments

project-chip · Sep 3, 2024 · d97f8fa · d97f8fa
1 parent b04344c
commit d97f8fa
Showing 1 changed file with 16 additions and 0 deletions.
diff --git a/src/crypto/PSASessionKeystore.cpp b/src/crypto/PSASessionKeystore.cpp
@@ -196,6 +196,14 @@ CHIP_ERROR PSASessionKeystore::PersistICDKey(Aes128KeyHandle & key)
     CHIP_ERROR err;
     AesKeyAttributes attrs;
     psa_key_id_t previousKeyId = key.As<psa_key_id_t>();
+    psa_key_attributes_t previousKeyAttrs;
+
+    psa_get_key_attributes(previousKeyId, &previousKeyAttrs);
+    // Exit early if key is already persistent
+    if (psa_get_key_lifetime(&previousKeyAttrs) == PSA_KEY_LIFETIME_PERSISTENT)
+    {
+        ExitNow(err = CHIP_NO_ERROR);
+    }
 
     SuccessOrExit(err = Crypto::FindFreeKeySlotInRange(key.AsMutable<psa_key_id_t>(),
                                                        to_underlying(KeyIdOptional::ICDAesKeyRangeStart), kMaxICDClientKeys));
@@ -221,6 +229,14 @@ CHIP_ERROR PSASessionKeystore::PersistICDKey(Hmac128KeyHandle & key)
     CHIP_ERROR err;
     HmacKeyAttributes attrs;
     psa_key_id_t previousKeyId = key.As<psa_key_id_t>();
+    psa_key_attributes_t previousKeyAttrs;
+
+    psa_get_key_attributes(previousKeyId, &previousKeyAttrs);
+    // Exit early if key is already persistent
+    if (psa_get_key_lifetime(&previousKeyAttrs) == PSA_KEY_LIFETIME_PERSISTENT)
+    {
+        ExitNow(err = CHIP_NO_ERROR);
+    }
 
     SuccessOrExit(err = Crypto::FindFreeKeySlotInRange(key.AsMutable<psa_key_id_t>(),
                                                        to_underlying(KeyIdOptional::ICDHmacKeyRangeStart), kMaxICDClientKeys));