From 5698048cc6d2a398307e7e5b364cf811bc58d09d Mon Sep 17 00:00:00 2001 From: gabor-mezei-arm Date: Wed, 5 May 2021 13:56:27 +0200 Subject: [PATCH] Use bool variable instead of enum values Signed-off-by: gabor-mezei-arm --- library/psa_crypto.c | 112 ++++++++++++++++--------------------------- 1 file changed, 41 insertions(+), 71 deletions(-) diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 16e0d89a6..847413ba7 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -2842,22 +2842,31 @@ cleanup: /* Asymmetric cryptography */ /****************************************************************/ -typedef enum +static psa_status_t psa_sign_verify_check_alg( uint8_t do_hash, + psa_algorithm_t alg ) { - PSA_SIGN_INVALID = 0, - PSA_SIGN_HASH = 1, - PSA_SIGN_MESSAGE -} psa_sign_operation_t; + if( do_hash ) + { + if( ! PSA_ALG_IS_SIGN_MESSAGE( alg ) ) + return( PSA_ERROR_INVALID_ARGUMENT ); -typedef enum -{ - PSA_VERIFY_INVALID = 0, - PSA_VERIFY_HASH = 1, - PSA_VERIFY_MESSAGE -} psa_verify_operation_t; + if ( PSA_ALG_IS_HASH_AND_SIGN( alg ) ) + { + if( ! PSA_ALG_IS_HASH( PSA_ALG_SIGN_GET_HASH( alg ) ) ) + return( PSA_ERROR_INVALID_ARGUMENT ); + } + } + else + { + if( ! PSA_ALG_IS_HASH_AND_SIGN( alg ) ) + return( PSA_ERROR_INVALID_ARGUMENT ); + } + + return( PSA_SUCCESS ); +} static psa_status_t psa_sign_internal( mbedtls_svc_key_id_t key, - psa_sign_operation_t operation, + uint8_t do_hash, psa_algorithm_t alg, const uint8_t * input, size_t input_length, @@ -2871,27 +2880,9 @@ static psa_status_t psa_sign_internal( mbedtls_svc_key_id_t key, *signature_length = 0; - switch( operation ) - { - case PSA_SIGN_HASH: - if( ! PSA_ALG_IS_HASH_AND_SIGN( alg ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); - break; - - case PSA_SIGN_MESSAGE: - if( ! PSA_ALG_IS_SIGN_MESSAGE( alg ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); - - if ( PSA_ALG_IS_HASH_AND_SIGN( alg ) ) - { - if( ! PSA_ALG_IS_HASH( PSA_ALG_SIGN_GET_HASH( alg ) ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); - } - break; - - default: - return( PSA_ERROR_INVALID_ARGUMENT ); - } + status = psa_sign_verify_check_alg( do_hash, alg ); + if( status != PSA_SUCCESS ) + return status; /* Immediately reject a zero-length signature buffer. This guarantees * that signature must be a valid pointer. (On the other hand, the input @@ -2902,8 +2893,8 @@ static psa_status_t psa_sign_internal( mbedtls_svc_key_id_t key, status = psa_get_and_lock_key_slot_with_policy( key, &slot, - operation == PSA_SIGN_HASH ? PSA_KEY_USAGE_SIGN_HASH : - PSA_KEY_USAGE_SIGN_MESSAGE, + do_hash ? PSA_KEY_USAGE_SIGN_MESSAGE : + PSA_KEY_USAGE_SIGN_HASH, alg ); if( status != PSA_SUCCESS ) @@ -2919,14 +2910,14 @@ static psa_status_t psa_sign_internal( mbedtls_svc_key_id_t key, .core = slot->attr }; - if( operation == PSA_SIGN_MESSAGE ) + if( do_hash ) { status = psa_driver_wrapper_sign_message( &attributes, slot->key.data, slot->key.bytes, alg, input, input_length, signature, signature_size, signature_length ); } - else if( operation == PSA_SIGN_HASH ) + else { status = psa_driver_wrapper_sign_hash( @@ -2955,7 +2946,7 @@ exit: } static psa_status_t psa_verify_internal( mbedtls_svc_key_id_t key, - psa_verify_operation_t operation, + uint8_t do_hash, psa_algorithm_t alg, const uint8_t * input, size_t input_length, @@ -2966,32 +2957,14 @@ static psa_status_t psa_verify_internal( mbedtls_svc_key_id_t key, psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED; psa_key_slot_t *slot; - switch( operation ) - { - case PSA_VERIFY_HASH: - if( ! PSA_ALG_IS_HASH_AND_SIGN( alg ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); - break; - - case PSA_VERIFY_MESSAGE: - if( ! PSA_ALG_IS_SIGN_MESSAGE( alg ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); - - if ( PSA_ALG_IS_HASH_AND_SIGN( alg ) ) - { - if( ! PSA_ALG_IS_HASH( PSA_ALG_SIGN_GET_HASH( alg ) ) ) - return( PSA_ERROR_INVALID_ARGUMENT ); - } - break; - - default: - return( PSA_ERROR_INVALID_ARGUMENT ); - } + status = psa_sign_verify_check_alg( do_hash, alg ); + if( status != PSA_SUCCESS ) + return status; status = psa_get_and_lock_key_slot_with_policy( key, &slot, - operation == PSA_VERIFY_HASH ? PSA_KEY_USAGE_VERIFY_HASH : - PSA_KEY_USAGE_VERIFY_MESSAGE, + do_hash ? PSA_KEY_USAGE_VERIFY_MESSAGE : + PSA_KEY_USAGE_VERIFY_HASH, alg ); if( status != PSA_SUCCESS ) @@ -3001,14 +2974,14 @@ static psa_status_t psa_verify_internal( mbedtls_svc_key_id_t key, .core = slot->attr }; - if( operation == PSA_VERIFY_MESSAGE ) + if( do_hash ) { status = psa_driver_wrapper_verify_message( &attributes, slot->key.data, slot->key.bytes, alg, input, input_length, signature, signature_length ); } - else if( operation == PSA_VERIFY_HASH ) + else { status = psa_driver_wrapper_verify_hash( &attributes, slot->key.data, slot->key.bytes, @@ -3054,10 +3027,7 @@ psa_status_t psa_sign_message_internal( signature, signature_size, signature_length ); } - return psa_driver_wrapper_sign_hash( - attributes, key_buffer, key_buffer_size, - alg, input, input_length, - signature, signature_size, signature_length ); + return( PSA_ERROR_NOT_SUPPORTED ); } psa_status_t psa_sign_message( mbedtls_svc_key_id_t key, @@ -3069,7 +3039,7 @@ psa_status_t psa_sign_message( mbedtls_svc_key_id_t key, size_t * signature_length ) { return psa_sign_internal( - key, PSA_SIGN_MESSAGE, alg, input, input_length, + key, 1, alg, input, input_length, signature, signature_size, signature_length ); } @@ -3118,7 +3088,7 @@ psa_status_t psa_verify_message( mbedtls_svc_key_id_t key, size_t signature_length ) { return psa_verify_internal( - key, PSA_VERIFY_MESSAGE, alg, input, input_length, + key, 1, alg, input, input_length, signature, signature_length ); } @@ -3189,7 +3159,7 @@ psa_status_t psa_sign_hash( mbedtls_svc_key_id_t key, size_t *signature_length ) { return psa_sign_internal( - key, PSA_SIGN_HASH, alg, hash, hash_length, + key, 0, alg, hash, hash_length, signature, signature_size, signature_length ); } @@ -3258,7 +3228,7 @@ psa_status_t psa_verify_hash( mbedtls_svc_key_id_t key, size_t signature_length ) { return psa_verify_internal( - key, PSA_VERIFY_HASH, alg, hash, hash_length, + key, 0, alg, hash, hash_length, signature, signature_length ); }