Fix memory leak with AEAD with non-default tag lengths
When freeing the key context, choose the context format based on the base algorithm value stored in the operation object.
This commit is contained in:
parent
c26eae1a9d
commit
f8a8fe60f8
@ -2844,10 +2844,9 @@ typedef struct
|
|||||||
uint8_t tag_length;
|
uint8_t tag_length;
|
||||||
} aead_operation_t;
|
} aead_operation_t;
|
||||||
|
|
||||||
static void psa_aead_abort( aead_operation_t *operation,
|
static void psa_aead_abort( aead_operation_t *operation )
|
||||||
psa_algorithm_t alg )
|
|
||||||
{
|
{
|
||||||
switch( alg )
|
switch( operation->core_alg )
|
||||||
{
|
{
|
||||||
#if defined(MBEDTLS_CCM_C)
|
#if defined(MBEDTLS_CCM_C)
|
||||||
case PSA_ALG_CCM:
|
case PSA_ALG_CCM:
|
||||||
@ -2932,7 +2931,7 @@ static psa_status_t psa_aead_setup( aead_operation_t *operation,
|
|||||||
return( PSA_SUCCESS );
|
return( PSA_SUCCESS );
|
||||||
|
|
||||||
cleanup:
|
cleanup:
|
||||||
psa_aead_abort( operation, alg );
|
psa_aead_abort( operation );
|
||||||
return( status );
|
return( status );
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -2998,7 +2997,7 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key,
|
|||||||
memset( ciphertext, 0, ciphertext_size );
|
memset( ciphertext, 0, ciphertext_size );
|
||||||
|
|
||||||
exit:
|
exit:
|
||||||
psa_aead_abort( &operation, alg );
|
psa_aead_abort( &operation );
|
||||||
if( status == PSA_SUCCESS )
|
if( status == PSA_SUCCESS )
|
||||||
*ciphertext_length = plaintext_length + operation.tag_length;
|
*ciphertext_length = plaintext_length + operation.tag_length;
|
||||||
return( status );
|
return( status );
|
||||||
@ -3090,7 +3089,7 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key,
|
|||||||
memset( plaintext, 0, plaintext_size );
|
memset( plaintext, 0, plaintext_size );
|
||||||
|
|
||||||
exit:
|
exit:
|
||||||
psa_aead_abort( &operation, alg );
|
psa_aead_abort( &operation );
|
||||||
if( status == PSA_SUCCESS )
|
if( status == PSA_SUCCESS )
|
||||||
*plaintext_length = ciphertext_length - operation.tag_length;
|
*plaintext_length = ciphertext_length - operation.tag_length;
|
||||||
return( status );
|
return( status );
|
||||||
|
Loading…
Reference in New Issue
Block a user