Add buffer copying to psa_key_derivation_output_bytes
Signed-off-by: Ryan Everett <ryan.everett@arm.com>
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index cff9cca..af80c0c 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -4360,10 +4360,12 @@
psa_status_t psa_key_derivation_output_bytes(
psa_key_derivation_operation_t *operation,
- uint8_t *output,
+ uint8_t *output_external,
size_t output_length)
{
psa_status_t status;
+ LOCAL_OUTPUT_DECLARE(output_external, output);
+
psa_algorithm_t kdf_alg = psa_key_derivation_get_kdf_alg(operation);
if (operation->alg == 0) {
@@ -4371,13 +4373,6 @@
return PSA_ERROR_BAD_STATE;
}
- if (output_length > operation->capacity) {
- operation->capacity = 0;
- /* Go through the error path to wipe all confidential data now
- * that the operation object is useless. */
- status = PSA_ERROR_INSUFFICIENT_DATA;
- goto exit;
- }
if (output_length == 0 && operation->capacity == 0) {
/* Edge case: this is a finished operation, and 0 bytes
* were requested. The right error in this case could
@@ -4387,6 +4382,15 @@
* output_length > 0. */
return PSA_ERROR_INSUFFICIENT_DATA;
}
+
+ LOCAL_OUTPUT_ALLOC(output_external, output_length, output);
+ if (output_length > operation->capacity) {
+ operation->capacity = 0;
+ /* Go through the error path to wipe all confidential data now
+ * that the operation object is useless. */
+ status = PSA_ERROR_INSUFFICIENT_DATA;
+ goto exit;
+ }
operation->capacity -= output_length;
#if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF)
@@ -4408,7 +4412,10 @@
* MBEDTLS_PSA_BUILTIN_ALG_TLS12_PSK_TO_MS */
{
(void) kdf_alg;
- return PSA_ERROR_BAD_STATE;
+ status = PSA_ERROR_BAD_STATE;
+ LOCAL_OUTPUT_FREE(output_external, output);
+
+ return status;
}
exit:
@@ -4420,8 +4427,12 @@
psa_algorithm_t alg = operation->alg;
psa_key_derivation_abort(operation);
operation->alg = alg;
- memset(output, '!', output_length);
+ if (output != NULL) {
+ memset(output, '!', output_length);
+ }
}
+
+ LOCAL_OUTPUT_FREE(output_external, output);
return status;
}