From 2ea8d8fa3c1f95fa16cc4affa4cf858a4f75f632 Mon Sep 17 00:00:00 2001 From: Thomas Daubney Date: Wed, 21 Feb 2024 15:16:01 +0000 Subject: [PATCH] Revise how output allocation is checked Signed-off-by: Thomas Daubney --- library/psa_crypto.c | 24 ++++++++++-------------- 1 file changed, 10 insertions(+), 14 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 964ae51bff..dac487efde 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -5332,20 +5332,16 @@ psa_status_t psa_raw_key_agreement(psa_algorithm_t alg, output_length); exit: - /* Check for successful allocation of output. */ - if (output != NULL && status != PSA_ERROR_INSUFFICIENT_MEMORY) { - /* output allocated. */ - if (status != PSA_SUCCESS) { - /* If an error happens and is not handled properly, the output - * may be used as a key to protect sensitive data. Arrange for such - * a key to be random, which is likely to result in decryption or - * verification errors. This is better than filling the buffer with - * some constant data such as zeros, which would result in the data - * being protected with a reproducible, easily knowable key. - */ - psa_generate_random(output, output_size); - *output_length = output_size; - } + if (output != NULL && status != PSA_SUCCESS) { + /* If an error happens and is not handled properly, the output + * may be used as a key to protect sensitive data. Arrange for such + * a key to be random, which is likely to result in decryption or + * verification errors. This is better than filling the buffer with + * some constant data such as zeros, which would result in the data + * being protected with a reproducible, easily knowable key. + */ + psa_generate_random(output, output_size); + *output_length = output_size; } else { /* output allocation failed. */ *output_length = 0;