psa_hmac_setup_internal: fix double call of psa_hash_setup In the common case (key no longer than the block size), psa_hash_setup was being called twice in succession. With current implementations this is just a small performance loss, but potentially with alternative implementations this could have lead to a memory leak.

commit: 1e6bfdff5eb0e3d0b50acd3416ce4545aa5c3d46 [log] [tgz]
author: Gilles Peskine <Gilles.Peskine@arm.com> Tue Jul 17 16:22:47 2018 +0200
committer: itayzafrir <itay.zafrir@arm.com> Wed Sep 12 16:41:12 2018 +0300
tree: cb059e88a7d32a1c206a0bc7f214788df8eaf7c1
parent: ff94abdf3a95d08921c31281f82d8f7bfda9db15 [diff]
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index b155563..7ea614f 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c

@@ -1424,12 +1424,11 @@
     if( block_size == 0 )
         return( PSA_ERROR_NOT_SUPPORTED );
 
-    status = psa_hash_setup( &hmac->hash_ctx, hash_alg );
-    if( status != PSA_SUCCESS )
-        return( status );
-
     if( key_length > block_size )
     {
+        status = psa_hash_setup( &hmac->hash_ctx, hash_alg );
+        if( status != PSA_SUCCESS )
+            goto cleanup;
         status = psa_hash_update( &hmac->hash_ctx, key, key_length );
         if( status != PSA_SUCCESS )
             goto cleanup;
commit	1e6bfdff5eb0e3d0b50acd3416ce4545aa5c3d46	[log] [tgz]
author	Gilles Peskine <Gilles.Peskine@arm.com>	Tue Jul 17 16:22:47 2018 +0200
committer	itayzafrir <itay.zafrir@arm.com>	Wed Sep 12 16:41:12 2018 +0300
tree	cb059e88a7d32a1c206a0bc7f214788df8eaf7c1
parent	ff94abdf3a95d08921c31281f82d8f7bfda9db15 [diff]