Favor INVALID_ARGUMENT over NOT_SUPPORTED for bad algorithm types

In psa_hash_start, psa_mac_start and psa_cipher_setup, return
PSA_ERROR_INVALID_ARGUMENT rather than PSA_ERROR_NOT_SUPPORTED when
the algorithm parameter is not the right category.
This commit is contained in:
Gilles Peskine 2018-06-20 16:21:04 +02:00 committed by itayzafrir
parent 248051acb6
commit c06e07128c
2 changed files with 23 additions and 2 deletions

View file

@ -865,7 +865,9 @@ psa_status_t psa_hash_start( psa_hash_operation_t *operation,
break;
#endif
default:
return( PSA_ERROR_NOT_SUPPORTED );
return( PSA_ALG_IS_HASH( alg ) ?
PSA_ERROR_NOT_SUPPORTED :
PSA_ERROR_INVALID_ARGUMENT );
}
if( ret == 0 )
operation->alg = alg;
@ -1166,7 +1168,8 @@ static psa_status_t psa_mac_init( psa_mac_operation_t *operation,
else
#endif /* MBEDTLS_MD_C */
{
/* fall through with NOT_SUPPORTED */
if( ! PSA_ALG_IS_MAC( alg ) )
status = PSA_ERROR_INVALID_ARGUMENT;
}
if( status != PSA_SUCCESS )
@ -1910,6 +1913,12 @@ psa_status_t psa_asymmetric_decrypt( psa_key_slot_t key,
static psa_status_t psa_cipher_init( psa_cipher_operation_t *operation,
psa_algorithm_t alg )
{
if( ! PSA_ALG_IS_CIPHER( alg ) )
{
memset( operation, 0, sizeof( *operation ) );
return( PSA_ERROR_INVALID_ARGUMENT );
}
operation->alg = alg;
operation->key_set = 0;
operation->iv_set = 0;

View file

@ -114,6 +114,10 @@ PSA hash setup: bad (unknown hash algorithm)
depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
hash_setup:0x80000000 | PSA_ALG_SHA_256:PSA_ERROR_NOT_SUPPORTED
PSA hash setup: bad (not a hash algorithm)
depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
hash_setup:PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
PSA hash finish: SHA-256
depends_on:MBEDTLS_SHA256_C
hash_finish:PSA_ALG_SHA_256:"bd":"68325720aabd7c82f30f554b313d0570c95accbb7dc4b5aae11204c08ffe732b"
@ -134,6 +138,10 @@ PSA MAC setup: bad algorithm (unknown MAC algorithm)
depends_on:MBEDTLS_MD_C
mac_setup:PSA_KEY_TYPE_RAW_DATA:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_HMAC(0):PSA_ERROR_NOT_SUPPORTED
PSA MAC setup: bad algorithm (not a MAC algorithm)
depends_on:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC
mac_setup:PSA_KEY_TYPE_AES:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CBC_BASE | PSA_ALG_BLOCK_CIPHER_PAD_NONE:PSA_ERROR_INVALID_ARGUMENT
PSA MAC setup: invalid key type, HMAC-SHA-256
depends_on:MBEDTLS_MD_C:MBEDTLS_SHA256_C
mac_setup:PSA_KEY_TYPE_RAW_DATA:"000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f":PSA_ALG_HMAC(PSA_ALG_SHA_256):PSA_ERROR_INVALID_ARGUMENT
@ -255,6 +263,10 @@ PSA cipher setup: bad algorithm (unknown cipher algorithm)
depends_on:MBEDTLS_AES_C
cipher_setup:PSA_KEY_TYPE_AES:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CATEGORY_CIPHER:PSA_ERROR_NOT_SUPPORTED
PSA cipher setup: bad algorithm (not a cipher algorithm)
depends_on:MBEDTLS_AES_C
cipher_setup:PSA_KEY_TYPE_AES:"000102030405060708090a0b0c0d0e0f":PSA_ALG_CMAC:PSA_ERROR_INVALID_ARGUMENT
PSA cipher setup: invalid key type, CTR
depends_on:MBEDTLS_CIPHER_MODE_CTR
# Either INVALID_ARGUMENT or NOT_SUPPORTED would be reasonable here