commit 09cf4f2e78e1dc93d8bb30e77f6f543dcec2caba
author Thomas Daubney <thomas.daubney@arm.com> Thu Feb 22 11:08:22 2024 +0000
committer Thomas Daubney <thomas.daubney@arm.com> Thu Feb 22 11:08:22 2024 +0000
tree 3d1d265e5b4f2ba73a96285b13c8dd084d5afcd5
parent 2ea8d8fa3c1f95fa16cc4affa4cf858a4f75f632

Decouple if statement in psa_raw_key_agreement exit.

Signed-off-by: Thomas Daubney <thomas.daubney@arm.com>

library/psa_crypto.c

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index dac487e..e0b91c7 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -5332,17 +5332,21 @@
                                             output_length);
 
 exit:
+    /* Check for successful allocation of output,
+     * with an unsuccessful status. */
     if (output != NULL && status != PSA_SUCCESS) {
         /* If an error happens and is not handled properly, the output
-        * may be used as a key to protect sensitive data. Arrange for such
-        * a key to be random, which is likely to result in decryption or
-        * verification errors. This is better than filling the buffer with
-        * some constant data such as zeros, which would result in the data
-        * being protected with a reproducible, easily knowable key.
-        */
+         * may be used as a key to protect sensitive data. Arrange for such
+         * a key to be random, which is likely to result in decryption or
+         * verification errors. This is better than filling the buffer with
+         * some constant data such as zeros, which would result in the data
+         * being protected with a reproducible, easily knowable key.
+         */
         psa_generate_random(output, output_size);
         *output_length = output_size;
-    } else {
+    }
+
+    if (output == NULL) {
         /* output allocation failed. */
         *output_length = 0;
     }