Do not erase input key in psa_tls12_prf_psk_to_ms_set_key()

When ALG_TLS12_PSK_TO_MS() is used, first derivation is correct
but the following derivations output data is incorrect.

This is because input key is erased in psa_tls12_prf_psk_to_ms_set_key()
since commit 03faf5d2c1.

Fixes: 03faf5d2c1 ("psa_tls12_prf_psk_to_ms_set_key: clear buffers after usage")
Signed-off-by: Neil Armstrong <narmstrong@baylibre.com>
This commit is contained in:
Neil Armstrong 2022-05-04 11:06:20 +02:00
parent 068a13d909
commit b743d95051

View file

@ -5371,7 +5371,6 @@ static psa_status_t psa_tls12_prf_psk_to_ms_set_key(
*cur++ = MBEDTLS_BYTE_1( data_length );
*cur++ = MBEDTLS_BYTE_0( data_length );
memcpy( cur, data, data_length );
mbedtls_platform_zeroize( (void*) data, data_length );
cur += data_length;
status = psa_tls12_prf_set_key( prf, pms, cur - pms );