yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-03-21 11:07:51 +00:00
Code Issues Packages Projects Releases Wiki Activity

psa: Fix error code when creating/registering a key with invalid id

Browse source 
When creating a persistent key or registering a key
with an invalid key identifier return
PSA_ERROR_INVALID_ARGUMENT instead of
PSA_ERROR_INVALID_HANDLE.

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
This commit is contained in:
Ronald Cron 2021-03-31 17:36:31 +02:00
parent 88a55464f5
commit 77e412cd71
3 changed files with 10 additions and 14 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
library/psa_crypto.c
View file

@ -1624,9 +1624,8 @@ static psa_status_t psa_validate_key_attributes(
} }
else else
{ {
status = psa_validate_key_id( psa_get_key_id( attributes ), 0 ); if( !psa_is_valid_key_id( psa_get_key_id( attributes ), 0 ) )
if( status != PSA_SUCCESS ) return( PSA_ERROR_INVALID_ARGUMENT );
return( status );
} }
status = psa_validate_key_policy( &attributes->core.policy ); status = psa_validate_key_policy( &attributes->core.policy );

14
library/psa_crypto_slot_management.c
View file

@ -51,21 +51,20 @@ typedef struct
static psa_global_data_t global_data; static psa_global_data_t global_data;
psa_status_t psa_validate_key_id( int psa_is_valid_key_id( mbedtls_svc_key_id_t key, int vendor_ok )
mbedtls_svc_key_id_t key, int vendor_ok )
{ {
psa_key_id_t key_id = MBEDTLS_SVC_KEY_ID_GET_KEY_ID( key ); psa_key_id_t key_id = MBEDTLS_SVC_KEY_ID_GET_KEY_ID( key );
if( ( PSA_KEY_ID_USER_MIN <= key_id ) && if( ( PSA_KEY_ID_USER_MIN <= key_id ) &&
( key_id <= PSA_KEY_ID_USER_MAX ) ) ( key_id <= PSA_KEY_ID_USER_MAX ) )
return( PSA_SUCCESS ); return( 1 );
if( vendor_ok && if( vendor_ok &&
( PSA_KEY_ID_VENDOR_MIN <= key_id ) && ( PSA_KEY_ID_VENDOR_MIN <= key_id ) &&
( key_id <= PSA_KEY_ID_VENDOR_MAX ) ) ( key_id <= PSA_KEY_ID_VENDOR_MAX ) )
return( PSA_SUCCESS ); return( 1 );
return( PSA_ERROR_INVALID_HANDLE ); return( 0 );
} }
/** Get the description in memory of a key given its identifier and lock it. /** Get the description in memory of a key given its identifier and lock it.
@ -124,9 +123,8 @@ static psa_status_t psa_get_and_lock_key_slot_in_memory(
} }
else else
{ {
status = psa_validate_key_id( key, 1 ); if ( !psa_is_valid_key_id( key, 1 ) )
if( status != PSA_SUCCESS ) return( PSA_ERROR_INVALID_HANDLE );
return( status );
for( slot_idx = 0; slot_idx < MBEDTLS_PSA_KEY_SLOT_COUNT; slot_idx++ ) for( slot_idx = 0; slot_idx < MBEDTLS_PSA_KEY_SLOT_COUNT; slot_idx++ )
{ {

5
library/psa_crypto_slot_management.h
View file

@ -217,9 +217,8 @@ psa_status_t psa_validate_key_persistence( psa_key_lifetime_t lifetime );
* vendor range are allowed, volatile key identifiers * vendor range are allowed, volatile key identifiers
* excepted \c 0 otherwise. * excepted \c 0 otherwise.
* *
* \retval #PSA_SUCCESS The identifier is valid. * \retval <> 0 if the key identifier is valid, 0 otherwise.
* \retval #PSA_ERROR_INVALID_ARGUMENT The key identifier is not valid.
*/ */
psa_status_t psa_validate_key_id( mbedtls_svc_key_id_t key, int vendor_ok ); int psa_is_valid_key_id( mbedtls_svc_key_id_t key, int vendor_ok );
#endif /* PSA_CRYPTO_SLOT_MANAGEMENT_H */ #endif /* PSA_CRYPTO_SLOT_MANAGEMENT_H */