Fix psa_key_derivation_input_integer() not detecting bad state

Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>

ChangeLog.d/fix-key-derive-bad-state-error.txt

@@ -0,0 +1,3 @@
+Bugfix
+   * Fix issue where psa_key_derivation_input_integer() is not detecting
+     bad state after an operation has been aborted.

library/psa_crypto.c

@@ -4751,6 +4751,12 @@ static psa_status_t psa_key_derivation_input_internal(
     psa_status_t status;
     psa_algorithm_t kdf_alg = psa_key_derivation_get_kdf_alg(operation);
 
+    if (kdf_alg == 0) {
+       /* This is a blank or aborted operation. */
+        status = PSA_ERROR_BAD_STATE;
+        goto exit;
+    }
+
     status = psa_key_derivation_check_input_type(step, key_type);
     if (status != PSA_SUCCESS) {
         goto exit;

tests/suites/test_suite_psa_crypto.function

@@ -4566,6 +4566,16 @@ void derive_input(int alg_arg,
     }
     TEST_EQUAL(actual_output_status, expected_output_status);
 
+    /* Test calling input functions after operation has been aborted
+       result in PSA_ERROR_BAD_STATE error.
+    */
+    psa_key_derivation_abort(&operation);
+
+    TEST_EQUAL(psa_key_derivation_input_bytes(
+                    &operation, steps[0],
+                    inputs[0]->x, inputs[0]->len),
+                PSA_ERROR_BAD_STATE);
+
 exit:
     psa_key_derivation_abort(&operation);
     for (i = 0; i < ARRAY_LENGTH(keys); i++) {