Make key derivation initialisation consistent The macro initialiser might leave bytes in the union unspecified. Zeroising it in setup makes sure that the behaviour is the same independently of the initialisation method used.

commit: 5fe19734d509b2fe36471ed0a15385ce51c52bd6 [log] [tgz]
author: Janos Follath <janos.follath@arm.com> Thu Jun 20 15:09:30 2019 +0100
committer: Janos Follath <janos.follath@arm.com> Wed Jun 26 09:15:08 2019 +0100
tree: 7e7082f94998aab0bd86cb6d51be0409261f83a2
parent: ea29bfb14893c8334558269488dcb92396449b30 [diff] [blame]
diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index 153bc6d..9d02a97 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c

@@ -4740,6 +4740,10 @@
     psa_key_derivation_operation_t *operation,
     psa_algorithm_t kdf_alg )
 {
+    /* Make sure that operation->ctx is properly zero-initialised. (Macro
+     * initialisers for this union leave some bytes unspecified.) */
+    memset( &operation->ctx, 0, sizeof( operation->ctx ) );
+
     /* Make sure that kdf_alg is a supported key derivation algorithm. */
 #if defined(MBEDTLS_MD_C)
     if( PSA_ALG_IS_HKDF( kdf_alg ) ||
commit	5fe19734d509b2fe36471ed0a15385ce51c52bd6	[log] [tgz]
author	Janos Follath <janos.follath@arm.com>	Thu Jun 20 15:09:30 2019 +0100
committer	Janos Follath <janos.follath@arm.com>	Wed Jun 26 09:15:08 2019 +0100
tree	7e7082f94998aab0bd86cb6d51be0409261f83a2
parent	ea29bfb14893c8334558269488dcb92396449b30 [diff] [blame]