Skip to content

Commit 7833ff4

Browse files
PataterPatater
committed
psa: Don't abort when operations are invalid
In places where we detect a context is in a bad state and there is no sensitive data to clear, simply return PSA_ERROR_BAD_STATE and don't abort on behalf of the application. The application will choose what to do when it gets a bad state error. The motivation for this change is that an application should decide what to do when it misuses the API and encounters a PSA_ERROR_BAD_STATE error. The library should not attempt to abort on behalf of the application, as that may not be the correct thing to do in all circumstances.
1 parent 36ee5d0 commit 7833ff4

File tree

1 file changed

+9
-15
lines changed

1 file changed

+9
-15
lines changed

library/psa_crypto.c

Lines changed: 9 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -2128,9 +2128,9 @@ psa_status_t psa_mac_update( psa_mac_operation_t *operation,
21282128
{
21292129
psa_status_t status = PSA_ERROR_BAD_STATE;
21302130
if( ! operation->key_set )
2131-
goto cleanup;
2131+
return( PSA_ERROR_BAD_STATE );
21322132
if( operation->iv_required && ! operation->iv_set )
2133-
goto cleanup;
2133+
return( PSA_ERROR_BAD_STATE );
21342134
operation->has_input = 1;
21352135

21362136
#if defined(MBEDTLS_CMAC_C)
@@ -2153,7 +2153,7 @@ psa_status_t psa_mac_update( psa_mac_operation_t *operation,
21532153
{
21542154
/* This shouldn't happen if `operation` was initialized by
21552155
* a setup function. */
2156-
status = PSA_ERROR_BAD_STATE;
2156+
return( PSA_ERROR_BAD_STATE );
21572157
}
21582158

21592159
cleanup:
@@ -2264,8 +2264,7 @@ psa_status_t psa_mac_sign_finish( psa_mac_operation_t *operation,
22642264

22652265
if( ! operation->is_sign )
22662266
{
2267-
status = PSA_ERROR_BAD_STATE;
2268-
goto cleanup;
2267+
return( PSA_ERROR_BAD_STATE );
22692268
}
22702269

22712270
status = psa_mac_finish_internal( operation, mac, mac_size );
@@ -2298,8 +2297,7 @@ psa_status_t psa_mac_verify_finish( psa_mac_operation_t *operation,
22982297

22992298
if( operation->is_sign )
23002299
{
2301-
status = PSA_ERROR_BAD_STATE;
2302-
goto cleanup;
2300+
return( PSA_ERROR_BAD_STATE );
23032301
}
23042302
if( operation->mac_size != mac_length )
23052303
{
@@ -3028,8 +3026,7 @@ psa_status_t psa_cipher_generate_iv( psa_cipher_operation_t *operation,
30283026
int ret;
30293027
if( operation->iv_set || ! operation->iv_required )
30303028
{
3031-
status = PSA_ERROR_BAD_STATE;
3032-
goto exit;
3029+
return( PSA_ERROR_BAD_STATE );
30333030
}
30343031
if( iv_size < operation->iv_size )
30353032
{
@@ -3061,8 +3058,7 @@ psa_status_t psa_cipher_set_iv( psa_cipher_operation_t *operation,
30613058
int ret;
30623059
if( operation->iv_set || ! operation->iv_required )
30633060
{
3064-
status = PSA_ERROR_BAD_STATE;
3065-
goto exit;
3061+
return( PSA_ERROR_BAD_STATE );
30663062
}
30673063
if( iv_length != operation->iv_size )
30683064
{
@@ -3136,13 +3132,11 @@ psa_status_t psa_cipher_finish( psa_cipher_operation_t *operation,
31363132

31373133
if( ! operation->key_set )
31383134
{
3139-
status = PSA_ERROR_BAD_STATE;
3140-
goto error;
3135+
return( PSA_ERROR_BAD_STATE );
31413136
}
31423137
if( operation->iv_required && ! operation->iv_set )
31433138
{
3144-
status = PSA_ERROR_BAD_STATE;
3145-
goto error;
3139+
return( PSA_ERROR_BAD_STATE );
31463140
}
31473141

31483142
if( operation->ctx.cipher.operation == MBEDTLS_ENCRYPT &&

0 commit comments

Comments
 (0)