nrf_security: drivers: cracen: Fix HKDF-EXTRACT PRK len

magnev · rlubos · commit ca3e7af8fee0 · 2025-02-03T13:27:54.000+01:00
Fixes issue where HKDF-EXTRACT uses the hardcoded value 32
instead of the length of the given SHA variant when doing
memcpy of the generated PRK.

Signed-off-by: Magne Værnes &lt;magne.varnes@nordicsemi.no&gt;
diff --git a/subsys/nrf_security/src/drivers/cracen/cracenpsa/src/key_derivation.c b/subsys/nrf_security/src/drivers/cracen/cracenpsa/src/key_derivation.c
@@ -1142,7 +1142,14 @@ psa_status_t cracen_key_derivation_output_bytes(cracen_key_derivation_operation_
 		}
 
 		operation->state = CRACEN_KD_STATE_HKDF_OUTPUT;
-		memcpy(output, operation->hkdf.prk, 32);
+
+		size_t prk_length = PSA_HASH_LENGTH(PSA_ALG_HKDF_GET_HASH(operation->alg));
+
+		if (output_length < prk_length) {
+			return PSA_ERROR_BUFFER_TOO_SMALL;
+		}
+
+		memcpy(output, operation->hkdf.prk, prk_length);
 		return PSA_SUCCESS;
 	}
 

Original file line number	Diff line number	Diff line change
`@@ -1142,7 +1142,14 @@ psa_status_t cracen_key_derivation_output_bytes(cracen_key_derivation_operation_`
`1142`	`1142`	`}`
`1143`	`1143`
`1144`	`1144`	`operation->state = CRACEN_KD_STATE_HKDF_OUTPUT;`
`1145`		`- memcpy(output, operation->hkdf.prk, 32);`
	`1145`	`+`
	`1146`	`+ size_t prk_length = PSA_HASH_LENGTH(PSA_ALG_HKDF_GET_HASH(operation->alg));`
	`1147`	`+`
	`1148`	`+ if (output_length < prk_length) {`
	`1149`	`+ return PSA_ERROR_BUFFER_TOO_SMALL;`
	`1150`	`+ }`
	`1151`	`+`
	`1152`	`+ memcpy(output, operation->hkdf.prk, prk_length);`
`1146`	`1153`	`return PSA_SUCCESS;`
`1147`	`1154`	`}`
`1148`	`1155`