delete decrypt checks + fix memcpy& return value
This commit is contained in:
parent
ad9d82cc0e
commit
dc38ebc068
1 changed files with 21 additions and 18 deletions
|
@ -1484,30 +1484,33 @@ psa_status_t psa_cipher_finish(psa_cipher_operation_t *operation,
|
|||
return( PSA_ERROR_BAD_STATE );
|
||||
if ( operation->iv_required && ! operation->iv_set )
|
||||
return( PSA_ERROR_BAD_STATE );
|
||||
if( operation->ctx.cipher.operation == MBEDTLS_ENCRYPT )
|
||||
{
|
||||
if (operation->ctx.cipher.unprocessed_len > operation->block_size)
|
||||
return( PSA_ERROR_INVALID_ARGUMENT );
|
||||
if ( ( ( ( operation->alg ) & PSA_ALG_BLOCK_CIPHER_PAD_NONE ) == PSA_ALG_BLOCK_CIPHER_PAD_NONE )
|
||||
&& ( operation->ctx.cipher.unprocessed_len != 0 ) )
|
||||
return(PSA_ERROR_INVALID_ARGUMENT);
|
||||
if ( ( ( ( operation->alg ) & PSA_ALG_BLOCK_CIPHER_PAD_PKCS7 ) == PSA_ALG_BLOCK_CIPHER_PAD_PKCS7 )
|
||||
&& ( output_size != operation->block_size ) )
|
||||
return(PSA_ERROR_INVALID_ARGUMENT);
|
||||
}
|
||||
if ( operation->ctx.cipher.operation == MBEDTLS_DECRYPT )
|
||||
if (operation->ctx.cipher.unprocessed_len != 0)
|
||||
return( PSA_ERROR_INVALID_ARGUMENT );
|
||||
|
||||
ret = mbedtls_cipher_finish(&operation->ctx.cipher, temp_output_buffer,
|
||||
output_length);
|
||||
if ( output_size > *output_length )
|
||||
memcpy( temp_output_buffer, output, *output_length );
|
||||
if ( operation->ctx.cipher.operation == MBEDTLS_ENCRYPT )
|
||||
{
|
||||
if( operation->ctx.cipher.unprocessed_len > operation->block_size )
|
||||
return( PSA_ERROR_INVALID_ARGUMENT );
|
||||
if( ( ( ( operation->alg ) & PSA_ALG_BLOCK_CIPHER_PAD_NONE ) == PSA_ALG_BLOCK_CIPHER_PAD_NONE )
|
||||
&& ( operation->ctx.cipher.unprocessed_len != 0 ) )
|
||||
return( PSA_ERROR_INVALID_ARGUMENT );
|
||||
if( ( ( ( operation->alg) & PSA_ALG_BLOCK_CIPHER_PAD_PKCS7 ) == PSA_ALG_BLOCK_CIPHER_PAD_PKCS7 )
|
||||
&& ( output_size != operation->block_size ) )
|
||||
return( PSA_ERROR_INVALID_ARGUMENT );
|
||||
}
|
||||
|
||||
ret = mbedtls_cipher_finish( &operation->ctx.cipher, temp_output_buffer,
|
||||
output_length );
|
||||
if( ret != 0 )
|
||||
{
|
||||
psa_cipher_abort( operation );
|
||||
return( mbedtls_to_psa_error( ret ) );
|
||||
}
|
||||
if(output_size >= *output_length)
|
||||
memcpy( output, temp_output_buffer, *output_length );
|
||||
else
|
||||
{
|
||||
psa_cipher_abort( operation );
|
||||
return( PSA_ERROR_BUFFER_TOO_SMALL );
|
||||
}
|
||||
|
||||
return( PSA_SUCCESS );
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue