nrf_security: Fix error code check in Cracen PSA

Vge0rge · Vge0rge · commit 733968976987 · 2025-08-14T12:01:29.000+02:00
In one case inside the KMU Cracen driver a call
to get a random value was not checked, this check
is now added.

Signed-off-by: Georgios Vasilakis &lt;georgios.vasilakis@nordicsemi.no&gt;
diff --git a/subsys/nrf_security/src/drivers/cracen/cracenpsa/src/kmu.c b/subsys/nrf_security/src/drivers/cracen/cracenpsa/src/kmu.c
@@ -151,6 +151,9 @@ static psa_status_t cracen_kmu_encrypt(const uint8_t *key, size_t key_length,
 
 	if (encrypted_buffer_size > CRACEN_KMU_SLOT_KEY_SIZE) {
 		psa_status = cracen_get_random(NULL, encrypted_buffer, CRACEN_KMU_SLOT_KEY_SIZE);
+		if (psa_status != PSA_SUCCESS) {
+			return psa_status;
+		}
 	} else {
 		return PSA_ERROR_GENERIC_ERROR;
 	}

Original file line number	Diff line number	Diff line change
`@@ -151,6 +151,9 @@ static psa_status_t cracen_kmu_encrypt(const uint8_t *key, size_t key_length,`
`151`	`151`
`152`	`152`	`if (encrypted_buffer_size > CRACEN_KMU_SLOT_KEY_SIZE) {`
`153`	`153`	`psa_status = cracen_get_random(NULL, encrypted_buffer, CRACEN_KMU_SLOT_KEY_SIZE);`
	`154`	`+ if (psa_status != PSA_SUCCESS) {`
	`155`	`+ return psa_status;`
	`156`	`+ }`
`154`	`157`	`} else {`
`155`	`158`	`return PSA_ERROR_GENERIC_ERROR;`
`156`	`159`	`}`