From 6aa8d37d0753b4b46f1f9b4d55e31513578d98ce Mon Sep 17 00:00:00 2001
From: Pol Henarejos <pol.henarejos@cttc.es>
Date: Tue, 7 Mar 2023 23:45:37 +0100
Subject: [PATCH] If a key does not belong to any key domain, it cannot be
 wrapped.

Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
---
 src/hsm/cmd_key_domain.c | 2 +-
 src/hsm/cmd_key_wrap.c   | 3 +++
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/src/hsm/cmd_key_domain.c b/src/hsm/cmd_key_domain.c
index 15dba7b..32ab0b1 100644
--- a/src/hsm/cmd_key_domain.c
+++ b/src/hsm/cmd_key_domain.c
@@ -27,7 +27,7 @@ uint8_t get_key_domain(file_t *fkey) {
     if (meta_tag) {
         return *meta_tag;
     }
-    return 0;
+    return 0xff;
 }
 
 int cmd_key_domain() {
diff --git a/src/hsm/cmd_key_wrap.c b/src/hsm/cmd_key_wrap.c
index f58e3f2..eb7b639 100644
--- a/src/hsm/cmd_key_wrap.c
+++ b/src/hsm/cmd_key_wrap.c
@@ -32,6 +32,9 @@ int cmd_key_wrap() {
     }
     file_t *ef = search_dynamic_file((KEY_PREFIX << 8) | key_id);
     uint8_t kdom = get_key_domain(ef);
+    if (kdom == 0xff) {
+        return SW_REFERENCE_NOT_FOUND();
+    }
     if (!ef) {
         return SW_FILE_NOT_FOUND();
     }