Tidy up logic in psa_mac_sign_finish

Simplify the logic in psa_mac_sign_finish.

Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
This commit is contained in:
Dave Rodgman 2021-06-24 16:19:08 +01:00
parent db861797c1
commit d73e1b0ccd

View File

@ -2483,12 +2483,8 @@ psa_status_t psa_mac_sign_finish( psa_mac_operation_t *operation,
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
psa_status_t abort_status = PSA_ERROR_CORRUPTION_DETECTED; psa_status_t abort_status = PSA_ERROR_CORRUPTION_DETECTED;
/* Set the output length and content to a safe default, such that in if( operation->id == 0 )
* case the caller misses an error check, the output would be an {
* unachievable MAC. */
*mac_length = mac_size;
if( operation->id == 0 ) {
status = PSA_ERROR_BAD_STATE; status = PSA_ERROR_BAD_STATE;
goto cleanup; goto cleanup;
} }
@ -2517,6 +2513,7 @@ psa_status_t psa_mac_sign_finish( psa_mac_operation_t *operation,
mac, operation->mac_size, mac, operation->mac_size,
mac_length ); mac_length );
cleanup:
/* In case of success, set the potential excess room in the output buffer /* In case of success, set the potential excess room in the output buffer
* to an invalid value, to avoid potentially leaking a longer MAC. * to an invalid value, to avoid potentially leaking a longer MAC.
* In case of error, set the output length and content to a safe default, * In case of error, set the output length and content to a safe default,
@ -2533,7 +2530,6 @@ psa_status_t psa_mac_sign_finish( psa_mac_operation_t *operation,
memset( &mac[operation->mac_size], '!', memset( &mac[operation->mac_size], '!',
mac_size - operation->mac_size ); mac_size - operation->mac_size );
cleanup:
abort_status = psa_mac_abort( operation ); abort_status = psa_mac_abort( operation );
return( status == PSA_SUCCESS ? abort_status : status ); return( status == PSA_SUCCESS ? abort_status : status );