yuzu-emu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-11-23 03:35:39 +01:00
Code Issues Packages Projects Releases Wiki Activity

Improve PSA error return code

Browse Source 
psa_key_derivation_output_key: prioritize BAD_STATE over NOT_PERMITTED

If psa_key_derivation_output_key() is called on an operation which hasn't been
set up or which has been aborted, return PSA_ERROR_BAD_STATE. Only return
PSA_ERROR_NOT_PERMITTED if the operation state is ok for
psa_key_derivation_input_bytes() or psa_key_derivation_output_bytes() but not
ok to output a key.

Ideally psa_key_derivation_output_key() would return PSA_ERROR_NOT_PERMITTED
only when psa_key_derivation_output_bytes() is possible, but this is clumsier
to implement.

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
This commit is contained in:
Dave Rodgman 2021-11-16 10:32:48 +00:00
parent 2290afc2d4
commit 021e724936
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
library/psa_crypto.c
View File

@ -4282,6 +4282,9 @@ psa_status_t psa_key_derivation_output_key( const psa_key_attributes_t *attribut
if( psa_get_key_bits( attributes ) == 0 )
return( PSA_ERROR_INVALID_ARGUMENT );
if( operation->alg == PSA_ALG_NONE )
return( PSA_ERROR_BAD_STATE );
if( ! operation->can_output_key )
return( PSA_ERROR_NOT_PERMITTED );