Fix scope of a message buffer to improve security.

Signed-off-by: Robert Drazkowski <[email protected]>

Author: RobertDrazkowskiGL

src/providers/cryptoauthlib/hash.rs

@@ -1,4 +1,4 @@
-// Copyright 2020 Contributors to the Parsec project.
+// Copyright 2021 Contributors to the Parsec project.
 // SPDX-License-Identifier: Apache-2.0
 use super::Provider;
 use parsec_interface::operations::psa_algorithm::Hash;
@@ -11,18 +11,21 @@ impl Provider {
         op: psa_hash_compute::Operation,
     ) -> Result<psa_hash_compute::Result> {
         let mut hash = vec![0u8; op.alg.hash_length()];
-        let message = op.input.to_vec();
         match op.alg {
-            Hash::Sha256 => match rust_cryptoauthlib::atcab_sha(message, &mut hash) {
-                rust_cryptoauthlib::AtcaStatus::AtcaSuccess => {
-                    Ok(psa_hash_compute::Result { hash: hash.into() })
+            Hash::Sha256 => {
+                let message = op.input.to_vec();
+                let err = rust_cryptoauthlib::atcab_sha(message, &mut hash);
+                match err {
+                    rust_cryptoauthlib::AtcaStatus::AtcaSuccess => {
+                        Ok(psa_hash_compute::Result { hash: hash.into() })
+                    }
+                    _ => {
+                        let error = ResponseStatus::PsaErrorGenericError;
+                        format_error!("Hash computation failed ", err);
+                        Err(error)
+                    }
                 }
-                err => {
-                    let error = ResponseStatus::PsaErrorGenericError;
-                    format_error!("Hash computation failed ", err);
-                    Err(error)
-                }
-            },
+            }
             _ => {
                 let error = ResponseStatus::PsaErrorNotSupported;
                 format_error!("Unsupported hash algorithm ", error);