commit 72c2f76c4322d6d671759cf3a3b37f7b58891a76
author Neil Armstrong <narmstrong@baylibre.com> Thu Mar 17 16:39:10 2022 +0100
committer Neil Armstrong <narmstrong@baylibre.com> Fri Mar 18 11:09:36 2022 +0100
tree 9d6f787114d1612df49c3f77f7fe7824cc498fd5
parent 36cc13b3404202ff6ad3e5f518077c71413e7c6b

Assume MAC key length is always exactly the output size in PSA version of mbedtls_ct_hmac()

Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>

library/constant_time.c

diff --git a/library/constant_time.c b/library/constant_time.c
index 0cab376..d32a40c 100644
--- a/library/constant_time.c
+++ b/library/constant_time.c
@@ -496,18 +496,12 @@
             goto cleanup;           \
     } while( 0 )
 
-    /* Export MAC key */
-    PSA_CHK( psa_export_key( key, mac_key,
-                             MAX_HASH_BLOCK_LENGTH,
-                             &mac_key_length ) );
-
-    if( mac_key_length > block_size )
-    {
-        PSA_CHK( psa_hash_setup( &operation, hash_alg ) );
-        PSA_CHK( psa_hash_update( &operation, mac_key, mac_key_length ) );
-        PSA_CHK( psa_hash_finish( &operation, mac_key,
-                                  MAX_HASH_BLOCK_LENGTH, &mac_key_length ) );
-    }
+    /* Export MAC key
+     * We assume key length is always exactly the output size
+     * which is never more than the block size, thus we use block_size
+     * as the key buffer size.
+     */
+    PSA_CHK( psa_export_key( key, mac_key, block_size, &mac_key_length ) );
 
     /* Calculate ikey/okey */
     memset( ikey, 0x36, block_size );