Skip to content

Commit e236c2a

Browse files
PataterPatater
committed
psa: Don't abort when operations are invalid
In places where we detect a context is in a bad state and there is no sensitive data to clear, simply return PSA_ERROR_BAD_STATE and don't abort on behalf of the application. The application will choose what to do when it gets a bad state error. The motivation for this change is that an application should decide what to do when it misuses the API and encounters a PSA_ERROR_BAD_STATE error. The library should not attempt to abort on behalf of the application, as that may not be the correct thing to do in all circumstances.
1 parent 36ee5d0 commit e236c2a

File tree

1 file changed

+9
-17
lines changed

1 file changed

+9
-17
lines changed

library/psa_crypto.c

Lines changed: 9 additions & 17 deletions
Original file line numberDiff line numberDiff line change
@@ -2128,9 +2128,9 @@ psa_status_t psa_mac_update( psa_mac_operation_t *operation,
21282128
{
21292129
psa_status_t status = PSA_ERROR_BAD_STATE;
21302130
if( ! operation->key_set )
2131-
goto cleanup;
2131+
return( PSA_ERROR_BAD_STATE );
21322132
if( operation->iv_required && ! operation->iv_set )
2133-
goto cleanup;
2133+
return( PSA_ERROR_BAD_STATE );
21342134
operation->has_input = 1;
21352135

21362136
#if defined(MBEDTLS_CMAC_C)
@@ -2153,10 +2153,9 @@ psa_status_t psa_mac_update( psa_mac_operation_t *operation,
21532153
{
21542154
/* This shouldn't happen if `operation` was initialized by
21552155
* a setup function. */
2156-
status = PSA_ERROR_BAD_STATE;
2156+
return( PSA_ERROR_BAD_STATE );
21572157
}
21582158

2159-
cleanup:
21602159
if( status != PSA_SUCCESS )
21612160
psa_mac_abort( operation );
21622161
return( status );
@@ -2264,13 +2263,11 @@ psa_status_t psa_mac_sign_finish( psa_mac_operation_t *operation,
22642263

22652264
if( ! operation->is_sign )
22662265
{
2267-
status = PSA_ERROR_BAD_STATE;
2268-
goto cleanup;
2266+
return( PSA_ERROR_BAD_STATE );
22692267
}
22702268

22712269
status = psa_mac_finish_internal( operation, mac, mac_size );
22722270

2273-
cleanup:
22742271
if( status == PSA_SUCCESS )
22752272
{
22762273
status = psa_mac_abort( operation );
@@ -2298,8 +2295,7 @@ psa_status_t psa_mac_verify_finish( psa_mac_operation_t *operation,
22982295

22992296
if( operation->is_sign )
23002297
{
2301-
status = PSA_ERROR_BAD_STATE;
2302-
goto cleanup;
2298+
return( PSA_ERROR_BAD_STATE );
23032299
}
23042300
if( operation->mac_size != mac_length )
23052301
{
@@ -3028,8 +3024,7 @@ psa_status_t psa_cipher_generate_iv( psa_cipher_operation_t *operation,
30283024
int ret;
30293025
if( operation->iv_set || ! operation->iv_required )
30303026
{
3031-
status = PSA_ERROR_BAD_STATE;
3032-
goto exit;
3027+
return( PSA_ERROR_BAD_STATE );
30333028
}
30343029
if( iv_size < operation->iv_size )
30353030
{
@@ -3061,8 +3056,7 @@ psa_status_t psa_cipher_set_iv( psa_cipher_operation_t *operation,
30613056
int ret;
30623057
if( operation->iv_set || ! operation->iv_required )
30633058
{
3064-
status = PSA_ERROR_BAD_STATE;
3065-
goto exit;
3059+
return( PSA_ERROR_BAD_STATE );
30663060
}
30673061
if( iv_length != operation->iv_size )
30683062
{
@@ -3136,13 +3130,11 @@ psa_status_t psa_cipher_finish( psa_cipher_operation_t *operation,
31363130

31373131
if( ! operation->key_set )
31383132
{
3139-
status = PSA_ERROR_BAD_STATE;
3140-
goto error;
3133+
return( PSA_ERROR_BAD_STATE );
31413134
}
31423135
if( operation->iv_required && ! operation->iv_set )
31433136
{
3144-
status = PSA_ERROR_BAD_STATE;
3145-
goto error;
3137+
return( PSA_ERROR_BAD_STATE );
31463138
}
31473139

31483140
if( operation->ctx.cipher.operation == MBEDTLS_ENCRYPT &&

0 commit comments

Comments
 (0)