diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 9c8e108df..f9169aa17 100644 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1624,9 +1624,8 @@ static psa_status_t psa_validate_key_attributes( } else { - status = psa_validate_key_id( psa_get_key_id( attributes ), 0 ); - if( status != PSA_SUCCESS ) - return( status ); + if( !psa_is_valid_key_id( psa_get_key_id( attributes ), 0 ) ) + return( PSA_ERROR_INVALID_ARGUMENT ); } status = psa_validate_key_policy( &attributes->core.policy ); diff --git a/library/psa_crypto_slot_management.c b/library/psa_crypto_slot_management.c index dcbee31aa..f8e227680 100644 --- a/library/psa_crypto_slot_management.c +++ b/library/psa_crypto_slot_management.c @@ -51,21 +51,20 @@ typedef struct static psa_global_data_t global_data; -psa_status_t psa_validate_key_id( - mbedtls_svc_key_id_t key, int vendor_ok ) +int psa_is_valid_key_id( mbedtls_svc_key_id_t key, int vendor_ok ) { psa_key_id_t key_id = MBEDTLS_SVC_KEY_ID_GET_KEY_ID( key ); if( ( PSA_KEY_ID_USER_MIN <= key_id ) && ( key_id <= PSA_KEY_ID_USER_MAX ) ) - return( PSA_SUCCESS ); + return( 1 ); if( vendor_ok && ( PSA_KEY_ID_VENDOR_MIN <= key_id ) && ( key_id <= PSA_KEY_ID_VENDOR_MAX ) ) - return( PSA_SUCCESS ); + return( 1 ); - return( PSA_ERROR_INVALID_HANDLE ); + return( 0 ); } /** Get the description in memory of a key given its identifier and lock it. @@ -124,9 +123,8 @@ static psa_status_t psa_get_and_lock_key_slot_in_memory( } else { - status = psa_validate_key_id( key, 1 ); - if( status != PSA_SUCCESS ) - return( status ); + if ( !psa_is_valid_key_id( key, 1 ) ) + return( PSA_ERROR_INVALID_HANDLE ); for( slot_idx = 0; slot_idx < MBEDTLS_PSA_KEY_SLOT_COUNT; slot_idx++ ) { diff --git a/library/psa_crypto_slot_management.h b/library/psa_crypto_slot_management.h index 1b0cb2695..d539bdd86 100644 --- a/library/psa_crypto_slot_management.h +++ b/library/psa_crypto_slot_management.h @@ -217,9 +217,8 @@ psa_status_t psa_validate_key_persistence( psa_key_lifetime_t lifetime ); * vendor range are allowed, volatile key identifiers * excepted \c 0 otherwise. * - * \retval #PSA_SUCCESS The identifier is valid. - * \retval #PSA_ERROR_INVALID_ARGUMENT The key identifier is not valid. + * \retval <> 0 if the key identifier is valid, 0 otherwise. */ -psa_status_t psa_validate_key_id( mbedtls_svc_key_id_t key, int vendor_ok ); +int psa_is_valid_key_id( mbedtls_svc_key_id_t key, int vendor_ok ); #endif /* PSA_CRYPTO_SLOT_MANAGEMENT_H */