From 4aea1036c64ed9b57c30e80f84d9f8301d66435c Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Thu, 25 Jul 2019 17:38:34 +0200
Subject: [PATCH] Bug fix: don't start a transaction for non-SE keys

---
 library/psa_crypto.c | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 4bd2d13d26..50be99799b 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1478,14 +1478,14 @@ static psa_status_t psa_start_key_creation(
                                            &slot->data.se.slot_number );
         if( status != PSA_SUCCESS )
             return( status );
+        psa_crypto_prepare_transaction( PSA_CRYPTO_TRANSACTION_CREATE_KEY );
+        psa_crypto_transaction.key.lifetime = slot->lifetime;
+        psa_crypto_transaction.key.slot = slot->data.se.slot_number;
+        psa_crypto_transaction.key.id = slot->persistent_storage_id;
+        status = psa_crypto_save_transaction( );
+        if( status != PSA_SUCCESS )
+            return( status );
     }
-    psa_crypto_prepare_transaction( PSA_CRYPTO_TRANSACTION_CREATE_KEY );
-    psa_crypto_transaction.key.lifetime = slot->lifetime;
-    psa_crypto_transaction.key.slot = slot->data.se.slot_number;
-    psa_crypto_transaction.key.id = slot->persistent_storage_id;
-    status = psa_crypto_save_transaction( );
-    if( status != PSA_SUCCESS )
-        return( status );
 #endif /* MBEDTLS_PSA_CRYPTO_SE_C */
 
     return( status );