Do not attempt to wipe output buffer if it is NULL
If the output buffer is NULL, it either:
* Does not need wiping because it is zero-length.
* Has failed allocation of a copy.
* Has not yet been written to as a copy hasn't been allocated.
In any of these circumstances, we should not try to write the buffer,
so perform a NULL check before wiping it.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 9574cd7..7473aef 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -3658,8 +3658,10 @@
 
 exit:
 
-    psa_wipe_tag_output_buffer(signature, status, signature_size,
-                               *signature_length);
+    if (signature != NULL) {
+        psa_wipe_tag_output_buffer(signature, status, signature_size,
+                                   *signature_length);
+    }
 
     if (status != PSA_OPERATION_INCOMPLETE) {
         if (status != PSA_SUCCESS) {