commit 72b391fe074b6c2b008dc41e7076cfb16fe63547
author Waleed Elmelegy <waleed.elmelegy@arm.com> Mon Mar 03 12:35:28 2025 +0000
committer Waleed Elmelegy <waleed.elmelegy@arm.com> Mon Mar 03 12:37:02 2025 +0000
tree 813989b55d6566f9fcd87926e70a736eb35cca1a
parent 1ba478d9cf5af924844ebec345016ed820447c17

Fix psa_key_derivation_input_integer() not detecting bad state

Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>

library/psa_crypto.c

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index b576f95..63c6ad4 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -7488,6 +7488,12 @@
     psa_status_t status;
     psa_algorithm_t kdf_alg = psa_key_derivation_get_kdf_alg(operation);
 
+    if (kdf_alg == 0) {
+       /* This is a blank or aborted operation. */
+        status = PSA_ERROR_BAD_STATE;
+        goto exit;
+    }
+
     status = psa_key_derivation_check_input_type(step, key_type);
     if (status != PSA_SUCCESS) {
         goto exit;
@@ -7546,6 +7552,12 @@
     psa_status_t status;
     psa_algorithm_t kdf_alg = psa_key_derivation_get_kdf_alg(operation);
 
+    if (kdf_alg == 0) {
+        /* This is a blank or aborted operation. */
+        status = PSA_ERROR_BAD_STATE;
+        goto exit;
+    }
+
 #if defined(PSA_HAVE_SOFT_PBKDF2)
     if (PSA_ALG_IS_PBKDF2(kdf_alg)) {
         status = psa_pbkdf2_set_input_cost(
@@ -7559,6 +7571,7 @@
         status = PSA_ERROR_INVALID_ARGUMENT;
     }
 
+exit:
     if (status != PSA_SUCCESS) {
         psa_key_derivation_abort(operation);
     }