Consistently abort key derivation operations on input error

This commit is contained in:
Gilles Peskine 2019-09-23 18:17:40 +02:00
parent 224b0d656a
commit 593773d9f2
2 changed files with 4 additions and 1 deletions

View file

@ -5163,7 +5163,10 @@ psa_status_t psa_key_derivation_input_key(
PSA_KEY_USAGE_DERIVE,
operation->alg );
if( status != PSA_SUCCESS )
{
psa_key_derivation_abort( operation );
return( status );
}
return( psa_key_derivation_input_internal( operation,
step, slot->attr.type,
slot->data.raw.data,

View file

@ -1898,7 +1898,7 @@ derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_512):PSA_KEY_DERIVATION_INPUT_SALT:0:"":PS
PSA key derivation: HKDF-SHA-256, bad key type
depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:0:"":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_RAW_DATA:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:0:"":PSA_SUCCESS:PSA_ERROR_INVALID_ARGUMENT:PSA_SUCCESS
derive_input:PSA_ALG_HKDF(PSA_ALG_SHA_256):PSA_KEY_DERIVATION_INPUT_SALT:0:"":PSA_KEY_DERIVATION_INPUT_SECRET:PSA_KEY_TYPE_RAW_DATA:"0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b":PSA_KEY_DERIVATION_INPUT_INFO:0:"":PSA_SUCCESS:PSA_ERROR_INVALID_ARGUMENT:PSA_ERROR_BAD_STATE
PSA key derivation: HKDF-SHA-256, direct secret
depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C