From e000a0aedfb3c9f92d1f9916a59e6e89db49b6de Mon Sep 17 00:00:00 2001
From: David Horstmann <david.horstmann@arm.com>
Date: Mon, 11 Dec 2023 16:37:04 +0000
Subject: [PATCH] Add buffer copying to psa_aead_verify()

Signed-off-by: David Horstmann <david.horstmann@arm.com>
---
 library/psa_crypto.c | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 1aad3cd9e0..e44a0c2766 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -5246,14 +5246,20 @@ exit:
 /* Finish authenticating and decrypting a message in a multipart AEAD
    operation.*/
 psa_status_t psa_aead_verify(psa_aead_operation_t *operation,
-                             uint8_t *plaintext,
+                             uint8_t *plaintext_external,
                              size_t plaintext_size,
                              size_t *plaintext_length,
-                             const uint8_t *tag,
+                             const uint8_t *tag_external,
                              size_t tag_length)
 {
     psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
 
+    LOCAL_OUTPUT_DECLARE(plaintext_external, plaintext);
+    LOCAL_INPUT_DECLARE(tag_external, tag);
+
+    LOCAL_OUTPUT_ALLOC(plaintext_external, plaintext_size, plaintext);
+    LOCAL_INPUT_ALLOC(tag_external, tag_length, tag);
+
     *plaintext_length = 0;
 
     status = psa_aead_final_checks(operation);
@@ -5274,6 +5280,9 @@ psa_status_t psa_aead_verify(psa_aead_operation_t *operation,
 exit:
     psa_aead_abort(operation);
 
+    LOCAL_OUTPUT_FREE(plaintext_external, plaintext);
+    LOCAL_INPUT_FREE(tag_external, tag);
+
     return status;
 }