mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-01-26 21:35:35 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Make copy of inputs on stack before passing to psa_driver_wrapper_pake_setup

Browse Source 
Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
This commit is contained in:
Przemek Stekiel 2023-01-17 16:34:52 +01:00
parent ca8d2b2589
commit 18620a3b1c
1 changed files with 7 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
library/psa_crypto.c
View File

@ -7461,6 +7461,9 @@ static psa_status_t psa_pake_complete_inputs(
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
uint8_t *password = operation->data.inputs.password;
size_t password_len = operation->data.inputs.password_len;
/* Create copy of the inputs on stack as inputs share memory
with the driver context which will be setup by the driver. */
psa_crypto_driver_pake_inputs_t inputs = operation->data.inputs;
if (operation->alg == PSA_ALG_NONE ||
operation->data.inputs.password_len == 0 ||
@ -7468,8 +7471,10 @@ static psa_status_t psa_pake_complete_inputs(
return PSA_ERROR_BAD_STATE;
}
status = psa_driver_wrapper_pake_setup(operation,
&operation->data.inputs);
/* Clear driver context */
mbedtls_platform_zeroize(&operation->data, sizeof(operation->data));
status = psa_driver_wrapper_pake_setup(operation, &inputs);
/* Driver is responsible for creating its own copy of the password. */
mbedtls_platform_zeroize(password, password_len);