mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-12-27 03:05:30 +00:00
Fix error checking
Signed-off-by: gabor-mezei-arm <gabor.mezei@arm.com>
This commit is contained in:
gabor-mezei-arm
parent
77588fb171
commit
81bf120076
|
|
@ -2871,24 +2871,26 @@ static psa_status_t psa_sign_internal( mbedtls_svc_key_id_t key,
|
||||||
|
|
||||||
*signature_length = 0;
|
*signature_length = 0;
|
||||||
|
|
||||||
if( operation == PSA_SIGN_MESSAGE )
|
if( operation == PSA_SIGN_INVALID )
|
||||||
|
return( PSA_ERROR_INVALID_ARGUMENT );
|
||||||
|
else
|
||||||
{
|
{
|
||||||
if( ! PSA_ALG_IS_SIGN_MESSAGE( alg ) )
|
if( ! PSA_ALG_IS_SIGN_MESSAGE( alg ) )
|
||||||
return( PSA_ERROR_INVALID_ARGUMENT );
|
return( PSA_ERROR_INVALID_ARGUMENT );
|
||||||
|
|
||||||
if ( PSA_ALG_IS_HASH_AND_SIGN( alg ) )
|
if( operation == PSA_SIGN_MESSAGE )
|
||||||
{
|
{
|
||||||
if( ! PSA_ALG_IS_HASH( PSA_ALG_SIGN_GET_HASH( alg ) ) )
|
if ( PSA_ALG_IS_HASH_AND_SIGN( alg ) )
|
||||||
return( PSA_ERROR_INVALID_ARGUMENT );
|
{
|
||||||
|
if( ! PSA_ALG_IS_HASH( PSA_ALG_SIGN_GET_HASH( alg ) ) )
|
||||||
|
return( PSA_ERROR_INVALID_ARGUMENT );
|
||||||
|
}
|
||||||
}
|
}
|
||||||
/* Curently only hash-then-sign algorithms are supported. */
|
/* Curently only hash-then-sign algorithms are supported. */
|
||||||
else
|
else
|
||||||
return( PSA_ERROR_INVALID_ARGUMENT );
|
return( PSA_ERROR_INVALID_ARGUMENT );
|
||||||
}
|
}
|
||||||
|
|
||||||
else if( operation == PSA_SIGN_INVALID )
|
|
||||||
return( PSA_ERROR_INVALID_ARGUMENT );
|
|
||||||
|
|
||||||
/* Immediately reject a zero-length signature buffer. This guarantees
|
/* Immediately reject a zero-length signature buffer. This guarantees
|
||||||
* that signature must be a valid pointer. (On the other hand, the hash
|
* that signature must be a valid pointer. (On the other hand, the hash
|
||||||
* buffer can in principle be empty since it doesn't actually have
|
* buffer can in principle be empty since it doesn't actually have
|
||||||
|
|
@ -2962,24 +2964,26 @@ static psa_status_t psa_verify_internal( mbedtls_svc_key_id_t key,
|
||||||
psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
|
psa_status_t unlock_status = PSA_ERROR_CORRUPTION_DETECTED;
|
||||||
psa_key_slot_t *slot;
|
psa_key_slot_t *slot;
|
||||||
|
|
||||||
if( operation == PSA_VERIFY_MESSAGE )
|
if( operation == PSA_VERIFY_INVALID )
|
||||||
|
return( PSA_ERROR_INVALID_ARGUMENT );
|
||||||
|
else
|
||||||
{
|
{
|
||||||
if( ! PSA_ALG_IS_SIGN_MESSAGE( alg ) )
|
if( ! PSA_ALG_IS_SIGN_MESSAGE( alg ) )
|
||||||
return( PSA_ERROR_INVALID_ARGUMENT );
|
return( PSA_ERROR_INVALID_ARGUMENT );
|
||||||
|
|
||||||
if ( PSA_ALG_IS_HASH_AND_SIGN( alg ) )
|
if( operation == PSA_VERIFY_MESSAGE )
|
||||||
{
|
{
|
||||||
if( ! PSA_ALG_IS_HASH( PSA_ALG_SIGN_GET_HASH( alg ) ) )
|
if ( PSA_ALG_IS_HASH_AND_SIGN( alg ) )
|
||||||
return( PSA_ERROR_INVALID_ARGUMENT );
|
{
|
||||||
|
if( ! PSA_ALG_IS_HASH( PSA_ALG_SIGN_GET_HASH( alg ) ) )
|
||||||
|
return( PSA_ERROR_INVALID_ARGUMENT );
|
||||||
|
}
|
||||||
}
|
}
|
||||||
/* Curently only hash-then-sign algorithms are supported. */
|
/* Curently only hash-then-sign algorithms are supported. */
|
||||||
else
|
else
|
||||||
return( PSA_ERROR_INVALID_ARGUMENT );
|
return( PSA_ERROR_INVALID_ARGUMENT );
|
||||||
}
|
}
|
||||||
|
|
||||||
else if( operation == PSA_VERIFY_INVALID )
|
|
||||||
return( PSA_ERROR_INVALID_ARGUMENT );
|
|
||||||
|
|
||||||
status = psa_get_and_lock_key_slot_with_policy(
|
status = psa_get_and_lock_key_slot_with_policy(
|
||||||
key, &slot,
|
key, &slot,
|
||||||
operation == PSA_VERIFY_HASH ? PSA_KEY_USAGE_VERIFY_HASH :
|
operation == PSA_VERIFY_HASH ? PSA_KEY_USAGE_VERIFY_HASH :
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue