commit 30827915a47366b4621ab611f6576d543d6458b3
author Ryan Everett <ryan.everett@arm.com> Fri Jan 19 16:05:00 2024 +0000
committer Ryan Everett <ryan.everett@arm.com> Fri Feb 02 10:50:51 2024 +0000
tree 82c26431360ada00c4424f94f62f56eeed993805
parent e3e760cddbc56cdc0e05644780a0570033a3da2e

Protect buffer in psa_export_public_key

Signed-off-by: Ryan Everett <ryan.everett@arm.com>

library/psa_crypto.c

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 9690d53..3e7fc9a 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -1586,7 +1586,7 @@
 }
 
 psa_status_t psa_export_public_key(mbedtls_svc_key_id_t key,
-                                   uint8_t *data,
+                                   uint8_t *data_external,
                                    size_t data_size,
                                    size_t *data_length)
 {
@@ -1594,6 +1594,7 @@
     psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
     psa_key_attributes_t attributes;
     psa_key_slot_t *slot;
+    LOCAL_OUTPUT_DECLARE(data_external, data);
 
     /* Reject a zero-length output buffer now, since this can never be a
      * valid key representation. This way we know that data must be a valid
@@ -1614,6 +1615,8 @@
         return status;
     }
 
+    LOCAL_OUTPUT_ALLOC(data_external, data_size, data);
+
     if (!PSA_KEY_TYPE_IS_ASYMMETRIC(slot->attr.type)) {
         status = PSA_ERROR_INVALID_ARGUMENT;
         goto exit;
@@ -1629,6 +1632,7 @@
 exit:
     unlock_status = psa_unlock_key_slot(slot);
 
+    LOCAL_OUTPUT_FREE(data_external, data);
     return (status == PSA_SUCCESS) ? unlock_status : status;
 }