Remove superfluous length check

The key passed to the driver has been imported by the PSA Core, meaning
its length has already been verified, and the driver can rely on the
buffer length and key attributes being consistent.

Signed-off-by: Steven Cooreman <steven.cooreman@silabs.com>
This commit is contained in:
Steven Cooreman 2021-05-06 18:00:37 +02:00
parent 9878a160c6
commit af81a71b8b

View file

@ -196,8 +196,7 @@ exit:
#if defined(BUILTIN_ALG_CMAC) #if defined(BUILTIN_ALG_CMAC)
static psa_status_t cmac_setup( mbedtls_psa_mac_operation_t *operation, static psa_status_t cmac_setup( mbedtls_psa_mac_operation_t *operation,
const psa_key_attributes_t *attributes, const psa_key_attributes_t *attributes,
const uint8_t *key_buffer, const uint8_t *key_buffer )
size_t key_buffer_size )
{ {
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
const mbedtls_cipher_info_t * cipher_info = const mbedtls_cipher_info_t * cipher_info =
@ -210,9 +209,6 @@ static psa_status_t cmac_setup( mbedtls_psa_mac_operation_t *operation,
if( cipher_info == NULL ) if( cipher_info == NULL )
return( PSA_ERROR_NOT_SUPPORTED ); return( PSA_ERROR_NOT_SUPPORTED );
if( key_buffer_size < PSA_BITS_TO_BYTES( psa_get_key_bits( attributes ) ) )
return( PSA_ERROR_INVALID_ARGUMENT );
ret = mbedtls_cipher_setup( &operation->ctx.cmac, cipher_info ); ret = mbedtls_cipher_setup( &operation->ctx.cmac, cipher_info );
if( ret != 0 ) if( ret != 0 )
goto exit; goto exit;
@ -335,8 +331,10 @@ static psa_status_t mac_setup( mbedtls_psa_mac_operation_t *operation,
#if defined(BUILTIN_ALG_CMAC) #if defined(BUILTIN_ALG_CMAC)
if( PSA_ALG_FULL_LENGTH_MAC( alg ) == PSA_ALG_CMAC ) if( PSA_ALG_FULL_LENGTH_MAC( alg ) == PSA_ALG_CMAC )
{ {
status = cmac_setup( operation, attributes, /* Key buffer size for CMAC is dictated by the key bits set on the
key_buffer, key_buffer_size ); * attributes, and previously validated by the core on key import. */
(void) key_buffer_size;
status = cmac_setup( operation, attributes, key_buffer );
} }
else else
#endif /* BUILTIN_ALG_CMAC */ #endif /* BUILTIN_ALG_CMAC */