mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-03-10 13:14:30 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Rework check for failed output allocation

Browse Source 
Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>
This commit is contained in:
Thomas Daubney 2024-02-21 11:16:16 +00:00
parent d997e7ad9a
commit 89d8c2a1b4
1 changed files with 18 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
library/psa_crypto.c
View File

@ -7395,6 +7395,7 @@ psa_status_t psa_raw_key_agreement(psa_algorithm_t alg,
size_t expected_length; size_t expected_length;
LOCAL_INPUT_DECLARE(peer_key_external, peer_key); LOCAL_INPUT_DECLARE(peer_key_external, peer_key);
LOCAL_OUTPUT_DECLARE(output_external, output); LOCAL_OUTPUT_DECLARE(output_external, output);
LOCAL_OUTPUT_ALLOC(output_external, output_size, output);
if (!PSA_ALG_IS_KEY_AGREEMENT(alg)) { if (!PSA_ALG_IS_KEY_AGREEMENT(alg)) {
status = PSA_ERROR_INVALID_ARGUMENT; status = PSA_ERROR_INVALID_ARGUMENT;
@ -7422,23 +7423,29 @@ psa_status_t psa_raw_key_agreement(psa_algorithm_t alg,
} }
LOCAL_INPUT_ALLOC(peer_key_external, peer_key_length, peer_key); LOCAL_INPUT_ALLOC(peer_key_external, peer_key_length, peer_key);
LOCAL_OUTPUT_ALLOC(output_external, output_size, output);
status = psa_key_agreement_raw_internal(alg, slot, status = psa_key_agreement_raw_internal(alg, slot,
peer_key, peer_key_length, peer_key, peer_key_length,
output, output_size, output, output_size,
output_length); output_length);
exit: exit:
if (status != PSA_SUCCESS && output != NULL) { /* Check for successful allocation of output. */
/* If an error happens and is not handled properly, the output if (output != NULL && status != PSA_ERROR_INSUFFICIENT_MEMORY) {
* may be used as a key to protect sensitive data. Arrange for such /* output allocated. */
* a key to be random, which is likely to result in decryption or if (status != PSA_SUCCESS) {
* verification errors. This is better than filling the buffer with /* If an error happens and is not handled properly, the output
* some constant data such as zeros, which would result in the data * may be used as a key to protect sensitive data. Arrange for such
* being protected with a reproducible, easily knowable key. * a key to be random, which is likely to result in decryption or
*/ * verification errors. This is better than filling the buffer with
psa_generate_random(output, output_size); * some constant data such as zeros, which would result in the data
*output_length = output_size; * being protected with a reproducible, easily knowable key.
*/
psa_generate_random(output, output_size);
*output_length = output_size;
}
} else {
/* output allocation failed. */
*output_length = 0;
} }
unlock_status = psa_unregister_read(slot); unlock_status = psa_unregister_read(slot);