From 2503f7e4cb75b7c3caa3c9d6b48685c4dc6b67b3 Mon Sep 17 00:00:00 2001
From: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
Date: Tue, 12 Apr 2022 12:08:01 +0200
Subject: [PATCH] Handle empty other secret when passed with input bytes

Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>
---
 library/psa_crypto.c | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index e78fb9dc5c..2634b56286 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -5243,6 +5243,10 @@ static psa_status_t psa_tls12_prf_set_other_key( psa_tls12_prf_key_derivation_t
         memcpy( prf->other_secret, data, data_length );
         prf->other_secret_length = data_length;
     }
+    else
+    {
+        prf->other_secret_length = 0;
+    }
 
     prf->state = PSA_TLS12_PRF_STATE_OTHER_KEY_SET;
 
@@ -5332,8 +5336,11 @@ static psa_status_t psa_tls12_prf_psk_to_ms_set_key(
     {
         *cur++ = MBEDTLS_BYTE_1( prf->other_secret_length );
         *cur++ = MBEDTLS_BYTE_0( prf->other_secret_length );
-        memcpy( cur, prf->other_secret, prf->other_secret_length );
-        cur += prf->other_secret_length;
+        if ( prf->other_secret_length != 0 )
+        {
+            memcpy( cur, prf->other_secret, prf->other_secret_length );
+            cur += prf->other_secret_length;
+        }
     }
     else
     {