diff --git a/include/psa/crypto_struct.h b/include/psa/crypto_struct.h index 60c44fbb83..f554b6eab9 100644 --- a/include/psa/crypto_struct.h +++ b/include/psa/crypto_struct.h @@ -88,7 +88,7 @@ typedef struct { /** The hash context. */ struct psa_hash_operation_s hash_ctx; /** The HMAC part of the context. */ - uint8_t hmac_ctx[PSA_CRYPTO_MD_BLOCK_SIZE]; + uint8_t opad[PSA_CRYPTO_MD_BLOCK_SIZE]; } psa_hmac_internal_data; diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 60a1197ed6..e51de04cba 100755 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1018,11 +1018,8 @@ psa_status_t psa_mac_abort( psa_mac_operation_t *operation ) return( PSA_ERROR_NOT_SUPPORTED ); psa_hash_abort( &operation->ctx.hmac.hash_ctx ); - if ( operation->ctx.hmac.hmac_ctx != NULL ) - { - mbedtls_zeroize( operation->ctx.hmac.hmac_ctx, + mbedtls_zeroize( operation->ctx.hmac.opad, block_size); - } } else #endif /* MBEDTLS_MD_C */ @@ -1065,7 +1062,7 @@ static int psa_hmac_start( psa_mac_operation_t *operation, psa_algorithm_t alg ) { unsigned char ipad[PSA_CRYPTO_MD_BLOCK_SIZE]; - unsigned char *opad = operation->ctx.hmac.hmac_ctx; + unsigned char *opad = operation->ctx.hmac.opad; size_t i; size_t block_size = PSA_HASH_BLOCK_SIZE( ( PSA_ALG_HMAC_HASH( alg ) ) ); @@ -1282,7 +1279,7 @@ static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation, if( PSA_ALG_IS_HMAC( operation->alg ) ) { unsigned char tmp[MBEDTLS_MD_MAX_SIZE]; - unsigned char *opad = operation->ctx.hmac.hmac_ctx; + unsigned char *opad = operation->ctx.hmac.opad; size_t hash_size = 0; unsigned int block_size = PSA_HASH_BLOCK_SIZE( ( PSA_ALG_HMAC_HASH( operation->alg ) ) );