commit 5f3a938d9542bfa93f82f926586bd0e715df08da
author Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com> Wed Sep 13 16:28:12 2023 +0530
committer Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com> Wed Jan 10 21:49:09 2024 +0530
tree 79f6de3ebafc8b6b89a5c05de66abac071de6f1e
parent 3a6059beca6f39ed7b4eef4ee55b9de8f47c1979

Fix psa_key_derivation_setup_kdf

Signed-off-by: Kusumit Ghoderao <Kusumit.Ghoderao@silabs.com>

library/psa_crypto.c

diff --git a/library/psa_crypto.c b/library/psa_crypto.c
index a8baa6b..3ca89fb 100644
--- a/library/psa_crypto.c
+++ b/library/psa_crypto.c
@@ -6075,27 +6075,39 @@
     if (!is_kdf_alg_supported(kdf_alg)) {
         return PSA_ERROR_NOT_SUPPORTED;
     }
+    psa_status_t status = PSA_SUCCESS;
 
-    /* All currently supported key derivation algorithms (apart from
-     * ecjpake to pms and pbkdf2_aes_cmac_128) are based on a hash algorithm. */
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS)
+    if (kdf_alg == PSA_ALG_TLS12_ECJPAKE_TO_PMS) {
+        operation->capacity = PSA_HASH_LENGTH(PSA_ALG_SHA_256);
+        return PSA_SUCCESS;
+    }
+#endif
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_PBKDF2_AES_CMAC_PRF_128)
+    if (kdf_alg == PSA_ALG_PBKDF2_AES_CMAC_PRF_128) {
+#if (UINT_MAX > UINT32_MAX)
+        operation->capacity = UINT32_MAX * PSA_MAC_LENGTH(PSA_KEY_TYPE_AES,
+                                                          128U,
+                                                          PSA_ALG_CMAC);
+#else
+        operation->capacity = UINT32_MAX;
+#endif
+        return PSA_SUCCESS;
+    }
+#endif
+
     psa_algorithm_t hash_alg = PSA_ALG_HKDF_GET_HASH(kdf_alg);
     size_t hash_size = PSA_HASH_LENGTH(hash_alg);
-    if (kdf_alg == PSA_ALG_TLS12_ECJPAKE_TO_PMS) {
-        hash_size = PSA_HASH_LENGTH(PSA_ALG_SHA_256);
-    } else if (kdf_alg == PSA_ALG_PBKDF2_AES_CMAC_PRF_128) {
-        hash_size = PSA_MAC_LENGTH(PSA_KEY_TYPE_AES, 128U, PSA_ALG_CMAC);
-    } else {
-        if (hash_size == 0) {
-            return PSA_ERROR_NOT_SUPPORTED;
-        }
+    if (hash_size == 0) {
+        return PSA_ERROR_NOT_SUPPORTED;
+    }
 
-        /* Make sure that hash_alg is a supported hash algorithm. Otherwise
-         * we might fail later, which is somewhat unfriendly and potentially
-         * risk-prone. */
-        psa_status_t status = psa_hash_try_support(hash_alg);
-        if (status != PSA_SUCCESS) {
-            return status;
-        }
+    /* Make sure that hash_alg is a supported hash algorithm. Otherwise
+     * we might fail later, which is somewhat unfriendly and potentially
+     * risk-prone. */
+    status = psa_hash_try_support(hash_alg);
+    if (status != PSA_SUCCESS) {
+        return status;
     }
 
     if ((PSA_ALG_IS_TLS12_PRF(kdf_alg) ||
@@ -6103,16 +6115,35 @@
         !(hash_alg == PSA_ALG_SHA_256 || hash_alg == PSA_ALG_SHA_384)) {
         return PSA_ERROR_NOT_SUPPORTED;
     }
-#if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXTRACT) || \
-    defined(MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS)
-    if (PSA_ALG_IS_HKDF_EXTRACT(kdf_alg) ||
-        (kdf_alg == PSA_ALG_TLS12_ECJPAKE_TO_PMS)) {
+    if (PSA_ALG_IS_HKDF(kdf_alg)) {
+        operation->capacity = 255 * hash_size;
+    }
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXTRACT)
+    if (PSA_ALG_IS_HKDF_EXTRACT(kdf_alg)) {
         operation->capacity = hash_size;
-    } else
-#endif /* MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXTRACT ||
-          MBEDTLS_PSA_BUILTIN_ALG_TLS12_ECJPAKE_TO_PMS */
-    operation->capacity = 255 * hash_size;
-    return PSA_SUCCESS;
+    }
+#endif /* MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXTRACT */
+#if defined(MBEDTLS_PSA_BUILTIN_ALG_HKDF_EXPAND)
+    if (PSA_ALG_IS_HKDF_EXPAND(kdf_alg)) {
+        operation->capacity = 255 * hash_size;
+    }
+#endif
+    if (PSA_ALG_IS_TLS12_PRF(kdf_alg)) {
+        operation->capacity = UINT_MAX;
+    }
+    if (PSA_ALG_IS_TLS12_PSK_TO_MS(kdf_alg)) {
+        /* Master Secret consists of 2-byte version number
+         * and a 46-byte random value */
+        operation->capacity = 48U;
+    }
+    if (PSA_ALG_IS_PBKDF2_HMAC(kdf_alg)) {
+#if (UINT_MAX > UINT32_MAX)
+        operation->capacity = UINT32_MAX * hash_size;
+#else
+        operation->capacity = UINT32_MAX;
+#endif
+    }
+    return status;
 }
 
 static psa_status_t psa_key_agreement_try_support(psa_algorithm_t alg)