diff --git a/ChangeLog.d/fix_kdf_correct_initial_capacity.txt b/ChangeLog.d/fix_kdf_incorrect_initial_capacity.txt similarity index 92% rename from ChangeLog.d/fix_kdf_correct_initial_capacity.txt rename to ChangeLog.d/fix_kdf_incorrect_initial_capacity.txt index 6eeffd7777..10e2795bba 100644 --- a/ChangeLog.d/fix_kdf_correct_initial_capacity.txt +++ b/ChangeLog.d/fix_kdf_incorrect_initial_capacity.txt @@ -1,3 +1,3 @@ Bugfix - * Correct initial capacities for key derivation algorithms:TLS12_PRF, + * Correct initial capacities for key derivation algorithms:TLS12_PRF, TLS12_PSK_TO_MS, PBKDF2-HMAC, PBKDF2-CMAC diff --git a/library/psa_crypto.c b/library/psa_crypto.c index a116beff69..672a97d1a2 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -6076,9 +6076,10 @@ static psa_status_t psa_key_derivation_set_maximum_capacity( #if defined(PSA_WANT_ALG_PBKDF2_AES_CMAC_PRF_128) if (kdf_alg == PSA_ALG_PBKDF2_AES_CMAC_PRF_128) { #if (SIZE_MAX > UINT32_MAX) - operation->capacity = UINT32_MAX * PSA_MAC_LENGTH(PSA_KEY_TYPE_AES, - 128U, - PSA_ALG_CMAC); + operation->capacity = UINT32_MAX * (size_t)PSA_MAC_LENGTH( + PSA_KEY_TYPE_AES, + 128U, + PSA_ALG_CMAC); #else operation->capacity = SIZE_MAX; #endif @@ -6090,6 +6091,9 @@ static psa_status_t psa_key_derivation_set_maximum_capacity( * invalid or meaningless but it does not affect this function */ psa_algorithm_t hash_alg = PSA_ALG_GET_HASH(kdf_alg); size_t hash_size = PSA_HASH_LENGTH(hash_alg); + if (hash_size == 0) { + return PSA_ERROR_NOT_SUPPORTED; + } /* Make sure that hash_alg is a supported hash algorithm. Otherwise * we might fail later, which is somewhat unfriendly and potentially @@ -6138,6 +6142,7 @@ static psa_status_t psa_key_derivation_set_maximum_capacity( } else #endif /* PSA_WANT_ALG_PBKDF2_HMAC */ { + (void) hash_size; status = PSA_ERROR_NOT_SUPPORTED; } return status;