mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-03-14 01:26:49 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Modify allocation and buffer wiping in sign_finish

Browse Source 
Allocate immediately after declaration and only wipe
tag buffer if allocation didn't fail.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
This commit is contained in:
Thomas Daubney 2024-01-31 18:09:36 +00:00
parent 7480a74cba
commit 1ffc5cb4a5
1 changed files with 5 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
library/psa_crypto.c
View File

@ -2693,6 +2693,7 @@ psa_status_t psa_mac_sign_finish(psa_mac_operation_t *operation,
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
psa_status_t abort_status = PSA_ERROR_CORRUPTION_DETECTED;
LOCAL_OUTPUT_DECLARE(mac_external, mac);
LOCAL_OUTPUT_ALLOC(mac_external, mac_size, mac);
if (operation->id == 0) {
status = PSA_ERROR_BAD_STATE;
@ -2716,7 +2717,7 @@ psa_status_t psa_mac_sign_finish(psa_mac_operation_t *operation,
goto exit;
}
LOCAL_OUTPUT_ALLOC(mac_external, mac_size, mac);
status = psa_driver_wrapper_mac_sign_finish(operation,
mac, operation->mac_size,
mac_length);
@ -2733,7 +2734,9 @@ exit:
operation->mac_size = 0;
}
psa_wipe_tag_output_buffer(mac, status, mac_size, *mac_length);
if (status != PSA_ERROR_INSUFFICIENT_MEMORY) {
psa_wipe_tag_output_buffer(mac, status, mac_size, *mac_length);
}
abort_status = psa_mac_abort(operation);
LOCAL_OUTPUT_FREE(mac_external, mac);