yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-01-13 09:35:38 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix missing state check for tls12_prf output

Browse source 
Fix PSA_ALG_TLS12_PRF and PSA_ALG_TLS12_PSK_TO_MS being too permissive
about missing inputs.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
Gilles Peskine 2021-06-11 22:41:46 +02:00
parent d40a21cff1
commit f216f0d5d4
2 changed files with 14 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
ChangeLog.d/psa_key_derivation-bad_workflow.txt Normal file
View file

@ -0,0 +1,3 @@
Bugfix
* Fix PSA_ALG_TLS12_PRF and PSA_ALG_TLS12_PSK_TO_MS being too permissive
about missing inputs.

11
library/psa_crypto.c
View file

@ -3785,6 +3785,17 @@ static psa_status_t psa_key_derivation_tls12_prf_read(
psa_status_t status; psa_status_t status;
uint8_t offset, length; uint8_t offset, length;
switch( tls12_prf->state )
{
case PSA_TLS12_PRF_STATE_LABEL_SET:
tls12_prf->state = PSA_TLS12_PRF_STATE_OUTPUT;
break;
case PSA_TLS12_PRF_STATE_OUTPUT:
break;
default:
return( PSA_ERROR_BAD_STATE );
}
while( output_length != 0 ) while( output_length != 0 )
{ {
/* Check if we have fully processed the current block. */ /* Check if we have fully processed the current block. */