Add missing calls to psa_cipher_abort in cipher functions

This commit is contained in:
itayzafrir 2018-08-02 13:56:32 +03:00 committed by Jaeden Amero
parent 40835d4e56
commit 534bd7c33b

View file

@ -2478,53 +2478,59 @@ psa_status_t psa_cipher_generate_iv( psa_cipher_operation_t *operation,
size_t iv_size,
size_t *iv_length )
{
int ret = PSA_SUCCESS;
psa_status_t status;
int ret;
if( operation->iv_set || ! operation->iv_required )
return( PSA_ERROR_BAD_STATE );
{
status = PSA_ERROR_BAD_STATE;
goto exit;
}
if( iv_size < operation->iv_size )
{
ret = PSA_ERROR_BUFFER_TOO_SMALL;
status = PSA_ERROR_BUFFER_TOO_SMALL;
goto exit;
}
ret = mbedtls_ctr_drbg_random( &global_data.ctr_drbg,
iv, operation->iv_size );
if( ret != 0 )
{
ret = mbedtls_to_psa_error( ret );
status = mbedtls_to_psa_error( ret );
goto exit;
}
*iv_length = operation->iv_size;
ret = psa_cipher_set_iv( operation, iv, *iv_length );
status = psa_cipher_set_iv( operation, iv, *iv_length );
exit:
if( ret != PSA_SUCCESS )
if( status != PSA_SUCCESS )
psa_cipher_abort( operation );
return( ret );
return( status );
}
psa_status_t psa_cipher_set_iv( psa_cipher_operation_t *operation,
const unsigned char *iv,
size_t iv_length )
{
int ret = PSA_SUCCESS;
psa_status_t status;
int ret;
if( operation->iv_set || ! operation->iv_required )
return( PSA_ERROR_BAD_STATE );
{
status = PSA_ERROR_BAD_STATE;
goto exit;
}
if( iv_length != operation->iv_size )
{
psa_cipher_abort( operation );
return( PSA_ERROR_INVALID_ARGUMENT );
status = PSA_ERROR_INVALID_ARGUMENT;
goto exit;
}
ret = mbedtls_cipher_set_iv( &operation->ctx.cipher, iv, iv_length );
if( ret != 0 )
{
ret = mbedtls_cipher_set_iv( &operation->ctx.cipher, iv, iv_length );
status = mbedtls_to_psa_error( ret );
exit:
if( status == PSA_SUCCESS )
operation->iv_set = 1;
else
psa_cipher_abort( operation );
return( mbedtls_to_psa_error( ret ) );
}
operation->iv_set = 1;
return( PSA_SUCCESS );
return( status );
}
psa_status_t psa_cipher_update( psa_cipher_operation_t *operation,
@ -2534,7 +2540,8 @@ psa_status_t psa_cipher_update( psa_cipher_operation_t *operation,
size_t output_size,
size_t *output_length )
{
int ret = MBEDTLS_ERR_CIPHER_FEATURE_UNAVAILABLE;
psa_status_t status;
int ret;
size_t expected_output_size;
if( PSA_ALG_IS_BLOCK_CIPHER( operation->alg ) )
{
@ -2550,18 +2557,20 @@ psa_status_t psa_cipher_update( psa_cipher_operation_t *operation,
{
expected_output_size = input_length;
}
if( output_size < expected_output_size )
return( PSA_ERROR_BUFFER_TOO_SMALL );
{
status = PSA_ERROR_BUFFER_TOO_SMALL;
goto exit;
}
ret = mbedtls_cipher_update( &operation->ctx.cipher, input,
input_length, output, output_length );
if( ret != 0 )
{
status = mbedtls_to_psa_error( ret );
exit:
if( status != PSA_SUCCESS )
psa_cipher_abort( operation );
return( mbedtls_to_psa_error( ret ) );
}
return( PSA_SUCCESS );
return( status );
}
psa_status_t psa_cipher_finish( psa_cipher_operation_t *operation,