Revise how output allocation is checked

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
2025-02-23 12:39:54 +00:00 · 2024-02-21 15:15:00 +00:00 · 2024-02-21 15:15:00 +00:00 · 0576a6a174
commit 0576a6a174
parent 89d8c2a1b4
1 changed files with 10 additions and 14 deletions
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@ -7429,20 +7429,16 @@ psa_status_t psa_raw_key_agreement(psa_algorithm_t alg,
                                            output_length);

 exit:
-    /* Check for successful allocation of output. */
-    if (output != NULL && status != PSA_ERROR_INSUFFICIENT_MEMORY) {
-        /* output allocated. */
-        if (status != PSA_SUCCESS) {
-            /* If an error happens and is not handled properly, the output
-             * may be used as a key to protect sensitive data. Arrange for such
-             * a key to be random, which is likely to result in decryption or
-             * verification errors. This is better than filling the buffer with
-             * some constant data such as zeros, which would result in the data
-             * being protected with a reproducible, easily knowable key.
-             */
-            psa_generate_random(output, output_size);
-            *output_length = output_size;
-        }
+    if (output != NULL && status != PSA_SUCCESS) {
+        /* If an error happens and is not handled properly, the output
+        * may be used as a key to protect sensitive data. Arrange for such
+        * a key to be random, which is likely to result in decryption or
+        * verification errors. This is better than filling the buffer with
+        * some constant data such as zeros, which would result in the data
+        * being protected with a reproducible, easily knowable key.
+        */
+        psa_generate_random(output, output_size);
+        *output_length = output_size;
    } else {
        /* output allocation failed. */
        *output_length = 0;