mirror of
https://github.com/Mbed-TLS/mbedtls.git
synced 2025-03-29 04:20:12 +00:00
Do not erase input key in psa_tls12_prf_psk_to_ms_set_key()
When ALG_TLS12_PSK_TO_MS() is used, first derivation is correct but the following derivations output data is incorrect. This is because input key is erased in psa_tls12_prf_psk_to_ms_set_key() since commit 03faf5d2c174eef1ebab39a8139a4042e77049b8. Fixes: 03faf5d2c174eef1ebab39a8139a4042e77049b8 ("psa_tls12_prf_psk_to_ms_set_key: clear buffers after usage") Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
This commit is contained in:
parent
068a13d909
commit
b743d95051
@ -5371,7 +5371,6 @@ static psa_status_t psa_tls12_prf_psk_to_ms_set_key(
|
||||
*cur++ = MBEDTLS_BYTE_1( data_length );
|
||||
*cur++ = MBEDTLS_BYTE_0( data_length );
|
||||
memcpy( cur, data, data_length );
|
||||
mbedtls_platform_zeroize( (void*) data, data_length );
|
||||
cur += data_length;
|
||||
|
||||
status = psa_tls12_prf_set_key( prf, pms, cur - pms );
|
||||
|
Loading…
x
Reference in New Issue
Block a user