yuzu-emu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-11-30 04:14:19 +01:00
Code Issues Packages Projects Releases Wiki Activity

In psa_mac_finish, write a safe output even in the BAD_STATE case

Browse Source
This commit is contained in:
Gilles Peskine 2018-07-02 12:15:39 +02:00 committed by itayzafrir
parent aee13338b3
commit 1d96fff61a
1 changed files with 5 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
library/psa_crypto.c
View File

@ -1510,10 +1510,6 @@ static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation,
{ {
int ret = 0; int ret = 0;
psa_status_t status = PSA_SUCCESS; psa_status_t status = PSA_SUCCESS;
if( ! operation->key_set )
return( PSA_ERROR_BAD_STATE );
if( operation->iv_required && ! operation->iv_set )
return( PSA_ERROR_BAD_STATE );
/* Fill the output buffer with something that isn't a valid mac /* Fill the output buffer with something that isn't a valid mac
* (barring an attack on the mac and deliberately-crafted input), * (barring an attack on the mac and deliberately-crafted input),
@ -1524,6 +1520,11 @@ static psa_status_t psa_mac_finish_internal( psa_mac_operation_t *operation,
if( mac_size != 0 ) if( mac_size != 0 )
memset( mac, '!', mac_size ); memset( mac, '!', mac_size );
if( ! operation->key_set )
return( PSA_ERROR_BAD_STATE );
if( operation->iv_required && ! operation->iv_set )
return( PSA_ERROR_BAD_STATE );
if( mac_size < operation->mac_size ) if( mac_size < operation->mac_size )
return( PSA_ERROR_BUFFER_TOO_SMALL ); return( PSA_ERROR_BUFFER_TOO_SMALL );