commit a0907f5750efedda58e11ea6b09395ba36b0fc2d
author Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com> Fri Oct 27 15:08:00 2023 +0530
committer Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com> Wed Jan 10 21:49:09 2024 +0530
tree ccc12f240ef84ecaad4b5c4bd98b309efcfdee11
parent 4aa6b36a3510695d4caad9d272bb4160d393a05d

Reorder and correct comment

Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>

library/psa_crypto.c

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 3ca89fb..a1d96bf 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -6110,11 +6110,6 @@
         return status;
     }
 
-    if ((PSA_ALG_IS_TLS12_PRF(kdf_alg) ||
-         PSA_ALG_IS_TLS12_PSK_TO_MS(kdf_alg)) &&
-        !(hash_alg == PSA_ALG_SHA_256 || hash_alg == PSA_ALG_SHA_384)) {
-        return PSA_ERROR_NOT_SUPPORTED;
-    }
     if (PSA_ALG_IS_HKDF(kdf_alg)) {
         operation->capacity = 255 * hash_size;
     }
@@ -6128,12 +6123,17 @@
         operation->capacity = 255 * hash_size;
     }
 #endif
+    if ((PSA_ALG_IS_TLS12_PRF(kdf_alg) ||
+         PSA_ALG_IS_TLS12_PSK_TO_MS(kdf_alg)) &&
+        !(hash_alg == PSA_ALG_SHA_256 || hash_alg == PSA_ALG_SHA_384)) {
+        return PSA_ERROR_NOT_SUPPORTED;
+    }
     if (PSA_ALG_IS_TLS12_PRF(kdf_alg)) {
         operation->capacity = UINT_MAX;
     }
     if (PSA_ALG_IS_TLS12_PSK_TO_MS(kdf_alg)) {
-        /* Master Secret consists of 2-byte version number
-         * and a 46-byte random value */
+        /* Master Secret is always 48 bytes
+         * https://datatracker.ietf.org/doc/html/rfc5246.html#section-8.1 */
         operation->capacity = 48U;
     }
     if (PSA_ALG_IS_PBKDF2_HMAC(kdf_alg)) {