mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-12-26 13:25:38 +00:00
Fix error checking
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
This commit is contained in:
parent
77588fb171
commit
81bf120076
|
@ -2871,24 +2871,26 @@ static psa_status_t psa_sign_internal( mbedtls_svc_key_id_t key,
|
|||
|
||||
*signature_length = 0;
|
||||
|
||||
if( operation == PSA_SIGN_MESSAGE )
|
||||
if( operation == PSA_SIGN_INVALID )
|
||||
return( PSA_ERROR_INVALID_ARGUMENT );
|
||||
else
|
||||
{
|
||||
if( ! PSA_ALG_IS_SIGN_MESSAGE( alg ) )
|
||||
return( PSA_ERROR_INVALID_ARGUMENT );
|
||||
|
||||
if ( PSA_ALG_IS_HASH_AND_SIGN( alg ) )
|
||||
if( operation == PSA_SIGN_MESSAGE )
|
||||
{
|
||||
if( ! PSA_ALG_IS_HASH( PSA_ALG_SIGN_GET_HASH( alg ) ) )
|
||||
return( PSA_ERROR_INVALID_ARGUMENT );
|
||||
if ( PSA_ALG_IS_HASH_AND_SIGN( alg ) )
|
||||
{
|
||||
if( ! PSA_ALG_IS_HASH( PSA_ALG_SIGN_GET_HASH( alg ) ) )
|
||||
return( PSA_ERROR_INVALID_ARGUMENT );
|
||||
}
|
||||
}
|
||||
/* Curently only hash-then-sign algorithms are supported. */
|
||||
else
|
||||
return( PSA_ERROR_INVALID_ARGUMENT );
|
||||
}
|
||||
|
||||
else if( operation == PSA_SIGN_INVALID )
|
||||
return( PSA_ERROR_INVALID_ARGUMENT );
|
||||
|
||||
/* Immediately reject a zero-length signature buffer. This guarantees
|
||||
* that signature must be a valid pointer. (On the other hand, the hash
|
||||
* buffer can in principle be empty since it doesn't actually have
|
||||
|
@ -2962,24 +2964,26 @@ static psa_status_t psa_verify_internal( mbedtls_svc_key_id_t key,
|
|||
psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
|
||||
psa_key_slot_t *slot;
|
||||
|
||||
if( operation == PSA_VERIFY_MESSAGE )
|
||||
if( operation == PSA_VERIFY_INVALID )
|
||||
return( PSA_ERROR_INVALID_ARGUMENT );
|
||||
else
|
||||
{
|
||||
if( ! PSA_ALG_IS_SIGN_MESSAGE( alg ) )
|
||||
return( PSA_ERROR_INVALID_ARGUMENT );
|
||||
|
||||
if ( PSA_ALG_IS_HASH_AND_SIGN( alg ) )
|
||||
if( operation == PSA_VERIFY_MESSAGE )
|
||||
{
|
||||
if( ! PSA_ALG_IS_HASH( PSA_ALG_SIGN_GET_HASH( alg ) ) )
|
||||
return( PSA_ERROR_INVALID_ARGUMENT );
|
||||
if ( PSA_ALG_IS_HASH_AND_SIGN( alg ) )
|
||||
{
|
||||
if( ! PSA_ALG_IS_HASH( PSA_ALG_SIGN_GET_HASH( alg ) ) )
|
||||
return( PSA_ERROR_INVALID_ARGUMENT );
|
||||
}
|
||||
}
|
||||
/* Curently only hash-then-sign algorithms are supported. */
|
||||
else
|
||||
return( PSA_ERROR_INVALID_ARGUMENT );
|
||||
}
|
||||
|
||||
else if( operation == PSA_VERIFY_INVALID )
|
||||
return( PSA_ERROR_INVALID_ARGUMENT );
|
||||
|
||||
status = psa_get_and_lock_key_slot_with_policy(
|
||||
key, &slot,
|
||||
operation == PSA_VERIFY_HASH ? PSA_KEY_USAGE_VERIFY_HASH :
|
||||
|
|
Loading…
Reference in a new issue