diff --git a/library/psa_crypto.c b/library/psa_crypto.c index 45f55638b..5810853cb 100755 --- a/library/psa_crypto.c +++ b/library/psa_crypto.c @@ -1488,7 +1488,7 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, size_t key_bits; unsigned char tag[16]; mbedtls_cipher_id_t cipher_id; - + if( ciphertext_size < ( plaintext_length + sizeof( tag ) ) ) return( PSA_ERROR_INVALID_ARGUMENT ); @@ -1508,9 +1508,8 @@ psa_status_t psa_aead_encrypt( psa_key_slot_t key, //TODO: check key policy - - if ( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) == PSA_KEY_TYPE_CATEGORY_CIPHER - && PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) == 16 ) + if ( !( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) == PSA_KEY_TYPE_CATEGORY_CIPHER + && PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) == 16 ) ) return( PSA_ERROR_INVALID_ARGUMENT ); if( alg == PSA_ALG_GCM ) @@ -1609,9 +1608,8 @@ psa_status_t psa_aead_decrypt( psa_key_slot_t key, //TODO: check key policy - - if ( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) == PSA_KEY_TYPE_CATEGORY_CIPHER - && PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) == 16 ) + if ( !( ( key_type & PSA_KEY_TYPE_CATEGORY_MASK ) == PSA_KEY_TYPE_CATEGORY_CIPHER + && PSA_BLOCK_CIPHER_BLOCK_SIZE( key_type ) == 16 ) ) return( PSA_ERROR_INVALID_ARGUMENT ); if( alg == PSA_ALG_GCM )